mirror of
https://codeberg.org/muon/home.git
synced 2025-12-05 23:57:46 +00:00
No description
| _sources | ||
| hosts | ||
| modules | ||
| .envrc | ||
| .gitignore | ||
| .sops.yaml | ||
| flake.lock | ||
| flake.nix | ||
| nvfetcher.toml | ||
| README.md | ||
| shell.nix | ||
| utils.nix | ||
Installation
sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount hosts/$(hostname)/disk-config.nix
sudo mkdir /tmp/mnt
sudo mount /dev/mapper/crypted /tmp/mnt
sudo btrfs subvolume snapshot -r /tmp/mnt/root /tmp/mnt/root-blank
sudo umount /tmp/mnt
sudo nixos-generate-config --no-filesystems --root /mnt
cp /mnt/etc/nixos/hardware-configuration.nix hosts/$(hostname)/hardware-configuration.nix
sudo nixos-install --root /mnt --no-root-passwd --flake .#$(hostname)
sudo mkdir -p /mnt/persist/{etc,var/lib/systemd}
sudo cp -r {/mnt,/mnt/persist}/etc/nixos
sudo cp -r {/mnt,/mnt/persist}/var/lib/nixos
sudo cp -r {/mnt,/mnt/persist}/var/lib/systemd/coredump
sudo cp {/mnt,/mnt/persist}/etc/machine-id
rbw config set email admin@muon.host
rbw config set base_url vault.muon.host
rbw login
sudo mkdir -p /mnt/home/muon/.config/sops/age/keys.txt
sudo chown muon:users /mnt/home/muon/.config
rbw get sops > /mnt/home/muon/.config/sops/age/keys.txt
Impermanence
Erasure
boot.initrd.postResumeCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/mapper/crypted /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';