Add disko config for server10, add glotzbert back, don't configure fileSystems
This commit is contained in:
parent
e9a4c3de11
commit
f89a5fb24e
|
@ -19,6 +19,13 @@
|
|||
systemd-boot.enable = true;
|
||||
};
|
||||
|
||||
disko.disks = [ {
|
||||
device = "/dev/disk/by-id/ata-SSD0240S00_20201124BC41037";
|
||||
name = "glotzbert";
|
||||
withCeph = false;
|
||||
withLuks = false;
|
||||
} ];
|
||||
|
||||
networking = {
|
||||
domain = "hq.c3d2.de";
|
||||
firewall = {
|
||||
|
|
|
@ -28,6 +28,14 @@
|
|||
};
|
||||
};
|
||||
|
||||
disko.disks = [ {
|
||||
device = "/dev/disk/by-id/ata-Samsung_SSD_860_EVO_1TB_S3Z9NB0M203733F";
|
||||
name = "server10";
|
||||
partitionTableFormat = "msdos";
|
||||
withBoot = true;
|
||||
withLuks = true;
|
||||
} ];
|
||||
|
||||
networking = {
|
||||
hostName = "server10";
|
||||
# TODO: change that to something more random
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.disko;
|
||||
cfg = config.disko.disks;
|
||||
in
|
||||
{
|
||||
options.disko.disks = lib.mkOption {
|
||||
|
@ -22,6 +22,12 @@ in
|
|||
description = "Name of the disk.";
|
||||
};
|
||||
|
||||
partitionTableFormat = lib.mkOption {
|
||||
type = lib.types.enum [ "gpt" "msdos" ];
|
||||
default = "gpt";
|
||||
description = "Which parition table format to use.";
|
||||
};
|
||||
|
||||
withBoot = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
|
@ -30,7 +36,7 @@ in
|
|||
|
||||
withCeph = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
default = false;
|
||||
description = "Wether to include a ceph partition.";
|
||||
};
|
||||
|
||||
|
@ -51,7 +57,7 @@ in
|
|||
};
|
||||
|
||||
config = {
|
||||
assertions = lib.mkIf (cfg.disks != [ ]) (lib.head (map
|
||||
assertions = lib.mkIf (cfg != [ ]) (lib.head (map
|
||||
(disk: [
|
||||
{
|
||||
assertion = disk.withCeph || disk.withZfs;
|
||||
|
@ -62,118 +68,122 @@ in
|
|||
message = "Ceph requires Luks!";
|
||||
}
|
||||
])
|
||||
cfg.disks));
|
||||
cfg));
|
||||
|
||||
disko.devices = lib.mkIf (cfg.disks != [ ]) (lib.head (map
|
||||
(disk:
|
||||
let
|
||||
diskName = if disk.name != "" then "-${disk.name}" else "";
|
||||
luksName = "crypt-${config.networking.hostName}${diskName}";
|
||||
zfs = {
|
||||
size = "100%FREE";
|
||||
content = {
|
||||
pool = zfsName;
|
||||
type = "zfs";
|
||||
};
|
||||
};
|
||||
zfsName = "${config.networking.hostName}${diskName}";
|
||||
in
|
||||
{
|
||||
disk.${disk.device} = {
|
||||
inherit (disk) device;
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "table";
|
||||
format = "gpt";
|
||||
partitions = lib.optional disk.withZfs {
|
||||
name = "ESP";
|
||||
start = "1MiB";
|
||||
end = "512MiB";
|
||||
bootable = true;
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
} ++ [
|
||||
{
|
||||
name = "root";
|
||||
start = if disk.withZfs then "512MiB" else "1MiB";
|
||||
end = "100%";
|
||||
part-type = "primary";
|
||||
content = lib.optionalAttrs disk.withLuks {
|
||||
type = "luks";
|
||||
name = luksName;
|
||||
# trim potential new lines to not have them in the password
|
||||
keyFile = "tr -d '\n' </$PWD/keyFile";
|
||||
inherit (zfs) content;
|
||||
} // lib.optionalAttrs (!disk.withLuks) zfs.content;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
} // {
|
||||
zpool.${zfsName} = {
|
||||
type = "zpool";
|
||||
# -O
|
||||
rootFsOptions = {
|
||||
acltype = "posixacl";
|
||||
compression = "zstd";
|
||||
dnodesize = "auto";
|
||||
normalization = "formD";
|
||||
xattr = "sa";
|
||||
};
|
||||
# -o
|
||||
options = {
|
||||
ashift = "12";
|
||||
autotrim = "on";
|
||||
};
|
||||
datasets =
|
||||
let
|
||||
dataset = mountpoint: {
|
||||
inherit mountpoint;
|
||||
options = {
|
||||
canmount = "on";
|
||||
inherit mountpoint;
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
|
||||
datasetNoMount = {
|
||||
mountpoint = null;
|
||||
options = {
|
||||
canmount = "off";
|
||||
mountpoint = "none";
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
in
|
||||
{
|
||||
"root" = dataset "/";
|
||||
"data" = datasetNoMount;
|
||||
# used by services.postgresqlBackup and later by restic
|
||||
"data/backup" = dataset "/var/backup";
|
||||
"data/etc" = dataset "/etc";
|
||||
"data/lib" = dataset "/var/lib";
|
||||
"home" = dataset "/home";
|
||||
"nix" = lib.recursiveUpdate (dataset "/nix") {
|
||||
options.atime = "off";
|
||||
};
|
||||
"nix/store" = dataset "/nix/store";
|
||||
"nix/var" = dataset "/nix/var";
|
||||
# zfs uses copy on write and requires some free space to delete files when the disk is completely filled
|
||||
"reserved" = lib.recursiveUpdate (dataset "reserved") {
|
||||
mountpoint = null;
|
||||
options = {
|
||||
canmount = "off";
|
||||
mountpoint = "none";
|
||||
reservation = "5GiB";
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
disko = {
|
||||
devices = lib.mkIf (cfg != [ ]) (lib.head (map
|
||||
(disk:
|
||||
let
|
||||
diskName = if disk.name != "" then "-${disk.name}" else "";
|
||||
luksName = "crypt-${config.networking.hostName}${diskName}";
|
||||
zfs = {
|
||||
size = "100%FREE";
|
||||
content = {
|
||||
pool = zfsName;
|
||||
type = "zfs";
|
||||
};
|
||||
};
|
||||
})
|
||||
cfg.disks));
|
||||
};
|
||||
zfsName = "${config.networking.hostName}${diskName}";
|
||||
in
|
||||
{
|
||||
disk.${disk.device} = {
|
||||
inherit (disk) device;
|
||||
type = "disk";
|
||||
content = {
|
||||
type = "table";
|
||||
format = disk.partitionTableFormat;
|
||||
partitions = lib.optional disk.withZfs {
|
||||
name = "ESP";
|
||||
start = "1MiB";
|
||||
end = "512MiB";
|
||||
bootable = true;
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
} ++ [
|
||||
{
|
||||
name = "root";
|
||||
start = if disk.withZfs then "512MiB" else "1MiB";
|
||||
end = "100%";
|
||||
part-type = "primary";
|
||||
content = lib.optionalAttrs disk.withLuks {
|
||||
type = "luks";
|
||||
name = luksName;
|
||||
askPassword = true;
|
||||
inherit (zfs) content;
|
||||
} // lib.optionalAttrs (!disk.withLuks) zfs.content;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
} // {
|
||||
zpool.${zfsName} = {
|
||||
type = "zpool";
|
||||
# -O
|
||||
rootFsOptions = {
|
||||
acltype = "posixacl";
|
||||
compression = "zstd";
|
||||
dnodesize = "auto";
|
||||
normalization = "formD";
|
||||
xattr = "sa";
|
||||
};
|
||||
# -o
|
||||
options = {
|
||||
ashift = "12";
|
||||
autotrim = "on";
|
||||
};
|
||||
datasets =
|
||||
let
|
||||
dataset = mountpoint: {
|
||||
inherit mountpoint;
|
||||
options = {
|
||||
canmount = "on";
|
||||
inherit mountpoint;
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
|
||||
datasetNoMount = {
|
||||
mountpoint = null;
|
||||
options = {
|
||||
canmount = "off";
|
||||
mountpoint = "none";
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
in
|
||||
{
|
||||
"root" = dataset "/";
|
||||
"data" = datasetNoMount;
|
||||
# used by services.postgresqlBackup and later by restic
|
||||
"data/backup" = dataset "/var/backup";
|
||||
"data/etc" = dataset "/etc";
|
||||
"data/lib" = dataset "/var/lib";
|
||||
"home" = dataset "/home";
|
||||
"nix" = lib.recursiveUpdate (dataset "/nix") {
|
||||
options.atime = "off";
|
||||
};
|
||||
"nix/store" = dataset "/nix/store";
|
||||
"nix/var" = dataset "/nix/var";
|
||||
# zfs uses copy on write and requires some free space to delete files when the disk is completely filled
|
||||
"reserved" = lib.recursiveUpdate (dataset "reserved") {
|
||||
mountpoint = null;
|
||||
options = {
|
||||
canmount = "off";
|
||||
mountpoint = "none";
|
||||
reservation = "5GiB";
|
||||
};
|
||||
type = "zfs_fs";
|
||||
};
|
||||
};
|
||||
};
|
||||
})
|
||||
cfg));
|
||||
|
||||
# we do not want changes to this module render machines unbootable
|
||||
enableConfig = false;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user