fs/disko: add encrypted-zfs

author: makefu <github@syntax-fehler.de> 2023-06-14 21:37:13 +0200
committer: makefu <github@syntax-fehler.de> 2023-06-14 21:37:13 +0200
commit: 828fdb97366dc72ac7b3bb4a53e8aec7a321d2eb (patch)
tree: 75f8bc9c99e47b55f0f96d83d48cbd7140c91c06
parent: bc9245374557f5aeb5b3903f9e0f801d599dcbc5 (diff)
2 files changed, 73 insertions, 1 deletions
diff --git a/2configs/fs/disko/single-disk-bcachefs.nix b/2configs/fs/disko/single-disk-bcachefs.nix
index cd73afd0d..bc80f6b30 100644
--- a/2configs/fs/disko/single-disk-bcachefs.nix
+++ b/2configs/fs/disko/single-disk-bcachefs.nix
@@ -1,4 +1,5 @@
 { disks ? [ "/dev/sda" ], ... }: {
+  boot.supportedFilesystems = [ "bcachefs" ];
   disko.devices = {
     disk = {
       vdb = {
@@ -26,7 +27,7 @@
               part-type = "primary";
               content = {
                 type = "filesystem";
-                format = "bcachefs";
+                format = "btrfs";
                 mountpoint = "/";
               };
             }
diff --git a/2configs/fs/disko/single-disk-encrypted-zfs.nix b/2configs/fs/disko/single-disk-encrypted-zfs.nix
new file mode 100644
index 000000000..1b35e5b2b
--- /dev/null
+++ b/2configs/fs/disko/single-disk-encrypted-zfs.nix
@@ -0,0 +1,71 @@
+{ disks ? [ "/dev/nvme0n1" ], ... }: 
+let
+  disk = builtins.elemAt disks 0;
+in {
+  boot.supportedFilesystems = [ "zfs" ];
+  disko.devices = {
+    disk = {
+      nvme = {
+        type = "disk";
+        device = disk;
+        content = {
+          type = "table";
+          format = "gpt";
+          partitions = [
+            {
+              name = "ESP";
+              start = "0";
+              end = "512MiB";
+              fs-type = "fat32";
+              bootable = true;
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            }
+            {
+              name = "zfs";
+              start = "512MiB";
+              end = "100%";
+              content = {
+                type = "zfs";
+                pool = "tank";
+              };
+            }
+          ];
+        };
+      };
+    };
+    zpool = {
+      tank = {
+        type = "zpool";
+        rootFsOptions = {
+          compression = "lz4";
+          #reservation = "5G";
+          "com.sun:auto-snapshot" = "false";
+        };
+        mountpoint = null;
+        postCreateHook = "zfs snapshot tank@blank";
+
+        datasets = {
+          
+          root = {
+            type = "zfs_fs";
+            mountpoint = "/";
+            options = {
+              encryption = "aes-256-gcm";
+              keyformat = "passphrase";
+              "com.sun:auto-snapshot" = "true";
+            };
+            #keylocation = "file:///tmp/secret.key";
+          };
+          "root/home" = {
+            type = "zfs_fs";
+            mountpoint = "/home";
+          };
+        };
+      };
+    };
+  };
+}
author	makefu <github@syntax-fehler.de>	2023-06-14 21:37:13 +0200
committer	makefu <github@syntax-fehler.de>	2023-06-14 21:37:13 +0200
commit	828fdb97366dc72ac7b3bb4a53e8aec7a321d2eb (patch)
tree	75f8bc9c99e47b55f0f96d83d48cbd7140c91c06
parent	bc9245374557f5aeb5b3903f9e0f801d599dcbc5 (diff)