nix/incineroar.brenise.dev/install.sh

#!/usr/bin/env bash
set -e
set -x

TARGET=192.168.1.19
TARGET_MAC=d8:5e:d3:82:9c:35

function FORMAT_DISK ()
{
    dd if=/dev/zero count=1 bs=21M of=/dev/nvme0n1
    parted /dev/nvme0n1 -- mklabel gpt
    parted /dev/nvme0n1 -- mkpart primary 512MB 100%
    mkfs.ext4 -L nixos /dev/nvme0n1p1
    sync # wait for device to be ready
    mount /dev/disk/by-label/nixos /mnt

    # Create a new ESP
    parted /dev/nvme0n1 -- mkpart ESP fat32 1MB 512MB
    parted /dev/nvme0n1 -- set 2 esp on
    mkfs.fat -F 32 -n boot /dev/nvme0n1p2
    sync # wait for device to be ready
    mkdir -p /mnt/boot
    sleep 3 # wait for device to be ready
    mount /dev/disk/by-label/boot /mnt/boot

    # Or use an existing ESP (must have same boot loader type, ie. grub or systemd-boot)
    #mkdir -p /mnt/boot
    #mount /dev/nvme0n1p1 /mnt/boot

    nixos-generate-config --root /mnt
}
ping -c1 ${TARGET} 2>&1 > /dev/null || (echo "Target not found. Exiting." && exit 1)
if ! arp -n | grep $TARGET_MAC; then
    echo "Target not found in ARP table. Exiting."
    exit 1
fi

echo "Install NixOS on ${TARGET}? You must set a password on the target before running this."
echo "Press enter to continue or ctrl+c to quit."
read

ssh-keygen -R ${TARGET}
ssh-copy-id nixos@${TARGET}

COMMANDS="
sudo cp -r /home/nixos/.ssh /root/.;
sudo chown -R root:root /root/.ssh;
"
ssh -t nixos@${TARGET} "${COMMANDS}"

ssh root@${TARGET} "$(typeset -f FORMAT_DISK); FORMAT_DISK"

scp configuration.nix root@${TARGET}:/mnt/etc/nixos/

# copy authorized keys to both the target and the target's chroot, because nixos-install runs outside the chroot
ssh root@${TARGET} mkdir -p /etc/nixos/ssh /mnt/etc/nixos/ssh
if [ -f ~/.ssh/ansible_root_keys ]; then
    scp ~/.ssh/ansible_root_keys root@$TARGET:/mnt/etc/nixos/ssh/authorized_keys
    scp ~/.ssh/ansible_root_keys root@$TARGET:/etc/nixos/ssh/authorized_keys
    scp ~/.ssh/ansible_timburr_keys root@$TARGET:/mnt/etc/nixos/ssh/authorized_timburr_keys
    scp ~/.ssh/ansible_timburr_keys root@$TARGET:/etc/nixos/ssh/authorized_timburr_keys
else
    scp ~/.ssh/authorized_keys root@${TARGET}:/etc/nixos/ssh/authorized_keys
    scp ~/.ssh/authorized_keys root@${TARGET}:/mnt/etc/nixos/ssh/authorized_keys
fi

echo "Press [Enter] to run nixos-install on the target, or press ctrl+c to stop and do it manually."
read
ssh root@${TARGET} nixos-install
#ssh root@${TARGET} openssl dhparam -out /etc/ssl/dhparams.pem 3072

ssh-keygen -R ${TARGET}
echo "Done."
echo
echo "You should set a password before restarting in case networking doesn't come up on first boot. To chroot run this:"
echo "nixos-enter --root /mnt"
echo "passwd"

ssh-keygen -R ${TARGET}