77 lines
1.8 KiB
Nix
77 lines
1.8 KiB
Nix
{device ? throw "Must define a devices, e.g. /dev/sda"}:
|
|
{
|
|
disko.devices = {
|
|
disk = {
|
|
b = {
|
|
type = "disk";
|
|
device = "/dev/vdb";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
zfs = {
|
|
size = "100%";
|
|
content = {
|
|
type = "zfs";
|
|
pool = "zroot";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
c = {
|
|
type = "disk";
|
|
device = "/dev/vdc";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
zfs = {
|
|
size = "100%";
|
|
content = {
|
|
type = "zfs";
|
|
pool = "zroot";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
zpool = {
|
|
zroot = {
|
|
type = "zpool";
|
|
mode = "mirror";
|
|
rootFsOptions = {
|
|
compression = "zstd";
|
|
"com.sun:auto-snapshot" = "false";
|
|
};
|
|
mountpoint = "/";
|
|
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
|
|
|
|
datasets = {
|
|
zfs_fs = {
|
|
type = "zfs_fs";
|
|
mountpoint = "/zfs_fs";
|
|
options."com.sun:auto-snapshot" = "true";
|
|
};
|
|
encrypted = {
|
|
type = "zfs_fs";
|
|
options = {
|
|
mountpoint = "none";
|
|
encryption = "aes-256-gcm";
|
|
keyformat = "passphrase";
|
|
keylocation = "file:///tmp/secret.key";
|
|
};
|
|
# use this to read the key during boot
|
|
# postCreateHook = ''
|
|
# zfs set keylocation="prompt" "zroot/$name";
|
|
# '';
|
|
};
|
|
"encrypted/test" = {
|
|
type = "zfs_fs";
|
|
mountpoint = "/zfs_crypted";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|