From 778580c440b5179b7a5de9b4a1d316ba8dff5278 Mon Sep 17 00:00:00 2001 From: Christoph Cullmann Date: Wed, 2 Jul 2025 20:29:09 +0200 Subject: [PATCH] start to prepare for zeta ARM machine --- beta/configuration.nix | 4 + miku/configuration.nix | 4 + neko/configuration.nix | 4 + share/common.nix | 4 - zeta/install.txt | 161 +++++++++++++++++++++++++++++++++++++++++ 5 files changed, 173 insertions(+), 4 deletions(-) create mode 100644 zeta/install.txt diff --git a/beta/configuration.nix b/beta/configuration.nix index a17bccb..cdd1bdb 100644 --- a/beta/configuration.nix +++ b/beta/configuration.nix @@ -10,6 +10,10 @@ /data/nixos/share/common.nix ]; + # x86-64 machine + nixpkgs.hostPlatform = "x86_64-linux"; + boot.loader.efi.canTouchEfiVariables = true; + # our hostname networking.hostName = "beta"; networking.hostId = "c07bab49"; diff --git a/miku/configuration.nix b/miku/configuration.nix index f0cbefc..c8b52de 100644 --- a/miku/configuration.nix +++ b/miku/configuration.nix @@ -10,6 +10,10 @@ /data/nixos/share/common.nix ]; + # x86-64 machine + nixpkgs.hostPlatform = "x86_64-linux"; + boot.loader.efi.canTouchEfiVariables = true; + # our hostname networking.hostName = "miku"; networking.hostId = "4d00f481"; diff --git a/neko/configuration.nix b/neko/configuration.nix index 99da24b..63bfff9 100644 --- a/neko/configuration.nix +++ b/neko/configuration.nix @@ -10,6 +10,10 @@ /data/nixos/share/common.nix ]; + # x86-64 machine + nixpkgs.hostPlatform = "x86_64-linux"; + boot.loader.efi.canTouchEfiVariables = true; + # our hostname networking.hostName = "neko"; networking.hostId = "4836f248"; diff --git a/share/common.nix b/share/common.nix index 212a203..f625887 100644 --- a/share/common.nix +++ b/share/common.nix @@ -23,9 +23,6 @@ in # install release system.stateVersion = "25.05"; - # atm all stuff is x86_64 - nixpkgs.hostPlatform = "x86_64-linux"; - # enable ZFS boot.supportedFilesystems = ["zfs"]; @@ -115,7 +112,6 @@ in # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; # use a high resolution boot.loader.systemd-boot.consoleMode = "max"; diff --git a/zeta/install.txt b/zeta/install.txt new file mode 100644 index 0000000..0ca2cdf --- /dev/null +++ b/zeta/install.txt @@ -0,0 +1,161 @@ +# +# preparation of installer on NixOS machine +# details see https://github.com/nix-community/nixos-apple-silicon/blob/main/docs/uefi-standalone.md +# + +# get the Apple Silicon support git +git clone https://github.com/nix-community/nixos-apple-silicon.git +cd nixos-apple-silicon + +# build m1n1 +nix build .#m1n1 -o m1n1 + +# build uboot +nix build .#uboot-asahi -o u-boot + +# build installer ISO +nix build .#installer-bootstrap -o installer -j4 -L + +# write to USB stick +doas dd if=result/iso/nixos-*-x86_64-linux.iso of=/dev/sda bs=4M conv=fsync + +# +# enable ssh for root +# + +sudo bash +systemctl start sshd +passwd + +# get wlan +nmtui + +# +# install script below +# + +# host name to use +HOST=zeta + +# disks to use +DISK=/dev/disk/by-id/nvme-SAMSUNG_MZVLB1T0HBLR-000L2_S4DZNX0R362286 +DISKS="$DISK" + +# create partition table on all disks and EFI partition +RAID="" +for D in $DISKS; do + # kill old data + sgdisk --zap-all $D + blkdiscard -v -f $D + wipefs -a $D + sleep 5 + + # Create partition table + parted $D -- mklabel gpt + + # Create a /boot as $D-part1 + parted $D -- mkpart ESP fat32 1MiB 1024MiB + parted $D -- set 1 boot on + + # Create a /nix as $D-part2 + parted $D -- mkpart NIX 1024MiB 100% + + # boot partition after short sleep, needed on some machines + sleep 5 + mkfs.vfat $D-part1 + + # add part2 to raid + RAID="$RAID $D-part2" +done + +# take a look at the partitions +lsblk + +# ZFS zpool creation with compression and encryption +zpool create \ + -o ashift=13 \ + -o autotrim=off \ + -O acltype=posixacl \ + -O atime=off \ + -O canmount=off \ + -O checksum=blake3 \ + -O compression=lz4 \ + -O dnodesize=auto \ + -O utf8only=on \ + -O normalization=none \ + -O xattr=sa \ + -O mountpoint=none \ + -O encryption=on \ + -O keylocation=prompt \ + -O keyformat=passphrase \ + zpool $RAID + +sleep 5 + +# take a look at the partitions +lsblk + +# show the pool +zpool status + +sleep 5 + +# create all the volumes +zfs create -o recordsize=64K -o mountpoint=legacy zpool/data +zfs create -o recordsize=64K -o mountpoint=legacy zpool/nix +zfs create -o recordsize=64K -o mountpoint=legacy zpool/root + +sleep 5 + +# show the pool +zpool status + +sleep 5 + +# create ZFS snapshot that we'll rollback to on boot +# see https://ryanseipp.com/post/nixos-encrypted-root/ +zfs snapshot zpool/root@blank + +sleep 5 + +# prepare install, root +mount -t zfs zpool/root /mnt + +# Create directories to mount file systems on +mkdir -p /mnt/{data,nix,boot,root,etc/nixos} + +# mount the ESP +mount $DISK-part1 /mnt/boot + +# mount volumes +mount -t zfs zpool/data /mnt/data +mount -t zfs zpool/nix /mnt/nix + +# bind mount persistent stuff to data +mkdir -p /mnt/data/{root,nixos/$HOST} +mount --bind /mnt/data/root /mnt/root +mount --bind /mnt/data/nixos/$HOST /mnt/etc/nixos + +# create fake /data to have the right paths +mkdir -p /data +mount --bind /mnt/data /data + +# take a look +mount + +# configure +nixos-generate-config --root /mnt + +# copy config data from another machine including secrets +doas scp -r /data/nixos root@192.168.13.102:/mnt/data + +# install +nixos-install --option experimental-features 'nix-command flakes' --no-root-passwd --root /mnt + +# unmount all stuff and sync +umount -Rl /data /mnt +zpool export -a +sync + +# shutdown once +shutdown now