111 lines
2.7 KiB
Markdown
111 lines
2.7 KiB
Markdown
# 0x29a nixos config
|
|
|
|
personal nixos configuration files
|
|
|
|
## how to deploy the config
|
|
|
|
```bash
|
|
$ sudo nixos-rebuild switch --flake path:/home/aaron/git/nixconfig#default
|
|
```
|
|
|
|
## how to upgrade the system
|
|
|
|
```bash
|
|
$ sudo nixos-rebuild switch --flake --upgrade path:/home/aaron/git/nixconfig#default
|
|
```
|
|
|
|
## basic system installation
|
|
|
|
1. the partitioning layout will look like this.
|
|
|
|
```bash
|
|
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
|
|
sda 8:0 0 233.8G 0 disk
|
|
├─sda1 8:1 0 500M 0 part /boot
|
|
└─sda2 8:2 0 233.3G 0 part
|
|
└─root 254:0 0 233.3G 0 crypt
|
|
├─vg-swap 254:1 0 8G 0 lvm [SWAP]
|
|
└─vg-root 254:2 0 225.3G 0 lvm /
|
|
```
|
|
|
|
2. prepare the installation
|
|
|
|
```bash
|
|
# format the boot partition
|
|
mkfs.fat -F 32 /dev/sda1 -n "nixboot"
|
|
# create an encrypted partition
|
|
cryptsetup luksFormat -y --label="nixcrypt" /dev/sda2
|
|
# open the encrypted partition and map it to /dev/mapper/cryptroot
|
|
cryptsetup luksOpen /dev/sda2 cryptroot
|
|
|
|
# create the physical volume
|
|
pvcreate /dev/mapper/cryptroot
|
|
# create a volume group inside
|
|
vgcreate lvmroot /dev/mapper/cryptroot
|
|
# create the swap volume
|
|
lvcreate --size 8G lvmroot --name nwap
|
|
# if you desire, create a home volume
|
|
lvcreate --size 150G lvmroot --name home
|
|
# create the root volume
|
|
lvcreate -l 100%FREE lvmroot --name root
|
|
|
|
# format as usual for root partition
|
|
mkfs.ext4 -L "nixroot" /dev/mapper/lvmroot-root
|
|
# if you previously made the home partition, do it too
|
|
mkfs.ext4 -L "nixhome" /dev/mapper/lvmroot-home
|
|
# format the swap partition
|
|
mkswap -L "nixswap" /dev/mapper/lvmroot-swap
|
|
|
|
# mount root
|
|
mount /dev/disk/by-label/nixroot /mnt
|
|
# mount boot
|
|
mount --mkdir /dev/sda1 /mnt/boot
|
|
# again, if you did the home volume
|
|
mount --mkdir /dev/disk/by-label/nixhome /mnt/home
|
|
# turn on swap
|
|
swapon /dev/disk/by-label/nixswap
|
|
```
|
|
|
|
3. prepare nixos
|
|
|
|
|
|
```bash
|
|
# generate templates and update the hardware-configuration.nix
|
|
sudo nixos-generate-config --root /mnt
|
|
|
|
# add cryptd to the kernelModules
|
|
boot.initrd.kernelModules = [ "dm-snapshot" "cryptd" ];
|
|
|
|
# add file systems using labels
|
|
fileSystems."/" =
|
|
{ device = "/dev/disk/by-label/nixroot";
|
|
fsType = "ext4";
|
|
};
|
|
fileSystems."/boot" =
|
|
{ device = "/dev/disk/by-label/nixboot";
|
|
fsType = "vfat";
|
|
options = [ "fmask=0022" "dmask=0022" ];
|
|
};
|
|
fileSystems."/home" =
|
|
{ device = "/dev/disk/by-label/nixhome";
|
|
fsType = "ext4";
|
|
};
|
|
swapDevices =
|
|
[ { device = "/dev/disk/by-label/nixswap"; }
|
|
];
|
|
|
|
# point the bootloader to the luks device
|
|
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-label/nixcrypt";
|
|
```
|
|
|
|
4. install nixos
|
|
|
|
```bash
|
|
cd /mnt
|
|
sudo nixos-install
|
|
```
|
|
|
|
## author
|
|
|
|
aaron <aaron@0x29a.ch>
|