magic_rb/dotfiles
1
0
Fork 0
mirror of https://git.sr.ht/~magic_rb/dotfiles synced 2024-11-26 18:16:13 +01:00
Code Issues Packages Projects Releases Wiki Activity
dotfiles/nixos/systems/omen/filesystems.nix
magic_rb c4dfdf5f47
Add second disk encrypted into omen 
Signed-off-by: magic_rb <magic_rb@redalder.org>
2024-05-04 21:45:44 +02:00

117 lines
2.7 KiB
Nix
Raw Blame History

{secret, ...}: let
nfsOptions = [
"noauto"
"X-mount.mkdir"
"x-systemd.device-timeout=10"
"timeo=14"
"soft"
"noatime"
"x-systemd.after=wireguard-wg0.target"
"x-systemd.wants=wireguard-wg0.target"
];
blowholeAddress = secret.network.ips.blowhole.dns or "";
in {
boot.zfs.requestEncryptionCredentials = [];
systemd.services.nix-daemon.environment.TMPDIR = "/nix/tmp";
boot.initrd.luks.devices."cryptroot-2" = {
device = "/dev/disk/by-uuid/48e4fe52-9785-42cb-adfc-16776492944e";
crypttabExtraOpts = [
"cipher=xchacha20\\,aes-adiantum-plain64"
];
};
fileSystems = {
"/" = {
device = "none";
fsType = "tmpfs";
options = ["defaults" "size=512M" "mode=755" "noexec"];
};
"/tmp" = {
device = "none";
fsType = "tmpfs";
options = ["defaults" "size=512M" "mode=755"];
};
"/nix/persist" = {
device = "omen-ssd/persist";
fsType = "zfs";
neededForBoot = true;
};
"/old/root" = {
device = "omen-ssd/local/root";
fsType = "zfs";
neededForBoot = true;
};
"/old/home" = {
device = "omen-ssd/safe/home";
fsType = "zfs";
neededForBoot = true;
};
"/nix" = {
device = "omen-ssd/local/nix";
fsType = "zfs";
};
"/home" = {
device = "omen-ssd/ephemeral/home";
fsType = "zfs";
neededForBoot = true;
};
"/root" = {
device = "omen-ssd/ephemeral/root";
fsType = "zfs";
neededForBoot = true;
};
"/nix/tmp" = {
device = "omen-ssd/ephemeral/nix-tmp";
fsType = "zfs";
neededForBoot = true;
};
"/boot/1" = {
device = "/dev/disk/by-uuid/14647e24-3421-4398-b30e-537de6472433";
fsType = "ext4";
};
"/boot/1/EFI" = {
device = "/dev/disk/by-uuid/C58B-3BF8";
fsType = "vfat";
};
"/boot/2" = {
device = "/dev/disk/by-uuid/7DB2-70BB";
fsType = "vfat";
};
"/var/secrets" = {
device = "omen-ssd/local/secrets";
fsType = "zfs";
};
"/mnt/net/kyle" = {
fsType = "nfs";
device = "${blowholeAddress}:/mnt/kyle";
options = nfsOptions;
};
"/mnt/net/cartman" = {
fsType = "nfs";
device = "${blowholeAddress}:/mnt/cartman";
options = nfsOptions;
};
"/mnt/net/stan" = {
fsType = "nfs";
device = "${blowholeAddress}:/mnt/stan";
options = nfsOptions;
};
"/mnt/net/getmail.d" = {
fsType = "nfs";
device = "${blowholeAddress}:/var/nfs/getmail/getmail.d";
options = nfsOptions;
};
"/mnt/net/mail-configuration" = {
fsType = "nfs";
device = "${blowholeAddress}:/var/nfs/mail-configuration";
options = nfsOptions;
};
};
}
Reference in a new issue View git blame Copy permalink