# SPDX-FileCopyrightText: 2024 Tom Hubrecht # # SPDX-License-Identifier: EUPL-1.2 bootDevice= rootDevice= domain="par01.infra.dgnum.eu" hostname="dgn0x" hasZFS= while [ "$#" -gt 0 ]; do i="$1" shift 1 case "$i" in --root) rootDevice="$1" shift 1 ;; --boot) bootDevice="$1" shift 1 ;; --swap) swapDevice="$1" shift 1 ;; --domain) domain="$1" shift 1 ;; --hostname) hostname="$1" shift 1 ;; --with-zfs) hasZFS="1" ;; *) echo "$0: unknown option \`$i'" exit 1 ;; esac done if [ -z "$bootDevice" ]; then echo "Missing boot partition" exit 1 fi if [ -z "$rootDevice" ]; then echo "Missing root partition" exit 1 fi # Mount the partitions to where they should be mount "$rootDevice" /mnt mkdir /mnt/boot mount "$bootDevice" /mnt/boot if [ -n "$swapDevice" ]; then swapon "$swapDevice" fi # Generate configration nixos-generate-config --root /mnt NIX="/mnt/etc/nixos/" # Setup our own files mv $NIX/configuration.nix $NIX/base-configuration.nix cat < $NIX/dgnum-server.nix { ... }: { services.nscd.enableNsncd = false; programs.bash.promptInit = '' # Provide a nice prompt if the terminal supports it. if [ "\$TERM" != "dumb" ] || [ -n "\$INSIDE_EMACS" ]; then PROMPT_COLOR="1;31m" ((UID)) && PROMPT_COLOR="1;32m" if [ -n "\$INSIDE_EMACS" ] || [ "\$TERM" = "eterm" ] || [ "\$TERM" = "eterm-color" ]; then # Emacs term mode doesn't support xterm title escape sequence (\e]0;) PS1="\n\[\033[\$PROMPT_COLOR\][\u@\$(hostname -f):\w]\\\$\[\033[0m\] " else PS1="\n\[\033[\$PROMPT_COLOR\][\[\e]0;\u@\H: \w\a\]\u@\$(hostname -f):\w]\\\$\[\033[0m\] " fi if test "\$TERM" = "xterm"; then PS1="\[\033]2;\$(hostname -f):\u:\w\007\]\$PS1" fi fi ''; } EOF cat < $NIX/configuration.nix { pkgs, ... }: { imports = [ ./base-configuration.nix ./dgnum-server.nix $(if [ -n "$hasZFS" ]; then echo './zfs.nix'; fi) ]; boot.tmp.cleanOnBoot = true; console.keyMap = "fr"; time.timeZone = "Europe/Paris"; environment.systemPackages = with pkgs; [ vim wget kitty.terminfo ]; networking = { hostName = "$hostname"; domain = "$domain"; }; # Activate SSH and set the keys services.openssh = { enable = true; settings.PasswordAuthentication = false; }; users.users.root.openssh.authorizedKeys.keyFiles = [ ./rootKeys ]; } EOF if [ -n "$hasZFS" ]; then cat < $NIX/zfs.nix { ... }: { boot = { supportedFilesystems = [ "zfs" ]; zfs.forceImportRoot = false; zfs.extraPools = [ $(zpool list -Ho name | sed 's/^/"/;s/$/"/') ]; }; networking.hostId = "$(head -c4 /dev/urandom | od -A none -t x4 | sed 's/ //')"; } EOF fi # Copy the keys cp /etc/ssh/authorized_keys.d/root $NIX/rootKeys # Perform the installation nixos-install