chaos/nixfiles
1
0
Fork 0
Code Issues 2 Releases Activity
nixfiles/extras/mk-normal-enc-ssd.nix
chaos 599122d3af
major tidy
2023-09-18 03:56:58 +01:00

65 lines
1.7 KiB
Nix
Raw Blame History

{
parted,
cryptsetup,
e2fsprogs,
dosfstools,
writeShellApplication,
}: let
ssdData = import ../data/normalEncryptedDrive.nix;
in (writeShellApplication {
name = "mk-normal-enc-ssd";
runtimeInputs = [
parted
cryptsetup
e2fsprogs
dosfstools
];
text = ''
if [ -z "''${1-}" ]; then
echo "Please specify a path to device as first argument"
exit 1
fi
if [ -z "''${2-}" ]; then
echo "Please specify a path to key file as second argument"
exit 1
fi
SSD_PATH=$1
KEY_FILE=$2
if echo "$SSD_PATH" | grep -q "[0-9]$"; then
PARTITION_SEPARATOR="p"
else
PARTITION_SEPARATOR=""
fi
if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
echo "Creating Partitions..."
parted "$SSD_PATH" -- mklabel gpt
parted "$SSD_PATH" -- mkpart ESP fat32 1MiB 512MiB
parted "$SSD_PATH" -- mkpart primary 620MiB -1MiB
parted "$SSD_PATH" -- set 1 esp on
parted "$SSD_PATH" -- name 1 "${ssdData.bootLabel}"
parted "$SSD_PATH" -- name 2 "${ssdData.encryptedPartLabel}"
echo "Formatting boot partition"
mkfs.fat -n "${ssdData.bootLabel}" "''${SSD_PATH}''${PARTITION_SEPARATOR}1"
echo "Creating Encrypted Partition"
cryptsetup luksFormat "''${SSD_PATH}''${PARTITION_SEPARATOR}2" --key-file "$KEY_FILE"
echo "Opening Encrypted Partition"
cryptsetup open "''${SSD_PATH}''${PARTITION_SEPARATOR}2" "mk_normal_enc_ssd" --key-file "$KEY_FILE"
echo "Formatting Encrypted Root Filesystem"
mkfs.ext4 -L "${ssdData.unencryptedLabel}" /dev/mapper/mk_normal_enc_ssd
echo "mount /dev/mapper/mk_normal_enc_ssd to install"
'';
})
Reference in a new issue View git blame Copy permalink