-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcassini.nix
45 lines (45 loc) · 1.31 KB
/
cassini.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
{ device, ... }:
let
devicename = builtins.baseNameOf device;
in
{
#############################################################################
# Wipe some disk (typically a flash drive) and fill (approx.) the first 10M
# of space with randomness, from which a LUKS key will be derived.
disk."${devicename}" = {
type = "disk";
inherit device;
content = {
type = "table";
format = "gpt";
partitions = [
# Create the partition that will store random data from which the LUKS
# key will be derived.
rec {
type = "partition";
name = "huygens";
start = "1MiB";
end = "10MiB";
# Write randomness to this partition; the whole disk should have been
# shredded before, anyway, but we're here so whatever.
postCreateHook = ''
dd if=/dev/urandom of=/dev/disk/by-partlabel/${name} bs=1MiB count=9
'';
}
# Flash drives are big nowadays; might as well make the rest usable.
{
type = "partition";
name = "cassini";
start = "10MiB";
end = "100%";
fs-type = "fat32";
content = {
type = "filesystem";
format = "vfat";
mountpoint = null;
};
}
];
};
};
}