From 0712a5cf871b7a6d2fbbd2df539d3cd90ab8fa1f Mon Sep 17 00:00:00 2001
From: Graham Christensen <graham@grahamc.com>
Date: Sat, 2 Nov 2019 14:38:45 +0100
Subject: [PATCH] Add notes for setting up the big new hetzner server

---
 hetzner-server/bootstrap-configuration.nix |  6 ++
 hetzner-server/format.sh                   | 66 ++++++++++++++++++++++
 hetzner-server/setup-rescue.sh             | 27 +++++++++
 3 files changed, 99 insertions(+)
 create mode 100644 hetzner-server/bootstrap-configuration.nix
 create mode 100644 hetzner-server/format.sh
 create mode 100644 hetzner-server/setup-rescue.sh

diff --git a/hetzner-server/bootstrap-configuration.nix b/hetzner-server/bootstrap-configuration.nix
new file mode 100644
index 0000000..90c3121
--- /dev/null
+++ b/hetzner-server/bootstrap-configuration.nix
@@ -0,0 +1,6 @@
+{
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUy2CGT6P3q2kApZEuyCHsuCruwdRzeWMdQe/WjdCak grahamc@Petunia"
+  ];
+}
diff --git a/hetzner-server/format.sh b/hetzner-server/format.sh
new file mode 100644
index 0000000..2f3db4e
--- /dev/null
+++ b/hetzner-server/format.sh
@@ -0,0 +1,66 @@
+#!/bin/sh
+
+set -eux
+
+format() {
+  parted -s "$1" -- mklabel msdos
+
+  parted -s "$1" -- mkpart primary 1MiB 512MiB
+  parted -s "$1" -- set 1 boot on
+
+  parted -s "$1" -- mkpart primary 512MiB 100%
+  parted -s "$1" -- print
+}
+
+zpool destroy -f rpool || true
+(
+  mdadm -S /dev/md127
+  mdadm /dev/md127 -r /dev/sda1
+  mdadm /dev/md127 -r /dev/sdb1
+
+  dd if=/dev/zero of=/dev/sda1 bs=1M count=1024
+  dd if=/dev/zero of=/dev/sdb1 bs=1M count=1024
+  rm /etc/mdadm/mdadm.conf
+) || true
+udevadm settle
+
+format /dev/sda
+format /dev/sdb
+
+udevadm settle
+
+zpool create \
+  -o ashift=12 \
+  -O acltype=posixacl \
+  -O xattr=sa \
+  -O atime=off \
+  -O relatime=off \
+  -O compression=lz4 \
+  rpool mirror \
+    /dev/disk/by-id/ata-Micron_1100_MTFDDAK512TBN_18471FAE1869-part2 \
+    /dev/disk/by-id/ata-Micron_1100_MTFDDAK512TBN_18471FAE1989-part2
+
+zfs create -o mountpoint=none rpool/safe
+zfs create -o mountpoint=legacy rpool/safe/root
+zfs create -o mountpoint=none rpool/local
+zfs create -o mountpoint=legacy rpool/local/nix
+
+mount -t zfs rpool/safe/root /mnt
+mkdir -p /mnt/nix
+mount -t zfs rpool/local/nix /mnt/nix
+
+mdadm \
+  --create /dev/md127 \
+  --metadata 0.90 \
+  --level=1 \
+  --raid-devices=2 \
+  /dev/disk/by-id/ata-Micron_1100_MTFDDAK512TBN_18471FAE1989-part1 \
+  /dev/disk/by-id/ata-Micron_1100_MTFDDAK512TBN_18471FAE1869-part1 \
+  --force
+
+mkfs.ext4 -m 0 -L boot -j /dev/md127
+mkdir /mnt/boot
+mount /dev/md127 /mnt/boot
+
+nixos-generate-config --root /mnt
+
diff --git a/hetzner-server/setup-rescue.sh b/hetzner-server/setup-rescue.sh
new file mode 100644
index 0000000..40b639b
--- /dev/null
+++ b/hetzner-server/setup-rescue.sh
@@ -0,0 +1,27 @@
+
+mkdir -m 0755 /nix && chown foo /nix
+adduser foo
+su foo
+
+curl https://nixos.org/nix/install | bash
+. /home/foo/.nix-profile/etc/profile.d/nix.sh
+
+nix-env -f https://github.com/nix-community/nixos-generators/archive/master.tar.gz -i
+
+nixos-generate  -f kexec -c ./config.nix
+
+
+then ./format.sh
+
+then make a host id:
+
+     head -c4 /dev/urandom | od -A none -t x4
+
+then add this to /mnt/etc/nixos/configuration.nix:
+
+     boot.loader.grub.devices = [ "/dev/sda" "/dev/sdb" ]; # or "nodev" for efi only
+     services.openssh.enable = true;
+     users.users.root.openssh.authorizedKeys.keys = [
+         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUy2CGT6P3q2kApZEuyCHsuCruwdRzeWMdQe/WjdCak grahamc@Petunia"
+     ];
+     networking.hostId = "...th ehost id...";