janis/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/new/hosts/laptop/disks.nix
Janis d3a3297d38 new config!
2025-07-21 00:40:07 +02:00

79 lines
2.5 KiB
Nix
Raw Blame History

{
disko.devices = {
disk = {
root = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
label = "boot";
name = "ESP";
type = "EF00";
size = "512M";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
label = "luks";
content = {
type = "luks";
name = "cryptroot";
extraOpenArgs = [
"--allow-discards"
"--perf-no_read_workqueue"
"--perf-no_write_workqueue"
];
# https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
settings = {crypttabExtraOpts = ["tpm2-device=auto" "token-timeout=10"];};
content = {
type = "btrfs";
extraArgs = ["-L" "nixos" "-f"];
subvolumes = {
"@root" = {
mountpoint = "/";
mountOptions = ["subvol=@root" "compress=zstd" "noatime"];
};
"@home" = {
mountpoint = "/home";
mountOptions = ["subvol=@home" "compress=zstd" "noatime"];
};
"@nix" = {
mountpoint = "/nix";
mountOptions = ["subvol=@nix" "compress=zstd" "noatime"];
};
"@persist" = {
mountpoint = "/persist";
mountOptions = ["subvol=@persist" "compress=zstd" "noatime"];
};
"@log" = {
mountpoint = "/var/log";
mountOptions = ["subvol=@log" "compress=zstd" "noatime"];
};
"@snapshots" = {
};
"@swap" = {
mountpoint = "/swap";
swap.swapfile.size = "32G";
};
};
};
};
};
};
};
};
};
};
fileSystems."/persist".neededForBoot = true;
fileSystems."/var/log".neededForBoot = true;
}
Reference in a new issue View git blame Copy permalink