fs: single-disk-encrypted-zfs takes hostId as parameter

1systems/tsp/config.nix

@@ -13,7 +13,8 @@
       (self + "/2configs/editor/neovim")
       (self + "/2configs/tools/core.nix")
       # (self + "/2configs/tools/all.nix")
-      (self + "/2configs/fs/disko/single-disk-bcachefs.nix")
+
+      ((import  ../../2configs/fs/disko/single-disk-encrypted-zfs.nix ) { disks = ["/dev/sda" ]; hostId = "f8b8e0a2"; })
       # hardware specifics are in here
       (self + "/2configs/hw/bluetooth.nix")
       (self + "/2configs/hw/network-manager.nix")

1systems/x/x13/disk.nix

@@ -1,70 +0,0 @@
-{ ... }: 
-let
-  disk = "/dev/nvme0n1";
-in {
-  disko.devices = {
-    disk = {
-      nvme = {
-        type = "disk";
-        device = disk;
-        content = {
-          type = "table";
-          format = "gpt";
-          partitions = [
-            {
-              name = "ESP";
-              start = "0";
-              end = "512MiB";
-              fs-type = "fat32";
-              bootable = true;
-              content = {
-                type = "filesystem";
-                format = "vfat";
-                mountpoint = "/boot";
-              };
-            }
-            {
-              name = "zfs";
-              start = "512MiB";
-              end = "100%";
-              content = {
-                type = "zfs";
-                pool = "tank";
-              };
-            }
-          ];
-        };
-      };
-    };
-    zpool = {
-      tank = {
-        type = "zpool";
-        rootFsOptions = {
-          compression = "lz4";
-          #reservation = "5G";
-          "com.sun:auto-snapshot" = "false";
-        };
-        mountpoint = null;
-        postCreateHook = "zfs snapshot tank@blank";
-
-        datasets = {
-          
-          root = {
-            type = "zfs_fs";
-            mountpoint = "/";
-            options = {
-              encryption = "aes-256-gcm";
-              keyformat = "passphrase";
-              "com.sun:auto-snapshot" = "true";
-            };
-            #keylocation = "file:///tmp/secret.key";
-          };
-          "root/home" = {
-            type = "zfs_fs";
-            mountpoint = "/home";
-          };
-        };
-      };
-    };
-  };
-}

2configs/fs/disko/single-disk-encrypted-zfs.nix

@@ -1,8 +1,13 @@
-{ disks ? [ "/dev/nvme0n1" ], ... }: 
+{ disks ? [ "/dev/nvme0n1" ], hostId, ... }: 
 let
   disk = builtins.elemAt disks 0;
 in {
+  boot.zfs.requestEncryptionCredentials = true;
   boot.supportedFilesystems = [ "zfs" ];
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.systemd-boot.enable = true;
+  networking.hostId = hostId;
+
   disko.devices = {
     disk = {
       nvme = {

flake.lock

@@ -169,8 +169,8 @@
         ]
       },
       "locked": {
-        "lastModified": 1686400260,
-        "narHash": "sha256-nW2GqH3yYZl5XRYHN4MpaaO4r01GNEMSPjklJmdIUic=",
+        "lastModified": 1686598920,
+        "narHash": "sha256-kLTqf7tiND/siBJUwOPfCQ02HVyOtxju47PNbeU5Ef4=",
         "path": "/home/makefu/stockholm-flakes",
         "type": "path"
       },

flake.nix

@@ -38,6 +38,7 @@
           (name: !lib.hasPrefix "." name)
           (lib.attrNames (builtins.readDir ./3modules))));
 
+    overlays.default = import ./5pkgs/default.nix;
     nixosConfigurations = lib.genAttrs ["x" "tsp" ] (host: nixpkgs.lib.nixosSystem rec {
       system = "x86_64-linux";
       specialArgs = {
@@ -45,7 +46,7 @@
         pkgs = import nixpkgs {
           inherit system;
           config.allowUnfree = true;
-          overlays = [(self: super: { stockholm.lib = stockholm.lib; })] ;
+          overlays = [(self: super: { inherit (self.writers) writeDash writeDashBin; stockholm.lib = stockholm.lib; }) self.overlays.default] ;
         };
       };
       modules = [