nix-config/hosts/desktopnix/fs.nix

73 lines
2 KiB
Nix
Raw Normal View History

2023-08-30 14:25:52 +02:00
{
config,
2024-03-27 17:24:35 +01:00
nodes,
2023-08-30 14:25:52 +02:00
lib,
...
2024-07-26 22:12:48 +02:00
}:
{
2023-08-30 14:25:52 +02:00
disko.devices = {
disk = {
2024-03-02 16:09:11 +01:00
m2-ssd = rec {
2023-08-30 14:25:52 +02:00
type = "disk";
2023-08-30 20:18:26 +02:00
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.m2-ssd}";
2023-08-30 14:25:52 +02:00
content = with lib.disko.gpt; {
2024-03-02 16:09:11 +01:00
type = "gpt";
partitions = {
2024-07-26 22:12:48 +02:00
boot = (partEfi "2GiB") // {
device = "${device}-part1";
};
swap = (partSwap "16G") // {
device = "${device}-part2";
};
rpool = (partLuksZfs "m2-ssd" "rpool" "100%") // {
device = "${device}-part3";
};
2024-03-02 16:09:11 +01:00
};
2023-08-30 14:25:52 +02:00
};
};
2024-03-02 16:09:11 +01:00
sata-hdd = rec {
2023-08-30 14:25:52 +02:00
type = "disk";
2023-08-30 20:18:26 +02:00
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.sata-hdd}";
2023-08-30 14:25:52 +02:00
content = with lib.disko.gpt; {
2024-03-02 16:09:11 +01:00
type = "gpt";
partitions = {
2024-07-26 22:12:48 +02:00
panzer = (partLuksZfs "sata-hdd" "panzer" "100%") // {
device = "${device}-part1";
};
2024-03-02 16:09:11 +01:00
};
2023-08-30 14:25:52 +02:00
};
};
};
zpool = with lib.disko.zfs; {
2024-07-26 22:12:48 +02:00
rpool = mkZpool { datasets = impermanenceZfsDatasets; };
2024-01-11 15:41:03 +01:00
panzer = mkZpool {
datasets = {
"local" = unmountable;
"local/state" = filesystem "/panzer/state";
};
2024-01-11 15:41:03 +01:00
};
2023-08-30 14:25:52 +02:00
};
};
fileSystems."/state".neededForBoot = true;
fileSystems."/persist".neededForBoot = true;
fileSystems."/panzer/state".neededForBoot = true;
2024-07-26 22:12:48 +02:00
boot.initrd.systemd.services."zfs-import-panzer".after = [ "cryptsetup.target" ];
boot.initrd.systemd.services."zfs-import-rpool".after = [ "cryptsetup.target" ];
2024-03-27 17:24:35 +01:00
wireguard.scrtiny-patrick.client.via = "elisabeth";
services.scrutiny = {
collector = {
enable = true;
settings = {
host.id = "desktopnix";
2024-04-01 15:01:59 +02:00
api.endpoint = "http://${nodes.elisabeth.config.wireguard.scrtiny-patrick.ipv4}:8080";
2024-03-27 17:24:35 +01:00
};
};
};
2025-01-15 13:11:41 +01:00
systemIdentity = {
enable = true;
pcr15 = "dc9b7fa0d2a0ef5441bb8bfb7b2103b9f45f1143d87f69929c12cf7a3cc35ccf";
};
2023-08-30 14:25:52 +02:00
}