diff options
author | tv <tv@krebsco.de> | 2018-07-13 13:52:22 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2018-07-13 13:53:46 +0200 |
commit | c47d8972ad29f80472e9778e6db76838dd8c0cd3 (patch) | |
tree | 327a572ad696b75b8fa161f7d358baba15db6591 /example | |
parent | db6151ff06777deb05b345f1775c037d8671687d (diff) |
move disko.nix to example/ and add usage
Diffstat (limited to 'example')
-rw-r--r-- | example/config.nix | 57 | ||||
-rw-r--r-- | example/default.nix | 54 |
2 files changed, 111 insertions, 0 deletions
diff --git a/example/config.nix b/example/config.nix new file mode 100644 index 0000000..e9766fe --- /dev/null +++ b/example/config.nix @@ -0,0 +1,57 @@ +# usage: nix-instantiate --eval --json --strict example/config.nix | jq . +{ + type = "table"; + format = "gpt"; + partitions = [ + { + type = "partition"; + part-type = "ESP"; + start = "1MiB"; + end = "1024MiB"; + fs-type = "fat32"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + } + { + type = "partition"; + part-type = "primary"; + start = "1024MiB"; + end = "100%"; + content = { + type = "luks"; + algo = "aes-xts..."; + name = "crypted"; + keyfile = "/tmp/secret.key"; + content = { + type = "lvm"; + name = "pool"; + lvs = { + root = { + type = "lv"; + size = "10G"; + mountpoint = "/"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + home = { + type = "lv"; + size = "10G"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + }; + }; + }; + }; + } + ]; +} diff --git a/example/default.nix b/example/default.nix new file mode 100644 index 0000000..69ef936 --- /dev/null +++ b/example/default.nix @@ -0,0 +1,54 @@ +# usage: nix-instantiate --eval --json --strict example | jq -r . + +with import <nixpkgs/lib>; +with builtins; + +let + + fun.filesystem = q: x: '' + mkfs.${x.format} ${q.device} + ''; + + fun.lvm = q: x: '' + pvcreate ${q.device} + vgcreate ${x.name} ${q.device} + ${concatStringsSep "\n" (mapAttrsToList (name: f (q // { inherit name; vgname = x.name; device = null; /* ??? */ })) x.lvs)} + ''; + + fun.luks = q: x: '' + cryptsetup -q luksFormat ${q.device} ${x.keyfile} + cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile} + + ${f (q // { device = "/dev/mapper/${x.name}"; }) x.content} + ''; + + fun.partition = q: x: + "(part ${toString (map (f q) (children x))})"; + + fun.table = q: x: '' + parted -s -a optimal ${q.device} mklabel ${x.format} + ${concatStrings (imap (i: part: " \nparted -s -a optimal ${q.device} mkpart ${part.part-type} ${part.fs-type or ""} ${part.start} ${part.end} ${optionalString (part.bootable or false) "\nparted -s -a optimal ${q.device} set ${toString i} boot on "}") x.partitions)} + + ${concatStrings (imap (i: x: f (q // { device = q.device + toString i; }) x.content) x.partitions)} + ''; + + fun.lv = q: x: '' + lvcreate -L ${x.size} -n ${q.name} ${q.vgname} + + ${f (q // { device = "/dev/${q.vgname}/${q.name}"; }) x.content} + ''; + + children = x: { + lvm = attrValues x.lvs; + luks = [x.content]; + partition = [x.content]; + table = x.partitions; + lv = [x.content]; + }.${x.type}; + + f = q: x: fun.${x.type} q x; + + q0.device = "/dev/sda"; + x0 = import ./config.nix; +in + f q0 x0 |