change nixos -> nix

nix/flake/bootstrap/bootstrap.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+IFS=$'\n\t'
+
+servername="${1-}"
+
+hostname="${2-}"
+
+if [ -z "$servername" ] || [ -z "$hostname" ]
+  then
+    echo "Usage: $0 SERVERNAME HOSTNAME"
+    exit 1
+fi
+
+confirmation="Yes, wipe ${servername}."
+
+echo "⚠️  This will wipe ${servername} completely! ⚠️"
+echo "Confirm by typing: \"${confirmation}\""
+read response
+
+if [ "$response" != "$confirmation" ]; then
+  echo "Aborting."
+  exit 1
+fi
+
+# Create a temporary directory
+temp=$(mktemp -d)
+
+# Function to cleanup temporary directory on exit
+cleanup() {
+  rm -rf "$temp"
+}
+trap cleanup EXIT
+
+# Create directory where age key will go.
+# Nixos-anwhere creates a kind of overlay and retains this structure on the final file system.
+mkdir "$temp/etc"
+
+secret-tool lookup age-identity "$servername" > "$temp/etc/age_ed25519"
+
+# Set the correct permissions
+chmod 600 "$temp/etc/age_ed25519"
+
+# Install NixOS to the host system with our age identity
+nixos-anywhere --help #--extra-files "$temp" --flake ".#${servername}" "root@${hostname}"

nix/flake/bootstrap/default.nix

@@ -0,0 +1,16 @@
+{ flake-utils, hostPkgs, ... }: flake-utils.lib.eachDefaultSystem (system: {
+  packages.bootstrap =
+    let
+      name = "bootstrap";
+      buildInputs = with hostPkgs; [ libsecret coreutils nixos-anywhere ];
+      script = (hostPkgs.writeScriptBin name (builtins.readFile ./bootstrap.sh)).overrideAttrs (old: {
+        buildCommand = "${old.buildCommand}\n patchShebangs $out";
+      });
+    in
+    hostPkgs.symlinkJoin {
+      inherit name;
+      paths = [ script ] ++ buildInputs;
+      buildInputs = [ hostPkgs.makeWrapper ];
+      postBuild = "wrapProgram $out/bin/${name} --set PATH $out/bin";
+    };
+})