web-01: create partionning scheme

machines/web-01/disko.nix

@@ -0,0 +1,71 @@
+{...}: {
+  disko.devices = {
+    disk = {
+      vdb = {
+        device = "/dev/vdb";
+        type = "disk";
+        content = {
+          type = "table";
+          format = "gpt";
+          partitions = [
+            {
+              name = "ESP";
+              start = "1MiB";
+              end = "512MiB";
+              fs-type = "fat32";
+              bootable = true;
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            }
+            {
+              name = "luks";
+              start = "512MiB";
+              end = "-4GiB";
+              content = rec {
+	        type = "luks";
+                name = "mainfs";
+                extraOpenArgs = [ "--keyfile-size=1" ];
+                extraFormatArgs = extraOpenArgs;
+                keyFile = "/dev/zero";
+                content = {
+                  type = "btrfs";
+                  mountpoint = "/mnt/btrfs-root";
+                  subvolumes = {
+                    "/rootfs" = {
+                      mountpoint = "/";
+                      mountOptions = [ "compress=zstd" ];
+                    };
+                    "/home" = {
+                      mountOptions = [ "compress=zstd" ];
+                      mountpoint = "/home";
+                    };
+                    "/var-log" = {
+                      mountOptions = [ "compress=zstd" ];
+                      mountpoint = "/var/log";
+                    };
+                    "/nix" = {
+                      mountOptions = [ "noatime" "compress=zstd" ];
+                      mountpoint = "/nix";
+                    };
+                  };
+                };
+              };
+            }
+            {
+              name = "swap";
+              start = "-4GiB";
+              end = "100%";
+              content = {
+                type = "swap";
+                randomEncryption = true;
+              };
+            }
+          ];
+        };
+      };
+    };
+  };
+}

npins/sources.json

@@ -1,5 +1,19 @@
 {
   "pins": {
+    "disko": {
+      "type": "GitRelease",
+      "repository": {
+        "type": "GitHub",
+        "owner": "nix-community",
+        "repo": "disko"
+      },
+      "pre_releases": false,
+      "version_upper_bound": null,
+      "version": "v1.0.0",
+      "revision": "6cbfde5b505bbbf0cfcfff230efb272e4d4a2230",
+      "url": "https://api.github.com/repos/nix-community/disko/tarball/v1.0.0",
+      "hash": "153cm29hjgklsi1aw85srvcd3h3afm7j77llk4fj3slf5gcwnmx9"
+    },
     "krops": {
       "type": "GitRelease",
       "repository": {

shell.nix

@@ -1,6 +1,10 @@
-{ pkgs ? import (import ./npins { }).nixpkgs {} }:
+let
+  sources = (import ./npins);
+  pkgs = import sources.nixpkgs {};
+in
 pkgs.mkShell {
   packages = [
     pkgs.npins
+    (pkgs.callPackage (sources.disko + "/package.nix") {})
   ];
 }