#+TITLE: Installation #+AUTHOR: Franck Cuny #+EMAIL: franck@fcuny.net * Prepare the USB stick Download the most recent image from https://nixos.org/download.html then put it on a stick: #+begin_src sh sudo cp ~/downloads/nixos-minimal-21.11.336020.2128d0aa28e-x86_64-linux.iso /dev/sda #+end_src * Partitioning ** For the workstation (desktop/laptop) All hosts have the same partitioning for the boot drive: - /boot partition for UEFI - / encrypted with btrfs - a 8GB swap If we assume the boot drive to be =nvme0n1=, we will do the following: #+begin_src sh parted /dev/nvme0n1 -- mklabel gpt parted /dev/nvme0n1 -- mkpart primary 512MiB -8GiB parted /dev/nvme0n1 -- mkpart primary linux-swap -8GiB 100% parted /dev/nvme0n1 -- mkpart ESP fat32 1MiB 512MiB parted /dev/nvme0n1 -- set 3 esp on #+end_src Running =lsbkl= should give the following output: #+begin_src sh [root@nixos:~]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS loop0 7:0 0 709M 1 loop /nix/.ro-store sda 8:0 1 29.9G 0 disk ├─sda1 8:1 1 784M 0 part /iso └─sda2 8:2 1 37M 0 part nvme0n1 259:0 0 465.8G 0 disk ├─nvme0n1p1 259:1 0 457.3G 0 part ├─nvme0n1p2 259:2 0 8G 0 part └─nvme0n1p3 259:3 0 511M 0 part #+end_src Then we create the LUKS device: #+begin_src sh cryptsetup --verify-passphrase -v luksFormat /dev/nvme0n1p1 cryptsetup open /dev/nvme0n1p1 system #+end_src We can create the partition for the boot drive and activate the swap: #+begin_src sh mkswap -L swap /dev/nvme0n1p2 swapon /dev/nvme0n1p2 mkfs.fat -F 32 -n nixos-boot /dev/nvme0n1p3 #+end_src #+begin_src sh mkfs.btrfs /dev/mapper/system mount -t btrfs /dev/mapper/system /mnt btrfs subvolume create /mnt/nixos btrfs subvolume create /mnt/home btrfs subvolume create /mnt/snapshots umount /mnt #+end_src Now we can re-mount the partitions with the proper options: #+begin_src sh mount -o subvol=nixos,compress=zstd,noatime,autodefrag /dev/mapper/system /mnt mkdir /mnt/{home,boot,.snapshots} mount -o subvol=home,compress=zstd,noatime,autodefrag /dev/mapper/system /mnt/home mount -o subvol=snapshots,compress=zstd,noatime /dev/mapper/system /mnt/.snapshots mount /dev/nvme0n1p3 /mnt/boot #+end_src Once the installation is completed: #+begin_src sh CUSTOMIZE_TIMESTAMP=$(date -u +%Y%m%dT%H%M%S) btrfs subvolume snapshot /mnt /mnt/.snapshots/$CUSTOMIZE_TIMESTAMP #+end_src ** Partitions for the NAS Create the RAIDs: #+begin_src sh mdadm --create /dev/md/fast --level=mirror --raid-devices=2 /dev/sda /dev/sdb mdadm --create /dev/md/slow --level=mirror --raid-devices=2 /dev/sdc /dev/sde #+end_src Encrypt the RAIDs: #+begin_src sh cryptsetup --verify-passphrase -v luksFormat /dev/md/slow cryptsetup --verify-passphrase -v luksFormat /dev/md/fast #+end_src Then open them: #+begin_src sh cryptsetup open /dev/md/fast raid-fast cryptsetup open /dev/md/slow raid-slow #+end_src Create the filesystem: #+begin_src sh mkfs.btrfs /dev/mapper/raid-fast mkfs.btrfs /dev/mapper/raid-slow #+end_src Then we can mount them to generate the host configuration #+begin_src sh btrfs subvolume create /mnt/media btrfs subvolume create /mnt/containers umount /mnt mount -t btrfs /dev/mapper/raid-slow /mnt/ btrfs subvolume create /mnt/backups mkdir /mnt/data/{backups,containers,media} mount -o subvol=media,compress=zstd,noatime,autodefrag /dev/mapper/raid-fast /mnt/data/media mount -o subvol=media,compress=zstd,noatime,autodefrag /dev/mapper/raid-fast /mnt/data/media mount -o subvol=containers,compress=zstd,noatime,autodefrag /dev/mapper/raid-fast /mnt/data/containers mount -o subvol=backups,compress=zstd,noatime,autodefrag /dev/mapper/raid-slow /mnt/data/backups #+end_src * Installing the system Let's add git and nixFlakes: #+begin_src sh nix-shell -p git nixFlakes #+end_src #+begin_src sh nixos-generate-config --root /mnt mkdir /mnt/root git clone https://git.fcuny.net/fcuny/world.git /mnt/root/world mkdir /mnt/root/world/hosts/ cp /mnt/etc/nixos/hardware-configuration.nix /mnt/root/world/hosts// cp /mnt/root/world/hosts/aptos/default.nix /mnt/root/world/hosts// vim /mnt/root/world/hosts//default.nix cd /mnt/root/world git add hosts/tahoe cd / nixos-install --root /mnt --flake /mnt/root/world# #+end_src Create another snapshot #+begin_src sh CUSTOMIZE_TIMESTAMP=$(date -u +%Y%m%dT%H%M%S) btrfs subvolume snapshot /mnt /mnt/.snapshots/$CUSTOMIZE_TIMESTAMP #+end_src And a =reboot= should be enough. * home-manager initial install After a reboot, as root: #+begin_src sh nix-channel --add https://github.com/nix-community/home-manager/archive/release-21.11.tar.gz home-manager nix-channel --update nix-shell '' -A install home-manager build --flake .#fcuny@ #+end_src