janis/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

add disko

Browse source
This commit is contained in:
Janis 2025-07-20 14:38:34 +02:00
parent 37355dfaa4
commit 56c7c95d62
2 changed files with 80 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

78
config/btrfs-disko.nix Normal file
View file

@ -0,0 +1,78 @@
{
disko.devices = {
disk = {
nvme0n1 = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
label = "boot";
name = "ESP";
type = "EF00";
size = "512M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
label = "luks";
content = {
type = "luks";
name = "cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
# https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
settings = {crypttabExtraOpts = ["tpm2-device=auto" "token-timeout=10"];};
content = {
type = "btrfs";
extraArgs = ["-L" "nixos" "-f"];
subvolumes = {
"@root" = {
mountpoint = "/";
mountOptions = ["subvol=@root" "compress=zstd" "noatime"];
};
"@home" = {
mountpoint = "/home";
mountOptions = ["subvol=@home" "compress=zstd" "noatime"];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = ["subvol=@nix" "compress=zstd" "noatime"];
};
"@persist" = {
mountpoint = "/persist";
mountOptions = ["subvol=@persist" "compress=zstd" "noatime"];
};
"@log" = {
mountpoint = "/var/log";
mountOptions = ["subvol=@log" "compress=zstd" "noatime"];
};
"@snapshots" = {
};
"@swap" = {
mountpoint = "/swap";
swap.swapfile.size = "32G";
};
};
};
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = true;
fileSystems."/var/log".neededForBoot = true;
}

3
config/flake.nix
View file

@ -20,7 +20,7 @@
# inputs.nixpkgs.follows = "nixpkgs"; # Use the same nixpkgs as the system # inputs.nixpkgs.follows = "nixpkgs"; # Use the same nixpkgs as the system
# }; # };
}; };
outputs = inputs @ { self, nixpkgs, home-manager, ... }: outputs = inputs @ { self, disko, nixpkgs, home-manager, ... }:
let let
system = "x86_64-linux"; # Default system architecture system = "x86_64-linux"; # Default system architecture
in { in {
@ -33,6 +33,7 @@
modules = [ modules = [
./configuration.nix ./configuration.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
disko.nixosModules.disko
{ {
home-manager.useGlobalPkgs = true; # Use global packages in home-manager home-manager.useGlobalPkgs = true; # Use global packages in home-manager
home-manager.useUserPackages = true; # Use user packages in home-manager home-manager.useUserPackages = true; # Use user packages in home-manager