walkermalling

Setting up NixOs with LUKS encrypted root

Here are my working notes on getting a system up and running.

WARNING: You can run into a hidden problem that will prevent a correct partition setup and /etc/nixos/configuration.nix from working: if you are setting up a UEFI system, then you need to make sure you boot into the NixOS installation from the UEFI partition of the bootable media. You may have to enter your BIOS boot selection menu to verify this. For example, if you setup a NixOS installer image on a flash drive, your BIOS menu may display several boot options from that flash drive: choose the one explicitly labeled with “UEFI”.

References

I used these resources:

monacoremo

let
  pkgs =
    let
      pinnedPkgs =
        builtins.fetchGit {
          name = "nixos-unstable-2019-12-05";
          url = https://github.com/nixos/nixpkgs/;
          rev = "cc6cf0a96a627e678ffc996a8f9d1416200d6c81";
        };
    in

bwbroersma

CREATE EXTENSION pgcrypto;
CREATE OR REPLACE FUNCTION totp(key BYTEA, clock_offset INT DEFAULT 0) RETURNS INT AS $$
DECLARE
    c BYTEA := '\x000000000' || TO_HEX(FLOOR(EXTRACT(EPOCH FROM NOW()) / 30)::INT + clock_offset);
    mac BYTEA := HMAC(c, key, 'sha1');
    trunc_offset INT := GET_BYTE(mac, 19) % 16;
    result INT := SUBSTRING(SET_BIT(SUBSTRING(mac FROM 1 + trunc_offset FOR 4), 7, 0)::TEXT, 2)::BIT(32)::INT % 1000000;
BEGIN
    RETURN result;
END;

kazu-yamamoto

-- ghc Main.hs -package ghc

module Main where

import DynFlags
import FastString
import HsSyn
import Lexer
import Outputable
import Parser