diff --git a/install.sh b/install.sh index 0cfceef..1e6abba 100644 --- a/install.sh +++ b/install.sh @@ -1,37 +1,52 @@ -# Define the disk to partition -DISK="/dev/sda" +#!/usr/bin/env bash -# Create a new partition table -parted $DISK -- mklabel gpt +set -euo pipefail -# Create the EFI partition -parted $DISK -- mkpart ESP fat32 1MiB 512MiB -parted $DISK -- set 1 esp on +# Replace with your actual repo +REPO_URL="https://git.luke-else.co.uk/luke-else/nixos-config.git" +HOSTNAME="vm" # Change to desktop/laptop/vm if needed +TARGET_DISK="/dev/sda" +MOUNT_POINT="/mnt" -# Create the root partition -parted $DISK -- mkpart primary ext4 512MiB 100% +# Confirm before wiping the disk +echo "WARNING: This will erase ALL data on ${TARGET_DISK}!" +read -p "Type YES to continue: " confirm +[[ "$confirm" == "YES" ]] || { echo "Aborting."; exit 1; } -# Format the EFI partition -mkfs.fat -F 32 -n BOOT ${DISK}1 +# 1. Wipe the disk and create new GPT partition table +wipefs -a "$TARGET_DISK" +parted -s "$TARGET_DISK" mklabel gpt -# Format the root partition -mkfs.ext4 ${DISK}2 +# 2. Create partitions +# - EFI (512M) +# - Root (rest of the disk) +parted -s "$TARGET_DISK" mkpart primary fat32 1MiB 513MiB +parted -s "$TARGET_DISK" set 1 esp on +parted -s "$TARGET_DISK" mkpart primary ext4 513MiB 100% -# Mount the partitions -mount ${DISK}2 /mnt -mkdir -p /mnt/boot/efi -mount ${DISK}1 /mnt/boot/efi +EFI_PART="${TARGET_DISK}1" +CRYPT_PART="${TARGET_DISK}2" -# Clone the configuration repository -mkdir -p /mnt/etc/nixos -git clone https://git.luke-else.co.uk/luke-else/nixos-config.git /mnt/etc/nixos +# 3. Format the EFI partition +mkfs.fat -F32 "$EFI_PART" -# Install NixOS using the cloned configuration -nixos-install --flake /mnt/etc/nixos#vm +# 4. Set up LUKS encryption for root +echo "Setting up LUKS encryption on ${CRYPT_PART}" +cryptsetup luksFormat "$CRYPT_PART" +cryptsetup open "$CRYPT_PART" cryptroot -# Ensure the bootloader is installed -nixos-enter --root /mnt -- nixos-rebuild boot +# 5. Format root and mount +mkfs.ext4 /dev/mapper/cryptroot +mount /dev/mapper/cryptroot "$MOUNT_POINT" -# Reboot the system -echo "Installation complete. Rebooting..." -reboot \ No newline at end of file +# 6. Create and mount boot directory +mkdir -p "$MOUNT_POINT/boot" +mount "$EFI_PART" "$MOUNT_POINT/boot" + +# 7. Clone your NixOS config +git clone "$REPO_URL" "$MOUNT_POINT/etc/nixos" + +# 8. Install NixOS +nixos-install --flake "/etc/nixos#${HOSTNAME}" --no-root-passwd + +echo "✅ NixOS installation complete! You may now reboot." \ No newline at end of file diff --git a/modules/common.nix b/modules/common.nix index 22a4193..5dd2c9b 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -2,36 +2,33 @@ { # Bootloader: systemd-boot with EFI support - boot = { - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; - # Kernel parameters for root - kernelParams = [ "root=/dev/sda1" ]; + # Use systemd-boot instead of GRUB + boot.loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + boot.initrd = { + supportedFilesystems = [ "ext4" ]; + luks.devices."cryptroot".device = "/dev/disk/by-partlabel/cryptroot"; }; - # File systems fileSystems."/" = { - device = "/dev/sda1"; # root partition + device = "/dev/mapper/cryptroot"; fsType = "ext4"; }; - # EFI partition mount (usually /boot or /boot/efi) fileSystems."/boot" = { - device = "/dev/sda2"; # EFI partition + device = "/dev/disk/by-partlabel/ESP"; fsType = "vfat"; - options = [ "nofail" "defaults" ]; }; - # Swap file (4GB) - swapDevices = [ - { - device = "/swapfile"; - size = 4096; # 4GB - } - ]; + swapDevices = [{ + device = "/swapfile"; + size = 4096; + }]; # Locale and timezone time.timeZone = "Europe/London"; diff --git a/modules/user.nix b/modules/user.nix index 2f7f8ac..b08250c 100644 --- a/modules/user.nix +++ b/modules/user.nix @@ -4,7 +4,7 @@ users.users."luke-else" = { isNormalUser = true; home = "/home/luke-else"; - shell = pkgs.bash; + shell = pkgs.zsh; extraGroups = [ "wheel" "networkmanager" "docker" ]; };