37 lines
1.0 KiB
Plaintext
37 lines
1.0 KiB
Plaintext
nix-shell -p nixFlakes git
|
|
cfdisk
|
|
mkfs.ext3 boot
|
|
cryptsetup luksFormat /dev/vda2
|
|
cryptsetup luksOpen /dev/vda2 enc-pv
|
|
pvcreate /dev/mapper/enc-pv
|
|
lvcreate -L 4G -n swap vg
|
|
lvcreate -l '100%FREE' -n root vg
|
|
mkswap -L swap /dev/vg/swap
|
|
swapon /dev/vg/swap
|
|
mkfs.btrfs /dev/vg/root
|
|
mount /dev/vg/root /mnt
|
|
cd /mnt
|
|
btrfs subvolume create root
|
|
btrfs subvolume create home
|
|
cd
|
|
mount -o subvol=root /dev/vg/root /mnt
|
|
mkdir /mnt/home
|
|
mount -o subvol=home /dev/vg/root /mnt/home
|
|
mkdir /mnt/boot
|
|
mount /dev/vda1 /mnt/boot
|
|
mkdir /mnt/secret
|
|
|
|
/tmp/tor.rc
|
|
```
|
|
DataDirectory /tmp/my-dummy.tor/
|
|
SOCKSPort 127.0.0.1:10050 IsolateDestAddr
|
|
SOCKSPort 127.0.0.1:10063
|
|
HiddenServiceDir /mnt/secret/onion
|
|
HiddenServicePort 1234 127.0.0.1:1234
|
|
```
|
|
|
|
nix-shell -p tor --run "tor -f /tmp/tor.rc"
|
|
ssh-keygen -q -N "" -t rsa -b 4096 -f /mnt/secret/ssh_host_rsa_key
|
|
ssh-keygen -q -N "" -t ed25519 -f /mnt/secret/ssh_host_ed25519_key
|
|
nixos-generate-config --root /mnt # copy hardware config
|
|
nixos-install --flake "git+https://git.neet.dev/zuckerberg/nix-config.git#MACHINE_NAME" |