Remote Scratchpad

Installing on a Debian Rescue

# Make sure git is installed
apt-get install -y git

# Let root run the nix installer
mkdir -p /etc/nix
echo "build-users-group =" > /etc/nix/nix.conf
echo "sandbox = false" >> /etc/nix/nix.conf

# Install Nix in single-user mode
curl -L https://nixos.org/nix/install | sh
. $HOME/.nix-profile/etc/profile.d/nix.sh

# Install nixos-generators
#nix-env -f https://github.com/nix-community/nixos-generators/archive/master.tar.gz -i -v
nix-env -f https://github.com/nix-community/nixos-generators/archive/1.7.0.tar.gz -i -v

# Create a initial config, just to kexec into
cat <<EOF > /root/config.nix
{
  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    # Replace with your public key
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAtKh1vr6m9j0y9T7sf928FcacPbIYP9DHzCv2hQIVPS"
  ];
}
EOF

nixos-generate -o /root/result  -f kexec-bundle -c /root/config.nix

# Switch to the new system
/root/result

# Kill shell and ssh back into machine and proceed with install

# Upon relogin via SSH
nix-shell -p git nixFlakes
git clone https://url/repo /tmp/repo
cp /tmp/hardware-configuration.nix /tmp/repo/hosts/<host>/
nixos-install --root /mnt --flake .#hostname

Scratch Script

DISK_EFI_SIZE_MB=512
DISK_SWAP_SIZE_GB=32
DISK=/dev/nvme0n1
PASSWORD=password
DISK2=/dev/nvme1n1
wipefs "${DISK}" -a -f
sgdisk --zap-all "${DISK}"
sgdisk --clear \
                --new=1:0:+"${DISK_EFI_SIZE_MB}"MiB --typecode=1:ef00 --change-name=1:EFI \
                --new=2:0:+"${DISK_SWAP_SIZE_GB}"GiB --typecode=2:8200 --change-name=2:swap \
                --new=3:0:0 --typecode=3:8300 --change-name=3:pool0_0 \
                "${DISK}"
EFI_PARTITION=p1
SWAP_PARTITION=p2
CRYPT_PARTITION=p3
mkfs.vfat "${DISK}""${EFI_PARTITION}"
echo "${PASSWORD}" | cryptsetup --verify-passphrase -v luksFormat "${DISK}""${CRYPT_PARTITION}"
echo "${PASSWORD}" | cryptsetup open "${DISK}""${CRYPT_PARTITION}" pool0_0
echo "${PASSWORD}" | cryptsetup --verify-passphrase -v luksFormat "${DISK2}"
echo "${PASSWORD}" | cryptsetup open "${DISK2}" pool0_1
mkfs.btrfs -f -m raid1 -d raid1 /dev/mapper/pool0_[01]
mount -t btrfs /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt
btrfs subvolume create /mnt/root
mkdir -p /mnt/home
btrfs subvolume create /mnt/home/active
btrfs subvolume create /mnt/home/snapshots
btrfs subvolume create /mnt/nix
btrfs subvolume create /mnt/persist
btrfs subvolume create /mnt/swap
mkdir -p /mnt/var_local
btrfs subvolume create /mnt/var_local/active
btrfs subvolume create /mnt/var_local/snapshots
btrfs subvolume create /mnt/var_log
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank
umount /mnt
mount -o subvol=root,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt
mkdir -p /mnt/home
mount -o subvol=home/active,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/home
mkdir -p /mnt/home/.snapshots
mount -o subvol=home/snapshots,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/home/.snapshots
mkdir -p /mnt/nix
mount -o subvol=nix,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/nix
mkdir -p /mnt/persist
mount -o subvol=persist,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/persist
mkdir -p /mnt/var/local
mount -o subvol=var_local/active,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/var/local
mkdir -p /mnt/var/local/.snapshots
mount -o subvol=var_local/snapshots,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/var/local/.snapshots
mkdir -p /mnt/var/log
mount -o subvol=var_log,compress=zstd,noatime /dev/disk/by-uuid/$(blkid | grep '/dev/mapper/pool0_0' | awk '{print $2}' | cut -d '"' -f 2) /mnt/var/log
mkdir -p /mnt/boot
mount -o defaults,nosuid,nodev,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro /dev/disk/by-partlabel/EFI /mnt/boot/
mkswap "${DISK}""${SWAP_PARTITION}"
swapon
nixos-generate-config --root /mnt --dir /tmp/
nix-shell -p git nixFlakes
mkdir -p /mnt/persist/etc/ssh
git clone https://url/owner/repo /mnt/persist/etc/repo
cd /mnt/persist/etc/repo
nixos-install --root /mnt --flake .#hostname

Rebuild Python Packages

Migrate Github Repository to Gitea

Installing NixOS (Encrypted BTRFS Impermanance)

Creating BTRFS Disk Snapshots

Home Manager Setup

Writing Scripts in Nix

Secrets Management

Installing NixOS on Raspberry PI 3B

Creating SystemD services in Nix

Remote Installation

Conditional Modules

New Deployment checklist

Remote Scratchpad

OnCalendar / Timer examples

Service Folders

Remote Scratchpad