From 5c3367310a4468c109759b873edb1d94699a5c1f Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Fri, 6 Dec 2024 23:25:54 -0500
Subject: [PATCH] add draft scripts for hetzner install

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
 utils/hetzner-install.sh        | 27 +++++++++++++++++++++++++
 utils/hetzner-nixos-anywhere.sh | 35 +++++++++++++++++++++++++++++++++
 2 files changed, 62 insertions(+)
 create mode 100644 utils/hetzner-install.sh
 create mode 100644 utils/hetzner-nixos-anywhere.sh

diff --git a/utils/hetzner-install.sh b/utils/hetzner-install.sh
new file mode 100644
index 0000000..ef14470
--- /dev/null
+++ b/utils/hetzner-install.sh
@@ -0,0 +1,27 @@
+#!/usr/bin/env nix
+#! nix shell nixpkgs#bash nixpkgs#git --command bash
+
+set -o errexit   # abort on nonzero exitstatus
+set -o nounset   # abort on unbound variable
+set -o pipefail  # don't hide errors within pipes
+
+MACHINENAME="hetzner-bridge"
+
+sudo mkdir /root/.ssh
+sudo chmod 700 /root/.ssh
+sudo ssh-keygen -t ed25519 -o -a 100 -f "/root/.ssh/id_ed25519_giteadeploy" -q -N "" -C "$MACHINENAME" || echo "key already exists"
+
+sudo cat /root/.ssh/id_ed25519_giteadeploy.pub
+
+sudo ssh-keygen -A
+
+nix --extra-experimental-features 'flakes nix-command' shell nixpkgs#git
+nix --extra-experimental-features 'flakes nix-command' store gc
+FLAKE="git+ssh://gitea@nayeonie.com:2222/ahuston-0/nix-dotfiles?ref=feature/hetzner-bridge#hetzner-bridge"
+DISK_DEVICE=/dev/sda
+sudo nix \
+    --extra-experimental-features 'flakes nix-command' \
+    run github:nix-community/disko#disko-install -- \
+    --flake "$FLAKE" \
+    --write-efi-boot-entries \
+    --disk main "$DISK_DEVICE"
diff --git a/utils/hetzner-nixos-anywhere.sh b/utils/hetzner-nixos-anywhere.sh
new file mode 100644
index 0000000..1ea54f7
--- /dev/null
+++ b/utils/hetzner-nixos-anywhere.sh
@@ -0,0 +1,35 @@
+#!/usr/bin/env nix
+#! nix shell nixpkgs#bash nixpkgs#mktemp nixpkgs#openssh nixpkgs#nixos-anywhere nixpkgs#sops --command bash
+
+echoerr() { printf "%s\n" "$*" >&2; }
+
+if (( $# != 1 )); then
+    echoerr "usage: $0 <hostname>"
+fi
+
+HOSTNAME=$1
+
+# Create a temporary directory
+temp=$(mktemp -d)
+
+# Function to cleanup temporary directory on exit
+cleanup() {
+  rm -rf "$temp"
+}
+trap cleanup EXIT
+
+# Create the directory where sshd expects to find the host keys
+install -d -m755 "$temp/etc/ssh"
+
+# Create host keys
+ssh-keygen -A -f "$temp/etc/ssh/"
+
+# Set the correct permissions so sshd will accept the key
+chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
+
+AGEKEY=$(ssh-to-age < "$temp/etc/ssh/ssh_host_ed25519_key.pub")
+
+echo "$AGEKEY" | tee "./$HOSTNAME.age"
+
+# Install NixOS to the host system with our secrets
+nixos-anywhere --extra-files "$temp" --flake '.#your-host' root@yourip