eduardotenholder
/
defenestrate
forked from M-Labs/defenestrate
1
0
Fork 0
Code Pull Requests Activity

Compare commits

base: eduardotenholder:889e799eeae82aaf2243473ae5454e893d45b5f8
Branches Tags
eduardotenholder:master
eduardotenholder:quartiq
M-Labs:master
..
compare: eduardotenholder:c13047636f9a2cf35d7b7968cb0d57c1ec2869db
Branches Tags
eduardotenholder:quartiq
eduardotenholder:master
M-Labs:master

10 Commits
889e799eea ... c13047636f

Author SHA1 Message Date
Phillip Klein c13047636f label ssh keys 2024-10-14 10:43:01 +02:00
Phillip Klein 470bf8e5d8 readd m-labs ssh keys 2024-10-10 15:57:34 +02:00
Phillip Klein 60f681a33e create seal-off script 2024-10-10 15:52:01 +02:00
Phillip Klein 024a108c37 update readme 2024-10-09 12:40:04 +02:00
Phillip Klein 3ff34efa1f set state version to assure data integrity 2024-10-09 12:40:04 +02:00
Phillip Klein af0db5ce6c update nix namespaces 2024-10-09 12:40:04 +02:00
Phillip Klein e0093e39c1 generalize timezone 2024-10-09 12:40:04 +02:00
Robert Jördens aa2acd2ea0 reboot has been integrated 2024-10-02 17:09:47 +02:00
Phillip Klein 4a11e55c13 force fs creation and perform final reboot on auto install 2024-10-02 15:47:59 +02:00
Phillip Klein 27ad64c3b4 add gitignore 2024-10-02 14:24:49 +02:00
4 changed files with 27 additions and 11 deletions
Show Stats Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
result

6
README
View File

@ -1,10 +1,8 @@
* Enter BIOS, disable secure boot, enable UEFI PXE network boot * Enter BIOS, disable secure boot, enable UEFI PXE network boot
* sudo auto-install * sudo auto-install
* sudo reboot
* Run memtest86 * Run memtest86
* Copy device database to ~/artiq * Copy device database to ~/artiq
* Set timezone * Set timezone and kb layout
* Comment out openssh.authorizedKeys.keys * Comment out openssh.authorizedKeys.keys
* sudo nixos-rebuild boot * sudo seal-off
* sudo nix-collect-garbage -d
* history clear * history clear

5
default.nix
View File

@ -33,7 +33,7 @@ let
parted /dev/nvme0n1 -- mkpart primary 512MiB 100% parted /dev/nvme0n1 -- mkpart primary 512MiB 100%
parted /dev/nvme0n1 -- mkpart ESP fat32 1MiB 512MiB parted /dev/nvme0n1 -- mkpart ESP fat32 1MiB 512MiB
parted /dev/nvme0n1 -- set 2 esp on parted /dev/nvme0n1 -- set 2 esp on
mkfs.btrfs -L nixos /dev/nvme0n1p1 mkfs.btrfs -f -L nixos /dev/nvme0n1p1
mkfs.fat -F 32 -n boot /dev/nvme0n1p2 mkfs.fat -F 32 -n boot /dev/nvme0n1p2
mount /dev/disk/by-label/nixos /mnt mount /dev/disk/by-label/nixos /mnt
mkdir -p /mnt/boot mkdir -p /mnt/boot
@ -41,10 +41,11 @@ let
nixos-generate-config --root /mnt nixos-generate-config --root /mnt
cp ${./final}/* /mnt/etc/nixos cp ${./final}/* /mnt/etc/nixos
nixos-install --no-root-password --flake /mnt/etc/nixos#artiq nixos-install --no-root-password --flake /mnt/etc/nixos#artiq
reboot
''; '';
customModule = { customModule = {
# system.stateVersion = "24.05"; system.stateVersion = "24.05";
environment.systemPackages = [ autoInstall pkgs.git ]; environment.systemPackages = [ autoInstall pkgs.git ];
documentation.info.enable = false; # https://github.com/NixOS/nixpkgs/issues/124215 documentation.info.enable = false; # https://github.com/NixOS/nixpkgs/issues/124215
documentation.man.enable = false; documentation.man.enable = false;

26
final/configuration.nix
View File

@ -1,6 +1,14 @@
{ config, pkgs, artiq, ... }: { config, pkgs, artiq, ... }:
{ let
sealOff = pkgs.writeShellScriptBin "seal-off"
''
set -e
nixos-rebuild boot
nix-collect-garbage -d
'';
in {
imports = imports =
[ [
./hardware-configuration.nix ./hardware-configuration.nix
@ -32,10 +40,11 @@
console.keyMap = "us"; console.keyMap = "us";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "Europe/Berlin"; time.timeZone = "UTC";
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
sealOff
wget wget
vim vim
gitAndTools.gitFull gitAndTools.gitFull
@ -84,11 +93,11 @@
hardware.pulseaudio.package = pkgs.pulseaudioFull; hardware.pulseaudio.package = pkgs.pulseaudioFull;
services.xserver.enable = true; services.xserver.enable = true;
services.xserver.layout = "us"; services.xserver.xkb.layout = "us";
services.xserver.displayManager.gdm.enable = true; services.xserver.displayManager.gdm.enable = true;
services.xserver.displayManager.autoLogin.enable = true; services.displayManager.autoLogin.enable = true;
services.xserver.displayManager.autoLogin.user = "rabi"; services.displayManager.autoLogin.user = "rabi";
# https://github.com/NixOS/nixpkgs/issues/103746 # https://github.com/NixOS/nixpkgs/issues/103746
systemd.services."getty@tty1".enable = false; systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false; systemd.services."autovt@tty1".enable = false;
@ -106,8 +115,15 @@
extraGroups = ["networkmanager" "wheel" "plugdev" "dialout" "wireshark"]; extraGroups = ["networkmanager" "wheel" "plugdev" "dialout" "wireshark"];
initialPassword = "rabi"; initialPassword = "rabi";
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
# m-labs
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyPk5WyFoWSvF4ozehxcVBoZ+UHgrI7VW/OoQfFFwIQe0qvetUZBMZwR2FwkLPAMZV8zz1v4EfncudEkVghy4P+/YVLlDjqDq9zwZnh8Nd/ifu84wmcNWHT2UcqnhjniCdshL8a44memzABnxfLLv+sXhP2x32cJAamo5y6fukr2qLp2jbXzR+3sv3klE0ruUXis/BR1lLqNJEYP8jB6fLn2sLKinnZPfn6DwVOk10mGeQsdME/eGl3phpjhODH9JW5V2V5nJBbC0rBnq+78dyArKVqjPSmIcSy72DEIpTctnMEN1W34BGrnsDd5Xd/DKxKxHKTMCHtZRwLC2X0NWN"
# m-labs
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCMALVC8RDTHec+PC8y1s3tcpUAODgq6DEzQdHDf/cyvDMfmCaPiMxfIdmkns5lMa03hymIfSmLUF0jFFDc7biRp7uf9AAXNsrTmplHii0l0McuOOZGlSdZM4eL817P7UwJqFMxJyFXDjkubhQiX6kp25Kfuj/zLnupRCaiDvE7ho/xay6Jrv0XLz935TPDwkc7W1asLIvsZLheB+sRz9SMOb9gtrvk5WXZl5JTOFOLu+JaRwQLHL/xdcHJTOod7tqHYfpoC5JHrEwKzbhTOwxZBQBfTQjQktKENQtBxXHTe71rUEWfEZQGg60/BC4BrRmh4qJjlJu3v4VIhC7SSHn1"
# quartiq rj
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC27krR8G8Pb59YuYm7+X2mmNnVdk/t9myYgO8LH0zfb2MeeXX5+90nW9kMjKflJss/oLl8dkD85jbJ0fRbRkfJd20pGCqCUuYAbYKkowigFVEkbrbWSLkmf+clRjzJOuBuUA0uq0XKS17uMC3qhu+dDdBOAIKb3L83NfVE8p8Pjb4BPktQrdxefM43/x4jTMuc7tgxVmTOEge3+rmVPK2GnLkUBgBn8b6S+9ElPd63HXI5J5f61v21l5N9V0mhTu1pv6PiDRdFIlFDK9dLVZcZ2qlzpKmCnFrOoreBEgre44SpfFe5/MMItxvWiVsj/rij/rHZZiol1k7JiQCnEHeCCbjjvcBBka5HxZgcb3vBZVceTOawrmjbdbA2dq35sUptz/bEgdZ1UVCmVpWsdROAlEDBmSSbcVwxzcvhoKnkpbuP4Q0V3tVKSLW053ADFNB4frtwY5nAZfsVErFLLphjwb8nlyJoDRNapQrn5syEiW0ligX2AAskZTYIl2A5AYyWPrmX6HJOPqZGatMU3qQiRMxs+hFqhyyCmBgl0kcsgW09MBKtJWk1Fbii98MHqgRUN9R7AUiYy5p78Pnv9DC8DT8Ubl9zoP0g5d40P9NGK2LAhMxLXvtckJ4ERqbSEcNZJw+q4jBrOHnMTz+NLdAUiEtru+6T2OdhaHv+eiNlFQ==" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC27krR8G8Pb59YuYm7+X2mmNnVdk/t9myYgO8LH0zfb2MeeXX5+90nW9kMjKflJss/oLl8dkD85jbJ0fRbRkfJd20pGCqCUuYAbYKkowigFVEkbrbWSLkmf+clRjzJOuBuUA0uq0XKS17uMC3qhu+dDdBOAIKb3L83NfVE8p8Pjb4BPktQrdxefM43/x4jTMuc7tgxVmTOEge3+rmVPK2GnLkUBgBn8b6S+9ElPd63HXI5J5f61v21l5N9V0mhTu1pv6PiDRdFIlFDK9dLVZcZ2qlzpKmCnFrOoreBEgre44SpfFe5/MMItxvWiVsj/rij/rHZZiol1k7JiQCnEHeCCbjjvcBBka5HxZgcb3vBZVceTOawrmjbdbA2dq35sUptz/bEgdZ1UVCmVpWsdROAlEDBmSSbcVwxzcvhoKnkpbuP4Q0V3tVKSLW053ADFNB4frtwY5nAZfsVErFLLphjwb8nlyJoDRNapQrn5syEiW0ligX2AAskZTYIl2A5AYyWPrmX6HJOPqZGatMU3qQiRMxs+hFqhyyCmBgl0kcsgW09MBKtJWk1Fbii98MHqgRUN9R7AUiYy5p78Pnv9DC8DT8Ubl9zoP0g5d40P9NGK2LAhMxLXvtckJ4ERqbSEcNZJw+q4jBrOHnMTz+NLdAUiEtru+6T2OdhaHv+eiNlFQ=="
# quartiq rj
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUaB2G1jexxfkdlly3fdWslH54/s/bOuvk9AxqpjtAY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUaB2G1jexxfkdlly3fdWslH54/s/bOuvk9AxqpjtAY"
# quartiq pk
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIu6yhjCoZ62eamYrAXtFefDhplTRUIdD4tncwlkyAEH" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIu6yhjCoZ62eamYrAXtFefDhplTRUIdD4tncwlkyAEH"
]; ];
}; };