From 4befc47285d532ddc0e6015dad492922e74fdc69 Mon Sep 17 00:00:00 2001 From: Lauren Lagarde Date: Tue, 10 Jun 2025 21:35:21 -0500 Subject: [PATCH] Improve disko snippets --- disko/libvirt/luks-lvm.nix | 13 +++++ disko/libvirt/lvm-ext4.nix | 16 ++++++ disko/libvirt/lvm.nix | 9 ++++ disko/libvirt/uefi-base.nix | 21 ++++++++ disko/libvirt/uefi-lvm-ext4.nix | 50 ------------------- ...fi-luks-lvm-ext4.nix => uefi-zfs-base.nix} | 49 ++++++++++-------- disko/libvirt/zfs-encrypted.nix | 13 +++++ disko/libvirt/zfs-mirror.nix | 33 ++++++++++++ 8 files changed, 132 insertions(+), 72 deletions(-) create mode 100644 disko/libvirt/luks-lvm.nix create mode 100644 disko/libvirt/lvm-ext4.nix create mode 100644 disko/libvirt/lvm.nix create mode 100644 disko/libvirt/uefi-base.nix delete mode 100644 disko/libvirt/uefi-lvm-ext4.nix rename disko/libvirt/{uefi-luks-lvm-ext4.nix => uefi-zfs-base.nix} (51%) create mode 100644 disko/libvirt/zfs-encrypted.nix create mode 100644 disko/libvirt/zfs-mirror.nix diff --git a/disko/libvirt/luks-lvm.nix b/disko/libvirt/luks-lvm.nix new file mode 100644 index 0000000..f13347e --- /dev/null +++ b/disko/libvirt/luks-lvm.nix @@ -0,0 +1,13 @@ +{ ... }: { + disko.devices.disk.vda.content.partitions.luks = { + size = "100%"; + content = { + type = "luks"; + name = "crypted"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + }; +} diff --git a/disko/libvirt/lvm-ext4.nix b/disko/libvirt/lvm-ext4.nix new file mode 100644 index 0000000..1bfc0c9 --- /dev/null +++ b/disko/libvirt/lvm-ext4.nix @@ -0,0 +1,16 @@ +{ ... }: { + disko.devices.lvm_vg.pool = { + type = "lvm_vg"; + lvs.root = { + size = "100%FREE"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + }; +} diff --git a/disko/libvirt/lvm.nix b/disko/libvirt/lvm.nix new file mode 100644 index 0000000..9cb402d --- /dev/null +++ b/disko/libvirt/lvm.nix @@ -0,0 +1,9 @@ +{ ... }: { + disko.devices.disk.vda.content.partitions.lvm = { + size = "100%"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; +} diff --git a/disko/libvirt/uefi-base.nix b/disko/libvirt/uefi-base.nix new file mode 100644 index 0000000..08f3102 --- /dev/null +++ b/disko/libvirt/uefi-base.nix @@ -0,0 +1,21 @@ +{ ... }: { + disko.devices.disk.vda = { + type = "disk"; + device = "/dev/vda"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + }; + }; + }; +} diff --git a/disko/libvirt/uefi-lvm-ext4.nix b/disko/libvirt/uefi-lvm-ext4.nix deleted file mode 100644 index 43b23ca..0000000 --- a/disko/libvirt/uefi-lvm-ext4.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ ... }: { - disko.devices = { - disk = { - vda = { - type = "disk"; - device = "/dev/vda"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - primary = { - size = "100%"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; - }; - }; - }; - }; - }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%FREE"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ - "defaults" - ]; - }; - }; - }; - }; - }; - }; -} diff --git a/disko/libvirt/uefi-luks-lvm-ext4.nix b/disko/libvirt/uefi-zfs-base.nix similarity index 51% rename from disko/libvirt/uefi-luks-lvm-ext4.nix rename to disko/libvirt/uefi-zfs-base.nix index b800e00..c78602f 100644 --- a/disko/libvirt/uefi-luks-lvm-ext4.nix +++ b/disko/libvirt/uefi-zfs-base.nix @@ -7,7 +7,7 @@ content = { type = "gpt"; partitions = { - boot = { + ESP = { size = "1G"; type = "EF00"; content = { @@ -17,35 +17,40 @@ mountOptions = [ "umask=0077" ]; }; }; - luks = { + zfs = { size = "100%"; content = { - type = "luks"; - name = "crypted"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; + type = "zfs"; + pool = "rpool"; }; }; }; }; }; }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100%FREE"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ - "defaults" - ]; - }; + zpool = { + rpool = { + type = "zpool"; + + options = { + ashift = "12"; + }; + + rootFsOptions = { + mountpoint = "none"; + compression = "zstd"; + acltype = "posixacl"; + xattr = "sa"; + canmount = "off"; + }; + + datasets = { + "root" = { + type = "zfs_fs"; + mountpoint = "/"; + postCreateHook = '' + zfs snapshot rpool/root@blank + ''; }; }; }; diff --git a/disko/libvirt/zfs-encrypted.nix b/disko/libvirt/zfs-encrypted.nix new file mode 100644 index 0000000..fcf18e4 --- /dev/null +++ b/disko/libvirt/zfs-encrypted.nix @@ -0,0 +1,13 @@ +{ ... }: { + disko.devices.zpool.rpool = { + rootFsOptions = { + encryption = "aes-256-gcm"; + keyformat = "passphrase"; + + keylocation = "prompt"; + }; + postCreateHook = '' + zfs set keylocation="prompt" rpool + ''; + }; +} diff --git a/disko/libvirt/zfs-mirror.nix b/disko/libvirt/zfs-mirror.nix new file mode 100644 index 0000000..8303af3 --- /dev/null +++ b/disko/libvirt/zfs-mirror.nix @@ -0,0 +1,33 @@ +# https://github.com/KornelJahn/nixos-disko-zfs-test/blob/main/hosts/testhost-disko.nix +{ ... }: { + disko.devices = { + disk.vdb = { + type = "disk"; + device = "/dev/vdb"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot1"; + mountOptions = [ "umask=0077" ]; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + }; + }; + + zpool.rpool.mode = "mirror"; + }; +}