Sovran_SystemsOS/iso/installer.sh

#!/usr/bin/env bash
set -euo pipefail

LOG=/tmp/sovran-install.log
exec > >(tee -a "$LOG") 2>&1

export PATH=/run/current-system/sw/bin:$PATH

BYTES_2TB=$((2 * 1024 * 1024 * 1024 * 1024))
LOGO="/etc/sovran/logo.png"

human_size() {
  numfmt --to=iec --suffix=B "$1"
}

# ── 1. WELCOME & ROLE SELECTION ──────────────────────────────────────────

ROLE=$(zenity --list --radiolist \
  --icon="$LOGO" \
  --width=700 --height=450 \
  --title="Welcome to Sovran_SystemsOS Installer" \
  --text="<span font='28' weight='heavy'>Sovran Systems</span>\n<span font='14' style='italic' foreground='#aaaaaa'>Be Digitally Sovereign</span>\n\nPlease select your installation type:" \
  --print-column=2 \
  --column="Select" --column="Role" \
  TRUE  "Server + Desktop — Full sovereign experience: desktop, cloud, messaging, Bitcoin node." \
  FALSE "Desktop Only — Beautiful desktop without background server applications." \
  FALSE "Node Only — Full Bitcoin node with Lightning and non-KYC buying and selling." \
  || true)

if [ -z "$ROLE" ]; then
  zenity --error --icon="$LOGO" --text="Installation cancelled."
  exit 1
fi

case "$ROLE" in
  Server*) ROLE="Server+Desktop" ;;
  Desktop*) ROLE="Desktop Only" ;;
  Node*) ROLE="Node (Bitcoin-only)" ;;
esac

# ── 2. FETCH DISKS ───────────────────────────────────────────────────────

mapfile -t DISKS < <(lsblk -b -dno NAME,SIZE,TYPE,RO,TRAN -e 7,11 | awk '$3=="disk" && $4=="0" && $5!="usb" {print $1":"$2}')

if [ "${#DISKS[@]}" -eq 0 ]; then
  zenity --error --icon="$LOGO" --text="No valid internal drives found. USB drives are ignored."
  exit 1
fi

IFS=$'\n' DISKS_SORTED=($(printf "%s\n" "${DISKS[@]}" | sort -t: -k2,2n))
unset IFS

BOOT_DISK="${DISKS_SORTED[0]%%:*}"
BOOT_SIZE="${DISKS_SORTED[0]##*:}"

DATA_DISK=""
DATA_SIZE=""

if [ "${#DISKS_SORTED[@]}" -ge 2 ]; then
  DATA_DISK="${DISKS_SORTED[-1]%%:*}"
  DATA_SIZE="${DISKS_SORTED[-1]##*:}"
fi

if [ -n "$DATA_DISK" ] && [ "$DATA_SIZE" -lt "$BYTES_2TB" ]; then
  zenity --warning --icon="$LOGO" --width=500 \
    --text="A second disk was detected (${DATA_DISK}), but it is smaller than 2TB and will not be used as a data disk."
  DATA_DISK=""
  DATA_SIZE=""
fi

SUMMARY="Boot disk:  /dev/${BOOT_DISK} ($(human_size "$BOOT_SIZE"))"
if [ -n "$DATA_DISK" ]; then
  SUMMARY="${SUMMARY}\nData disk:  /dev/${DATA_DISK} ($(human_size "$DATA_SIZE"))"
else
  SUMMARY="${SUMMARY}\nData disk:  none detected"
fi

# ── 3. CONFIRM ERASE ─────────────────────────────────────────────────────

CONFIRM=$(zenity --entry \
  --icon="$LOGO" \
  --width=560 \
  --title="Confirm Installation" \
  --text="WARNING: This will permanently erase all data on:\n\n${SUMMARY}\n\nType ERASE below to confirm and begin installation.")

if [ "$CONFIRM" != "ERASE" ]; then
  zenity --error --icon="$LOGO" --text="Installation cancelled. Nothing was changed."
  exit 1
fi

BOOT_PATH="/dev/${BOOT_DISK}"
DATA_PATH=""
if [ -n "$DATA_DISK" ]; then
  DATA_PATH="/dev/${DATA_DISK}"
fi

# ── 4. PARTITION & FORMAT ─────────────────────────────────────────────────

zenity --info \
  --icon="$LOGO" \
  --title="Preparing Drives" \
  --text="Please wait while your drives are being set up...\n\nThis may take a few minutes. Do not turn off your computer." \
  --width=520 &
ZENITY_WAIT_PID=$!

if [ -n "$DATA_PATH" ]; then
  sudo disko --mode disko /etc/sovran/flake/iso/disko.nix \
    --arg device '"'"$BOOT_PATH"'"' \
    --arg dataDevice '"'"$DATA_PATH"'"'
else
  sudo disko --mode disko /etc/sovran/flake/iso/disko.nix \
    --arg device '"'"$BOOT_PATH"'"'
fi

kill $ZENITY_WAIT_PID 2>/dev/null || true

# ── 5. COPY CONFIG ────────────────────────────────────────────────────────

sudo nixos-generate-config --root /mnt

cp /mnt/etc/nixos/hardware-configuration.nix /tmp/hardware-configuration.nix
sudo rm -rf /mnt/etc/nixos/*
sudo cp -a /etc/sovran/flake/* /mnt/etc/nixos/
sudo cp /tmp/hardware-configuration.nix /mnt/etc/nixos/hardware-configuration.nix

# ── 6. APPLY ROLE STATE & TEMPLATE ───────────────────────────────────────

IS_SERVER="false"
IS_DESKTOP="false"
IS_NODE="false"

case "$ROLE" in
  "Server+Desktop")      IS_SERVER="true" ;;
  "Desktop Only")        IS_DESKTOP="true" ;;
  "Node (Bitcoin-only)") IS_NODE="true" ;;
esac

sudo tee /mnt/etc/nixos/role-state.nix > /dev/null <<EOF
# THIS FILE IS AUTO-GENERATED BY THE INSTALLER. DO NOT EDIT.
# To change your role later, edit custom.nix instead.
{ config, lib, ... }:
{
  sovran_systemsOS.roles.server_plus_desktop = lib.mkDefault ${IS_SERVER};
  sovran_systemsOS.roles.desktop = lib.mkDefault ${IS_DESKTOP};
  sovran_systemsOS.roles.node = lib.mkDefault ${IS_NODE};
}
EOF

sudo cp /mnt/etc/nixos/custom.template.nix /mnt/etc/nixos/custom.nix

# ── 7. VERIFY FILES ───────────────────────────────────────────────────────

for f in /mnt/etc/nixos/role-state.nix /mnt/etc/nixos/custom.nix; do
  if [ ! -f "$f" ]; then
    zenity --error --icon="$LOGO" --width=500 \
      --title="Installation Error" \
      --text="A required file is missing:\n\n${f}\n\nInstallation cannot continue. Please check the log at ${LOG} and try again."
    exit 1
  fi
done

# ── 8. FINAL INSTALL ─────────────────────────────────────────────────────

zenity --info \
  --icon="$LOGO" \
  --title="Installing Sovran SystemsOS" \
  --text="Please wait while your system is being installed...\n\nThis may take 20-40 minutes depending on your internet speed.\nDo not turn off your computer." \
  --width=520 &
ZENITY_INSTALL_PID=$!

sudo nixos-install --root /mnt --flake /mnt/etc/nixos#nixos

kill $ZENITY_INSTALL_PID 2>/dev/null || true

# ── 9. COMPLETE ───────────────────────────────────────────────────────────

zenity --info \
  --icon="$LOGO" \
  --width=600 \
  --title="Installation Complete!" \
  --text="Installation Successful!\n\nPlease write down your login details before rebooting:\n\nUsername: free\nPassword: free\n\nCRITICAL: Do not lose this password or you will be permanently locked out.\n\nAfter rebooting your system will finish setting up and save all app passwords (Nextcloud, Bitcoin, Matrix, etc.) to a secure PDF in your Documents folder.\n\nClick OK to reboot into your new system!"

sudo reboot