Skip to content

Instantly share code, notes, and snippets.

@kreativmonkey
Last active November 24, 2020 17:08
Show Gist options
  • Save kreativmonkey/1d5a79fb8149a9478e200c95da626184 to your computer and use it in GitHub Desktop.
Save kreativmonkey/1d5a79fb8149a9478e200c95da626184 to your computer and use it in GitHub Desktop.
#! /usr/bin/env bash
# Script to install NixOS from the Hetzner Cloud NixOS bootable ISO image.
# (tested with Hetzner's `NixOS 20.03 (amd64/minimal)` ISO image).
#
# This script wipes the disk of the server!
#
# Instructions:
#
# 1. Mount the above mentioned ISO image from the Hetzner Cloud GUI
# and reboot the server into it; do not run the default system (e.g. Ubuntu).
# 2. To be able to SSH straight in (recommended), you must replace hardcoded pubkey
# further down in the section labelled "Replace this by your SSH pubkey" by you own,
# and host the modified script way under a URL of your choosing
# (e.g. gist.github.com with git.io as URL shortener service).
# 3. Run on the server:
#
# # Replace this URL by your own that has your pubkey in
# curl -L https://raw.githubusercontent.com/nix-community/nixos-install-scripts/master/hosters/hetzner-cloud/nixos-install-hetzner-cloud.sh | sudo bash
# 4. Unmount the ISO image from the Hetzner Cloud GUI.
# 5. Reboot.
#
# To run it from the Hetzner Cloud web terminal without typing it down,
# you can either select it and then middle-click onto the web terminal, (that pastes
# to it), or use `xdotool` (you have e.g. 3 seconds to focus the window):
#
# sleep 3 && xdotool type --delay 50 'curl YOUR_URL_HERE | sudo bash'
#
# (In the xdotool invocation you may have to replace chars so that
# the right chars appear on the US-English keyboard.)
#
# If you do not replace the pubkey, you'll be running with my pubkey, but you can
# change it afterwards by logging in via the Hetzner Cloud web terminal as `root`
# with empty password.
set -e
# Hetzner Cloud OS images grow the root partition to the size of the local
# disk on first boot. In case the NixOS live ISO is booted immediately on
# first powerup, that does not happen. Thus we need to grow the partition
# by deleting and re-creating it.
sgdisk -d 1 /dev/sda
sgdisk -N 1 /dev/sda
partprobe /dev/sda
mkfs.ext4 -F /dev/sda1 # wipes all data!
mount /dev/sda1 /mnt
nixos-generate-config --root /mnt
# Delete trailing `}` from `configuration.nix` so that we can append more to it.
sed -i -E 's:^\}\s*$::g' /mnt/etc/nixos/configuration.nix
# Extend/override default `configuration.nix`:
echo '
boot.loader.grub.devices = [ "/dev/sda" ];
# Initial empty root password for easy login:
users.users.root.initialHashedPassword = "";
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
programs.vim.defaultEditor = true;
programs.fish.enable = true;
# Replace this by your SSH pubkey
users.users.sebastian = {
description = "Main user of the unit";
isNormalUser = true;
hashedPassword = "$1$QIShHDeF$X3o243FuBNYyEgUha9Ois.";
shell = pkgs.fish;
home = "/home/sebastian";
# packages = [ ];
extraGroups = [
"wheel"
"docker"
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC63/pQy57BmpA3OQ+hROeavYm7Wok+7aCebUNcJo07WTg/XN0QG4vY7Z4BctYagR2xNl3U4GwoLTil2azWwvBT7dPqlnEkCNLLhXiyce6R9PbQx1ODHHsUlBkDZ0VojrhHJQIppQ5Yy1k9DU/dqx1Gu0qavbZ/snaJUwZxUSQN3hbl6iegxIxWgoXVWwQ9Cvql6cUCGTTKhs6bYrsoxkKHyk8bjY82vYsfKsK5hrWSwZg8uL30nOXRxkkEoHxxiMTHSMxorRPc170t97hVIUa9pnBs2CNuWp4n21cspgFSEauJzX9ynIokW5coBw2kktHRMmRLvExVDd2vXhSeFJ4eB0fYLU7fEy2OYN53eO8PcDdLH/xHftZ45j8OaJrUWGsvGIiH4fhQPIHrJsNb2I6GXGP+A8TxkYJbgUry9jPEmVYfy/asfZ5l9QiHf5Sen5nISZAWeB8b7WldkK3WtIMANFPzmb6nF5vcd5nhvGsLvImydKvzNgik3NEj+aMd0//miRhIJJkW6J8E0Q+UVn6n+k8XOc0l9lSLxPNb2RkQQ8UtvjNkkeaS/ztfHi8JugvdOdJy40ILewBfA094rRAP3YBnXYYUzKqv4nPLd0Qmc9BDhJJmpjYpiisFgovfOMLEkqt3crmG0/Rnmr+2arS0/1jAuk+wDPP+ws71J40FQ== sebastian@anarchy"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2bbsrZLJ2271iSb04qpoUDlbrH19aTXUlzFaQSp1KO0BjCxdNvY1x6ZjkIPUC0YeaVGePu0cBJFWYZKpPRiz5hbWeFgaVvhbAlhxAMSlgdjLiN2alc92mBX40NhrpgSV/hGB5KAqqBQr9y01g9I5GRl9jdXgzUA9hhbqxls6tvXxGN2SJC3TFbUj+2PPpn8Cw2ZJiKsKZIoQfs9ZQuv2xDi7E6voqBALlYWd217ZgBezklrpm48dDisGI/WdZyllgk0XyxXwRSSD8QINTPjWmKXk5ZNH65J0KyDlnrZsgQuQbsN3jGgJsPfR6tydVITd1IXtSwawUYZ+JU8wwp6CR sebastian@gartenzerg"
];
};
}
' >> /mnt/etc/nixos/configuration.nix
nixos-install --no-root-passwd
reboot
#! /usr/bin/env bash
# Script to install NixOS from the Hetzner Cloud NixOS bootable ISO image.
# (tested with Hetzner's `NixOS 20.03 (amd64/minimal)` ISO image).
#
# This script wipes the disk of the server!
#
# Instructions:
#
# 1. Mount the above mentioned ISO image from the Hetzner Cloud GUI
# and reboot the server into it; do not run the default system (e.g. Ubuntu).
# 2. To be able to SSH straight in (recommended), you must replace hardcoded pubkey
# further down in the section labelled "Replace this by your SSH pubkey" by you own,
# and host the modified script way under a URL of your choosing
# (e.g. gist.github.com with git.io as URL shortener service).
# 3. Run on the server:
#
# # Replace this URL by your own that has your pubkey in
# curl -L https://raw.githubusercontent.com/nix-community/nixos-install-scripts/master/hosters/hetzner-cloud/nixos-install-hetzner-cloud.sh | sudo bash
# 4. Unmount the ISO image from the Hetzner Cloud GUI.
# 5. Reboot.
#
# To run it from the Hetzner Cloud web terminal without typing it down,
# you can either select it and then middle-click onto the web terminal, (that pastes
# to it), or use `xdotool` (you have e.g. 3 seconds to focus the window):
#
# sleep 3 && xdotool type --delay 50 'curl YOUR_URL_HERE | sudo bash'
#
# (In the xdotool invocation you may have to replace chars so that
# the right chars appear on the US-English keyboard.)
#
# If you do not replace the pubkey, you'll be running with my pubkey, but you can
# change it afterwards by logging in via the Hetzner Cloud web terminal as `root`
# with empty password.
set -e
# Hetzner Cloud OS images grow the root partition to the size of the local
# disk on first boot. In case the NixOS live ISO is booted immediately on
# first powerup, that does not happen. Thus we need to grow the partition
# by deleting and re-creating it.
sgdisk -d 1 /dev/sda
sgdisk -N 1 /dev/sda
partprobe /dev/sda
mkfs.ext4 -F /dev/sda1 # wipes all data!
mount /dev/sda1 /mnt
nixos-generate-config --root /mnt
# install the current version of nix
nix-channel --add https://nixos.org/channels/nixos-20.09-small nixos
# Extend/override default `configuration.nix`:
# installing git and clone the repository with the configuration
# Get the configuration from github
nix-env -iA nixos.git
git clone https://github.com/kreativmonkey/nixos-config.git /tmp/nixos
cp -r /tmp/nixos/* /mnt/etc/nixos/
nixos-install --no-root-passwd
reboot
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment