mirror of
https://github.com/buckley310/nixos-config.git
synced 2024-11-09 18:47:02 +00:00
add luks scripts
This commit is contained in:
Sean Buckley
parent
8ea4a79f72
commit
3d8ada839e
3 changed files with 38 additions and 15 deletions
20
flake.nix
20
flake.nix
|
|
@ -43,22 +43,12 @@
|
||||||
|
|
||||||
apps = self.lib.forAllSystems (system:
|
apps = self.lib.forAllSystems (system:
|
||||||
with nixpkgs.legacyPackages.${system};
|
with nixpkgs.legacyPackages.${system};
|
||||||
|
let
|
||||||
|
binScript = x: writeShellScriptBin "script" "exec ${x}";
|
||||||
|
in
|
||||||
{
|
{
|
||||||
format-luks = writeShellScriptBin "format-luks" ''
|
luks-mirror = binScript ./misc/luks-mirror.sh;
|
||||||
set -e
|
luks-single = binScript ./misc/luks-single.sh;
|
||||||
read -p "Path to new LUKS device: " blkdev
|
|
||||||
set -x
|
|
||||||
cryptsetup -y -v luksFormat "$blkdev"
|
|
||||||
cryptsetup --allow-discards open "$blkdev" cryptroot
|
|
||||||
mkfs.btrfs /dev/mapper/cryptroot
|
|
||||||
mount /dev/mapper/cryptroot /mnt -o discard,compress=zstd
|
|
||||||
btrfs subvolume create /mnt/os
|
|
||||||
btrfs subvolume create /mnt/home
|
|
||||||
umount /mnt
|
|
||||||
mount /dev/mapper/cryptroot /mnt -o discard,compress=zstd,subvol=/os
|
|
||||||
mkdir /mnt/home
|
|
||||||
mount /dev/mapper/cryptroot /mnt/home -o discard,compress=zstd,subvol=/home
|
|
||||||
'';
|
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
};
|
};
|
||||||
|
|
|
||||||
18
misc/luks-mirror.sh
Executable file
18
misc/luks-mirror.sh
Executable file
|
|
@ -0,0 +1,18 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
read -p "Path to new LUKS device 1: " blkdevA
|
||||||
|
read -p "Path to new LUKS device 2: " blkdevB
|
||||||
|
set -x
|
||||||
|
|
||||||
|
cryptsetup -y -v luksFormat "$blkdevA"
|
||||||
|
cryptsetup -y -v luksFormat "$blkdevB"
|
||||||
|
cryptsetup --allow-discards open "$blkdevA" cryptroot1
|
||||||
|
cryptsetup --allow-discards open "$blkdevB" cryptroot2
|
||||||
|
|
||||||
|
mkfs.btrfs -f -L_root -mraid1 -draid1 /dev/mapper/cryptroot1 /dev/mapper/cryptroot2
|
||||||
|
mount /dev/disk/by-label/_root /mnt -o discard,compress=zstd:1
|
||||||
|
|
||||||
|
btrfs subvolume create /mnt/home
|
||||||
|
btrfs subvolume create /mnt/nix
|
||||||
|
mkdir /mnt/boot
|
||||||
15
misc/luks-single.sh
Executable file
15
misc/luks-single.sh
Executable file
|
|
@ -0,0 +1,15 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
read -p "Path to new LUKS device: " blkdev
|
||||||
|
set -x
|
||||||
|
|
||||||
|
cryptsetup -y -v luksFormat "$blkdev"
|
||||||
|
cryptsetup --allow-discards open "$blkdev" cryptroot
|
||||||
|
|
||||||
|
mkfs.btrfs -f -L_root /dev/mapper/cryptroot
|
||||||
|
mount /dev/disk/by-label/_root /mnt -o discard,compress=zstd:1
|
||||||
|
|
||||||
|
btrfs subvolume create /mnt/home
|
||||||
|
btrfs subvolume create /mnt/nix
|
||||||
|
mkdir /mnt/boot
|
||||||
Loading…
Reference in a new issue