-
-
Save dit7ya/53349574d9f95d16647a2912a35e5c31 to your computer and use it in GitHub Desktop.
cloudinit script for Oracle Linux 8 to NixOS with ESP resizing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
# vim: syntax=yaml | |
# Derived from https://gist.github.com/kradalby/0957a5d4fbb9018d0b700b118f5c5341 | |
disable_root: false | |
ssh_authorized_keys: [] | |
write_files: | |
- path: "/etc/ssh/sshd_config.d/permit_root" | |
owner: "root:root" | |
permissions: "0644" | |
content: | | |
PermitRootLogin without-password | |
- path: "/etc/iptables/rules.v4" | |
- path: "/etc/iptables/rules.v6" | |
- path: /etc/nixos/host.nix | |
permissions: "0644" | |
content: | | |
{pkgs, lib, config, ...}: | |
{ | |
networking.usePredictableInterfaceNames = true; | |
services.openssh.enable = true; | |
users = let | |
sshKeys = [ | |
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEzKq/pML6BhxYbC05HXMg4ZjlKVcVbre2FUsPH2b0bi" | |
]; | |
in { | |
users.root.openssh.authorizedKeys.keys = sshKeys; | |
}; | |
environment.systemPackages = with pkgs; | |
let | |
neovim = pkgs.neovim.override { | |
vimAlias = true; | |
configure = { | |
plug.plugins = with pkgs.vimPlugins; [ vim-nix vim-sensible ]; | |
}; | |
}; | |
in [ neovim git tmux nixfmt btop croc ]; | |
services.sshguard.enable = true; | |
} | |
users: | |
- name: ubuntu | |
inactive: true | |
package_update: true | |
package_upgrade: false | |
package_reboot_if_required: false | |
locale: "en_US.UTF-8" | |
timezone: "America/New_York" | |
runcmd: | |
- /usr/libexec/oci-growfs -y | |
- pkill OSWatcher | |
- umount /var/oled | |
- lvremove /dev/mapper/ocivolume-oled | |
- lvresize -l +100%FREE /dev/mapper/ocivolume-root | |
- > | |
echo "drive d: file=\"/dev/sda1\" exclusive" > /etc/mtools.conf | |
- echo "mtools_skip_check=1" >> /etc/mtools.conf | |
- cp -a /boot /root/ | |
# Try to ensure we can unmount and remount /boot | |
- sed -i '/boot/d' /etc/fstab | |
- sed -i '/oled/d' /etc/fstab | |
- systemctl disable boot.mount | |
- umount /boot/efi | |
- umount /boot | |
- sgdisk -d 1 -d 2 -n 1:0:0 -t 1:ef00 -c 1:"EFI System Partition" /dev/sda | |
- partprobe /dev/sda | |
- mkfs.fat -F32 /dev/sda1 | |
- mount -v /dev/sda1 /boot | |
- cp -a /root/boot / | |
- > | |
curl https://raw.githubusercontent.com/elitak/nixos-infect/master/nixos-infect | | |
NO_SWAP=1 | |
NIXOS_IMPORT=./host.nix | |
NIX_CHANNEL=nixos-22.05 | |
bash -x | | |
tee /tmp/infect.log |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment