ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

add draft scripts for hetzner install

Browse Source 
Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
This commit is contained in:
ahuston-0 2024-12-06 23:25:54 -05:00
parent 2fa062bdc2
commit 5c3367310a
No known key found for this signature in database
GPG Key ID: 47940175096C1330
2 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
utils/hetzner-install.sh Normal file
View File

@ -0,0 +1,27 @@
#!/usr/bin/env nix
#! nix shell nixpkgs#bash nixpkgs#git --command bash
set -o errexit # abort on nonzero exitstatus
set -o nounset # abort on unbound variable
set -o pipefail # don't hide errors within pipes
MACHINENAME="hetzner-bridge"
sudo mkdir /root/.ssh
sudo chmod 700 /root/.ssh
sudo ssh-keygen -t ed25519 -o -a 100 -f "/root/.ssh/id_ed25519_giteadeploy" -q -N "" -C "$MACHINENAME" || echo "key already exists"
sudo cat /root/.ssh/id_ed25519_giteadeploy.pub
sudo ssh-keygen -A
nix --extra-experimental-features 'flakes nix-command' shell nixpkgs#git
nix --extra-experimental-features 'flakes nix-command' store gc
FLAKE="git+ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles?ref=feature/hetzner-bridge#hetzner-bridge"
DISK_DEVICE=/dev/sda
sudo nix \
--extra-experimental-features 'flakes nix-command' \
run github:nix-community/disko#disko-install -- \
--flake "$FLAKE" \
--write-efi-boot-entries \
--disk main "$DISK_DEVICE"

35
utils/hetzner-nixos-anywhere.sh Normal file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env nix
#! nix shell nixpkgs#bash nixpkgs#mktemp nixpkgs#openssh nixpkgs#nixos-anywhere nixpkgs#sops --command bash
echoerr() { printf "%s\n" "$*" >&2; }
if (( $# != 1 )); then
echoerr "usage: $0 <hostname>"
fi
HOSTNAME=$1
# Create a temporary directory
temp=$(mktemp -d)
# Function to cleanup temporary directory on exit
cleanup() {
rm -rf "$temp"
}
trap cleanup EXIT
# Create the directory where sshd expects to find the host keys
install -d -m755 "$temp/etc/ssh"
# Create host keys
ssh-keygen -A -f "$temp/etc/ssh/"
# Set the correct permissions so sshd will accept the key
chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
AGEKEY=$(ssh-to-age < "$temp/etc/ssh/ssh_host_ed25519_key.pub")
echo "$AGEKEY" | tee "./$HOSTNAME.age"
# Install NixOS to the host system with our secrets
nixos-anywhere --extra-files "$temp" --flake '.#your-host' root@yourip