helvetica/puter
1
0
Fork 0
Code Activity

update

Browse source
This commit is contained in:
Lukas Wurzinger 2025-06-08 00:58:45 +02:00
parent 7554b37f68
commit b397f15e61
No known key found for this signature in database
4 changed files with 19 additions and 235 deletions
Download patch file Download diff file Expand all files Collapse all files

3
README.md
View file

@ -7,7 +7,6 @@ This is my cobbled together NixOS configuration. There are many like it, but thi
- common: Sane defaults that make sense to use for every host.
- modules: Regular NixOS modules.
- profiles: Higher-level NixOS modules that conform to different roles that a host may have.
- packages: Packages that I couldn't fit anywhere else.
- secrets: Agenix secrets.
- hosts: Hosts exposed in `nixosConfigurations`.
- pubkeys.nix: Nix expression with all my SSH public keys, used for OpenSSH, Agenix and Restic.
@ -21,7 +20,7 @@ This is my cobbled together NixOS configuration. There are many like it, but thi
## Installation
```bash
nix run git+https://codeberg.org/helvetica/puter.git#disk /path/to/disk
nix run git+https://codeberg.org/helvetica/zap.git /path/to/disk
# TODO: Configure additional disks
mkdir -p /mnt/etc/ssh
cat > /mnt/etc/ssh/ssh_host_ed25519_key

36
flake.lock generated
View file

@ -358,11 +358,11 @@
},
"hardware": {
"locked": {
"lastModified": 1748942041,
"narHash": "sha256-HEu2gTct7nY0tAPRgBtqYepallryBKR1U8B4v2zEEqA=",
"lastModified": 1749195551,
"narHash": "sha256-W5GKQHgunda/OP9sbKENBZhMBDNu2QahoIPwnsF6CeM=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "fc7c4714125cfaa19b048e8aaf86b9c53e04d853",
"rev": "4602f7e1d3f197b3cb540d5accf5669121629628",
"type": "github"
},
"original": {
@ -568,11 +568,11 @@
"rust-overlay": "rust-overlay_2"
},
"locked": {
"lastModified": 1748948933,
"narHash": "sha256-Lc3YwAK/h+BdXWuiKV+dflWbYD3yObkrN/wugr8w+70=",
"lastModified": 1749252229,
"narHash": "sha256-zIXU2Z+OBmkI+qjryUtVILP6qgZo+0bnIEy3UAw0CAE=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "a24e3123dab28fcc9b3e7b48f40e6e7ba12a6958",
"rev": "821627b7fe15013554cab4e9db4b8cb6fa9e8baf",
"type": "github"
},
"original": {
@ -705,11 +705,11 @@
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1748810746,
"narHash": "sha256-1na8blYvU1F6HLwx/aFjrhUqpqZ0SCsnqqW9n2vXvok=",
"lastModified": 1748995628,
"narHash": "sha256-bFufQGSAEYQgjtc4wMrobS5HWN0hDP+ZX+zthYcml9U=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "78d9f40fd6941a1543ffc3ed358e19c69961d3c1",
"rev": "8eb3b6a2366a7095939cd22f0dc0e9991313294b",
"type": "github"
},
"original": {
@ -817,11 +817,11 @@
},
"nixpkgs_8": {
"locked": {
"lastModified": 1748693115,
"narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=",
"lastModified": 1748929857,
"narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc",
"rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4",
"type": "github"
},
"original": {
@ -978,11 +978,11 @@
]
},
"locked": {
"lastModified": 1748918260,
"narHash": "sha256-KhXNXQ5IDLvwwYfJ0pXDjwIuisZ2qM6F7fcXjIGZy/4=",
"lastModified": 1749177458,
"narHash": "sha256-9HNq3EHZIvvxXQyEn0sYOywcESF1Xqw2Q8J1ZewcXuk=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "c9736155bc1eb7c7cf3a925920850e61c07ab22a",
"rev": "d58933b88cef7a05e9677e94352fd6fedba402cd",
"type": "github"
},
"original": {
@ -1049,11 +1049,11 @@
]
},
"locked": {
"lastModified": 1748243702,
"narHash": "sha256-9YzfeN8CB6SzNPyPm2XjRRqSixDopTapaRsnTpXUEY8=",
"lastModified": 1749194973,
"narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "1f3f7b784643d488ba4bf315638b2b0a4c5fb007",
"rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5",
"type": "github"
},
"original": {

196
packages/disk/disk
View file

@ -1,196 +0,0 @@
#!/usr/bin/env bash
set -o errexit
set -o nounset
set -o pipefail
progname="$0"
warn() {
local line
for line in "$@"; do
echo "$progname: $line" 1>&2
done
}
error() {
warn "$@"
exit 1
}
skip() {
if (($# < 1)); then
error 'name of value to be skipped is required'
fi
if (($# > 1)); then
error 'too many arguments'
fi
local skip=$1
for s in "${skips[@]}"; do
if [[ $s == "$skip" ]]; then
return 1
fi
done
return 0
}
args=$(
getopt \
--options r:b:l:c:m:B:M:v \
--longoptions root:,boot-label:,main-label:,cryptmain-label:,mapping:,boot-options:,main-options:,verbose \
--name "$progname" \
-- "$@"
)
eval set -- "$args"
root=/mnt
bootlbl=BOOT
mainlbl=main
cryptmainlbl=cryptmain
mapping=main
bootflags=()
mainflags=()
fatflags=()
ext4flags=()
skips=()
while true; do
case "$1" in
-r | --root)
root=$2
shift 2
;;
-b | --boot-label)
skips+=(bootlbl)
bootlbl=${2^^}
shift 2
;;
-l | --main-label)
skips+=(mainlbl)
mainlbl=$2
shift 2
;;
-c | --cryptmain-label)
skips+=(cryptmainlbl)
cryptmainlbl=$2
shift 2
;;
-m | --mapping)
skips+=(mapping)
mapping=$2
shift 2
;;
-B | --boot-options)
bootflags+=(--options "$2")
shift 2
;;
-M | --main-options)
mainflags+=(--options "$2")
shift 2
;;
-v | --verbose)
fatflags+=(-v)
ext4flags+=(-v)
shift
;;
--)
shift
break
;;
esac
done
if (($# < 1)); then
error 'an argument specifying the block device is required'
fi
if (($# > 1)); then
error 'too many arguments'
fi
blkdev=$1
sfdisk --label gpt --quiet -- "$blkdev" <<EOF
,512M,U;
,,L;
EOF
parts=()
json=$(sfdisk --json -- "$blkdev")
while IFS= read -r k; do
parts+=("$(jq --argjson k "$k" --raw-output '.partitiontable.partitions[$k].node' <<<"$json")")
done < <(jq '.partitiontable.partitions | keys[]' <<<"$json")
bootfs="${parts[0]}"
mainblkdev="${parts[1]}"
if ! skip bootlbl; then
read -rep "Which label should the boot file system have? [$bootlbl] " input
if [[ -n $input ]]; then
bootlbl=$input
fi
fi
mkfs.fat -F 32 -n "$bootlbl" "${fatflags[@]}" -- "$bootfs" >/dev/null
while true; do
read -rep 'Do you want your main partition to be encrypted? [y/N] ' input
case "$input" in
[Yy]*)
while true; do
read -rsp 'Enter password: ' password
warn ''
read -rsp 'Re-enter password: ' repassword
warn ''
if [[ $password == "$repassword" ]]; then
break
fi
done
if ! skip cryptmainlbl; then
read -rep "Which label should the main LUKS partition have? [$cryptmainlbl] " input
if [[ -n $input ]]; then
cryptmainlbl=$input
fi
fi
cryptsetup luksFormat --batch-mode --label "$cryptmainlbl" -- "$mainblkdev" <<<"$password"
if ! skip mapping; then
read -rep "Which name should the main LUKS mapping have? [$mapping] " input
if [[ -n $input ]]; then
mapping=$input
fi
fi
cryptsetup open -- "$mainblkdev" "$mapping" <<<"$password"
mainfs=/dev/mapper/$mapping
break
;;
'' | [Nn]*)
mainfs=$mainblkdev
break
;;
*) warn 'Please answer with yes or no' ;;
esac
done
if ! skip mainlbl; then
read -rep "Which label should the main file system have? [$mainlbl] " input
if [[ -n $input ]]; then
mainlbl=$input
fi
fi
mkfs.ext4 -qFL "$mainlbl" "${ext4flags[@]}" -- "$mainfs"
mkdir --parents -- "$root"
mount "${mainflags[@]}" -- "$mainfs" "$root"
mkdir -- "$root/boot"
mount "${bootflags[@]}" -- "$bootfs" "$root/boot"

19
packages/disk/package.nix
View file

@ -1,19 +0,0 @@
{
writeShellApplication,
util-linux,
jq,
e2fsprogs,
dosfstools,
}:
writeShellApplication {
name = "disk";
runtimeInputs = [
util-linux
jq
e2fsprogs
dosfstools
];
text = builtins.readFile ./disk;
}