machine/thinkman: fix offline disko config

2025-05-24 09:54:40 +02:00 · 2023-11-04 01:55:26 +01:00 · 2023-11-04 01:55:26 +01:00 · 90ed67b7d9
commit 90ed67b7d9
parent 06937b156b
2 changed files with 59 additions and 61 deletions
--- a/machines/thinkman/configuration.nix
+++ b/machines/thinkman/configuration.nix
@ -7,14 +7,11 @@
    ./profiles.nix
    ./services.nix
    ./system.nix
    ./disko-config.nix
  ];
  networking.hostName = "thinkman";
  disko.devices = import ./disko-config.nix {
    disks = [ "/dev/disk/by-id/nvme-eui.0025385b01410682" ];
  };
  sops = {
    defaultSopsFile = ./secrets.yaml;
    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
--- a/machines/thinkman/disko-config.nix
+++ b/machines/thinkman/disko-config.nix
@ -1,71 +1,72 @@
 { disks ? [ "/dev/nvme0" ], ... }:
 {
-  disk = {
+  disko.devices = {
-    vdb = {
+    disk = {
-      type = "disk";
+      vdb = {
-      device = builtins.head disks;
+        type = "disk";
-      content = {
+        device = "/dev/disk/by-id/nvme-eui.0025385b01410682";
-        type = "gpt";
+        content = {
-        partitions = {
+          type = "gpt";
-          boot = {
+          partitions = {
-            size = "1M";
+            boot = {
-            type = "EF02"; # for grub MBR
+              size = "1M";
-          };
+              type = "EF02"; # for grub MBR
          ESP = {
            size = "512M";
            type = "EF00";
            content = {
              type = "filesystem";
              format = "vfat";
              mountpoint = "/boot";
              mountOptions = [
                "defaults"
              ];
            };
-          };
+            ESP = {
-          luks = {
+              size = "512M";
-            size = "100%";
+              type = "EF00";
            content = {
              type = "luks";
              name = "encrypted";
              extraOpenArgs = [ "--allow-discards" ];
              passwordFile = "/tmp/disk.key";
              content = {
-                type = "lvm_pv";
+                type = "filesystem";
-                vg = "pool";
+                format = "vfat";
                mountpoint = "/boot";
                mountOptions = [
                  "defaults"
                ];
              };
            };
            luks = {
              size = "100%";
              content = {
                type = "luks";
                name = "encrypted";
                extraOpenArgs = [ "--allow-discards" ];
                passwordFile = "/tmp/disk.key";
                content = {
                  type = "lvm_pv";
                  vg = "pool";
                };
              };
            };
          };
        };
      };
    };
-  };
+    lvm_vg = {
-  lvm_vg = {
+      pool = {
-    pool = {
+        type = "lvm_vg";
-      type = "lvm_vg";
+        lvs = {
-      lvs = {
+          root = {
-        root = {
+            size = "100G";
-          size = "100G";
+            content = {
-          content = {
+              type = "filesystem";
-            type = "filesystem";
+              format = "ext4";
-            format = "ext4";
+              mountpoint = "/";
-            mountpoint = "/";
+            };
          };
-        };
+          home = {
-        home = {
+            size = "450G";
-          size = "450G";
+            content = {
-          content = {
+              type = "filesystem";
-            type = "filesystem";
+              format = "ext4";
-            format = "ext4";
+              mountpoint = "/home";
-            mountpoint = "/home";
+            };
          };
-        };
+          swap = {
-        swap = {
+            size = "32G";
-          size = "32G";
+            content = {
-          content = {
+              type = "swap";
-            type = "swap";
+              randomEncryption = true;
-            randomEncryption = true;
+              resumeDevice = true;
-            resumeDevice = true;
+            };
          };
        };
      };