fix: repaire the flash-pi-sd to use bootstrap age
This commit is contained in:
parent
faf9701a86
commit
cf3c5ef1f5
1 changed files with 29 additions and 10 deletions
39
flake.nix
39
flake.nix
|
|
@ -105,6 +105,7 @@
|
|||
agenix.packages.${system}.default
|
||||
pkgs.coreutils
|
||||
pkgs.nix
|
||||
pkgs.parted
|
||||
pkgs.systemd
|
||||
pkgs.util-linux
|
||||
pkgs.zstd
|
||||
|
|
@ -112,6 +113,14 @@
|
|||
text = ''
|
||||
set -euo pipefail
|
||||
|
||||
PARTPROBE=${pkgs.parted}/bin/partprobe
|
||||
MOUNT=${pkgs.util-linux}/bin/mount
|
||||
UMOUNT=${pkgs.util-linux}/bin/umount
|
||||
MOUNTPOINT=${pkgs.util-linux}/bin/mountpoint
|
||||
FINDMNT=${pkgs.util-linux}/bin/findmnt
|
||||
UDEVADM=${pkgs.systemd}/bin/udevadm
|
||||
ZSTD=${pkgs.zstd}/bin/zstd
|
||||
|
||||
if [ "$#" -ne 1 ]; then
|
||||
echo "usage: flash-pi-sd /dev/sdX" >&2
|
||||
exit 1
|
||||
|
|
@ -121,12 +130,13 @@
|
|||
flake_path=${builtins.toString ./.}
|
||||
image_link="$(mktemp -u /tmp/noisebell-sd-image.XXXXXX)"
|
||||
mount_dir="$(mktemp -d)"
|
||||
key_file="${builtins.toString ./secrets/bootstrap-identity.age}"
|
||||
secrets_dir="${builtins.toString ./secrets}"
|
||||
key_name="bootstrap-identity.age"
|
||||
rules_file="${builtins.toString ./secrets/secrets.nix}"
|
||||
|
||||
cleanup() {
|
||||
if mountpoint -q "$mount_dir"; then
|
||||
sudo umount "$mount_dir"
|
||||
if "$MOUNTPOINT" -q "$mount_dir"; then
|
||||
sudo "$UMOUNT" "$mount_dir"
|
||||
fi
|
||||
rm -rf "$mount_dir"
|
||||
rm -f "$image_link"
|
||||
|
|
@ -154,22 +164,25 @@
|
|||
|
||||
echo "Flashing $image to $device..."
|
||||
if [ "''${image##*.}" = "zst" ]; then
|
||||
zstd -d --stdout "$image" | sudo dd of="$device" bs=4M conv=fsync status=progress
|
||||
"$ZSTD" -d --stdout "$image" | sudo dd of="$device" bs=4M conv=fsync status=progress
|
||||
else
|
||||
sudo dd if="$image" of="$device" bs=4M conv=fsync status=progress
|
||||
fi
|
||||
sync
|
||||
|
||||
sudo partprobe "$device"
|
||||
sudo udevadm settle
|
||||
sudo "$PARTPROBE" "$device"
|
||||
sudo "$UDEVADM" settle
|
||||
|
||||
if findmnt -rn "$boot_part" >/dev/null 2>&1; then
|
||||
sudo umount "$boot_part"
|
||||
if "$FINDMNT" -rn "$boot_part" >/dev/null 2>&1; then
|
||||
sudo "$UMOUNT" "$boot_part"
|
||||
fi
|
||||
|
||||
echo "Installing bootstrap age identity onto $boot_part..."
|
||||
sudo mount "$boot_part" "$mount_dir"
|
||||
RULES="$rules_file" agenix -d "$key_file" | sudo tee "$mount_dir/noisebell-bootstrap.agekey" >/dev/null
|
||||
sudo "$MOUNT" "$boot_part" "$mount_dir"
|
||||
(
|
||||
cd "$secrets_dir"
|
||||
RULES="$rules_file" agenix -d "$key_name"
|
||||
) | sudo tee "$mount_dir/noisebell-bootstrap.agekey" >/dev/null
|
||||
sudo chmod 600 "$mount_dir/noisebell-bootstrap.agekey"
|
||||
sync
|
||||
|
||||
|
|
@ -226,7 +239,13 @@
|
|||
|
||||
devShells.${system}.default = craneLib.devShell {
|
||||
packages = [
|
||||
flash-pi-sd
|
||||
pkgs.nix
|
||||
pkgs.parted
|
||||
pkgs.rust-analyzer
|
||||
pkgs.systemd
|
||||
pkgs.util-linux
|
||||
pkgs.zstd
|
||||
agenix.packages.${system}.default
|
||||
];
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue