From d176a33b04e9c0254b42850255d2a864f22424e4 Mon Sep 17 00:00:00 2001 From: Soispha Date: Mon, 3 Jul 2023 15:04:48 +0200 Subject: Feat(system/disks): Add disko --- system/disks/default.nix | 65 +++++++++++++++++++++++++++++++++++++++++++ system/disks/impermanence.nix | 26 +++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 system/disks/default.nix create mode 100644 system/disks/impermanence.nix (limited to 'system/disks') diff --git a/system/disks/default.nix b/system/disks/default.nix new file mode 100644 index 0000000..b5e53e4 --- /dev/null +++ b/system/disks/default.nix @@ -0,0 +1,65 @@ +{ + config, + lib, + ... +}: +with lib; let + cfg = config.system.disks; + defaultMountOptions = ["compress-force=zstd:15"]; +in { + imports = [ ./impermanence.nix]; + + options.system.disks = { + disk = mkOption { + type = lib.types.path; + example = literalExpression "/dev/disk/by-id/ata-WDC_WD10SDRW-11A0XS0_WD-WXP2A901KJN5"; + description = lib.mdDoc "Path to the disk"; + }; + }; + + config = { + disko.devices = { + disk.main = { + device = cfg.disk; + content = { + type = "btrfs"; + extraArgs = ["-f" "--label nixos"]; # f: Override existing partitions + subvolumes = { + "nix" = { + mountpoint = "/nix"; + mountOptions = defaultMountOptions; + }; + "persistent-storage" = { + mountpoint = "/srv"; + mountOptions = defaultMountOptions; + }; + "persistent-storage@snapshots" = { + mountpoint = "/srv/.snapshots"; + mountOptions = defaultMountOptions; + }; + "boot" = { + mountpoint = "/boot"; + mountOptions = defaultMountOptions; + }; + }; + }; + }; + nodev = { + "/" = { + fsType = "tmpfs"; + mountOptions = ["defaults" "size=2G" "mode=755"]; + }; + }; + }; + fileSystems = { + "/srv" = { + neededForBoot = true; + }; + "/boot" = { + neededForBoot = true; + }; + }; + }; +} +# vim: ts=2 + diff --git a/system/disks/impermanence.nix b/system/disks/impermanence.nix new file mode 100644 index 0000000..32ad9f7 --- /dev/null +++ b/system/disks/impermanence.nix @@ -0,0 +1,26 @@ +{...}: { + environment.persistence."/srv" = { + hideMounts = true; + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/postgresql" + "/var/lib/acme" + { + directory = "/var/lib/nix-sync"; + user = "nix-sync"; + group = "nix-sync"; + mode = "0700"; + } + { + directory = "/var/lib/sshd"; + user = "root"; + group = "root"; + mode = "0755"; + } + ]; + files = [ + "/etc/machine-id" + ]; + }; +} -- cgit 1.4.1