nixos-configs/scripts/install.sh

80 lines
1.7 KiB
Bash
Raw Normal View History

2024-12-27 16:44:03 -06:00
#!/usr/bin/env bash
# fail on errors
set -e
die() {
echo >&2 "$@"
exit 1
}
# ensure root
[[ $EUID -ne 0 ]] && die "root is required to install on a system"
# parse args
while [[ $# -gt 0 ]]; do
case $1 in
-c|--nixos-config)
NAME="$2"
shift # past argument
shift # past value
;;
-k|--key-dir)
KEYDIR="$2"
shift # past argument
shift # past value
;;
esac
done
# check args
[ ! -f "$KEYDIR/host.pub" ] && die "host pubkey missing!"
[ ! -f "$KEYDIR/host" ] && die "host privkey missing!"
[ ! -f "$KEYDIR/host_initrd.pub" ] && die "host pubkey (initrd) missing!"
[ ! -f "$KEYDIR/host_initrd" ] && die "host privkey (initrd) missing!"
[ ! -f "$KEYDIR/luks-pw" ] && die "luks pw missing!"
# temp work dir
temp=$(mktemp -d)
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
# prepare host keys
echo "Preparing host keys.."
dir="$temp/persist/etc/ssh"
install -d -m755 "$dir"
cp "$KEYDIR/host" "$dir/ssh_host_ed25519_key"
cp "$KEYDIR/host.pub" "$dir/ssh_host_ed25519_key.pub"
chmod 600 "$dir/ssh_host_ed25519_key"
# prepare host keys (initrd)
echo "Preparing host keys.. (initrd)"
dir="$temp/persist/etc/secrets/initrd"
install -d -m755 "$dir"
cp "$KEYDIR/host" "$dir/ssh_host_ed25519_key"
cp "$KEYDIR/host.pub" "$dir/ssh_host_ed25519_key.pub"
chmod 600 "$dir/ssh_host_ed25519_key"
2024-12-30 22:07:00 -06:00
# run disko
ROOT_MNT="/mnt"
2024-12-27 16:44:03 -06:00
cp "$KEYDIR/luks-pw" "/tmp/luks-pw"
2024-12-30 22:07:00 -06:00
disko \
--mode disko \
2024-12-27 16:44:03 -06:00
--flake .#$NAME \
2024-12-30 22:07:00 -06:00
--root-mountpoint $ROOT_MNT
# copy extra files into mountpoint
cp -r "$temp" "$ROOT_MNT/"
# run nixos-install
nixos-install \
--no-channel-copy \
--no-root-password \
--root "$ROOTMNT" \
--flake .#$NAME
2024-12-27 16:44:03 -06:00
echo -e "Finished install.\n" \
"Make sure to delete the SSH host keys from here if you are done with them."