apps/x86_64-linux/install-with-secrets at deck

hyl.st / helm
fork atom
nix config
fork atom
helm / apps / x86_64-linux / install-with-secrets
at deck 104 lines 2.6 kB view raw
wrap content
Anish Lakhwara fixed config for darwin 2y ago
57afd743
  1#!/usr/bin/env bash
  2set -exu
  3
  4check_installer() {
  5  if [ -e /etc/NIXOS ]; then
  6    echo -e "\e[1;32mRunning in the NixOS installer environment.\e[0m"
  7  else
  8    echo -e "\e[1;31mNot running in the NixOS installer environment.\e[0m"
  9    exit 1
 10  fi
 11}
 12
 13cleanup() {
 14  rm -rf nixos-config-main.zip nixos-config-main nixos-config
 15}
 16
 17download_config() {
 18  curl -LJ0 https://github.com/dustinlyons/nixos-config/archive/main.zip -o nixos-config-main.zip
 19  unzip nixos-config-main.zip
 20  mv nixos-config-main/templates/starterWithSecrets nixos-config
 21  cd nixos-config
 22}
 23
 24run_apply() {
 25  ./apps/x86_64-linux/apply
 26  if [ ! -f /tmp/username.txt ]; then
 27    echo -e "\e[1;31mError: /tmp/username.txt does not exist.\e[0m"
 28    exit 1
 29  fi
 30  export USERNAME=$(cat /tmp/username.txt)
 31}
 32
 33run_disko() {
 34  sudo nix run --extra-experimental-features nix-command --extra-experimental-features flakes \
 35    github:nix-community/disko -- --mode zap_create_mount ./modules/nixos/disk-config.nix
 36}
 37
 38setup_files() {
 39  sudo mkdir -p /mnt/etc/nixos
 40  sudo cp -r * /mnt/etc/nixos
 41  cd /mnt/etc/nixos
 42
 43  mkdir -p /root/.ssh
 44  touch /root/.ssh/known_hosts
 45  ssh-keyscan -t ed25519 github.com >> /root/.ssh/known_hosts
 46}
 47
 48setup_ssh_keys() {
 49  mkdir -p /mnt/home/${USERNAME}/.ssh
 50  chown nixos /mnt/home/${USERNAME}/.ssh
 51
 52  chown nixos /root/.ssh/id_ed25519_agenix{,.pub}
 53  cp --preserve=all /root/.ssh/id_ed25519_agenix /mnt/home/${USERNAME}/.ssh/id_ed25519
 54  cp --preserve=all /root/.ssh/id_ed25519_agenix.pub /mnt/home/${USERNAME}/.ssh/id_ed25519.pub
 55  cp --preserve=all /root/.ssh/id_ed25519 /mnt/home/${USERNAME}/.ssh/id_github
 56  cp --preserve=all /root/.ssh/id_ed25519.pub /mnt/home/${USERNAME}/.ssh/id_github.pub
 57
 58  chmod 600 /mnt/home/${USERNAME}/.ssh/id_ed25519{,.pub}
 59  chmod 600 /mnt/home/${USERNAME}/.ssh/id_github{,.pub}
 60}
 61
 62link_home_dir() {
 63  ln -s /mnt/home/${USERNAME} /home/${USERNAME} # Used to grab initial secrets
 64}
 65
 66install_nixos() {
 67  ARCH=$(uname -m)
 68
 69  case "$ARCH" in
 70    x86_64)
 71      FLAKE_TARGET="x86_64-linux"
 72      ;;
 73    aarch64)
 74      FLAKE_TARGET="aarch64-linux"
 75      ;;
 76    *)
 77      echo -e "${RED}Unsupported architecture: $ARCH${CLEAR}"
 78      exit 1
 79      ;;
 80  esac
 81
 82  sudo nixos-install --flake .#$FLAKE_TARGET $@
 83  sudo chmod -R 775 /mnt/etc/nixos
 84}
 85
 86prompt_reboot() {
 87  read -p "Do you want to reboot now? (y/yes) " choice
 88  case "$choice" in
 89  y|Y|yes|YES ) echo -e "\e[1;32mRebooting...\e[0m" && sudo reboot;;
 90  * ) echo -e "\e[1;33mReboot skipped.\e[0m";;
 91  esac
 92}
 93
 94cleanup
 95check_installer
 96download_config
 97run_apply
 98run_disko
 99setup_files
100setup_ssh_keys
101link_home_dir
102install_nixos
103cleanup
104prompt_reboot