diff --git a/neko/hardware-configuration.nix b/neko/hardware-configuration.nix index b99622b..f2d229c 100644 --- a/neko/hardware-configuration.nix +++ b/neko/hardware-configuration.nix @@ -24,10 +24,21 @@ fsType = "vfat"; }; + # system boot.initrd.luks.devices."crypt-system".device = "/dev/disk/by-uuid/2dc54953-958b-4c5a-8454-21c0b1d16222"; boot.initrd.luks.devices."crypt-system".allowDiscards = true; boot.initrd.luks.devices."crypt-system".bypassWorkqueues = true; + # projects + boot.initrd.luks.devices."crypt-projects".device = "/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L"; + boot.initrd.luks.devices."crypt-projects".allowDiscards = true; + boot.initrd.luks.devices."crypt-projects".bypassWorkqueues = true; + + # vms + boot.initrd.luks.devices."crypt-vms".device = "/dev/disk/by-id/nvme-CT2000P5PSSD8_213330E4ED05"; + boot.initrd.luks.devices."crypt-vms".allowDiscards = true; + boot.initrd.luks.devices."crypt-vms".bypassWorkqueues = true; + fileSystems."/nix" = { device = "/dev/mapper/crypt-system"; fsType = "btrfs"; @@ -58,6 +69,18 @@ options = [ "bind" ]; }; + fileSystems."/home/cullmann/projects" = + { device = "/dev/mapper/crypt-projects"; + fsType = "btrfs"; + options = [ "noatime" ]; + }; + + fileSystems."/home/cullmann/vms" = + { device = "/dev/mapper/crypt-vms"; + fsType = "btrfs"; + options = [ "noatime" ]; + }; + swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/neko/install.txt b/neko/install.txt index 414da14..755da88 100644 --- a/neko/install.txt +++ b/neko/install.txt @@ -91,5 +91,59 @@ rsync --checksum -vaR --delete /data /mnt nixos-install --no-root-passwd --root /mnt +# unmount all stuff + umount -Rl /mnt cryptsetup luksClose crypt-system + +# create projects disk + +DD=/dev/disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R846614L +sgdisk --zap-all $DD +blkdiscard -v $DD +wipefs -a $DD + +sleep 5 + +# create the crypto containers +cryptsetup luksFormat --batch-mode --verify-passphrase $DD + +sleep 5 + +# open them +cryptsetup luksOpen $DD crypt-projects + +sleep 5 +lsblk --fs + +# create btrfs with strong checksumming and fast mounting +mkfs.btrfs -f --csum blake2 --features block-group-tree /dev/mapper/crypt-projects + +sleep 5 +btrfs filesystem show + +# create vms disk + +DD=/dev/disk/by-id/nvme-CT2000P5PSSD8_213330E4ED05 +sgdisk --zap-all $DD +blkdiscard -v $DD +wipefs -a $DD + +sleep 5 + +# create the crypto containers +cryptsetup luksFormat --batch-mode --verify-passphrase $DD + +sleep 5 + +# open them +cryptsetup luksOpen $DD crypt-vms + +sleep 5 +lsblk --fs + +# create btrfs with strong checksumming and fast mounting +mkfs.btrfs -f --csum blake2 --features block-group-tree /dev/mapper/crypt-vms + +sleep 5 +btrfs filesystem show