-
Notifications
You must be signed in to change notification settings - Fork 2
/
setup.sh
133 lines (105 loc) · 4.02 KB
/
setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
source @bashLib@
nix_config="${HOME}/.nix-config"
_log() {
echo
echo -e "${BOLD}${YELLOW}${1}${RESET}"
}
_clone() {
local name="${1}"
local url="${2}"
local directory="${3}"
if [[ -d "${directory}" ]]; then
_log "Not cloning ${name} because ${directory} already exists!"
return
fi
_log "Clone ${name}..."
git clone "${url}" "${directory}"
}
if _is_root; then
_log "Please don't run this script with root!"
exit 1
fi
# generate ssh key and show
echo
ssh-keygen -f ~/.ssh/id_rsa -N "" -q || true
_log "Copy link to ssh key or ssh key itself, add in github and gitea:"
echo
cat "${HOME}/.ssh/id_rsa.pub"
echo
curl --silent --form "file=@${HOME}/.ssh/id_rsa.pub" https://file.io | jq --raw-output .link
echo
# pause script
read -sr -n 1 -p "$(echo -e "${PURPLE}Press any key to continue...${RESET}")"
echo
# clone repos
_clone "nix-config" git@github.com:Gerschtli/nix-config.git "${nix_config}"
if _read_boolean "Install gnupg-setup repo?"; then
_clone "gnupg repo" gitea@git.tobias-happ.de:Gerschtli/gnupg-setup.git "${HOME}/.gnupg-setup"
if _read_boolean "Install password-store?"; then
_clone "password store" gitea@git.tobias-happ.de:Gerschtli/pass.git "${HOME}/.password-store"
fi
fi
if _read_boolean "Install files?"; then
_clone "files" git@github.com:Gerschtli/files.git "${HOME}/.files"
fi
_clone "age-bak" gitea@git.tobias-happ.de:Gerschtli/age-bak.git "${HOME}/.age-bak"
_log "Change permissions of ~/.age-bak..."
chmod -v 0700 "${HOME}/.age-bak"
if [[ ! -e "${HOME}/.age" ]]; then
_log "Link ~/.age to ~/.age-bak..."
ln -snv .age-bak "${HOME}/.age"
fi
if _is_nixos && _read_boolean "Set up age keys for root?"; then
_log "Copy ~/.age-bak/key.txt to /root..."
sudo mkdir -vp "/root/.age-bak"
sudo chmod -v 0700 "/root/.age-bak"
sudo cp -v "${HOME}/.age-bak/key.txt" "/root/.age-bak/key.txt"
sudo chown root:root "/root/.age-bak/key.txt"
if ! sudo test -e "/root/.age"; then
_log "Link /root/.age to /root/.age-bak..."
sudo ln -snv .age-bak "/root/.age"
fi
fi
# preparation for non nixos systems
if nix-env -q --json | jq ".[].pname" | grep '"nix"' > /dev/null; then
_log "Set priority of installed nix package..."
nix-env --set-flag priority 1000 nix
fi
# installation
if _is_nixos; then
hostname=$(_read_enum "Enter hostname" argon krypton neon xenon)
_log "Run sudo nixos-rebuild switch..."
sudo nixos-rebuild \
switch \
--option extra-substituters "https://gerschtli.cachix.org" \
--option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \
--keep-going \
--flake "${nix_config}#${hostname}" || :
_log "Don't forget to set passwd for tobias and root!"
_log "It may be required to set up an age key for root:"
_log " age-keygen -o ~/.age/key.txt"
elif [[ "${USER}" == "nix-on-droid" ]]; then
_log "Run nix-on-droid switch..."
nix-on-droid switch \
--option extra-substituters "https://gerschtli.cachix.org" \
--option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \
--option extra-substituters "https://nix-on-droid.cachix.org" \
--option extra-trusted-public-keys "nix-on-droid.cachix.org-1:56snoMJTXmDRC1Ei24CmKoUqvHJ9XCp+nidK7qkMQrU=" \
--flake "${nix_config}#pixel7a"
else
_log "Build home-manager activationPackage..."
nix build \
--extra-experimental-features "nix-command flakes" \
--option extra-substituters "https://gerschtli.cachix.org" \
--option extra-trusted-public-keys "gerschtli.cachix.org-1:dWJ/WiIA3W2tTornS/2agax+OI0yQF8ZA2SFjU56vZ0=" \
"${nix_config}#homeConfigurations.${USER}@$(hostname).activationPackage"
_log "Run activate script..."
HOME_MANAGER_BACKUP_EXT=hm-bak ./result/activate
rm -v result
fi
# clean up
if nix-env -q --json | jq ".[].pname" | grep '"nix"' > /dev/null; then
_log "Uninstall manual installed nix package..."
nix-env --uninstall nix
fi
echo