SelfPrivacy/selfprivacy-nixos-infect
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git synced 2024-11-22 03:51:27 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request 'fix: update infect' (#25) from testing/digital-ocean-cleanup into providers/digital-ocean

Browse source 
Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect/pulls/25
This commit is contained in:
Inex Code 2023-07-26 01:09:53 +03:00
parent 83a65bea88 620a15a3a3
commit acae23fdb0
1 changed files with 15 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
nixos-infect
View file

@ -29,11 +29,7 @@ makeConf() {
# Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep # Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep
local IFS=$'\n' local IFS=$'\n'
for trypath in /root/.ssh/authorized_keys /home/$SUDO_USER/.ssh/authorized_keys $HOME/.ssh/authorized_keys; do
[[ -r "$trypath" ]] \
&& keys=$(sed -E 's/^.*((ssh|ecdsa)-[^[:space:]]+)[[:space:]]+([^[:space:]]+)([[:space:]]*.*)$/\1 \3\4/' "$trypath") \
&& break
done
local network_import="" local network_import=""
[[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect" [[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect"
@ -58,6 +54,9 @@ makeConf() {
"apiKey": "$CF_TOKEN", "apiKey": "$CF_TOKEN",
"useStagingACME": $STAGING_ACME "useStagingACME": $STAGING_ACME
}, },
"email": {
"location": "sda"
},
"server": { "server": {
"provider": "DIGITALOCEAN" "provider": "DIGITALOCEAN"
}, },
@ -117,6 +116,11 @@ EOF
) )
fi fi
availableKernelModules=('"ata_piix"' '"uhci_hcd"' '"xen_blkfront"')
if isX86_64; then
availableKernelModules+=('"vmw_pvscsi"')
fi
# If you rerun this later, be sure to prune the filesSystems attr # If you rerun this later, be sure to prune the filesSystems attr
cat > /etc/nixos/hardware-configuration.nix << EOF cat > /etc/nixos/hardware-configuration.nix << EOF
{ modulesPath, ... }: { modulesPath, ... }:
@ -127,6 +131,7 @@ EOF
]; ];
$bootcfg $bootcfg
boot.initrd.kernelModules = [ "nvme" ]; boot.initrd.kernelModules = [ "nvme" ];
boot.initrd.availableKernelModules = [ ${availableKernelModules[@]} ];
fileSystems."/" = { device = "$rootfsdev"; fsType = "$rootfstype"; }; fileSystems."/" = { device = "$rootfsdev"; fsType = "$rootfstype"; };
} }
EOF EOF
@ -181,7 +186,10 @@ EOF
networking = { networking = {
nameservers = [ ${nameservers[@]} ]; nameservers = [ ${nameservers[@]} ];
defaultGateway = "${gateway}"; defaultGateway = "${gateway}";
defaultGateway6 = "${gateway6}"; defaultGateway6 = {
address = "${gateway6}";
interface = "${eth0_name}";
};
dhcpcd.enable = false; dhcpcd.enable = false;
$predictable_inames $predictable_inames
interfaces = { interfaces = {
@ -330,7 +338,7 @@ infect() {
#addgroup nixbld -g 30000 || true #addgroup nixbld -g 30000 || true
#for i in {1..10}; do adduser -DH -G nixbld nixbld$i || true; done #for i in {1..10}; do adduser -DH -G nixbld nixbld$i || true; done
curl -L https://nixos.org/nix/install | $SHELL curl -L https://nixos.org/nix/install | sh -s -- --no-channel-add
# shellcheck disable=SC1090 # shellcheck disable=SC1090
source ~/.nix-profile/etc/profile.d/nix.sh source ~/.nix-profile/etc/profile.d/nix.sh