69 lines
2.1 KiB
Nix
69 lines
2.1 KiB
Nix
{ pkgs, lib, config, ... }:
|
|
let
|
|
passwordFile = "/tmp/dotfiles_${config.networking.hostName}_password";
|
|
in
|
|
{
|
|
disko.devices = {
|
|
disk = {
|
|
"${config.networking.hostName}" = {
|
|
type = "disk";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
ESP = {
|
|
# Needs enough to store multiple kernel generations
|
|
size = "512M";
|
|
type = "EF00";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "vfat";
|
|
mountpoint = "/boot";
|
|
mountOptions = [
|
|
"defaults"
|
|
];
|
|
};
|
|
};
|
|
luks = {
|
|
size = "100%";
|
|
content = {
|
|
type = "luks";
|
|
name = "${config.networking.hostName}";
|
|
passwordFile = passwordFile;
|
|
settings = {
|
|
# Not having SSDs die fast is more important than crypto
|
|
# nerds that could potentially discover which filesystem I
|
|
# use from TRIM patterns
|
|
allowDiscards = true;
|
|
};
|
|
content = {
|
|
type = "btrfs";
|
|
extraArgs = [ "-f" ];
|
|
subvolumes = {
|
|
"/nixos" = {
|
|
mountpoint = "/";
|
|
mountOptions = [ "compress=zstd" "noatime" ];
|
|
};
|
|
"/home" = {
|
|
mountpoint = "/home";
|
|
mountOptions = [ "compress=zstd" "relatime" ];
|
|
};
|
|
"/nix" = {
|
|
mountpoint = "/nix";
|
|
mountOptions = [ "compress=zstd" "noatime" ];
|
|
};
|
|
# Maybe later
|
|
# "/swap" = {
|
|
# mountpoint = "/.swapvol";
|
|
# swap.swapfile.size = "20M";
|
|
# };
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|