dc052386d1
This is the first time that I am setting up LVM-on-LUKS with NixOS, so a VM came in handy to test it out.
52 lines
1.2 KiB
Bash
Executable file
52 lines
1.2 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo "This script must be run as root" >&2
|
|
exit 1
|
|
fi
|
|
|
|
SWAP_SIZE=16GiB
|
|
|
|
parted /dev/nvme0n1 --script -- \
|
|
mklabel gpt \
|
|
mkpart primary 512MiB 100% \
|
|
mkpart ESP fat32 1MiB 512MiB \
|
|
set 2 esp on
|
|
|
|
cryptsetup luksFormat /dev/nvme0n1p1
|
|
cryptsetup open /dev/nvme0n1p1 crypt
|
|
|
|
pvcreate /dev/mapper/crypt
|
|
vgcreate lvm /dev/mapper/crypt
|
|
lvcreate -L "$SWAP_SIZE" -n swap lvm
|
|
lvcreate -l 100%FREE -n root lvm
|
|
|
|
mkfs.ext4 -L nixos /dev/lvm/root
|
|
mkswap -L swap /dev/lvm/swap
|
|
mkfs.vfat -n boot /dev/nvme0n1p2
|
|
|
|
mount /dev/disk/by-label/nixos /mnt
|
|
mkdir /mnt/boot
|
|
mount /dev/nvme0n1p2 /mnt/boot
|
|
swapon /dev/lvm/swap
|
|
|
|
cat << EOF
|
|
# Run the following commands as setup user
|
|
nixos-generate-config --root /mnt
|
|
|
|
# Change uuids to labels
|
|
vim /mnt/etc/nixos/hardware-configuration.nix
|
|
|
|
# Install system
|
|
mkdir -p /mnt/home/ambroisie/git/nix/config
|
|
cd /mnt/home/ambroisie/git/nix/config
|
|
|
|
git clone <this-repo> .
|
|
# Assuming you set up GPG key correctly
|
|
git crypt unlock
|
|
|
|
# Setup LUKS with 'boot.initrd.luks.devices.crypt', device is /dev/nvme0n1p1, preLVM = true
|
|
|
|
# Use 'nixos-install --flake .#aramis --root /mnt --impure' because of home-manager issue
|
|
EOF
|