modified overseer to nebula, setup zfs

This commit is contained in:
mrsu 2024-06-28 15:26:16 +01:00
parent 0f83b32f2b
commit 89dceb1827
5 changed files with 10 additions and 98 deletions

View File

@ -115,10 +115,10 @@
}
];
};
overseer = nixpkgs.lib.nixosSystem {
nebula = nixpkgs.lib.nixosSystem {
inherit specialArgs;
modules = [
./hosts/overseer
./hosts/nebula
home-manager.nixosModules.home-manager
{
home-manager.extraSpecialArgs = specialArgs;

View File

@ -1,76 +0,0 @@
{device ? throw "Must define a devices, e.g. /dev/sda"}:
{
disko.devices = {
disk = {
b = {
type = "disk";
device = "/dev/vdb";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
c = {
type = "disk";
device = "/dev/vdc";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
mode = "mirror";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
zfs_fs = {
type = "zfs_fs";
mountpoint = "/zfs_fs";
options."com.sun:auto-snapshot" = "true";
};
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
# postCreateHook = ''
# zfs set keylocation="prompt" "zroot/$name";
# '';
};
"encrypted/test" = {
type = "zfs_fs";
mountpoint = "/zfs_crypted";
};
};
};
};
};
}

View File

@ -2,7 +2,7 @@
let
# Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/vda"; # depends on target hardware
dev = "/dev/sda"; # depends on target hardware
encrypted = false; # currrently only applies to btrfs
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
user = "admin";
@ -17,40 +17,28 @@ in
inputs.disko.nixosModules.disko
(import ../common/disks { device = dev; fsType = fsType; encrypted = encrypted; })
# Impermanence
inputs.impermanence.nixosModules.impermanence
(import ../common/disks/btrfs-impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; })
# Import core options
./hardware-configuration.nix
../common/core
# Import optional options
../common/optional/persistence.nix
../common/optional/openssh.nix
];
boot = {
blacklistedKernelModules = [ "snd_hda_intel" "snd_soc_skl" ];
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = 3;
};
};
hardware.firmware = [
pkgs.sof-firmware
];
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
networking = {
hostName = "overseer";
hostName = "nebula";
networkmanager.enable = true;
enableIPv6 = false;
};
boot.supportedFilesystems = [ "zfs" ];
boot.zfs.forceImportRoot = false;
networking.hostId = "18aec5d7"
services.libinput.enable = true;
}