73 lines
2 KiB
Nix
73 lines
2 KiB
Nix
{
|
|
config,
|
|
nodes,
|
|
lib,
|
|
...
|
|
}:
|
|
{
|
|
disko.devices = {
|
|
disk = {
|
|
m2-ssd = rec {
|
|
type = "disk";
|
|
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.m2-ssd}";
|
|
content = with lib.disko.gpt; {
|
|
type = "gpt";
|
|
partitions = {
|
|
boot = (partEfi "2GiB") // {
|
|
device = "${device}-part1";
|
|
};
|
|
swap = (partSwap "16G") // {
|
|
device = "${device}-part2";
|
|
};
|
|
rpool = (partLuksZfs "m2-ssd" "rpool" "100%") // {
|
|
device = "${device}-part3";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
sata-hdd = rec {
|
|
type = "disk";
|
|
device = "/dev/disk/by-id/${config.secrets.secrets.local.disko.sata-hdd}";
|
|
content = with lib.disko.gpt; {
|
|
type = "gpt";
|
|
partitions = {
|
|
panzer = (partLuksZfs "sata-hdd" "panzer" "100%") // {
|
|
device = "${device}-part1";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
zpool = with lib.disko.zfs; {
|
|
rpool = mkZpool { datasets = impermanenceZfsDatasets; };
|
|
panzer = mkZpool {
|
|
datasets = {
|
|
"local" = unmountable;
|
|
"local/state" = filesystem "/panzer/state";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
fileSystems."/state".neededForBoot = true;
|
|
fileSystems."/persist".neededForBoot = true;
|
|
fileSystems."/panzer/state".neededForBoot = true;
|
|
boot.initrd.systemd.services."zfs-import-panzer".after = [ "cryptsetup.target" ];
|
|
boot.initrd.systemd.services."zfs-import-rpool".after = [ "cryptsetup.target" ];
|
|
|
|
wireguard.scrtiny-patrick.client.via = "elisabeth";
|
|
|
|
services.scrutiny = {
|
|
collector = {
|
|
enable = true;
|
|
settings = {
|
|
host.id = "desktopnix";
|
|
api.endpoint = "http://${nodes.elisabeth.config.wireguard.scrtiny-patrick.ipv4}:8080";
|
|
};
|
|
};
|
|
};
|
|
systemIdentity = {
|
|
enable = true;
|
|
pcr15 = "dc9b7fa0d2a0ef5441bb8bfb7b2103b9f45f1143d87f69929c12cf7a3cc35ccf";
|
|
};
|
|
}
|