jet/noisebell
jet/noisebell
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: repaire the flash-pi-sd to use bootstrap age

Browse source
This commit is contained in:
Jet 2026-03-21 01:42:35 -07:00
parent faf9701a86
commit cf3c5ef1f5
No known key found for this signature in database
1 changed files with 29 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

39
flake.nix
View file

@ -105,6 +105,7 @@
agenix.packages.${system}.default agenix.packages.${system}.default
pkgs.coreutils pkgs.coreutils
pkgs.nix pkgs.nix
pkgs.parted
pkgs.systemd pkgs.systemd
pkgs.util-linux pkgs.util-linux
pkgs.zstd pkgs.zstd
@ -112,6 +113,14 @@
text = '' text = ''
set -euo pipefail set -euo pipefail
PARTPROBE=${pkgs.parted}/bin/partprobe
MOUNT=${pkgs.util-linux}/bin/mount
UMOUNT=${pkgs.util-linux}/bin/umount
MOUNTPOINT=${pkgs.util-linux}/bin/mountpoint
FINDMNT=${pkgs.util-linux}/bin/findmnt
UDEVADM=${pkgs.systemd}/bin/udevadm
ZSTD=${pkgs.zstd}/bin/zstd
if [ "$#" -ne 1 ]; then if [ "$#" -ne 1 ]; then
echo "usage: flash-pi-sd /dev/sdX" >&2 echo "usage: flash-pi-sd /dev/sdX" >&2
exit 1 exit 1
@ -121,12 +130,13 @@
flake_path=${builtins.toString ./.} flake_path=${builtins.toString ./.}
image_link="$(mktemp -u /tmp/noisebell-sd-image.XXXXXX)" image_link="$(mktemp -u /tmp/noisebell-sd-image.XXXXXX)"
mount_dir="$(mktemp -d)" mount_dir="$(mktemp -d)"
key_file="${builtins.toString ./secrets/bootstrap-identity.age}" secrets_dir="${builtins.toString ./secrets}"
key_name="bootstrap-identity.age"
rules_file="${builtins.toString ./secrets/secrets.nix}" rules_file="${builtins.toString ./secrets/secrets.nix}"
cleanup() { cleanup() {
if mountpoint -q "$mount_dir"; then if "$MOUNTPOINT" -q "$mount_dir"; then
sudo umount "$mount_dir" sudo "$UMOUNT" "$mount_dir"
fi fi
rm -rf "$mount_dir" rm -rf "$mount_dir"
rm -f "$image_link" rm -f "$image_link"
@ -154,22 +164,25 @@
echo "Flashing $image to $device..." echo "Flashing $image to $device..."
if [ "''${image##*.}" = "zst" ]; then if [ "''${image##*.}" = "zst" ]; then
zstd -d --stdout "$image" | sudo dd of="$device" bs=4M conv=fsync status=progress "$ZSTD" -d --stdout "$image" | sudo dd of="$device" bs=4M conv=fsync status=progress
else else
sudo dd if="$image" of="$device" bs=4M conv=fsync status=progress sudo dd if="$image" of="$device" bs=4M conv=fsync status=progress
fi fi
sync sync
sudo partprobe "$device" sudo "$PARTPROBE" "$device"
sudo udevadm settle sudo "$UDEVADM" settle
if findmnt -rn "$boot_part" >/dev/null 2>&1; then if "$FINDMNT" -rn "$boot_part" >/dev/null 2>&1; then
sudo umount "$boot_part" sudo "$UMOUNT" "$boot_part"
fi fi
echo "Installing bootstrap age identity onto $boot_part..." echo "Installing bootstrap age identity onto $boot_part..."
sudo mount "$boot_part" "$mount_dir" sudo "$MOUNT" "$boot_part" "$mount_dir"
RULES="$rules_file" agenix -d "$key_file" | sudo tee "$mount_dir/noisebell-bootstrap.agekey" >/dev/null (
cd "$secrets_dir"
RULES="$rules_file" agenix -d "$key_name"
) | sudo tee "$mount_dir/noisebell-bootstrap.agekey" >/dev/null
sudo chmod 600 "$mount_dir/noisebell-bootstrap.agekey" sudo chmod 600 "$mount_dir/noisebell-bootstrap.agekey"
sync sync
@ -226,7 +239,13 @@
devShells.${system}.default = craneLib.devShell { devShells.${system}.default = craneLib.devShell {
packages = [ packages = [
flash-pi-sd
pkgs.nix
pkgs.parted
pkgs.rust-analyzer pkgs.rust-analyzer
pkgs.systemd
pkgs.util-linux
pkgs.zstd
agenix.packages.${system}.default agenix.packages.${system}.default
]; ];
}; };