2023-08-30 14:25:52 +02:00
|
|
|
{
|
|
|
|
|
config,
|
2024-03-27 17:24:35 +01:00
|
|
|
nodes,
|
2023-08-30 14:25:52 +02:00
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: {
|
|
|
|
|
disko.devices = {
|
|
|
|
|
disk = {
|
2024-03-02 16:09:11 +01:00
|
|
|
m2-ssd = rec {
|
2023-08-30 14:25:52 +02:00
|
|
|
type = "disk";
|
2023-08-30 20:18:26 +02:00
|
|
|
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.m2-ssd}";
|
2023-08-30 14:25:52 +02:00
|
|
|
content = with lib.disko.gpt; {
|
2024-03-02 16:09:11 +01:00
|
|
|
type = "gpt";
|
|
|
|
|
partitions = {
|
|
|
|
|
boot = (partEfi "0%" "2GiB") // {device = "${device}-part1";};
|
2024-03-27 14:07:33 +01:00
|
|
|
swap = (partSwap "2GiB" "18GiB") // {device = "${device}-part2";};
|
2024-03-02 16:09:11 +01:00
|
|
|
"rpool_m2-ssd" = (partLuksZfs "m2-ssd" "rpool" "18GiB" "100%") // {device = "${device}-part3";};
|
|
|
|
|
};
|
2023-08-30 14:25:52 +02:00
|
|
|
};
|
|
|
|
|
};
|
2024-03-02 16:09:11 +01:00
|
|
|
sata-hdd = rec {
|
2023-08-30 14:25:52 +02:00
|
|
|
type = "disk";
|
2023-08-30 20:18:26 +02:00
|
|
|
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.sata-hdd}";
|
2023-08-30 14:25:52 +02:00
|
|
|
content = with lib.disko.gpt; {
|
2024-03-02 16:09:11 +01:00
|
|
|
type = "gpt";
|
|
|
|
|
partitions = {
|
|
|
|
|
"panzer_sata-hdd" = (partLuksZfs "sata-hdd" "panzer" "0%" "100%") // {device = "${device}-part1";};
|
|
|
|
|
};
|
2023-08-30 14:25:52 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
zpool = with lib.disko.zfs; {
|
2024-01-11 15:41:03 +01:00
|
|
|
rpool = mkZpool {datasets = impermanenceZfsDatasets;};
|
|
|
|
|
panzer = mkZpool {
|
|
|
|
|
datasets = {
|
|
|
|
|
"local" = unmountable;
|
|
|
|
|
"local/state" = filesystem "/panzer/state";
|
2023-10-11 20:54:56 +02:00
|
|
|
};
|
2024-01-11 15:41:03 +01:00
|
|
|
};
|
2023-08-30 14:25:52 +02:00
|
|
|
};
|
|
|
|
|
};
|
2023-10-11 20:54:56 +02:00
|
|
|
fileSystems."/state".neededForBoot = true;
|
2023-11-02 23:44:21 +01:00
|
|
|
fileSystems."/persist".neededForBoot = true;
|
2023-10-11 20:54:56 +02:00
|
|
|
fileSystems."/panzer/state".neededForBoot = true;
|
2024-01-11 22:42:03 +01:00
|
|
|
boot.initrd.systemd.services."zfs-import-panzer".after = ["cryptsetup.target"];
|
2024-03-02 16:09:11 +01:00
|
|
|
boot.initrd.systemd.services."zfs-import-rpool".after = ["cryptsetup.target"];
|
2024-03-27 17:24:35 +01:00
|
|
|
|
|
|
|
|
wireguard.scrtiny-patrick.client.via = "elisabeth";
|
|
|
|
|
|
|
|
|
|
services.scrutiny = {
|
|
|
|
|
collector = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
|
|
|
|
host.id = "desktopnix";
|
|
|
|
|
api.endpoint = nodes.elisabeth.config.wireguard.scrtiny-patrick.ipv4;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-08-30 14:25:52 +02:00
|
|
|
}
|
