box zfs
This commit is contained in:
Anish Lakhwara
Executable
+119
@@ -0,0 +1,119 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
# Install script for box NAS
|
||||
# Run this from the NixOS installer after rsync'ing the helm repo
|
||||
#
|
||||
# Prerequisites:
|
||||
# - Boot NixOS installer
|
||||
# - Enable SSH: passwd && sudo systemctl start sshd
|
||||
# - rsync helm repo: rsync -avz --exclude='.git' /path/to/helm nixos@<IP>:~/
|
||||
#
|
||||
# Usage:
|
||||
# cd ~/helm
|
||||
# ./install-box.sh
|
||||
|
||||
# Configuration
|
||||
FLAKE="$HOME/helm#box"
|
||||
NVME="/dev/disk/by-id/nvme-CT500P310SSD8_2544543B87C2"
|
||||
|
||||
# ZFS drives - update these if drives change
|
||||
ZFS1="/dev/disk/by-id/ata-WDC_WD40EFPX-68C6CN0_WD-WX32D954A2J7"
|
||||
ZFS2="/dev/disk/by-id/ata-WDC_WD40EFPX-68C6CN0_WD-WX32D95FVZVL"
|
||||
ZFS3="/dev/disk/by-id/ata-WDC_WD40EFPX-68C6CN0_WD-WX42D95M807R"
|
||||
|
||||
echo "=== Box NAS Installation ==="
|
||||
echo ""
|
||||
echo "This will install NixOS with:"
|
||||
echo " - NVMe boot drive: $NVME"
|
||||
echo " - ZFS RAIDZ1 pool with 3x 4TB drives (~8TB usable)"
|
||||
echo ""
|
||||
|
||||
# Verify drives exist
|
||||
echo "Verifying drives..."
|
||||
for disk in "$NVME" "$ZFS1" "$ZFS2" "$ZFS3"; do
|
||||
if [[ ! -e "$disk" ]]; then
|
||||
echo "ERROR: Disk not found: $disk"
|
||||
echo "Available disks:"
|
||||
ls -la /dev/disk/by-id/ | grep -E '(nvme|ata)' | grep -v part
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
echo "All drives found."
|
||||
echo ""
|
||||
|
||||
# Generate ZFS keyfile
|
||||
echo "Generating ZFS keyfile..."
|
||||
dd if=/dev/urandom of=/tmp/tank.key bs=32 count=1 2>/dev/null
|
||||
echo "ZFS keyfile created at /tmp/tank.key"
|
||||
echo ""
|
||||
|
||||
# Get LUKS password
|
||||
echo "Enter LUKS password for boot drive encryption:"
|
||||
read -s LUKS_PASSWORD
|
||||
echo ""
|
||||
echo "Confirm LUKS password:"
|
||||
read -s LUKS_PASSWORD_CONFIRM
|
||||
echo ""
|
||||
|
||||
if [[ "$LUKS_PASSWORD" != "$LUKS_PASSWORD_CONFIRM" ]]; then
|
||||
echo "ERROR: Passwords do not match"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo -n "$LUKS_PASSWORD" > /tmp/luks-password
|
||||
echo "LUKS password saved."
|
||||
echo ""
|
||||
|
||||
# Confirm before proceeding
|
||||
echo "WARNING: This will DESTROY all data on the following drives:"
|
||||
echo " - $NVME"
|
||||
echo " - $ZFS1"
|
||||
echo " - $ZFS2"
|
||||
echo " - $ZFS3"
|
||||
echo ""
|
||||
read -p "Type 'yes' to continue: " CONFIRM
|
||||
if [[ "$CONFIRM" != "yes" ]]; then
|
||||
echo "Aborted."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo ""
|
||||
echo "Running disko-install..."
|
||||
sudo nix \
|
||||
--extra-experimental-features nix-command \
|
||||
--extra-experimental-features flakes \
|
||||
run 'github:nix-community/disko/latest#disko-install' -- \
|
||||
--flake "$FLAKE" \
|
||||
--disk nvme "$NVME" \
|
||||
--disk zfs1 "$ZFS1" \
|
||||
--disk zfs2 "$ZFS2" \
|
||||
--disk zfs3 "$ZFS3"
|
||||
|
||||
echo ""
|
||||
echo "Copying ZFS keyfile to installed system..."
|
||||
# disko-install mounts the root filesystem at /mnt
|
||||
if [[ ! -d /mnt/etc ]]; then
|
||||
echo "ERROR: /mnt/etc does not exist. Is the root filesystem mounted?"
|
||||
exit 1
|
||||
fi
|
||||
sudo mkdir -p /mnt/etc/zfs
|
||||
sudo cp /tmp/tank.key /mnt/etc/zfs/tank.key
|
||||
sudo chmod 000 /mnt/etc/zfs/tank.key
|
||||
|
||||
echo "Updating ZFS keylocation to permanent path..."
|
||||
# Update keylocation so ZFS looks for the key in the installed system
|
||||
sudo zfs set keylocation=file:///etc/zfs/tank.key tank
|
||||
|
||||
echo ""
|
||||
echo "Cleaning up..."
|
||||
rm -f /tmp/luks-password /tmp/tank.key
|
||||
|
||||
echo ""
|
||||
echo "=== Installation complete! ==="
|
||||
echo ""
|
||||
echo "Next steps:"
|
||||
echo " 1. Reboot: sudo reboot"
|
||||
echo " 2. Enter LUKS password at boot prompt"
|
||||
echo " 3. SSH to box at 192.168.1.240"
|
||||
echo ""
|
||||
Reference in New Issue
Block a user