Infini-STICK: reconfigure for new USB stick

hosts/Infini-STICK/default.nix

@@ -1,7 +1,7 @@
-{ lib, ... }:
+{ lib, ... }: {
-{
+  imports = [
-  imports = lib.lists.flatten [
     ./hardware-configuration.nix
+    ./filesystems.nix
   ];
 
   modules = {
@@ -16,6 +16,10 @@
     directories = [
       "/home"
       "/etc/nixos"
+      "/etc/nixos-private"
+
+      "/root/.local/share/nix"
+      "/root/.ssh"
 
       # /var directories
       "/var/log"
@@ -25,16 +29,8 @@
 
     files = [
       "/etc/machine-id"
-
-      "/etc/ssh/ssh_host_rsa_key"
-      "/etc/ssh/ssh_host_rsa_key.pub"
-      "/etc/ssh/ssh_host_ed25519_key"
-      "/etc/ssh/ssh_host_ed25519_key.pub"
-
-      "/root/.local/share/nix/trusted-settings.json"
-      "/root/.ssh/known_hosts"
     ];
   };
 
-  system.stateVersion = "21.11";
+  system.stateVersion = "23.11";
 }

hosts/Infini-STICK/filesystems.nix

@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+let
+  uuid = uuid: "/dev/disk/by-uuid/${uuid}";
+  main = uuid "ae3f3d98-1d87-47b4-a4ed-d69a896eee69";
+  commonOptions = [ "autodefrag" "noatime" "compress=zstd:7" ];
+
+  mkMain' = options: {
+    device = main;
+    fsType = "btrfs";
+    options = commonOptions ++ options;
+  };
+  mkMain = options: (mkMain' options) // { neededForBoot = true; };
+in
+{
+  fileSystems = {
+    "/" = {
+      device = "none";
+      fsType = "tmpfs";
+      options = [ "defaults" "size=4GB" "mode=755" ];
+    };
+
+    "/media/main" = mkMain' [ ];
+
+    "/persist" = mkMain [ "subvol=root" ];
+    "/etc/ssh" = mkMain [ "subvol=root/etc/ssh" ];
+    "/nix" = mkMain [ "subvol=nix" ];
+    "/boot" = mkMain [ "subvol=boot" ];
+
+    "/boot/efi" = {
+      device = uuid "D7DB-2291";
+      fsType = "vfat";
+      neededForBoot = true;
+    };
+  };
+}

hosts/Infini-STICK/hardware-configuration.nix

@@ -1,8 +1,5 @@
 { config, lib, pkgs, modulesPath, ... }:
 
-let
-  uuid = uuid: "/dev/disk/by-uuid/${uuid}";
-in
 {
   imports = [
     (modulesPath + "/installer/scan/not-detected.nix")
@@ -14,49 +11,6 @@ in
   boot.extraModulePackages = [ ];
   boot.kernelParams = [ "boot.shell_on_fail" ];
   boot.supportedFilesystems = [ "btrfs" ];
-
-  fileSystems =
-    let
-      # main = uuid "2a87bd84-c453-4b76-969c-e0653391131e";
-      # esp = uuid "0339-DFBA";
-      main = uuid "10e03644-e9b8-4f0c-b1e5-42193c2969d1";
-      esp = uuid "37A3-9E22";
-    in
-    {
-      "/" = {
-        device = "none";
-        fsType = "tmpfs";
-        options = [ "defaults" "size=4G" "mode=755" ];
-      };
-
-      "/persist" = {
-        device = main;
-        fsType = "btrfs";
-        options = [ "subvol=root" "autodefrag" "noatime" "ssd" ];
-        neededForBoot = true;
-      };
-
-      "/nix" = {
-        device = main;
-        fsType = "btrfs";
-        options = [ "subvol=nix" "autodefrag" "noatime" "ssd" ];
-        neededForBoot = true;
-      };
-
-      "/boot" = {
-        device = main;
-        fsType = "btrfs";
-        options = [ "subvol=boot" "autodefrag" "noatime" "ssd" ];
-        neededForBoot = true;
-      };
-
-      "/boot/efi" = {
-        device = esp;
-        fsType = "vfat";
-        neededForBoot = true;
-      };
-    };
-
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
 
   info.model = "Portable Installation";

hosts/Infini-STICK/install.bash

@@ -1,6 +1,6 @@
 #!/usr/bin/env bash
 # [[file:readme.org::install][install]]
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::installing][installing]]][installing]]
+# [[file:readme.org::install][installing]]
 echo "LOG: Installing NixOS"
 sudo nixos-install --flake /etc/nixos#Infini-STICK --no-root-password
 # installing ends here

hosts/Infini-STICK/mount.bash

@@ -1,34 +1,35 @@
 #!/usr/bin/env bash
 # [[file:readme.org::mount][mount]]
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::boilerplate][boilerplate]]][boilerplate]]
+# [[file:readme.org::mount][boilerplate]]
 DISK=$1
 
 sudo mkdir -p /mnt
 # boilerplate ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mount_check][mount_check]]][mount_check]]
+# [[file:readme.org::mount][mount_check]]
 if mountpoint -q -- "/mnt"; then
     echo "ERROR: /mnt is a mounted filesystem, aborting"
     exit 1
 fi
 # mount_check ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mounting][mounting]]][mounting]]
+# [[file:readme.org::mount][mounting]]
 echo "LOG: Mounting tmpfs"
 sudo mount -t tmpfs root /mnt
 
 echo "LOG: - Mounting persistent directories"
 sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot
-sudo mount -o subvol=root,autodefrag,noatime "${DISK}1" /mnt/persist
+sudo mount -o subvol=root,autodefrag,noatime "${DISK}3" /mnt/persist
-sudo mount -o subvol=nix,autodefrag,noatime "${DISK}1" /mnt/nix
+sudo mount -o subvol=nix,autodefrag,noatime "${DISK}3" /mnt/nix
-sudo mount -o subvol=boot,autodefrag,noatime "${DISK}1" /mnt/boot
+sudo mount -o subvol=boot,autodefrag,noatime "${DISK}3" /mnt/boot
 
 echo "LOG: - - Mounting persistent subdirectories"
-sudo mkdir -p /mnt/home
+sudo mkdir -p /mnt/home /mnt/etc/ssh
 sudo mount --bind /mnt/persist/home /mnt/home
+sudo mount --bind /mnt/persist/etc/ssh /mnt/etc/ssh
 
 echo "LOG: - Mounting EFI System Partition"
 sudo mkdir -p /mnt/boot/efi
-sudo mount "${DISK}2" /mnt/boot/efi
+sudo mount "${DISK}4" /mnt/boot/efi
 # mounting ends here
 # mount ends here

hosts/Infini-STICK/readme.org

@@ -7,14 +7,18 @@
 * Partition Scheme
 
 | Position | Label          | FS Type     | Size   | Type                        |
-|----------+----------------+---------+-------+----------------------|
+|----------+----------------+-------------+--------+-----------------------------|
-|        0 | =Infini-STICK= | =btrfs= | 29.3G | Root Partition       |
+|        0 | =storage=      | =exfat=     | 24.6GB | Generic Storage Partition   |
-|        1 | =boot=         | =vfat=  | 511M  | EFI System Partition |
+|        1 | =vault=        | =LUKS/ext4= | 3GB    | Encrypted Storage Partition |
+|        2 | =Infini-STICK= | =btrfs=     | 33.3GB | Root Partition              |
+|        3 | =boot=         | =vfat=      | 511MB  | EFI System Partition        |
 
 * Configuration
 
 Setup with a wide array of hardware compatibility, specifically using the =portable= form defined in the =hardware/form= module.
 
+=Infini-STICK= currently lives on my SanDisk 3.2Gen1 64GB USB C/USB A flashdrive.
+
 * Setup Scripts
 
 #+NAME: full_install
@@ -90,9 +94,11 @@ fi
 #+BEGIN_SRC bash
 echo "LOG: Partitioning $DISK"
 sudo parted $DISK -- mktable gpt
-sudo parted $DISK -s -- mkpart primary btrfs 512MiB 100%
+sudo parted $DISK -s -- mkpart primary 0% 100%
-sudo parted $DISK -s -- mkpart ESP fat32 1MiB 512MiB
+sudo parted $DISK -s -- mkpart primary 40% 100%
-sudo parted $DISK -s -- set 2 esp on
+sudo parted $DISK -s -- mkpart primary btrfs 45% 100%
+sudo parted $DISK -s -- mkpart ESP fat32 -512MiB 100%
+sudo parted $DISK -s -- set 4 esp on
 #+END_SRC
 
 ** Making Filesystems
@@ -131,17 +137,18 @@ sudo mount -t tmpfs root /mnt
 
 echo "LOG: - Mounting persistent directories"
 sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot
-sudo mount -o subvol=root,autodefrag,noatime "${DISK}1" /mnt/persist
+sudo mount -o subvol=root,autodefrag,noatime "${DISK}3" /mnt/persist
-sudo mount -o subvol=nix,autodefrag,noatime "${DISK}1" /mnt/nix
+sudo mount -o subvol=nix,autodefrag,noatime "${DISK}3" /mnt/nix
-sudo mount -o subvol=boot,autodefrag,noatime "${DISK}1" /mnt/boot
+sudo mount -o subvol=boot,autodefrag,noatime "${DISK}3" /mnt/boot
 
 echo "LOG: - - Mounting persistent subdirectories"
-sudo mkdir -p /mnt/home
+sudo mkdir -p /mnt/home /mnt/etc/ssh
 sudo mount --bind /mnt/persist/home /mnt/home
+sudo mount --bind /mnt/persist/etc/ssh /mnt/etc/ssh
 
 echo "LOG: - Mounting EFI System Partition"
 sudo mkdir -p /mnt/boot/efi
-sudo mount "${DISK}2" /mnt/boot/efi
+sudo mount "${DISK}4" /mnt/boot/efi
 #+END_SRC
 
 ** Installing
@@ -157,7 +164,8 @@ sudo nixos-install --flake /etc/nixos#Infini-STICK --no-root-password
 #+NAME: full_extra
 #+BEGIN_SRC bash
 echo "LOG: Cloning configuration"
-sudo git clone --no-hardlinks --progress https://gitlab.com/infinidoge/universe.git /mnt/persist/etc/nixos
+sudo git clone --no-hardlinks --progress ssh://git@github.com/Infinidoge/universe.git /mnt/persist/etc/nixos
+sudo git clone --no-hardlinks --progress https://git@github.com/Infinidoge/universe.git /mnt/persist/etc/nixos-private
 #+END_SRC
 
 ** Extra (Reinstall)

hosts/Infini-STICK/reinstall.bash

@@ -1,53 +1,54 @@
 #!/usr/bin/env bash
 # [[file:readme.org::reinstall][reinstall]]
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mount][mount]]][mount]]
+# [[file:readme.org::mount][mount]]
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::boilerplate][boilerplate]]][boilerplate]]
+# [[file:readme.org::mount][boilerplate]]
 DISK=$1
 
 sudo mkdir -p /mnt
 # boilerplate ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mount_check][mount_check]]][mount_check]]
+# [[file:readme.org::mount][mount_check]]
 if mountpoint -q -- "/mnt"; then
     echo "ERROR: /mnt is a mounted filesystem, aborting"
     exit 1
 fi
 # mount_check ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mounting][mounting]]][mounting]]
+# [[file:readme.org::mount][mounting]]
 echo "LOG: Mounting tmpfs"
 sudo mount -t tmpfs root /mnt
 
 echo "LOG: - Mounting persistent directories"
 sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot
-sudo mount -o subvol=root,autodefrag,noatime "${DISK}1" /mnt/persist
+sudo mount -o subvol=root,autodefrag,noatime "${DISK}3" /mnt/persist
-sudo mount -o subvol=nix,autodefrag,noatime "${DISK}1" /mnt/nix
+sudo mount -o subvol=nix,autodefrag,noatime "${DISK}3" /mnt/nix
-sudo mount -o subvol=boot,autodefrag,noatime "${DISK}1" /mnt/boot
+sudo mount -o subvol=boot,autodefrag,noatime "${DISK}3" /mnt/boot
 
 echo "LOG: - - Mounting persistent subdirectories"
-sudo mkdir -p /mnt/home
+sudo mkdir -p /mnt/home /mnt/etc/ssh
 sudo mount --bind /mnt/persist/home /mnt/home
+sudo mount --bind /mnt/persist/etc/ssh /mnt/etc/ssh
 
 echo "LOG: - Mounting EFI System Partition"
 sudo mkdir -p /mnt/boot/efi
-sudo mount "${DISK}2" /mnt/boot/efi
+sudo mount "${DISK}4" /mnt/boot/efi
 # mounting ends here
 # mount ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::installing][installing]]][installing]]
+# [[file:readme.org::reinstall][installing]]
 echo "LOG: Installing NixOS"
 sudo nixos-install --flake /etc/nixos#Infini-STICK --no-root-password
 # installing ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::reinstall_extra][reinstall_extra]]][reinstall_extra]]
+# [[file:readme.org::reinstall_extra][reinstall_extra]]
 
 # reinstall_extra ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::finishing_setup][finishing_setup]]][finishing_setup]]
+# [[file:readme.org::reinstall][finishing_setup]]
 
 # finishing_setup ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::cleanup][cleanup]]][cleanup]]
+# [[file:readme.org::reinstall][cleanup]]
 echo "LOG: Unmounting all"
 sudo umount -R /mnt
 # cleanup ends here

hosts/Infini-STICK/setup.bash

@@ -1,27 +1,29 @@
 #!/usr/bin/env bash
 # [[file:readme.org::full_install][full_install]]
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::boilerplate][boilerplate]]][boilerplate]]
+# [[file:readme.org::boilerplate][boilerplate]]
 DISK=$1
 
 sudo mkdir -p /mnt
 # boilerplate ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mount_check][mount_check]]][mount_check]]
+# [[file:readme.org::mount_check][mount_check]]
 if mountpoint -q -- "/mnt"; then
     echo "ERROR: /mnt is a mounted filesystem, aborting"
     exit 1
 fi
 # mount_check ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::partitioning][partitioning]]][partitioning]]
+# [[file:readme.org::partitioning][partitioning]]
 echo "LOG: Partitioning $DISK"
 sudo parted $DISK -- mktable gpt
-sudo parted $DISK -s -- mkpart primary btrfs 512MiB 100%
+sudo parted $DISK -s -- mkpart primary 0% 100%
-sudo parted $DISK -s -- mkpart ESP fat32 1MiB 512MiB
+sudo parted $DISK -s -- mkpart primary 40% 100%
-sudo parted $DISK -s -- set 2 esp on
+sudo parted $DISK -s -- mkpart primary btrfs 45% 100%
+sudo parted $DISK -s -- mkpart ESP fat32 -512MiB 100%
+sudo parted $DISK -s -- set 4 esp on
 # partitioning ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::filesystems][filesystems]]][filesystems]]
+# [[file:readme.org::filesystems][filesystems]]
 echo "LOG: Making filesystems"
 echo "- Making btrfs filesystem on ${DISK}1"
 sudo mkfs.btrfs "${DISK}1" -L "Infini-STICK" -f
@@ -29,7 +31,7 @@ echo "- Making fat32 filesystem on ${DISK}2"
 sudo mkfs.fat -F 32 -n boot "${DISK}2"
 # filesystems ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::subvolumes][subvolumes]]][subvolumes]]
+# [[file:readme.org::subvolumes][subvolumes]]
 echo "LOG: Making subvolumes on ${DISK}1"
 sudo mount "${DISK}1" /mnt
 sudo btrfs subvolume create /mnt/root
@@ -42,40 +44,42 @@ sudo btrfs subvolume create /mnt/nix/store
 sudo umount /mnt
 # subvolumes ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::mounting][mounting]]][mounting]]
+# [[file:readme.org::mounting][mounting]]
 echo "LOG: Mounting tmpfs"
 sudo mount -t tmpfs root /mnt
 
 echo "LOG: - Mounting persistent directories"
 sudo mkdir -p /mnt/persist /mnt/nix /mnt/boot
-sudo mount -o subvol=root,autodefrag,noatime "${DISK}1" /mnt/persist
+sudo mount -o subvol=root,autodefrag,noatime "${DISK}3" /mnt/persist
-sudo mount -o subvol=nix,autodefrag,noatime "${DISK}1" /mnt/nix
+sudo mount -o subvol=nix,autodefrag,noatime "${DISK}3" /mnt/nix
-sudo mount -o subvol=boot,autodefrag,noatime "${DISK}1" /mnt/boot
+sudo mount -o subvol=boot,autodefrag,noatime "${DISK}3" /mnt/boot
 
 echo "LOG: - - Mounting persistent subdirectories"
-sudo mkdir -p /mnt/home
+sudo mkdir -p /mnt/home /mnt/etc/ssh
 sudo mount --bind /mnt/persist/home /mnt/home
+sudo mount --bind /mnt/persist/etc/ssh /mnt/etc/ssh
 
 echo "LOG: - Mounting EFI System Partition"
 sudo mkdir -p /mnt/boot/efi
-sudo mount "${DISK}2" /mnt/boot/efi
+sudo mount "${DISK}4" /mnt/boot/efi
 # mounting ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::installing][installing]]][installing]]
+# [[file:readme.org::installing][installing]]
 echo "LOG: Installing NixOS"
 sudo nixos-install --flake /etc/nixos#Infini-STICK --no-root-password
 # installing ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::full_extra][full_extra]]][full_extra]]
+# [[file:readme.org::full_extra][full_extra]]
 echo "LOG: Cloning configuration"
-sudo git clone --no-hardlinks --progress https://gitlab.com/infinidoge/universe.git /mnt/persist/etc/nixos
+sudo git clone --no-hardlinks --progress ssh://git@github.com/Infinidoge/universe.git /mnt/persist/etc/nixos
+sudo git clone --no-hardlinks --progress https://git@github.com/Infinidoge/universe.git /mnt/persist/etc/nixos-private
 # full_extra ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::finishing_setup][finishing_setup]]][finishing_setup]]
+# [[file:readme.org::finishing_setup][finishing_setup]]
 
 # finishing_setup ends here
 
-# [[[[file:/etc/nixos/hosts/Infini-STICK/readme.org::cleanup][cleanup]]][cleanup]]
+# [[file:readme.org::cleanup][cleanup]]
 echo "LOG: Unmounting all"
 sudo umount -R /mnt
 # cleanup ends here