lytedev/nix
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

WIP beefcake disk setup

Browse source
This commit is contained in:
Daniel Flanagan 2024-09-04 10:31:06 -05:00
parent 2ea8ff3ccc
commit abd60eceef
3 changed files with 195 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

249
disko/default.nix
View file

@ -1,4 +1,6 @@
{ {lib, ...}: let
inherit (lib.attrSets) mapAttrs' filterAttrs;
in {
standardWithHibernateSwap = { standardWithHibernateSwap = {
disks ? ["/dev/sda"], disks ? ["/dev/sda"],
swapSize, swapSize,
@ -138,67 +140,7 @@
}; };
}; };
}; };
# TODO: figure out what I can't have an optiona/default 'name' attribute here so I can DRY with "standard"
thinker = {disks ? ["/dev/vda"], ...}: {
disko.devices = {
disk = {
vdb = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "gpt";
partitions = {
ESP = {
label = "EFI";
name = "ESP";
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = ["--allow-discards"];
# if you want to use the key for interactive login be sure there is no trailing newline
# for example use `echo -n "password" > /tmp/secret.key`
keyFile = "/tmp/secret.key"; # Interactive
# settings.keyFile = "/tmp/password.key";
# additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = ["compress=zstd" "noatime"];
};
"/home" = {
mountpoint = "/home";
mountOptions = ["compress=zstd" "noatime"];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = ["compress=zstd" "noatime"];
};
};
};
};
};
};
};
};
};
};
};
unencrypted = {disks ? ["/dev/vda"], ...}: { unencrypted = {disks ? ["/dev/vda"], ...}: {
disko.devices = { disko.devices = {
disk = { disk = {
@ -249,6 +191,189 @@
}; };
}; };
}; };
beefcake = {disks, ...}: let
zpools = {
zroot = {
name = "zroot";
config = {
type = "zpool";
mode = "mirror";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
};
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
zfs_fs = {
type = "zfs_fs";
mountpoint = "/zfs_fs";
options."com.sun:auto-snapshot" = "true";
};
zfs_unmounted_fs = {
type = "zfs_fs";
options.mountpoint = "none";
};
zfs_legacy_fs = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/zfs_legacy_fs";
};
zfs_testvolume = {
type = "zfs_volume";
size = "10M";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/ext4onzfs";
};
};
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "file:///tmp/secret.key";
};
# use this to read the key during boot
# postCreateHook = ''
# zfs set keylocation="prompt" "zroot/$name";
# '';
};
"encrypted/test" = {
type = "zfs_fs";
mountpoint = "/zfs_crypted";
};
};
};
};
zstorage = {
name = "zstorage";
config = {};
};
};
diskClass = {
storage = {
type = "zfs";
pool = zpools.zroot.name;
};
boot = {
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = zpools.zroot.name;
};
};
};
};
};
};
bootDisks = {
"/dev/sdi" = {
name = "i";
enable = true;
};
"/dev/sdj" = {
name = "j";
enable = true;
}; # TODO: join current boot drive to new boot pool
};
storageDisks = {
"/dev/sda" = {
enable = true;
name = "a";
};
"/dev/sdb" = {
enable = true;
name = "b";
};
"/dev/sdc" = {
enable = true;
name = "c";
};
"/dev/sdd" = {
enable = true;
name = "d";
};
# TODO: start small
"/dev/sde" = {
enable = false;
name = "e";
};
"/dev/sdf" = {
enable = false;
name = "f";
};
"/dev/sdg" = {
enable = false;
name = "g";
};
"/dev/sdh" = {
enable = false;
name = "h";
};
# gap for two boot drives
"/dev/sdk" = {
enable = false;
name = "k";
};
"/dev/sdl" = {
enable = false;
name = "l";
};
"/dev/sdm" = {
enable = false;
name = "m";
};
"/dev/sdn" = {
enable = false;
name = "n";
};
};
diskoBoot = mapAttrs' (device: {name, ...}: {
name = "boot-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.boot.content;
};
}) (filterAttrs (_: {enable, ...}: enable) bootDisks);
diskoStorage = mapAttrs' (device: {name, ...}: {
name = "storage-${name}";
value = {
inherit device;
type = "disk";
content = diskClass.storage.content;
};
}) (filterAttrs (_: {enable, ...}: enable) storageDisks);
in {
disko.devices = {
disk = diskoBoot / diskoStorage;
zpool = {
zroot = zpools.zroot.config;
};
};
};
legacy = {disks ? ["/dev/vda"], ...}: { legacy = {disks ? ["/dev/vda"], ...}: {
disko.devices = { disko.devices = {
disk = { disk = {

2
flake.nix
View file

@ -107,7 +107,7 @@
# overlay I did this to work around some recursion problems # overlay I did this to work around some recursion problems
# TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880 # TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;}); packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset nix-base-container-image;});
diskoConfigurations = import ./disko; diskoConfigurations = import ./disko {inherit (nixpkgs) lib;};
templates = import ./templates; templates = import ./templates;
formatter = genPkgs (p: p.alejandra); formatter = genPkgs (p: p.alejandra);

8
nixos/beefcake.nix
View file

@ -15,7 +15,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
pkgs, pkgs,
... ...
}: { }: {
system.stateVersion = "22.05"; system.stateVersion = "24.05";
home-manager.users.daniel.home.stateVersion = "24.05"; home-manager.users.daniel.home.stateVersion = "24.05";
networking.hostName = "beefcake"; networking.hostName = "beefcake";
@ -49,6 +49,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# ]; # ];
# }; # };
} }
{
boot.kernelParams = ["nohibernate"];
}
{ {
# sops secrets stuff # sops secrets stuff
sops = { sops = {
@ -1345,6 +1348,9 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# }; # };
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
btrfs-progs
zfs
smartmontools
htop htop
bottom bottom
curl curl