2024-02-25 23:31:59 +05:30
|
|
|
#!/bin/sh
|
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Color codes for formatted output
|
|
|
|
RED='\033[0;31m'
|
|
|
|
GREEN='\033[0;32m'
|
|
|
|
YELLOW='\033[1;33m'
|
|
|
|
CYAN='\033[0;36m'
|
|
|
|
NC='\033[0m' # No color
|
|
|
|
|
|
|
|
# Default parameters
|
|
|
|
SCRIPT_DIR="${HOME}/.dotfiles"
|
|
|
|
USER_EMAIL=""
|
|
|
|
SKIP_REVIEW=0
|
2024-10-27 03:49:03 +05:30
|
|
|
DISABLE_HARDEN=0
|
2024-10-27 03:55:42 +05:30
|
|
|
TEMP_CLONE=0
|
2024-10-27 04:24:01 +05:30
|
|
|
SKIP_CLONE=0
|
|
|
|
SKIP_EMAIL=0
|
2024-10-27 16:17:44 +05:30
|
|
|
AUTO_CONFIRM=0
|
2024-10-27 03:36:25 +05:30
|
|
|
EDITOR="${EDITOR:-nano}" # Default to nano if EDITOR is not set
|
|
|
|
|
|
|
|
# Helper function to display usage message
|
|
|
|
show_help() {
|
|
|
|
printf "${CYAN}Usage:${NC} $0 [OPTIONS]\n\n"
|
|
|
|
printf "Options:\n"
|
|
|
|
printf " -d, --directory <path> Specify the directory to clone the dotfiles (default: ~/.dotfiles)\n"
|
|
|
|
printf " -e, --email <email> Provide an email to use for configuration (default: empty)\n"
|
|
|
|
printf " -y, --yes Skip editor confirmation for flake.nix review\n"
|
2024-10-27 03:49:03 +05:30
|
|
|
printf " -n, --no-harden Skip the security hardening step\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
printf " -t, --temp-clone Clone into a temporary directory\n"
|
2024-10-27 04:24:01 +05:30
|
|
|
printf " -s, --skip-clone Skip the cloning step if directory exists\n"
|
|
|
|
printf " -se, --skip-email Skip the email replacement step in flake.nix\n"
|
2024-10-27 16:17:44 +05:30
|
|
|
printf " -ac, --auto-confirm Automatically confirm the system rebuild\n"
|
2024-10-27 03:36:25 +05:30
|
|
|
printf " -h, --help Show this help message\n"
|
|
|
|
exit 0
|
|
|
|
}
|
|
|
|
|
2024-10-27 03:55:42 +05:30
|
|
|
# Check dependencies
|
|
|
|
command -v nix-shell >/dev/null 2>&1 || { printf "${RED}Error: nix-shell is not installed.${NC}\n"; exit 1; }
|
|
|
|
command -v nixos-rebuild >/dev/null 2>&1 || { printf "${RED}Error: nixos-rebuild is not installed.${NC}\n"; exit 1; }
|
|
|
|
command -v nix >/dev/null 2>&1 || { printf "${RED}Error: nix is not installed.${NC}\n"; exit 1; }
|
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Parse arguments
|
|
|
|
while [ "$#" -gt 0 ]; do
|
|
|
|
case "$1" in
|
|
|
|
-d|--directory) SCRIPT_DIR="$2"; shift 2;;
|
|
|
|
-e|--email) USER_EMAIL="$2"; shift 2;;
|
|
|
|
-y|--yes) SKIP_REVIEW=1; shift;;
|
2024-10-27 03:49:03 +05:30
|
|
|
-n|--no-harden) DISABLE_HARDEN=1; shift;;
|
2024-10-27 03:55:42 +05:30
|
|
|
-t|--temp-clone) TEMP_CLONE=1; shift;;
|
2024-10-27 04:24:01 +05:30
|
|
|
-s|--skip-clone) SKIP_CLONE=1; shift;;
|
|
|
|
-se|--skip-email) SKIP_EMAIL=1; shift;;
|
2024-10-27 16:17:44 +05:30
|
|
|
-ac|--auto-confirm) AUTO_CONFIRM=1; shift;;
|
2024-10-27 03:36:25 +05:30
|
|
|
-h|--help) show_help;;
|
|
|
|
--) shift; break;;
|
|
|
|
*) printf "${RED}Error:${NC} Unknown option: $1\n"; show_help; exit 1;;
|
|
|
|
esac
|
|
|
|
done
|
2024-02-29 07:17:06 +05:30
|
|
|
|
2024-10-27 04:24:01 +05:30
|
|
|
# Clone dotfiles repository, if not skipped
|
|
|
|
if [ "$SKIP_CLONE" -eq 0 ]; then
|
|
|
|
if [ "$TEMP_CLONE" -eq 1 ]; then
|
|
|
|
SCRIPT_DIR=$(mktemp -d)
|
|
|
|
printf "${YELLOW}Cloning dotfiles to temporary directory ${SCRIPT_DIR}...${NC}\n"
|
|
|
|
else
|
|
|
|
printf "${CYAN}Cloning dotfiles to ${SCRIPT_DIR}...${NC}\n"
|
|
|
|
fi
|
|
|
|
nix-shell -p git --command "git clone https://gitlab.com/librephoenix/nixos-config $SCRIPT_DIR" || { printf "${RED}Failed to clone repository.${NC}\n"; exit 1; }
|
2024-10-27 03:55:42 +05:30
|
|
|
else
|
2024-10-27 04:24:01 +05:30
|
|
|
if [ ! -d "$SCRIPT_DIR" ]; then
|
|
|
|
printf "${RED}Error: Specified directory $SCRIPT_DIR does not exist. Cannot proceed without cloning.${NC}\n"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
printf "${YELLOW}Skipping clone step as requested; using existing directory $SCRIPT_DIR.${NC}\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
fi
|
2024-02-29 07:17:06 +05:30
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Generate hardware configuration
|
|
|
|
printf "${CYAN}Generating hardware configuration...${NC}\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
sudo nixos-generate-config --show-hardware-config > "$SCRIPT_DIR/system/hardware-configuration.nix" || { printf "${RED}Failed to generate hardware configuration.${NC}\n"; exit 1; }
|
2024-10-27 03:36:25 +05:30
|
|
|
|
|
|
|
# Determine boot mode (UEFI or BIOS) and set flake.nix accordingly
|
2024-02-29 07:17:06 +05:30
|
|
|
if [ -d /sys/firmware/efi/efivars ]; then
|
2024-10-27 03:36:25 +05:30
|
|
|
printf "${GREEN}Detected UEFI boot mode.${NC}\n"
|
|
|
|
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"uefi\";/" "$SCRIPT_DIR/flake.nix"
|
2024-02-29 07:17:06 +05:30
|
|
|
else
|
2024-10-27 03:36:25 +05:30
|
|
|
printf "${GREEN}Detected BIOS boot mode.${NC}\n"
|
|
|
|
sed -i "0,/bootMode.*=.*\".*\";/s//bootMode = \"bios\";/" "$SCRIPT_DIR/flake.nix"
|
|
|
|
grubDevice=$(findmnt / | awk '{ print $2 }' | sed 's/\[.*\]//g' | tail -n 1 | lsblk -no pkname | tail -n 1)
|
|
|
|
sed -i "0,/grubDevice.*=.*\".*\";/s//grubDevice = \"\/dev\/$grubDevice\";/" "$SCRIPT_DIR/flake.nix"
|
2024-02-29 07:17:06 +05:30
|
|
|
fi
|
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Customize flake.nix with user information
|
|
|
|
printf "${CYAN}Setting user-specific information in flake.nix...${NC}\n"
|
|
|
|
sed -i "0,/emmet/s//$(whoami)/" "$SCRIPT_DIR/flake.nix"
|
|
|
|
sed -i "0,/Emmet/s//$(getent passwd $(whoami) | cut -d ':' -f 5 | cut -d ',' -f 1)/" "$SCRIPT_DIR/flake.nix"
|
2024-10-27 04:24:01 +05:30
|
|
|
if [ "$SKIP_EMAIL" -eq 0 ]; then
|
|
|
|
if [ -n "$USER_EMAIL" ]; then
|
|
|
|
sed -i "s/emmet@librephoenix.com/$USER_EMAIL/" "$SCRIPT_DIR/flake.nix"
|
|
|
|
else
|
|
|
|
sed -i "s/emmet@librephoenix.com//" "$SCRIPT_DIR/flake.nix"
|
|
|
|
fi
|
2024-10-27 03:36:25 +05:30
|
|
|
else
|
2024-10-27 04:24:01 +05:30
|
|
|
printf "${YELLOW}Skipping email replacement in flake.nix as requested.${NC}\n"
|
2024-10-27 03:36:25 +05:30
|
|
|
fi
|
|
|
|
sed -i "s+~/.dotfiles+$SCRIPT_DIR+g" "$SCRIPT_DIR/flake.nix"
|
2024-02-29 07:17:06 +05:30
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Optional review of flake.nix
|
|
|
|
if [ "$SKIP_REVIEW" -eq 0 ]; then
|
|
|
|
printf "${YELLOW}Opening flake.nix for manual review with ${EDITOR}...${NC}\n"
|
|
|
|
$EDITOR "$SCRIPT_DIR/flake.nix"
|
2024-02-26 00:34:02 +05:30
|
|
|
fi
|
2024-02-29 07:17:06 +05:30
|
|
|
|
2024-10-27 03:49:03 +05:30
|
|
|
# Apply security hardening if enabled
|
|
|
|
if [ "$DISABLE_HARDEN" -eq 0 ]; then
|
|
|
|
printf "${CYAN}Applying security hardening...${NC}\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
sudo "$SCRIPT_DIR/harden.sh" "$SCRIPT_DIR" || { printf "${RED}Hardening failed.${NC}\n"; exit 1; }
|
2024-10-27 03:49:03 +05:30
|
|
|
else
|
|
|
|
printf "${YELLOW}Skipping security hardening as requested.${NC}\n"
|
|
|
|
fi
|
2024-10-27 03:36:25 +05:30
|
|
|
|
2024-10-27 03:55:42 +05:30
|
|
|
# Confirmation prompt for system rebuild
|
2024-10-27 16:17:44 +05:30
|
|
|
if [ "$AUTO_CONFIRM" -eq 0 ]; then
|
|
|
|
printf "${YELLOW}Ready to rebuild the system with nixos-rebuild. Do you want to proceed? (y/n) ${NC}"
|
|
|
|
read -r confirm
|
|
|
|
if [ "$confirm" != "y" ]; then
|
|
|
|
printf "${RED}Aborting system rebuild.${NC}\n"
|
|
|
|
exit 0
|
|
|
|
fi
|
2024-10-27 03:55:42 +05:30
|
|
|
fi
|
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Rebuild system with new configuration
|
|
|
|
printf "${CYAN}Rebuilding system with nixos-rebuild...${NC}\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
sudo nixos-rebuild switch --flake "$SCRIPT_DIR#system" || { printf "${RED}System rebuild failed.${NC}\n"; exit 1; }
|
2024-04-07 00:28:01 +05:30
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
# Build and switch to the user's home-manager configuration
|
|
|
|
printf "${CYAN}Setting up home-manager configuration...${NC}\n"
|
2024-10-27 03:55:42 +05:30
|
|
|
nix run home-manager/master --extra-experimental-features nix-command --extra-experimental-features flakes -- switch --flake "$SCRIPT_DIR#user" || { printf "${RED}Home-manager setup failed.${NC}\n"; exit 1; }
|
2024-02-29 07:17:06 +05:30
|
|
|
|
2024-10-27 03:36:25 +05:30
|
|
|
printf "${GREEN}Installation and configuration complete!${NC}\n"
|