- Encrypt everthing including /boot and /root
- Enter password once
- Support UEFI
Download NixOS minimal iso and copy to USB stick. For example on Mac OSX
$ diskutil list
$ diskutil unmountDisk /dev/disk1 # Make sure you got right device
davegallant
/ pct-enter.sh
Created
December 3, 2023 04:06
— forked from Xenthys/pct-enter.sh
A helper for Proxmox's "pct enter" to use containers' hostnames and enter them from any cluster node.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| id=$(grep "$1" /etc/pve/.rrd | cut -d'/' -f 2 | cut -d':' -f 1) | |
| [[ "$id" == '' ]] && echo "The specified LXC does not exist." && exit 1 | |
| node=$(grep "^\"$id\":" /etc/pve/.vmlist | cut -d'"' -f 6) | |
| [[ $(hostname) != "$node" ]] && pre="ssh -t $node " | |
| echo "Entering LXC $id on node $node..." | |
| ${pre}pct enter $id |
davegallant
/ encryptedNixos.md
Created
November 13, 2022 18:18
— forked from ladinu/encryptedNixos.md
NixOS install with encrypted /boot /root with single password unlock
davegallant
/ README.md
Created
November 13, 2021 21:35
— forked from triangletodd/README.md
k3s in LXC on Proxmox
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # This script will collect all existing access keys of the current caller identity, | |
| # create a new access key, update your credentials file, and then delete all previously existing access keys. | |
| # | |
| # This only works if the caller identity is an IAM User because if you're using AWS SSO or temporary session credentials, | |
| # you probably don't need this. | |
| # |
davegallant
/ gh-clone-org
Last active
April 15, 2024 21:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # This script clones all repos in a GitHub org | |
| # It requires the GH CLI: https://cli.github.com | |
| # It can be re-run to collect new repos and pull the latest changes | |
| set -euo pipefail | |
| USAGE="Usage: gh-clone-org <user|org>" |
davegallant
/ nixos.md
Created
May 2, 2021 17:50
— forked from martijnvermaat/nixos.md
Installation of NixOS with encrypted root
These are my notes on instaling NixOS 16.03 on a Lenovo ThinkPad X1 Carbon (4th generation) with an encrypted root file system using UEFI.
Most of this is scrambled from the following pages:
davegallant
/ keybase.md
Created
January 10, 2020 20:16
I hereby claim:
- I am davegallant on github.
- I am dgallant (https://keybase.io/dgallant) on keybase.
- I have a public key ASATIxHvjXCo818oTrF6RcvN9lPOBABk39SjNtSOLdPF7go
To claim this, I am signing this object:
davegallant
/ rfd-redirect-stripper.js
Last active
January 31, 2024 02:44
Moved to https://github.com/davegallant/rfd-redirect-stripper/blob/main/script.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // This is now maintained at https://github.com/davegallant/rfd-redirect-stripper/blob/main/script.js |