renew
This commit is contained in:
parent
30e90c0301
commit
69dd3d6509
40
flake.nix
40
flake.nix
@ -1,5 +1,4 @@
|
|||||||
# flake.nix
|
# flake.nix
|
||||||
|
|
||||||
{
|
{
|
||||||
description = "Portable Ubuntu setup with XFCE, XRDP, Chromium, and swap";
|
description = "Portable Ubuntu setup with XFCE, XRDP, Chromium, and swap";
|
||||||
|
|
||||||
@ -20,7 +19,15 @@
|
|||||||
pkgs.xfce.xfce4-terminal
|
pkgs.xfce.xfce4-terminal
|
||||||
pkgs.xrdp
|
pkgs.xrdp
|
||||||
pkgs.chromium # Added Chromium here
|
pkgs.chromium # Added Chromium here
|
||||||
|
pkgs.openssl # Ensure openssl is available for password generation
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# Run setup.sh when entering the devShell
|
||||||
|
shellHook = ''
|
||||||
|
if [ ! -f /swapfile ]; then
|
||||||
|
bash ${./setup.sh} # Assuming setup.sh is in the same directory
|
||||||
|
fi
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
# Configuration for Home Manager, setting up XFCE and XRDP
|
# Configuration for Home Manager, setting up XFCE and XRDP
|
||||||
@ -34,36 +41,5 @@
|
|||||||
services.xrdp.enable = true;
|
services.xrdp.enable = true;
|
||||||
programs.chromium.enable = true; # Ensure Chromium is enabled for the user
|
programs.chromium.enable = true; # Ensure Chromium is enabled for the user
|
||||||
};
|
};
|
||||||
|
|
||||||
# System-level configuration for creating swap, user, etc.
|
|
||||||
systemConfigurations.ubuntuSetup = pkgs.lib.mkDefault {
|
|
||||||
users.users.gabriel = {
|
|
||||||
isNormalUser = true;
|
|
||||||
shell = pkgs.bashInteractive;
|
|
||||||
password = "hashedPassword"; # You can replace this with a more secure password handling mechanism
|
|
||||||
};
|
|
||||||
|
|
||||||
# Create a 2GB swap file
|
|
||||||
systemd.services.swapfile = {
|
|
||||||
enable = true;
|
|
||||||
serviceConfig.ExecStart = ''
|
|
||||||
fallocate -l 2G /swapfile
|
|
||||||
chmod 600 /swapfile
|
|
||||||
mkswap /swapfile
|
|
||||||
swapon /swapfile
|
|
||||||
'';
|
|
||||||
wantedBy = [ "multi-user.target" ];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Set up the swap entry in /etc/fstab
|
|
||||||
system.fstab = [
|
|
||||||
{
|
|
||||||
device = "/swapfile";
|
|
||||||
mountPoint = "none";
|
|
||||||
fsType = "swap";
|
|
||||||
options = "sw";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
78
setup.sh
78
setup.sh
@ -1,34 +1,62 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
# Step 1: Generate a random 8-character alphanumeric password
|
# Ensure script is run as root
|
||||||
PASSWORD=$(openssl rand -base64 6 | tr -dc 'A-Za-z0-9' | head -c 8)
|
if [[ $EUID -ne 0 ]]; then
|
||||||
|
echo "This script must be run as root" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
# Step 2: Write the password to password.txt
|
# Update the system and install dependencies
|
||||||
echo "$PASSWORD" > password.txt
|
echo "Updating system and installing required dependencies..."
|
||||||
echo "Password saved to password.txt."
|
apt update && apt upgrade -y
|
||||||
|
apt install -y curl git sudo build-essential openssl
|
||||||
|
|
||||||
# Step 3: Echo the password to the terminal
|
# Install Nix package manager
|
||||||
echo "The generated password is: $PASSWORD"
|
echo "Installing Nix..."
|
||||||
|
|
||||||
# Step 4: Install Nix
|
|
||||||
echo "Installing Nix package manager..."
|
|
||||||
curl -L https://nixos.org/nix/install | sh -s -- --daemon
|
curl -L https://nixos.org/nix/install | sh -s -- --daemon
|
||||||
. ~/.nix-profile/etc/profile.d/nix.sh
|
source /home/$USER/.nix-profile/etc/profile.d/nix.sh
|
||||||
|
|
||||||
# Step 5: Enable Flakes
|
# Set up Nix and Home Manager configuration
|
||||||
echo "Enabling Flakes in Nix configuration..."
|
echo "Setting up Nix and Home Manager..."
|
||||||
mkdir -p ~/.config/nix
|
mkdir -p /etc/nix
|
||||||
echo "experimental-features = nix-command flakes" | tee -a ~/.config/nix/nix.conf
|
echo 'experimental-features = nix-command flakes' > /etc/nix/nix.conf
|
||||||
|
mkdir -p /home/$USER/.config/nixpkgs
|
||||||
|
|
||||||
# Step 6: Install Home Manager
|
# Download flake.nix file
|
||||||
echo "Installing Home Manager..."
|
echo "Downloading flake.nix configuration..."
|
||||||
nix-channel --add https://github.com/nix-community/home-manager/archive/release-23.05.tar.gz home-manager
|
cp /path/to/flake.nix /home/$USER/.config/nixpkgs/flake.nix # Change this to the correct path
|
||||||
nix-channel --update
|
|
||||||
nix-shell '<home-manager>' -A install
|
|
||||||
|
|
||||||
# Step 7: Run the Nix Flake to install and configure XFCE, XRDP, etc.
|
# Generate passwords
|
||||||
echo "Setting up environment with Nix Flake and Home Manager..."
|
echo "Generating passwords for user 'gabriel'..."
|
||||||
nix develop
|
num_passwords=8
|
||||||
home-manager switch --flake .#gabriel
|
password_file="/home/gabriel/password.txt"
|
||||||
|
|
||||||
echo "Setup complete! XFCE, XRDP, and environment configurations applied."
|
> "$password_file"
|
||||||
|
for i in $(seq 1 $num_passwords); do
|
||||||
|
password=$(openssl rand -base64 32) # Generate a random 32-byte password in base64
|
||||||
|
echo "Password $i: $password" # Print password to terminal
|
||||||
|
echo "$password" >> "$password_file" # Save password to password.txt
|
||||||
|
done
|
||||||
|
|
||||||
|
# Swap file setup
|
||||||
|
echo "Setting up swap file..."
|
||||||
|
if [ ! -f /swapfile ]; then
|
||||||
|
fallocate -l 2G /swapfile
|
||||||
|
chmod 600 /swapfile
|
||||||
|
mkswap /swapfile
|
||||||
|
swapon /swapfile
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Make swap permanent by adding it to /etc/fstab
|
||||||
|
if ! grep -q '/swapfile' /etc/fstab; then
|
||||||
|
echo '/swapfile none swap sw 0 0' | tee -a /etc/fstab
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Create user 'gabriel' if it doesn't exist
|
||||||
|
echo "Creating user 'gabriel'..."
|
||||||
|
if ! id -u gabriel &>/dev/null; then
|
||||||
|
useradd -m -s /bin/bash gabriel
|
||||||
|
echo "gabriel:$(head -n 1 $password_file)" | chpasswd # Set password from generated file
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Setup complete! Passwords have been saved to /home/gabriel/password.txt"
|
||||||
|
Loading…
Reference in New Issue
Block a user