nix #11

Manually merged
geoffrey merged 113 commits from nix into main 2023-12-09 21:43:01 +01:00
5 changed files with 9 additions and 141 deletions
Showing only changes of commit 3806e023f6 - Show all commits

View file

@ -1,38 +0,0 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
content = {
type = "gpt";
partitions = {
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
settings.allowDiscards = true;
passwordFile = "/tmp/secret.key";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
};
}

View file

@ -1,32 +0,0 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
content = {
type = "gpt";
partitions = {
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

View file

@ -1 +0,0 @@
disko-hanging.nix

1
curacao_usb/disko.nix Normal file
View file

@ -0,0 +1 @@
import ../dk/single_uefi_btrfs.nix { id = "usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0"; name = "curacao_usb"; }

View file

@ -1,9 +1,10 @@
{ id, name, ... }:
{
disko.devices = {
disk = {
pindakaas_sd = {
"${name}" = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
device = "/dev/disk/by-id/${id}";
content = {
type = "gpt";
partitions = {
@ -24,8 +25,8 @@
size = "100%";
content = {
type = "luks";
name = "pindakaas_sd";
#passwordFile = "/tmp/secret.key"; # Commented out so asked interactively
name = "${name}";
passwordFile = "/tmp/secret.key"; # TODO Generate this somehow
settings = {
# Not having SSDs die fast is more important than crypto
# nerds that could potentially discover which filesystem I
@ -61,4 +62,5 @@
};
};
};
}
};
}

View file

@ -1,65 +1 @@
{
disko.devices = {
disk = {
pindakaas_sd = {
type = "disk";
device = "/dev/disk/by-id/mmc-SN32G_0xfb19ae99";
content = {
type = "gpt";
partitions = {
ESP = {
# Needs enough to store multiple kernel generations
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "pindakaas_sd";
passwordFile = "/tmp/secret.key"; # TODO Generate this somehow
settings = {
# Not having SSDs die fast is more important than crypto
# nerds that could potentially discover which filesystem I
# use from TRIM patterns
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/nixos" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" "relatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
# Maybe later
# "/swap" = {
# mountpoint = "/.swapvol";
# swap.swapfile.size = "20M";
# };
};
};
};
};
};
};
};
};
};
}
import ../dk/single_uefi_btrfs.nix { id = "mmc-SN32G_0xfb19ae99"; name = "pindakaas_sd"; }