dotfiles/nixos/systems/altra/filesystems.nix
magic_rb 5a66d049ed
Persist acme dir on altra
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-03-30 23:09:16 +01:00

167 lines
4.1 KiB
Nix

{...}: {
disko.devices = {
disk.boot = {
type = "disk";
device = "/dev/sda";
content = {
type = "table";
format = "gpt";
partitions = [
{
name = "boot";
start = "0";
end = "1MiB";
part-type = "primary";
flags = ["bios_grub"];
}
{
name = "ESP";
start = "1MiB";
end = "513MiB";
bootable = true;
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}
{
name = "swap";
start = "513MiB";
end = "4609MiB";
content = {
type = "swap";
randomEncryption = true;
};
}
{
name = "altra-zpool";
start = "4609MiB";
end = "100%";
content = {
type = "zfs";
pool = "altra-zpool";
};
}
];
};
};
zpool.altra-zpool = {
type = "zpool";
rootFsOptions = {
compression = "zstd-2";
acltype = "posixacl";
xattr = "sa";
atime = "off";
};
datasets = {
"local" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"local/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options.mountpoint = "legacy";
};
"persist" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"persist/nomad" = {
type = "zfs_fs";
mountpoint = "/var/lib/nomad";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/consul" = {
type = "zfs_fs";
mountpoint = "/var/lib/consul";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/log" = {
type = "zfs_fs";
mountpoint = "/var/log";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/etc" = {
type = "zfs_fs";
mountpoint = "/nix/persist/etc";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/secret" = {
type = "zfs_fs";
mountpoint = "/var/secrets";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/var" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"persist/var/lib" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"persist/var/lib/nixos" = {
type = "zfs_fs";
mountpoint = "/var/lib/nixos";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
"persist/var/lib/acme.sh" = {
type = "zfs_fs";
mountpoint = "/var/lib/acme.sh";
options.mountpoint = "legacy";
mountOptions = ["defaults" "noexec"];
};
};
};
nodev = {
"/" = {
fsType = "tmpfs";
mountOptions = ["defaults" "size=512M" "mode=755" "noexec"];
};
"/tmp" = {
fsType = "tmpfs";
mountOptions = ["defaults" "size=1024M" "mode=755" "exec"];
};
};
};
fileSystems."/nix/persist/etc".neededForBoot = true;
systemd.tmpfiles.rules = [
"d /nix/persist/etc/ssh - - - - -"
];
system.activationScripts = {
machine-id = ''
ln -sf /nix/persist/etc/machine-id /etc/machine-id
'';
};
environment.etc."ssh/ssh_host_rsa_key".source = "/nix/persist/etc/ssh/ssh_host_rsa_key";
environment.etc."ssh/ssh_host_rsa_key.pub".source = "/nix/persist/etc/ssh/ssh_host_rsa_key.pub";
environment.etc."ssh/ssh_host_ed25519_key".source = "/nix/persist/etc/ssh/ssh_host_ed25519_key";
environment.etc."ssh/ssh_host_ed25519_key.pub".source = "/nix/persist/etc/ssh/ssh_host_ed25519_key.pub";
}