disko framework config

This commit is contained in:
iFargle 2023-09-23 12:10:12 +09:00
parent 413c9866d2
commit 24b182d016
2 changed files with 69 additions and 74 deletions

View file

@ -29,14 +29,14 @@ git add keys/hosts/`hostname`.asc
git commit -am "Setup: `whoami`@`hostname`" git commit -am "Setup: `whoami`@`hostname`"
git push git push
# Fix gnupg permissions:
find ~/.gnupg -type f -exec chmod 600 {} \;
find ~/.gnupg -type d -exec chmod 700 {} \;
echo echo
echo echo
echo "Complete. Once '.sops.yaml' is updated, " echo "Complete. Once '.sops.yaml' is updated, "
echo "you may run 'update-secrets'" echo "you may run 'update-secrets'"
echo "and reboot." echo "and reboot."
# Update your .sops.yaml with this key
echo "Upd
popd popd

View file

@ -1,72 +1,67 @@
{ {
boot.loader.grub.device = "/dev/nvme0"; boot.loader.grub.device = "/dev/nvme0n1";
disko.devices = { boot.initrd.luks.devices."nvme0n1p2".device = "/dev/nvme0n1p2";
disk = { services.btrfs.autoScrub.enable = true;
nvme0 = { services.btrfs.autoScrub.interval = "weekly";
device = "/dev/nvme0";
content = { disko.devices.disk.nvme0 = {
type = "table"; device = "/dev/nvme0n1";
format = "gpt"; content = {
partitions = [ type = "table";
{ format = "gpt";
name = "BOOT"; partitions = [
start = "0%"; {
end = "550MiB"; name = "BOOT";
bootable = true; start = "0%";
flags = [ "esp" ]; end = "550MiB";
fs-type = "fat32"; bootable = true;
content = { flags = [ "esp" ];
type = "filesystem"; fs-type = "fat32";
format = "vfat"; content = {
mountpoint = "/boot"; type = "filesystem";
}; format = "vfat";
} # partition 1 mountpoint = "/boot";
{ };
name = "SWAP"; } # partition 1 (ESP)
start = "550 MiB"; {
end = "120GiB"; name = "LUKS";
content = { start = "550MiB";
type = "luks"; end = "-64GiB";
name = "LUKS-SWAP"; content = {
extraOpenArgs = [ "--allow-discards" ]; type = "luks";
settings.keyFile = ""; name = "ROOT";
content = { extraOpenArgs = [ "--allow-discards" ];
type = "swap"; content = {
}; type = "btrfs";
}; extraArgs = [ "-f" ];
} # partition 2 subvolumes = {
{ "/root" = {
name = "ROOT"; mountpoint = "/";
start = "120GiB"; mountOptions = [ "compress=zstd" "noatime" ];
end = "100%"; }; # root
content = { "/home" = {
type = "luks"; mountpoint = "/home";
name = "LUKS-ROOT"; mountOptions = [ "compress=zstd" "noatime" ];
extraOpenArgs = [ "--allow-discards" ]; }; # home
settings.keyFile = "/tmp/secret.key"; "/nix" = {
content = { mountpoint = "/nix";
type = "btrfs"; mountOptions = [ "compress=zstd" "noatime" ];
extraArgs = [ "-f" ]; }; # nix
subvolumes = { }; # subvolumes
"/root" = { }; # content.content
mountpoint = "/"; }; # content
mountOptions = [ "compress=zstd" "noatime" ]; } # partition 2 (/ BTRFS)
}; # root {
"/home" = { name = "SWAP";
mountpoint = "/home"; start = "-64GiB";
mountOptions = [ "compress=zstd" "noatime" ]; end = "100%";
}; # home content = {
"/nix" = { type = "swap";
mountpoint = "/nix"; randomEncryption = true;
mountOptions = [ "compress=zstd" "noatime" ]; resumeDevice = true; # resume from hiberation from this device
}; # nix };
}; # subvolumes } # partition 3 (SWAP)
}; # content.content ]; # partitions
}; # content }; # content
} # partition 3 }; # disko.devices.disk.sda
]; # partitions
}; # content
}; # sda
}; # disk
}; # disko.devices
} # root } # root