aboutsummaryrefslogtreecommitdiffstats
path: root/scripts/install-with-disko
blob: 859a64712ee5839f6c4531d5e7c1c55526770369 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/usr/bin/env nix-shell
#!nix-shell -i zsh --packages rsync zsh

setopt ERR_EXIT NO_UNSET PIPE_FAIL
DIR="${0:h}"

TARGET_HOST="${1:-}"
TARGET_USER="${2:-nipsy}"

if [[ "${USERNAME}" != "nixos" ]]; then
	echo "ERROR!  ${0:t} should be run as the nixos user from a NixOS installer." >&2
	exit 1
fi

if [[ -z "$TARGET_HOST" ]]; then
	echo "ERROR!  ${0:t} requires a hostname as the first argument." >&2
	exit 1
fi

if [[ ! -e "${DIR}/../hosts/${TARGET_HOST}/disks.nix" ]]; then
	echo "ERROR!  ${0:t} could not find the required ${DIR}/../hosts/${TARGET_HOST}/disks.nix." >&2
	exit 1
fi

# Check if the machine we're provisioning is using an encrypted pool.
# If it does, prompt for the passphrase, and write to a known location.
if grep -q "data.keyfile" "${DIR}/../hosts/${TARGET_HOST}/disks.nix"; then
	while true; do
		echo -en "\n${TARGET_HOST} uses ZFS encryption.  Enter a passphrase to encrypt your pool: "
		read -s pass
		echo -e '\n'

		if [[ "${#pass}" -lt 8 ]]; then
			echo 'ERROR!  Passphrase must be at least 8 characters.' >&2
		else
			break
		fi
	done

	echo -n "${pass}" > /tmp/data.keyfile && chmod 00600 /tmp/data.keyfile
fi


<<EOF
++++++++	The disk(s) in ${TARGET_HOST} are about to get wiped!
WARNING!	NixOS will be re-installed on ${TARGET_HOST}.
++++++++	This is a destructive operation!!!

EOF

read -q '?Are you sure? [y/N] '
echo

if [[ "${REPLY}" == "y" ]]; then
	sudo true
	sudo nix run github:nix-community/disko \
		--extra-experimental-features "nix-command flakes" \
		--no-write-lock-file \
		-- \
		--mode zap_create_mount \
		"${DIR}/../hosts/${TARGET_HOST}/disks.nix"

	# rsync NixOS configuration to target host file system and install the system
	sudo mkdir -p /mnt/etc/nixos
	sudo rsync -a --delete --exclude .git "${DIR}/.." /mnt/etc/nixos
	cd /mnt/etc/nixos
	sudo nixos-install --flake ".#${TARGET_HOST}"
fi