Skip to content

Instantly share code, notes, and snippets.

@walkermalling
walkermalling / luks-encrypted-root-on-nixos.org
Last active July 16, 2024 10:59
Nix Setup with LUKS encrypted root

Setting up NixOs with LUKS encrypted root

Here are my working notes on getting a system up and running.

WARNING: You can run into a hidden problem that will prevent a correct partition setup and /etc/nixos/configuration.nix from working: if you are setting up a UEFI system, then you need to make sure you boot into the NixOS installation from the UEFI partition of the bootable media. You may have to enter your BIOS boot selection menu to verify this. For example, if you setup a NixOS installer image on a flash drive, your BIOS menu may display several boot options from that flash drive: choose the one explicitly labeled with “UEFI”.

References

I used these resources:

@monacoremo
monacoremo / foundation.nix
Last active May 22, 2022 06:09
(Ab-)using Nix for full stack development environments
let
pkgs =
let
pinnedPkgs =
builtins.fetchGit {
name = "nixos-unstable-2019-12-05";
url = https://github.com/nixos/nixpkgs/;
rev = "cc6cf0a96a627e678ffc996a8f9d1416200d6c81";
};
in
CREATE EXTENSION pgcrypto;
CREATE OR REPLACE FUNCTION totp(key BYTEA, clock_offset INT DEFAULT 0) RETURNS INT AS $$
DECLARE
c BYTEA := '\x000000000' || TO_HEX(FLOOR(EXTRACT(EPOCH FROM NOW()) / 30)::INT + clock_offset);
mac BYTEA := HMAC(c, key, 'sha1');
trunc_offset INT := GET_BYTE(mac, 19) % 16;
result INT := SUBSTRING(SET_BIT(SUBSTRING(mac FROM 1 + trunc_offset FOR 4), 7, 0)::TEXT, 2)::BIT(32)::INT % 1000000;
BEGIN
RETURN result;
END;
@kazu-yamamoto
kazu-yamamoto / gist:2048983
Created March 16, 2012 07:16
Haskell parser with GHC API
-- ghc Main.hs -package ghc
module Main where
import DynFlags
import FastString
import HsSyn
import Lexer
import Outputable
import Parser