From f216392665662ba375a657ae2431b70bb1ab63cc Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 17 Jan 2017 18:44:08 +0100 Subject: l: move initscript to pkgs --- lass/5pkgs/init/default.nix | 134 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 134 insertions(+) create mode 100644 lass/5pkgs/init/default.nix (limited to 'lass/5pkgs/init/default.nix') diff --git a/lass/5pkgs/init/default.nix b/lass/5pkgs/init/default.nix new file mode 100644 index 00000000..abf2528d --- /dev/null +++ b/lass/5pkgs/init/default.nix @@ -0,0 +1,134 @@ +{ pkgs, lib, pubkey ? "", disk ? "/dev/sda", vgname ? "vga", luksmap ? "ca", ... }: + +with lib; + +pkgs.writeText "init" '' + #! /bin/sh + # usage: curl xu/~tv/init | sh + set -efu + # TODO nix-env -f '' -iA jq # if not exists (also version) + # install at tmp location + + + case $(cat /proc/cmdline) in + *' root=LABEL=NIXOS_ISO '*) :;; + *) echo Error: unknown operating system >&2; exit 1;; + esac + + disk=${disk} + + bootdev=${disk}1 + + luksdev=${disk}2 + luksmap=/dev/mapper/${luksmap} + + vgname=${vgname} + + rootdev=/dev/mapper/${vgname}-root + homedev=/dev/mapper/${vgname}-home + bkudev=/dev/mapper/${vgname}-bku + + # + # partitioning + # + + # http://en.wikipedia.org/wiki/GUID_Partition_Table + # undo: + # dd if=/dev/zero bs=512 count=34 of=/dev/sda + # TODO zero last 34 blocks (lsblk -bno SIZE /dev/sda) + if ! test "$(blkid -o value -s PTTYPE "$disk")" = gpt; then + parted "$disk" \ + mklabel gpt \ + mkpart ESP fat32 1MiB 1024MiB set 1 boot on \ + mkpart primary 1024MiB 100% + fi + + if ! test "$(blkid -o value -s PARTLABEL "$bootdev")" = ESP; then + echo zonk + exit 23 + fi + + if ! test "$(blkid -o value -s PARTLABEL "$luksdev")" = primary; then + echo zonk2 + exit 23 + fi + + if ! cryptsetup isLuks "$luksdev"; then + # aes xts-plain64 + cryptsetup luksFormat "$luksdev" \ + -h sha512 \ + --iter-time 5000 + fi + + if ! test -e "$luksmap"; then + cryptsetup luksOpen "$luksdev" "$(basename "$luksmap")" + fi + # cryptsetup close + + if ! test "$(blkid -o value -s TYPE "$luksmap")" = LVM2_member; then + pvcreate "$luksmap" + fi + + if ! vgdisplay -s "$vgname"; then vgcreate "$vgname" "$luksmap"; fi + + lvchange -a y /dev/mapper/"$vgname" + + if ! test -e "$rootdev"; then lvcreate -L 100G -n root "$vgname"; fi + if ! test -e "$homedev"; then lvcreate -L 100G -n home "$vgname"; fi + if ! test -e "$bkudev"; then lvcreate -L 200G -n bku "$vgname"; fi + + # lvchange -a n "$vgname" + + + # + # formatting + # + + if ! test "$(blkid -o value -s TYPE "$bootdev")" = vfat; then + mkfs.vfat "$bootdev" + fi + + if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then + mkfs.btrfs "$rootdev" + fi + + if ! test "$(blkid -o value -s TYPE "$homedev")" = btrfs; then + mkfs.btrfs "$homedev" + fi + + if ! test "$(blkid -o value -s TYPE "$bkudev")" = btrfs; then + mkfs.btrfs "$bkudev" + fi + + + if ! test "$(lsblk -n -o MOUNTPOINT "$rootdev")" = /mnt; then + mount "$rootdev" /mnt + fi + if ! test "$(lsblk -n -o MOUNTPOINT "$bootdev")" = /mnt/boot; then + mkdir -m 0000 -p /mnt/boot + mount "$bootdev" /mnt/boot + fi + if ! test "$(lsblk -n -o MOUNTPOINT "$homedev")" = /mnt/home; then + mkdir -m 0000 -p /mnt/home + mount "$homedev" /mnt/home + fi + if ! test "$(lsblk -n -o MOUNTPOINT "$bkudev")" = /mnt/bku; then + mkdir -m 0000 -p /mnt/bku + mount "$bkudev" /mnt/bku + fi + + # umount -R /mnt + + + parted "$disk" print + lsblk "$disk" + + key='${pubkey}' + if [ "$(cat /root/.ssh/authorized_keys 2>/dev/null)" != "$key" ]; then + mkdir -p /root/.ssh + echo "$key" > /root/.ssh/authorized_keys + fi + systemctl start sshd + ip route + echo READY. +'' -- cgit v1.2.3 From c80d283a55443154d1244f83828d49e61f425c2f Mon Sep 17 00:00:00 2001 From: lassulus Date: Sat, 21 Jan 2017 18:29:21 +0100 Subject: l 5 init: extend to work with x220 seaboot --- lass/5pkgs/init/default.nix | 45 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 35 insertions(+), 10 deletions(-) (limited to 'lass/5pkgs/init/default.nix') diff --git a/lass/5pkgs/init/default.nix b/lass/5pkgs/init/default.nix index abf2528d..d0339f81 100644 --- a/lass/5pkgs/init/default.nix +++ b/lass/5pkgs/init/default.nix @@ -1,4 +1,4 @@ -{ pkgs, lib, pubkey ? "", disk ? "/dev/sda", vgname ? "vga", luksmap ? "ca", ... }: +{ pkgs, lib, pubkey ? "", disk ? "/dev/sda", vgname ? "pool", luksmap ? "luksmap", keyfile ? "/root/keyfile", ... }: with lib; @@ -15,11 +15,13 @@ pkgs.writeText "init" '' *) echo Error: unknown operating system >&2; exit 1;; esac + keyfile=${keyfile} + disk=${disk} - bootdev=${disk}1 + bootdev=${disk}2 - luksdev=${disk}2 + luksdev=${disk}3 luksmap=/dev/mapper/${luksmap} vgname=${vgname} @@ -28,6 +30,14 @@ pkgs.writeText "init" '' homedev=/dev/mapper/${vgname}-home bkudev=/dev/mapper/${vgname}-bku + # + #generate keyfile + # + + if ! test -e "$keyfile"; then + dd if=/dev/urandom bs=512 count=2048 of=$keyfile + fi + # # partitioning # @@ -37,13 +47,15 @@ pkgs.writeText "init" '' # dd if=/dev/zero bs=512 count=34 of=/dev/sda # TODO zero last 34 blocks (lsblk -bno SIZE /dev/sda) if ! test "$(blkid -o value -s PTTYPE "$disk")" = gpt; then - parted "$disk" \ + parted -a optimal "$disk" \ mklabel gpt \ - mkpart ESP fat32 1MiB 1024MiB set 1 boot on \ + mkpart no-fs 0 1024KiB \ + set 1 bios_grub on \ + mkpart ext2 1025KiB 1024MiB \ mkpart primary 1024MiB 100% fi - if ! test "$(blkid -o value -s PARTLABEL "$bootdev")" = ESP; then + if ! test "$(blkid -o value -s PARTLABEL "$bootdev")" = ext2; then echo zonk exit 23 fi @@ -55,13 +67,14 @@ pkgs.writeText "init" '' if ! cryptsetup isLuks "$luksdev"; then # aes xts-plain64 - cryptsetup luksFormat "$luksdev" \ + cryptsetup luksFormat "$luksdev" "$keyfile" \ -h sha512 \ --iter-time 5000 fi if ! test -e "$luksmap"; then - cryptsetup luksOpen "$luksdev" "$(basename "$luksmap")" + cryptsetup luksOpen "$luksdev" "$(basename "$luksmap")" \ + --key-file "$keyfile" fi # cryptsetup close @@ -84,8 +97,8 @@ pkgs.writeText "init" '' # formatting # - if ! test "$(blkid -o value -s TYPE "$bootdev")" = vfat; then - mkfs.vfat "$bootdev" + if ! test "$(blkid -o value -s TYPE "$bootdev")" = ext2; then + mkfs.ext2 "$bootdev" fi if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then @@ -119,6 +132,18 @@ pkgs.writeText "init" '' # umount -R /mnt + # + # dependencies for stockholm + # + + nix-env -iA nixos.git + + mkdir -p /mnt/var/src + touch /mnt/var/src/.populate + + # + # print all the infos + # parted "$disk" print lsblk "$disk" -- cgit v1.2.3 From 57be590db640eac4a1c34e5ccca3990f9ddfbb74 Mon Sep 17 00:00:00 2001 From: lassulus Date: Sun, 22 Jan 2017 23:15:20 +0100 Subject: l 5 init: remove deprecated /boot --- lass/5pkgs/init/default.nix | 20 ++------------------ 1 file changed, 2 insertions(+), 18 deletions(-) (limited to 'lass/5pkgs/init/default.nix') diff --git a/lass/5pkgs/init/default.nix b/lass/5pkgs/init/default.nix index d0339f81..b484d2c3 100644 --- a/lass/5pkgs/init/default.nix +++ b/lass/5pkgs/init/default.nix @@ -19,9 +19,7 @@ pkgs.writeText "init" '' disk=${disk} - bootdev=${disk}2 - - luksdev=${disk}3 + luksdev=${disk}2 luksmap=/dev/mapper/${luksmap} vgname=${vgname} @@ -51,13 +49,7 @@ pkgs.writeText "init" '' mklabel gpt \ mkpart no-fs 0 1024KiB \ set 1 bios_grub on \ - mkpart ext2 1025KiB 1024MiB \ - mkpart primary 1024MiB 100% - fi - - if ! test "$(blkid -o value -s PARTLABEL "$bootdev")" = ext2; then - echo zonk - exit 23 + mkpart primary 1025KiB 100% fi if ! test "$(blkid -o value -s PARTLABEL "$luksdev")" = primary; then @@ -97,10 +89,6 @@ pkgs.writeText "init" '' # formatting # - if ! test "$(blkid -o value -s TYPE "$bootdev")" = ext2; then - mkfs.ext2 "$bootdev" - fi - if ! test "$(blkid -o value -s TYPE "$rootdev")" = btrfs; then mkfs.btrfs "$rootdev" fi @@ -117,10 +105,6 @@ pkgs.writeText "init" '' if ! test "$(lsblk -n -o MOUNTPOINT "$rootdev")" = /mnt; then mount "$rootdev" /mnt fi - if ! test "$(lsblk -n -o MOUNTPOINT "$bootdev")" = /mnt/boot; then - mkdir -m 0000 -p /mnt/boot - mount "$bootdev" /mnt/boot - fi if ! test "$(lsblk -n -o MOUNTPOINT "$homedev")" = /mnt/home; then mkdir -m 0000 -p /mnt/home mount "$homedev" /mnt/home -- cgit v1.2.3