more zfs preparations

This commit is contained in:
Christoph Cullmann 2024-05-29 22:13:47 +02:00
parent fc4607ec20
commit 898cc97a9c
3 changed files with 30 additions and 88 deletions

29
README.md Normal file
View file

@ -0,0 +1,29 @@
# build unstable installer
{
description = "installation media";
inputs.nixos.url = "nixpkgs/nixos-unstable";
outputs = { self, nixos }: {
nixosConfigurations = {
exampleIso = nixos.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
];
};
};
};
}
git init
git add flake.nix
nix --extra-experimental-features flakes --extra-experimental-features nix-command build .#nixosConfigurations.exampleIso.config.system.build.isoImage
sudo dd if=result/iso/nixos-24.05.20240108.317484b-x86_64-linux.iso of=/dev/sda bs=4M conv=fsync
# good ZFS links
- https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/Root%20on%20ZFS.html
- https://carjorvaz.com/posts/installing-nixos-with-root-on-tmpfs-and-encrypted-zfs-on-a-netcup-vps/
- https://astrid.tech/2021/12/17/0/two-disk-encrypted-zfs/
- https://mzhang.io/posts/2022-05-09-installing-nixos-on-encrypted-zfs/

View file

@ -1,26 +1,3 @@
# build unstable installer
{
description = "installation media";
inputs.nixos.url = "nixpkgs/nixos-unstable";
outputs = { self, nixos }: {
nixosConfigurations = {
exampleIso = nixos.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix"
];
};
};
};
}
git init
git add flake.nix
nix --extra-experimental-features flakes --extra-experimental-features nix-command build .#nixosConfigurations.exampleIso.config.system.build.isoImage
sudo dd if=result/iso/nixos-24.05.20240108.317484b-x86_64-linux.iso of=/dev/sda bs=4M conv=fsync
#
# enable ssh for root
#

View file

@ -1,33 +1,3 @@
# build unstable installer
{
description = "installation media";
inputs.nixos.url = "nixpkgs/nixos-unstable";
outputs = { self, nixos }: {
nixosConfigurations = {
exampleIso = nixos.lib.nixosSystem {
system = "x86_64-linux";
modules = [
"${nixos}/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix"
];
};
};
};
}
git init
git add flake.nix
nix --extra-experimental-features flakes --extra-experimental-features nix-command build .#nixosConfigurations.exampleIso.config.system.build.isoImage
sudo dd if=result/iso/nixos-24.05.20240108.317484b-x86_64-linux.iso of=/dev/sda bs=4M conv=fsync
# good ZFS links
https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/Root%20on%20ZFS.html
https://carjorvaz.com/posts/installing-nixos-with-root-on-tmpfs-and-encrypted-zfs-on-a-netcup-vps/
https://astrid.tech/2021/12/17/0/two-disk-encrypted-zfs/
https://mzhang.io/posts/2022-05-09-installing-nixos-on-encrypted-zfs/
#
# enable ssh for root
#
@ -157,7 +127,7 @@ nixos-install --option experimental-features 'nix-command flakes' --no-root-pass
# unmount all stuff
umount -Rl /data /mnt
cryptsetup luksClose crypt-system
zpool export -a
# sync all /data after the install
@ -180,23 +150,6 @@ wipefs -a $DD
sleep 5
# create the crypto containers
cryptsetup luksFormat --batch-mode --verify-passphrase $DD
sleep 5
# open them, set right options persistently
cryptsetup luksOpen --allow-discards --perf-no_read_workqueue --perf-no_write_workqueue --persistent $DD crypt-vms
sleep 5
lsblk --fs
# create btrfs with fast & strong checksumming and fast mounting
mkfs.btrfs -f --csum xxhash --features block-group-tree /dev/mapper/crypt-vms
sleep 5
btrfs filesystem show
# create projects disk
DD=/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L
@ -205,20 +158,3 @@ blkdiscard -v $DD
wipefs -a $DD
sleep 5
# create the crypto containers
cryptsetup luksFormat --batch-mode --verify-passphrase $DD
sleep 5
# open them, set right options persistently
cryptsetup luksOpen --allow-discards --perf-no_read_workqueue --perf-no_write_workqueue --persistent $DD crypt-projects
sleep 5
lsblk --fs
# create btrfs with fast & strong checksumming and fast mounting
mkfs.btrfs -f --csum xxhash --features block-group-tree /dev/mapper/crypt-projects
sleep 5
btrfs filesystem show