cullmann/nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

more zfs

Browse source
This commit is contained in:
Christoph Cullmann 2024-05-30 11:18:56 +02:00
parent 166d4504c6
commit 41009b53cb
3 changed files with 51 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
common.nix
View file

@ -97,24 +97,6 @@ in
depends = [ "/data" ]; depends = [ "/data" ];
}; };
# keep some stuff persistent
environment.persistence."/nix/persistent" = {
hideMounts = true;
directories = [
# systemd timers
{ directory = "/var/lib/systemd/timers"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
# clamav database
{ directory = "/var/lib/clamav"; user = "clamav"; group = "clamav"; mode = "u=rwx,g=rx,o=rx"; }
# alsa state for persistent sound settings
{ directory = "/var/lib/alsa"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
];
files = [
"/etc/machine-id"
];
};
# enable fast dbus # enable fast dbus
services.dbus.implementation = "broker"; services.dbus.implementation = "broker";
@ -301,6 +283,7 @@ in
pciutils pciutils
pdftk pdftk
pulseaudio pulseaudio
pwgen
qmk qmk
ssh-audit ssh-audit
starship starship

18
neko/hardware-configuration.nix
View file

@ -19,26 +19,20 @@
fsType = "vfat"; fsType = "vfat";
neededForBoot = true; neededForBoot = true;
}; };
/*
# vms # vms
boot.initrd.luks.devices."crypt-vms".device = "/dev/disk/by-id/nvme-CT2000P5PSSD8_213330E4ED05";
fileSystems."/home/cullmann/vms" = fileSystems."/home/cullmann/vms" =
{ device = "/dev/mapper/crypt-vms"; { device = "vpool/vms";
fsType = "btrfs"; fsType = "zfs";
neededForBoot = true;
options = [ "noatime" "nodiratime" ];
depends = [ "/home" ]; depends = [ "/home" ];
}; };
# projects # projects
boot.initrd.luks.devices."crypt-projects".device = "/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L";
fileSystems."/home/cullmann/projects" = fileSystems."/home/cullmann/projects" =
{ device = "/dev/mapper/crypt-projects"; { device = "ppool/projects";
fsType = "btrfs"; fsType = "zfs";
neededForBoot = true;
options = [ "noatime" "nodiratime" ];
depends = [ "/home" ]; depends = [ "/home" ];
};*/ };
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

44
neko/install.txt
View file

@ -149,6 +149,28 @@ wipefs -a $DD
sleep 5 sleep 5
# ZFS zpool creation with encryption
zpool create \
-o ashift=12 \
-o autotrim=on \
-O acltype=posixacl \
-O atime=off \
-O canmount=off \
-O compression=on \
-O dnodesize=auto \
-O normalization=formD \
-O xattr=sa \
-O mountpoint=none \
-O encryption=on \
-O keylocation=file:///data/nixos/key-vms.secret \
-O keyformat=passphrase \
vpool $DD
sleep 5
# create all the volumes
zfs create -o mountpoint=legacy vpool/vms
# create projects disk # create projects disk
DD=/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L DD=/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L
@ -157,3 +179,25 @@ blkdiscard -v $DD
wipefs -a $DD wipefs -a $DD
sleep 5 sleep 5
# ZFS zpool creation with encryption
zpool create \
-o ashift=12 \
-o autotrim=on \
-O acltype=posixacl \
-O atime=off \
-O canmount=off \
-O compression=on \
-O dnodesize=auto \
-O normalization=formD \
-O xattr=sa \
-O mountpoint=none \
-O encryption=on \
-O keylocation=file:///data/nixos/key-projects.secret \
-O keyformat=passphrase \
ppool $DD
sleep 5
# create all the volumes
zfs create -o mountpoint=legacy ppool/projects