dotfiles/nixos/systems/gooseberry/filesystems.nix

104 lines
2.4 KiB
Nix
Raw Normal View History

# SPDX-FileCopyrightText: 2022 Richard Brežák <richard@brezak.sk>
#
# SPDX-License-Identifier: LGPL-3.0-or-later
{lib, ...}: let
inherit
(lib)
singleton
;
in {
disko.devices = {
disk.boot = {
type = "disk";
device = "/dev/mmcblk0";
content = {
type = "table";
format = "msdos";
partitions = [
{
name = "boot";
start = "0";
end = "1023Mib";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "swap";
start = "1024MiB";
end = "2047MiB";
content = {
type = "swap";
randomEncryption = true;
};
}
{
name = "root";
start = "2048MiB";
end = "100%";
content = {
type = "filesystem";
format = "f2fs";
mountpoint = "/root-partition";
};
}
];
};
};
nodev."/" = {
fsType = "tmpfs";
mountOptions = ["defaults" "size=128M" "mode=755" "noexec"];
};
};
fileSystems = {
"/root-partition".neededForBoot = true;
"/nix" = {
device = "/root-partition/nix";
options = ["bind"];
neededForBoot = true;
};
"/home" = {
device = "/root-partition/home";
options = ["bind"];
neededForBoot = true;
};
"/var/lib/nixos" = {
device = "/root-partition/var/lib/nixos";
options = ["bind"];
};
"/var/log" = {
device = "/root-partition/var/log";
options = ["bind"];
};
"/var/secrets" = {
device = "/root-partition/var/secrets";
options = ["bind"];
};
};
systemd.tmpfiles.rules = [
"d /root-partition/etc/ssh - - - - -"
];
system.activationScripts = {
machine-id = ''
ln -sf /root-partition/etc/machine-id /etc/machine-id
'';
};
environment.etc."ssh/ssh_host_rsa_key".source = "/root-partition/etc/ssh/ssh_host_rsa_key";
environment.etc."ssh/ssh_host_rsa_key.pub".source = "/root-partition/etc/ssh/ssh_host_rsa_key.pub";
environment.etc."ssh/ssh_host_ed25519_key".source = "/root-partition/etc/ssh/ssh_host_ed25519_key";
environment.etc."ssh/ssh_host_ed25519_key.pub".source = "/root-partition/etc/ssh/ssh_host_ed25519_key.pub";
}