Encrypted root VM testing

2025-06-10 21:43:11 -05:00 · 2025-06-10 21:43:11 -05:00 · 4ebb7a41ff
commit 4ebb7a41ff
parent 4befc47285
6 changed files with 49 additions and 9 deletions
--- a/systems/vm-docker-host/vm-docker-host-base.nix
+++ b/systems/vm-docker-host/vm-docker-host-base.nix
@ -1,18 +1,18 @@
 { ... }: {
  imports = [
    # Core Features
-    ../features/base.nix
-    ../features/tui-apps.nix
-    ../features/openssh-server.nix
+    ../../features/base.nix
+    ../../features/tui-apps.nix
+    ../../features/openssh-server.nix

    # Core Tweaks
-    ../tweaks/zram.nix
-    ../tweaks/enable_flakes.nix
-    ../tweaks/disable_nixos_user.nix
-    ../tweaks/systemd-resolved_nonsense.nix
+    ../../tweaks/zram.nix
+    ../../tweaks/enable_flakes.nix
+    ../../tweaks/disable_nixos_user.nix
+    ../../tweaks/systemd-resolved_nonsense.nix

    # Lauren Base
-    ../users/lauren_lagarde/lauren_lagarde.nix
+    ../../users/lauren_lagarde/lauren_lagarde.nix

    # Dotspace
    ../../secrets/dotspace.nix
--- a/systems/vm-docker-host/vm-docker-host-luks.nix
+++ b/systems/vm-docker-host/vm-docker-host-luks.nix
@ -6,7 +6,11 @@
    ./vm-docker-host-base.nix

    # UEFI SSH LUKS
-    ../../features/initrd_ssh.nix
+    ../../features/initrd-ssh.nix
    ../../features/libvirt-uefi-guest.nix
+
+    ../../disko/libvirt/uefi-base.nix
+    ../../disko/libvirt/luks-lvm.nix
+    ../../disko/libvirt/lvm-ext4.nix
  ];
 }
--- a/systems/vm-docker-host/vm-docker-host-zfs.nix
+++ b/systems/vm-docker-host/vm-docker-host-zfs.nix
@ -0,0 +1,19 @@
+# git add *; tar -cavf /Parlor/Lauren/mlaga97-nixos.tar.zst ../mlaga97-nixos
+# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nix run 'github:nix-community/disko/latest#disko-install' -- --extra-files ./ssh_host_ed25519_key /root/secrets/initrd/ssh_host_ed25519_key --flake mlaga97-nixos#$TARGET_HOSTNAME --disk vda /dev/vda
+# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nixos-rebuild switch --flake mlaga97-nixos?submodules=1#$HOSTNAME
+{ ... }: {
+  imports = [
+    ./vm-docker-host-base.nix
+
+    # UEFI SSH ZFS
+    ../../tweaks/zfs.nix
+    ../../features/initrd-ssh.nix
+    ../../features/virtualization/libvirt-guest-uefi.nix
+
+    ../../disko/libvirt/uefi-zfs-base.nix
+    ../../disko/libvirt/zfs-mirror.nix
+    ../../disko/libvirt/zfs-encrypted.nix
+  ];
+
+  boot.supportedFilesystems = [ "zfs" ];
+}