Awesome
NixOS Installation Instructions:
sudo parted /dev/nvme0n1 -- mklabel gpt
sudo parted /dev/nvme0n1 -- mkpart "esp" fat32 1MiB 512MiB
sudo parted /dev/nvme0n1 -- set 1 esp on
sudo parted /dev/nvme0n1 -- mkpart "root" ext4 512MiB 100%
sudo cryptsetup luksFormat /dev/nvme0n1p2
sudo cryptsetup open /dev/nvme0n1p2 crypt
sudo pvcreate /dev/mapper/crypt
sudo vgcreate vg /dev/mapper/crypt
sudo lvcreate -L 64G vg -n swap
sudo lvcreate -L 256G vg -n root
sudo lvcreate -l 100%FREE vg -n home
sudo mkfs.fat -F32 /dev/nvme0n1p1
sudo mkswap /dev/vg/swap
sudo swapon /dev/vg/swap
sudo mkfs.ext4 /dev/vg/root
sudo mkfs.ext4 /dev/vg/home
sudo mkdir /mnt
sudo mount /dev/vg/root /mnt
sudo mkdir /mnt/boot
sudo mount /dev/nvme0n1p1 /mnt/boot
sudo mkdir /mnt/home
sudo mount /dev/vg/home /mnt/home
Edit /etc/nixos/configuration.nix
:
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.initrd.luks.devices.crypt.device = "/dev/nvme0n1p2";
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
environment.systemPackages = with pkgs; [ vim git ];
sudo nixos-install
GPG Key Setup
export NAME="John Doe"
export EMAIL="john@example.com"
gpg --quick-generate-key "$NAME <$EMAIL>" ed25519 cert never
export KEYFP=$(gpg -k --with-colons $EMAIL | awk -F: '$1 == "fpr" { print $10 }')
gpg --quick-add-key $KEYFP ed25519 sign never
gpg --quick-add-key $KEYFP cv25519 encr never
gpg --quick-add-key $KEYFP ed25519 auth never
sudo scutil --set HostName <new host name>
sudo scutil --set LocalHostName <new host name>
sudo scutil --set ComputerName <new name>
dscacheutil -flushcache
list public keys
gpg -k
list private keys
gpg -K
Get SSH public key
gpg --export-ssh-key $EMAIL
~/.gnupg/sshcontrol
gpg -k --with-keygrip
reload gpg
gpg-connect-agent reloadagent /bye