{
  parted,
  cryptsetup,
  e2fsprogs,
  dosfstools,
  writeShellApplication,
}: let
  ssdData = import ../data/normalEncryptedDrive.nix;
in (writeShellApplication {
  name = "mk-normal-enc-ssd";
  runtimeInputs = [
    parted
    cryptsetup
    e2fsprogs
    dosfstools
  ];
  text = ''
    if [ -z "''${1-}" ]; then
      echo "Please specify a path to device as first argument"
      exit 1
    fi

    if [ -z "''${2-}" ]; then
      echo "Please specify a path to key file as second argument"
      exit 1
    fi

    SSD_PATH=$1
    KEY_FILE=$2

    if echo "$SSD_PATH" | grep -q "[0-9]$"; then
        PARTITION_SEPARATOR="p"
    else
        PARTITION_SEPARATOR=""
    fi

    if [ "$EUID" -ne 0 ]; then
      echo "Please run as root"
      exit
    fi

    echo "Creating Partitions..."
    parted "$SSD_PATH" -- mklabel gpt
    parted "$SSD_PATH" -- mkpart ESP fat32 1MiB 512MiB
    parted "$SSD_PATH" -- mkpart primary 620MiB -1MiB
    parted "$SSD_PATH" -- set 1 esp on
    parted "$SSD_PATH" -- name 1 "${ssdData.bootLabel}"
    parted "$SSD_PATH" -- name 2 "${ssdData.encryptedPartLabel}"

    echo "Formatting boot partition"
    mkfs.fat -n "${ssdData.bootLabel}" "''${SSD_PATH}''${PARTITION_SEPARATOR}1"

    echo "Creating Encrypted Partition"
    cryptsetup luksFormat "''${SSD_PATH}''${PARTITION_SEPARATOR}2" --key-file "$KEY_FILE"

    echo "Opening Encrypted Partition"
    cryptsetup open "''${SSD_PATH}''${PARTITION_SEPARATOR}2" "mk_normal_enc_ssd" --key-file "$KEY_FILE"

    echo "Formatting Encrypted Root Filesystem"
    mkfs.ext4 -L "${ssdData.unencryptedLabel}" /dev/mapper/mk_normal_enc_ssd

    echo "mount /dev/mapper/mk_normal_enc_ssd to install"
  '';
})