forked from DGNum/infrastructure
79 lines
2.1 KiB
Nix
79 lines
2.1 KiB
Nix
{...}:
|
|
let
|
|
luksName = "mainfs";
|
|
in
|
|
{
|
|
boot.initrd.luks.devices.${luksName} = {
|
|
keyFile = "/dev/zero";
|
|
keyFileSize = 1;
|
|
};
|
|
disko.devices = {
|
|
disk = {
|
|
vdb = {
|
|
device = "/dev/vdb";
|
|
type = "disk";
|
|
content = {
|
|
type = "table";
|
|
format = "gpt";
|
|
partitions = [
|
|
{
|
|
name = "ESP";
|
|
start = "1MiB";
|
|
end = "512MiB";
|
|
fs-type = "fat32";
|
|
bootable = true;
|
|
content = {
|
|
type = "filesystem";
|
|
format = "vfat";
|
|
mountpoint = "/boot";
|
|
};
|
|
}
|
|
{
|
|
name = "luks";
|
|
start = "512MiB";
|
|
end = "-4GiB";
|
|
content = rec {
|
|
type = "luks";
|
|
name = luksName;
|
|
extraOpenArgs = [ "--keyfile-size=1" ];
|
|
extraFormatArgs = extraOpenArgs;
|
|
keyFile = "/dev/zero";
|
|
content = {
|
|
type = "btrfs";
|
|
mountpoint = "/mnt/btrfs-root";
|
|
subvolumes = {
|
|
"/rootfs" = {
|
|
mountpoint = "/";
|
|
mountOptions = [ "compress=zstd" ];
|
|
};
|
|
"/home" = {
|
|
mountOptions = [ "compress=zstd" ];
|
|
mountpoint = "/home";
|
|
};
|
|
"/var-log" = {
|
|
mountOptions = [ "compress=zstd" ];
|
|
mountpoint = "/var/log";
|
|
};
|
|
"/nix" = {
|
|
mountOptions = [ "noatime" "compress=zstd" ];
|
|
mountpoint = "/nix";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|
|
{
|
|
name = "swap";
|
|
start = "-4GiB";
|
|
end = "100%";
|
|
content = {
|
|
type = "swap";
|
|
randomEncryption = true;
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|