1e2e2bdd35
grep -- '- &' .sops.yaml | cut -d'&' -f2 | grep _host | sed 's/_host//' | xargs -n2 clan secrets machines add
for i in secrets/*.yaml; do host=$(basename $i .yaml); clan secrets import-sops $i --machine $host --user makefu --prefix ${host}-;done
for i in secrets/*.yaml; do host=$(basename $i .yaml) ;clan secrets groups add-machine common "$host";done
65 lines
1.4 KiB
Nix
65 lines
1.4 KiB
Nix
{ disks ? [ "/dev/sda" ], ... }: {
|
|
disk = {
|
|
x = {
|
|
type = "disk";
|
|
device = "/dev/sda";
|
|
content = {
|
|
type = "table";
|
|
format = "gpt";
|
|
partitions = [
|
|
{
|
|
name = "boot";
|
|
type = "partition";
|
|
start = "0";
|
|
end = "1M";
|
|
part-type = "primary";
|
|
flags = ["bios_grub"];
|
|
}
|
|
{
|
|
type = "partition";
|
|
name = "ESP";
|
|
start = "1M";
|
|
end = "512MiB";
|
|
fs-type = "fat32";
|
|
bootable = true;
|
|
content = {
|
|
type = "filesystem";
|
|
format = "vfat";
|
|
mountpoint = "/boot";
|
|
};
|
|
}
|
|
{
|
|
type = "partition";
|
|
name = "zfs";
|
|
start = "512MiB";
|
|
end = "100%";
|
|
content = {
|
|
type = "zfs";
|
|
pool = "zroot";
|
|
};
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
zpool = {
|
|
zroot = {
|
|
type = "zpool";
|
|
rootFsOptions.compression = "lz4";
|
|
mountpoint = "/";
|
|
|
|
datasets = {
|
|
home = {
|
|
zfs_type = "filesystem";
|
|
mountpoint = "/home";
|
|
options.mountpoint = "legacy";
|
|
};
|
|
reserved = {
|
|
zfs_type = "filesystem";
|
|
options.refreservation = "1G";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|