mirror of
https://github.com/buckley310/nixos-config.git
synced 2024-09-14 18:14:43 +00:00
add luks scripts
This commit is contained in:
Sean Buckley
parent
8ea4a79f72
commit
3d8ada839e
3 changed files with 38 additions and 15 deletions
20
flake.nix
20
flake.nix
|
|
@ -43,22 +43,12 @@
|
|||
|
||||
apps = self.lib.forAllSystems (system:
|
||||
with nixpkgs.legacyPackages.${system};
|
||||
let
|
||||
binScript = x: writeShellScriptBin "script" "exec ${x}";
|
||||
in
|
||||
{
|
||||
format-luks = writeShellScriptBin "format-luks" ''
|
||||
set -e
|
||||
read -p "Path to new LUKS device: " blkdev
|
||||
set -x
|
||||
cryptsetup -y -v luksFormat "$blkdev"
|
||||
cryptsetup --allow-discards open "$blkdev" cryptroot
|
||||
mkfs.btrfs /dev/mapper/cryptroot
|
||||
mount /dev/mapper/cryptroot /mnt -o discard,compress=zstd
|
||||
btrfs subvolume create /mnt/os
|
||||
btrfs subvolume create /mnt/home
|
||||
umount /mnt
|
||||
mount /dev/mapper/cryptroot /mnt -o discard,compress=zstd,subvol=/os
|
||||
mkdir /mnt/home
|
||||
mount /dev/mapper/cryptroot /mnt/home -o discard,compress=zstd,subvol=/home
|
||||
'';
|
||||
luks-mirror = binScript ./misc/luks-mirror.sh;
|
||||
luks-single = binScript ./misc/luks-single.sh;
|
||||
}
|
||||
);
|
||||
};
|
||||
|
|
|
|||
18
misc/luks-mirror.sh
Executable file
18
misc/luks-mirror.sh
Executable file
|
|
@ -0,0 +1,18 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
read -p "Path to new LUKS device 1: " blkdevA
|
||||
read -p "Path to new LUKS device 2: " blkdevB
|
||||
set -x
|
||||
|
||||
cryptsetup -y -v luksFormat "$blkdevA"
|
||||
cryptsetup -y -v luksFormat "$blkdevB"
|
||||
cryptsetup --allow-discards open "$blkdevA" cryptroot1
|
||||
cryptsetup --allow-discards open "$blkdevB" cryptroot2
|
||||
|
||||
mkfs.btrfs -f -L_root -mraid1 -draid1 /dev/mapper/cryptroot1 /dev/mapper/cryptroot2
|
||||
mount /dev/disk/by-label/_root /mnt -o discard,compress=zstd:1
|
||||
|
||||
btrfs subvolume create /mnt/home
|
||||
btrfs subvolume create /mnt/nix
|
||||
mkdir /mnt/boot
|
||||
15
misc/luks-single.sh
Executable file
15
misc/luks-single.sh
Executable file
|
|
@ -0,0 +1,15 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -e
|
||||
read -p "Path to new LUKS device: " blkdev
|
||||
set -x
|
||||
|
||||
cryptsetup -y -v luksFormat "$blkdev"
|
||||
cryptsetup --allow-discards open "$blkdev" cryptroot
|
||||
|
||||
mkfs.btrfs -f -L_root /dev/mapper/cryptroot
|
||||
mount /dev/disk/by-label/_root /mnt -o discard,compress=zstd:1
|
||||
|
||||
btrfs subvolume create /mnt/home
|
||||
btrfs subvolume create /mnt/nix
|
||||
mkdir /mnt/boot
|
||||
Loading…
Reference in a new issue