#!/usr/bin/env nix-shell #!nix-shell -i zsh --packages rsync zsh setopt ERR_EXIT NO_UNSET PIPE_FAIL DIR="${0:h}" TARGET_HOST="${1:-}" TARGET_USER="${2:-nipsy}" if [[ "${USERNAME}" != "nixos" ]]; then echo "ERROR! ${0:t} should be run as the nixos user from a NixOS installer." >&2 exit 1 fi if [[ -z "$TARGET_HOST" ]]; then echo "ERROR! ${0:t} requires a hostname as the first argument." >&2 exit 1 fi if [[ ! -e "${DIR}/../hosts/${TARGET_HOST}/disks.nix" ]]; then echo "ERROR! ${0:t} could not find the required ${DIR}/../hosts/${TARGET_HOST}/disks.nix." >&2 exit 1 fi # Check if the machine we're provisioning is using an encrypted pool. # If it does, prompt for the passphrase, and write to a known location. if grep -q "data.keyfile" "${DIR}/../hosts/${TARGET_HOST}/disks.nix"; then while true; do echo -en "\n${TARGET_HOST} uses ZFS encryption. Enter a passphrase to encrypt your pool: " read -s pass echo if [[ "${#pass}" -lt 8 ]]; then echo 'ERROR! Passphrase must be at least 8 characters.' >&2 continue fi echo -n "Re-enter passphrase: " read -s pass2 echo -e '\n' if [[ "${pass}" != "${pass2}" ]]; then echo 'ERROR! Passphrases must match.' >&2 continue else break fi done echo -n "${pass}" > /tmp/data.keyfile && chmod 00600 /tmp/data.keyfile fi <&2; sleep 1; done while ! sudo zpool export -a; do echo 'attempting to export all zpools' >&2; sleep 1; done fi fi