update

2025-06-08 00:58:45 +02:00 · 2025-06-08 00:58:45 +02:00 · b397f15e61
commit b397f15e61
parent 7554b37f68
4 changed files with 19 additions and 235 deletions
--- a/README.md
+++ b/README.md
@ -7,7 +7,6 @@ This is my cobbled together NixOS configuration. There are many like it, but thi
 - common: Sane defaults that make sense to use for every host.
 - modules: Regular NixOS modules.
 - profiles: Higher-level NixOS modules that conform to different roles that a host may have.
 - packages: Packages that I couldn't fit anywhere else.
 - secrets: Agenix secrets.
 - hosts: Hosts exposed in `nixosConfigurations`.
 - pubkeys.nix: Nix expression with all my SSH public keys, used for OpenSSH, Agenix and Restic.
@ -21,7 +20,7 @@ This is my cobbled together NixOS configuration. There are many like it, but thi
 ## Installation
 ```bash
-nix run git+https://codeberg.org/helvetica/puter.git#disk /path/to/disk
+nix run git+https://codeberg.org/helvetica/zap.git /path/to/disk
 # TODO: Configure additional disks
 mkdir -p /mnt/etc/ssh
 cat > /mnt/etc/ssh/ssh_host_ed25519_key
--- a/flake.lock
+++ b/flake.lock
@ -358,11 +358,11 @@
    },
    "hardware": {
      "locked": {
-        "lastModified": 1748942041,
+        "lastModified": 1749195551,
-        "narHash": "sha256-HEu2gTct7nY0tAPRgBtqYepallryBKR1U8B4v2zEEqA=",
+        "narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "fc7c4714125cfaa19b048e8aaf86b9c53e04d853",
+        "rev": "4602f7e1d3f197b3cb540d5accf5669121629628",
        "type": "github"
      },
      "original": {
@ -568,11 +568,11 @@
        "rust-overlay": "rust-overlay_2"
      },
      "locked": {
-        "lastModified": 1748948933,
+        "lastModified": 1749252229,
-        "narHash": "sha256-Lc3YwAK/h+BdXWuiKV+dflWbYD3yObkrN/wugr8w+70=",
+        "narHash": "sha256-zIXU2Z+OBmkI+qjryUtVILP6qgZo+0bnIEy3UAw0CAE=",
        "owner": "lilyinstarlight",
        "repo": "nixos-cosmic",
-        "rev": "a24e3123dab28fcc9b3e7b48f40e6e7ba12a6958",
+        "rev": "821627b7fe15013554cab4e9db4b8cb6fa9e8baf",
        "type": "github"
      },
      "original": {
@ -705,11 +705,11 @@
    },
    "nixpkgs-stable_2": {
      "locked": {
-        "lastModified": 1748810746,
+        "lastModified": 1748995628,
-        "narHash": "sha256-1na8blYvU1F6HLwx/aFjrhUqpqZ0SCsnqqW9n2vXvok=",
+        "narHash": "sha256-bFufQGSAEYQgjtc4wMrobS5HWN0hDP+ZX+zthYcml9U=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "78d9f40fd6941a1543ffc3ed358e19c69961d3c1",
+        "rev": "8eb3b6a2366a7095939cd22f0dc0e9991313294b",
        "type": "github"
      },
      "original": {
@ -817,11 +817,11 @@
    },
    "nixpkgs_8": {
      "locked": {
-        "lastModified": 1748693115,
+        "lastModified": 1748929857,
-        "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=",
+        "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc",
+        "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
        "type": "github"
      },
      "original": {
@ -978,11 +978,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1748918260,
+        "lastModified": 1749177458,
-        "narHash": "sha256-KhXNXQ5IDLvwwYfJ0pXDjwIuisZ2qM6F7fcXjIGZy/4=",
+        "narHash": "sha256-9HNq3EHZIvvxXQyEn0sYOywcESF1Xqw2Q8J1ZewcXuk=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "c9736155bc1eb7c7cf3a925920850e61c07ab22a",
+        "rev": "d58933b88cef7a05e9677e94352fd6fedba402cd",
        "type": "github"
      },
      "original": {
@ -1049,11 +1049,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1748243702,
+        "lastModified": 1749194973,
-        "narHash": "sha256-9YzfeN8CB6SzNPyPm2XjRRqSixDopTapaRsnTpXUEY8=",
+        "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
        "owner": "numtide",
        "repo": "treefmt-nix",
-        "rev": "1f3f7b784643d488ba4bf315638b2b0a4c5fb007",
+        "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
        "type": "github"
      },
      "original": {
--- a/packages/disk/disk
+++ b/packages/disk/disk
@ -1,196 +0,0 @@
 #!/usr/bin/env bash
 set -o errexit
 set -o nounset
 set -o pipefail
 progname="$0"
 warn() {
    local line
    for line in "$@"; do
        echo "$progname: $line" 1>&2
    done
 }
 error() {
    warn "$@"
    exit 1
 }
 skip() {
    if (($# < 1)); then
        error 'name of value to be skipped is required'
    fi
    if (($# > 1)); then
        error 'too many arguments'
    fi
    local skip=$1
    for s in "${skips[@]}"; do
        if [[ $s == "$skip" ]]; then
            return 1
        fi
    done
    return 0
 }
 args=$(
    getopt \
        --options r:b:l:c:m:B:M:v \
        --longoptions root:,boot-label:,main-label:,cryptmain-label:,mapping:,boot-options:,main-options:,verbose \
        --name "$progname" \
        -- "$@"
 )
 eval set -- "$args"
 root=/mnt
 bootlbl=BOOT
 mainlbl=main
 cryptmainlbl=cryptmain
 mapping=main
 bootflags=()
 mainflags=()
 fatflags=()
 ext4flags=()
 skips=()
 while true; do
    case "$1" in
    -r | --root)
        root=$2
        shift 2
        ;;
    -b | --boot-label)
        skips+=(bootlbl)
        bootlbl=${2^^}
        shift 2
        ;;
    -l | --main-label)
        skips+=(mainlbl)
        mainlbl=$2
        shift 2
        ;;
    -c | --cryptmain-label)
        skips+=(cryptmainlbl)
        cryptmainlbl=$2
        shift 2
        ;;
    -m | --mapping)
        skips+=(mapping)
        mapping=$2
        shift 2
        ;;
    -B | --boot-options)
        bootflags+=(--options "$2")
        shift 2
        ;;
    -M | --main-options)
        mainflags+=(--options "$2")
        shift 2
        ;;
    -v | --verbose)
        fatflags+=(-v)
        ext4flags+=(-v)
        shift
        ;;
    --)
        shift
        break
        ;;
    esac
 done
 if (($# < 1)); then
    error 'an argument specifying the block device is required'
 fi
 if (($# > 1)); then
    error 'too many arguments'
 fi
 blkdev=$1
 sfdisk --label gpt --quiet -- "$blkdev" <<EOF
 ,512M,U;
 ,,L;
 EOF
 parts=()
 json=$(sfdisk --json -- "$blkdev")
 while IFS= read -r k; do
    parts+=("$(jq --argjson k "$k" --raw-output '.partitiontable.partitions[$k].node' <<<"$json")")
 done < <(jq '.partitiontable.partitions | keys[]' <<<"$json")
 bootfs="${parts[0]}"
 mainblkdev="${parts[1]}"
 if ! skip bootlbl; then
    read -rep "Which label should the boot file system have? [$bootlbl] " input
    if [[ -n $input ]]; then
        bootlbl=$input
    fi
 fi
 mkfs.fat -F 32 -n "$bootlbl" "${fatflags[@]}" -- "$bootfs" >/dev/null
 while true; do
    read -rep 'Do you want your main partition to be encrypted? [y/N] ' input
    case "$input" in
    [Yy]*)
        while true; do
            read -rsp 'Enter password: ' password
            warn ''
            read -rsp 'Re-enter password: ' repassword
            warn ''
            if [[ $password == "$repassword" ]]; then
                break
            fi
        done
        if ! skip cryptmainlbl; then
            read -rep "Which label should the main LUKS partition have? [$cryptmainlbl] " input
            if [[ -n $input ]]; then
                cryptmainlbl=$input
            fi
        fi
        cryptsetup luksFormat --batch-mode --label "$cryptmainlbl" -- "$mainblkdev" <<<"$password"
        if ! skip mapping; then
            read -rep "Which name should the main LUKS mapping have? [$mapping] " input
            if [[ -n $input ]]; then
                mapping=$input
            fi
        fi
        cryptsetup open -- "$mainblkdev" "$mapping" <<<"$password"
        mainfs=/dev/mapper/$mapping
        break
        ;;
    '' | [Nn]*)
        mainfs=$mainblkdev
        break
        ;;
    *) warn 'Please answer with yes or no' ;;
    esac
 done
 if ! skip mainlbl; then
    read -rep "Which label should the main file system have? [$mainlbl] " input
    if [[ -n $input ]]; then
        mainlbl=$input
    fi
 fi
 mkfs.ext4 -qFL "$mainlbl" "${ext4flags[@]}" -- "$mainfs"
 mkdir --parents -- "$root"
 mount "${mainflags[@]}" -- "$mainfs" "$root"
 mkdir -- "$root/boot"
 mount "${bootflags[@]}" -- "$bootfs" "$root/boot"
--- a/packages/disk/package.nix
+++ b/packages/disk/package.nix
@ -1,19 +0,0 @@
 {
  writeShellApplication,
  util-linux,
  jq,
  e2fsprogs,
  dosfstools,
 }:
 writeShellApplication {
  name = "disk";
  runtimeInputs = [
    util-linux
    jq
    e2fsprogs
    dosfstools
  ];
  text = builtins.readFile ./disk;
 }