-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathinstall.sh
executable file
·133 lines (122 loc) · 4.05 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/usr/bin/env bash
set -e
# Colors are for cool kids
header() { echo -e "\n\033[1m$@\033[0m"; }
error() { echo -e " \033[1;31m*\033[0m $@"; }
bold() { echo -e "\033[1m$@\033[0m"; }
print_banner() {
echo
echo " _________________ "
echo "/ __ \ _ \ ___ \ Welcome to"
echo "| / \/ | | | |_/ / Corporate Desktop"
echo "| | | | | | ___ \ Installer"
echo "| \__/\ |/ /| |_/ /"
echo "\____/___/ \____/ "
echo
echo
echo " We are going to install NixOS on this computer."
echo " ALL DATA WILL BE LOST !!! "
echo
echo
echo
read -p "Do you understand? (Yes/No): " confirm < /dev/tty && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
}
find_install_device() {
if [ -b /dev/nvme0n1 ]; then
export INST_DEVICE="/dev/nvme0n1";
elif [ -b /dev/sda ]; then
export INST_DEVICE="/dev/sda";
else
echo "Installation device not found."
read -p "Please specify the installation device manually: " -r < /dev/tty
export INST_DEVICE=$REPLY
if [ -b $INST_DEVICE ]; then
echo "$INST_DEVICE is valid, using it."
else
error "$INST_DEVICE is not valid, leaving."
fi
fi
}
ask_for_username() {
read -p "[?] Please enter user's first name: " INST_FIRSTNAME < /dev/tty
read -p "[?] Please enter user's second name: " INST_SECONDNAME < /dev/tty
export INST_FIRSTNAME="${INST_FIRSTNAME,,}"
export INST_SECONDNAME="${INST_SECONDNAME,,}"
export INST_USERNAME="${INST_FIRSTNAME:0:1}${INST_SECONDNAME:0:7}"
}
run_parted() {
read -p "[?] We are going to to run parted on $(bold $INST_DEVICE). Is this okay? [Yes/No] " confirm < /dev/tty && [[ $confirm == [yY] || $confirm == [yY][eE][sS] ]] || exit 1
echo -n "[-] Partitioning $INST_DEVICE... "
wipefs -a $INST_DEVICE >/dev/null 2>&1
parted $INST_DEVICE -- mklabel gpt >/dev/null 2>&1
parted $INST_DEVICE -- mkpart ESP fat32 1MiB 512MiB set 1 boot on >/dev/null 2>&1
parted $INST_DEVICE mkpart primary ext4 537M 100% set 2 lvm on >/dev/null 2>&1
echo " done."
}
run_cryptsetup(){
echo -n "[-] Encrypting the disk... "
INST_PASSWD=$(diceware -s 1 -n 2);
INST_PASSWD_SHA512=$(mkpasswd -m sha-512 -s <<< ${INST_PASSWD})
if [ -b /dev/nvme0n1 ]; then
export INST_DEVICE=$INST_DEVICE"p"
fi
echo -n $INST_PASSWD | cryptsetup -q --type luks1 luksFormat ${INST_DEVICE}2 -
echo -n $INST_PASSWD | cryptsetup luksOpen ${INST_DEVICE}2 enc-pv -d -
echo "done."
}
run_fssetup(){
echo -n "[-] Setting up KVM... "
pvcreate /dev/mapper/enc-pv >/dev/null
vgcreate vg /dev/mapper/enc-pv >/dev/null
lvcreate -n swap vg -L 8G >/dev/null
lvcreate -n root vg -l 100%FREE >/dev/null
echo "done."
echo -n "[-] Formating filesystems... "
mkfs.fat -F 32 -n boot ${INST_DEVICE}1 >/dev/null 2>&1
mkfs.ext4 -L root /dev/vg/root >/dev/null >/dev/null 2>&1
mkswap -L swap /dev/vg/swap >/dev/null 2>&1
echo "done."
echo -n "[-] Mouting filesystems... "
mount /dev/disk/by-label/root /mnt
mkdir -p /mnt/boot
mount /dev/disk/by-label/boot /mnt/boot
swapon /dev/disk/by-label/swap >/dev/null
echo "done."
}
run_nixossetup(){
echo -n "[-] Generating NixOS configurations... "
nixos-generate-config --root /mnt >/dev/null 2>&1
mv /mnt/etc/nixos/configuration.nix /mnt/etc/nixos/configuration.nix-old
wget -q https://raw.githubusercontent.com/mmahut/cdb/master/configuration-template.nix -O /mnt/etc/nixos/configuration.nix
sed -i "s~##device##~${INST_DEVICE}~g" /mnt/etc/nixos/configuration.nix
sed -i "s~##username##~${INST_USERNAME}~g" /mnt/etc/nixos/configuration.nix
sed -i "s~##rootpasswd##~${INST_PASSWD_SHA512/\//\\/}~g" /mnt/etc/nixos/configuration.nix
echo "done."
}
run_nixosinstall(){
echo "[-] Running nixos-install... "
nixos-install --no-root-passwd
}
print_finish(){
echo
echo
echo Pleas take a note of following:
echo
echo
bold Username: $INST_USERNAME
bold Password: $INST_PASSWD
echo
echo Help the user to change this password.
echo
}
# Let's bring the band together
clear
print_banner
ask_for_username
find_install_device
run_parted
run_cryptsetup
run_fssetup
run_nixossetup
run_nixosinstall
print_finish