Skip to content

Instantly share code, notes, and snippets.

@stefandeml
Created October 15, 2019 11:09
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save stefandeml/587a8b5bf596e7347751708ca762a30e to your computer and use it in GitHub Desktop.
reboot
# Create partitions
parted --script /dev/nvme0n1 mklabel gpt
parted --script --align optimal /dev/nvme0n1 -- mklabel gpt mkpart 'ESP-partition' fat32 1MB 551MB set 1 esp on mkpart 'LVM-partition' 551MB '100%'
partprobe
udevadm settle --timeout=5 --exit-if-exists=/dev/nvme0n1p1
udevadm settle --timeout=5 --exit-if-exists=/dev/nvme0n1p2
# Cleanup
wipefs -a /dev/nvme0n1p1
wipefs -a /dev/nvme0n1p2
set +e
lvremove nixos
vgremove -y vgnvme
pvremove /dev/nvme0n1p2
set -e
# Create lvm volume
pvcreate /dev/nvme0n1p2
vgcreate vgnvme /dev/nvme0n1p2
lvcreate --extents '80%FREE' -n nixos vgnvme
vgchange -ay vgnvme
# Create FS
mkfs.fat -F32 -n esp /dev/disk/by-partlabel/ESP-partition
mkfs.ext4 -F -L nixos-root /dev/mapper/vgnvme-nixos
udevadm trigger
udevadm settle --timeout=5 --exit-if-exists=/dev/disk/by-label/nixos-root
# Install nix
mkdir -p /etc/nix
echo "build-users-group =" > /etc/nix/nix.conf # Enable root install
curl https://nixos.org/nix/install | sh
set +u +x
. $HOME/.nix-profile/etc/profile.d/nix.sh
set -u -x
nix-channel --add https://nixos.org/channels/nixos-19.03 nixpkgs
nix-channel --update
nix-env -iE "_: with import <nixpkgs/nixos> { configuration = {}; }; with config.system.build; [ nixos-generate-config nixos-install nixos-enter manual.manpages ]"
mount /dev/disk/by-label/nixos-root /mnt
mkdir -p /mnt/boot
mount /dev/disk/by-label/esp /mnt/boot
nixos-generate-config --root /mnt
cat > /mnt/etc/nixos/configuration.nix <<EOF
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use GRUB2 as the EFI boot loader.
boot.loader.systemd-boot.enable = false;
boot.loader.grub = {
enable = true;
efiSupport = true;
};
boot.loader.grub.device = "nodev";
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "avato-build-server";
networking.nameservers = [ "8.8.8.8" ];
users.users.root.initialHashedPassword = "";
services.openssh.permitRootLogin = "prohibit-password";
services.openssh.ports = [ 32222 ];
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXxpTQi8X5CwZS6HpeuIR5R51EZNg1rrx7DW4+Z21++n/8jEKtVmJ7vkSiY0LSl3Ha8Y3ZxDyntfuLIOGYzd/AibkwBp7K+ZENjPuIrVApvMZ7ejSjCA+txorpl2zHEmQ9Y0xiUSXYQVyFnTZN5y+GzwXHKZ4Ulo/vKu9/EDL56CaIjHcovJu1XPCangFQ8DJbco16ItFje56Tf1F9Qc5S/mUwHfuLqEmFoUJSiSviFKLm/1TfSx1uv3ELLERat/+uVUjm1HYH7Qu7PEoNuCICejX88LJRmeI9ixydYkqZ5R0xVkGpgW/tGHnUTor93jo5FTrK0Z01p8KFmgIJuXPKn2DmsvPgrrpQPponrh6bK5bm8BHK3kLUPMljxHLiIEb0xU6qg/heeUAfVJC7XgOcAEFjkBvYlDkf8k9KSesWyZxufEDrpdSkIiqIoKxlq1nnwitXZ/hB6XBDxIPh3cnMdLRsOuGc8r4aDEKDs4HhQ5XaT5vQeMflaeSUqCd/0T90Ood9CJt7CjvCd6was+ebmJaYUgk0SX2+Vql0nTiTBngg9dPQ27FL33T9Dqspd6CyxFjy30anbdxru6yBh+GPc6oVLOJXsvfZ88QdwchYr+aZInVEtdhl+b7GJfc2eixdayWp9PAiTffm9F27gCbEHxFDhyvZFdelZp4lLfJjYw== private
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9rw0GjeZuXUAQHTvT/oXre4BSnWghf9jtOfbRIxb17FkGsgD5qEtktdpIOd1TroJtXhmSi67oJ+CJbLmjL7f2z6S9muzngkb475hE3QwT/JwD4h3r22GJO+jSMZbB53VRc3+S96HVYKAu7F94EbVW78XfrcwPCFpW89KTM27t1ARH3vPGg5BdsI7PCZcNyzHOOnuZSwtiELpoMK0Z4RMw1mQ3hMzvvbxB73ocJl/Dtt9QGLZN57JOVV52BynjfaTobwYB9WROvPKvDGeHIYmckujLG+yuEEZmCeUq9h8MxmofI3kfykb/Ln/yDZ3XNDIF2oXzgmHZyY4Y8dsv47JJ sancho@united
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDXxpTQi8X5CwZS6HpeuIR5R51EZNg1rrx7DW4+Z21++n/8jEKtVmJ7vkSiY0LSl3Ha8Y3ZxDyntfuLIOGYzd/AibkwBp7K+ZENjPuIrVApvMZ7ejSjCA+txorpl2zHEmQ9Y0xiUSXYQVyFnTZN5y+GzwXHKZ4Ulo/vKu9/EDL56CaIjHcovJu1XPCangFQ8DJbco16ItFje56Tf1F9Qc5S/mUwHfuLqEmFoUJSiSviFKLm/1TfSx1uv3ELLERat/+uVUjm1HYH7Qu7PEoNuCICejX88LJRmeI9ixydYkqZ5R0xVkGpgW/tGHnUTor93jo5FTrK0Z01p8KFmgIJuXPKn2DmsvPgrrpQPponrh6bK5bm8BHK3kLUPMljxHLiIEb0xU6qg/heeUAfVJC7XgOcAEFjkBvYlDkf8k9KSesWyZxufEDrpdSkIiqIoKxlq1nnwitXZ/hB6XBDxIPh3cnMdLRsOuGc8r4aDEKDs4HhQ5XaT5vQeMflaeSUqCd/0T90Ood9CJt7CjvCd6was+ebmJaYUgk0SX2+Vql0nTiTBngg9dPQ27FL33T9Dqspd6CyxFjy30anbdxru6yBh+GPc6oVLOJXsvfZ88QdwchYr+aZInVEtdhl+b7GJfc2eixdayWp9PAiTffm9F27gCbEHxFDhyvZFdelZp4lLfJjYw==
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDOMnrUKIGswAC9vycDk7OsRD1LxM1+IpRwmZ4X6/aRaR6TLZClDtuXqQK6G+8lAYS+0NkyIzMCM7uOeocYh28c5ENA+8u23ai5obm7mzCoQo9+zUfPAjV9QfMr5c1DAfJcP/R+d6KkGbsxAFTwKRBk1T++LFTjwW9pLXjdXDLI5ndydfX9NTsuSQux57RiJpL9sX4leIefkHjL/FprPrKYfAi3zfFkgRM+Z63uU3nB9Ap9vRIfi5SDtjhGr2+4QzHgKXrx8mLQL6+0h05n6cD6E9Y73sUfVqIvLT9Ia/qssVRifHLxyWrwmyp2t4Zdrh5Cdpcb22/LoXr8KKmSEuDy83oeSS/9KAvPn68dG9D67UNjZEsl7UYnjeWnZtwEThlSQapvbHYs7qjsdbgXw72UxqFxEoWkUym+DQLlkxZSehumvx36ujCeDaoErKjeaHoPPHwEXJ5h6KILccGCKVOUBePtPNRuzL6vTBlqnOKjYy3DlWqgHCvAVQlkICttkgCzzrqm2BfqKUZH5HRGSzXE1IWDmppae0/JtGpaQwfDbbrZEg8Tsi9cFhQqiGKcma/PGDvZGKu/RaN1XAKW79IflqeIolluXsfA/GCIyxBa/afDgnfLiWhGlzjsUhIJ/qacx+bKj0thoRtoU6n6PlUpDU3/1Oqbir+bYDGvUIbfnQ== Generated by ISG D-MATH for heinzec@ethz.ch on 2016-02-19 @ 11:39:38
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC78ZdkvJjmkKE3pu4/yEuLbtbBcV/M0br3KVPcr3Son+RwgbCSBV+oazRcnkGuRNiYjcxNT0y+So29BfBLnSgynVS6S3VyAPlXnDmKwjx/g18CgEZ7FC5sdNl06s1XzTkeJNrjzxOueIkMG4bv6nqno1+iUkpRorSsEpdQN9pSdKaNF2u7CfqF2rqA1DSTQIhy61rqlxzq3iEOB8vS7D5OPbGHyscERhlzzxG4hvngiFJOeR8iSYoydmrmC7mBxB6887rwOAjOfh4vCO1LajNkH7eck9VdHfbiO6i9UdaiyA+faPvBapeWFv5ah9I19dx41X/Ag6dJgAxkdsAtaREp dstur@Davids-MacBook-Pro.local
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6G056rT+gY4aeIm6KVbdb5Gav+m77bNdGpCshtTsE5pnhBPoFN30K6L0hpWMZf0V4dhA65kx+HattX6sEPlKacryrefe75L3k9Sr8KRQNeU+SoiQZYvtg1cPA4jotTBmQfHbtfqh6416ePBjiCzwx9h4pUz2fwiRce+nl4B50Sd4JGjoMRCisonNlcokk9zUpjDZAUKb/cmnawHy4GX5umSfxf2jXLYFnxw4XYeR1dLcovW5rMcgqBZEAmIrrR6i8Q/lyRMrS5VISzCct3BqK9RiJvhlKX2skVux08SBQSB4l4CJIbiAWjiVVXbE7t9evbGzTWgdqdYQO6QjEj++iw== 0slemi0@gmail.com"
];
services.openssh.enable = true;
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "19.03"; # Did you read the comment?
}
EOF
PATH="$PATH" NIX_PATH="$NIX_PATH" `which nixos-install` --no-root-passwd --root /mnt --max-jobs 40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment