Disko apply config modifications to system

kagehisa · December 3, 2025, 12:38pm

Hello, I’m having a rather basic question regarding the usage of disko. I’m using a flake to generate my system configuration and use disko as an input for this flake. I deployed my system with nixos-anywhere and so far everything works fine. Now I would like to make a modifation to my disko configuration by adding a few new btrfs subvolumes.

I tried to do that by making the change to the disko configuration and run a nixos-rebuild switch with my flake as a parameter. But this resulted in an unbootable system. Do I need to redo the disko format step before running a nixos-rebuild after a disko config change or is there another procedure to apply changes made to the disko configuration?

Here is what my disko configuration looks like:

{
disko.devices =
{
disk =
  {
   main =
   {
    type = “disk”;
    device = “/dev/disk/by-id/ata-P3-256_0026720078258”;
    content =
    {
     type = “gpt”;
     partitions =
     {
      ESP =
      {
       label = “BOOT”;
       name = “ESP”;
       size = “512M”;
       type = “EF00”;
       content =
       {
        type = “filesystem”;
        format = “vfat”;
        mountpoint = “/boot”;
        mountOptions =
        [
         “defaults”
        ];
       };
      };
      luks =
      {
       end = “-5G”;
       label = “CRYPT”;
       content =
       {
        type = “luks”;
        name = “cryptroot”;
        passwordFile = “/tmp/disk.key”;
        settings =
        {
         crypttabExtraOpts = [ “fido2-device=auto” “token-timeout=10”];
         allowDiscards = true;
         bypassWorkqueues = true;
        };

# Use a postCreateHook to enroll the fido2 token
        postCreateHook = “systemd-cryptenroll --fido2-device=auto --fido2-credential-algorithm=eddsa --fido2-with-client-pin=no --fido2-with-user-presence=yes --fido2-with-user-verification=yes /dev/disk/by-partlabel/CRYPT”;
        content =
        {
         type = “btrfs”;
         extraArgs = [“-L” “NIXOS” “-f”];
         subvolumes =
         {
          “SYSTEM” = {};
          “SYSTEM/rootfs” =
          {
           mountpoint = “/”;
           mountOptions = [“compress=zstd” “noatime” “ssd”];
          };
          “SYSTEM/nix” =
          {
           mountpoint = “/nix”;
           mountOptions = [“compress=zstd” “noatime” “ssd”];
          };
          “SYSTEM/log” =
          {
           mountpoint = “/var/log”;
           mountOptions = [“compress=zstd” “noatime” “ssd”];
          };
          “DATA” = {};
          “DATA/home” =
          {
           mountpoint = “/home”;
           mountOptions = [“compress=zstd” “noatime” “ssd”];
          };
          “DATA/container” =
          {
           mountpoint = “/var/container”;
           mountOptions = [“compress=zstd” “noatime” “ssd”];
          };
         };
        };
       };
      };
      encryptedSwap =
      {
       label = “CRYPTSWAP”;
       size = “1000M”;
       content =
       {
        type = “swap”;
        randomEncryption = true;
        priority = 100; # prefer to encrypt as long as we have space for it
       };
      };
     };
    };
   };
  };
 };
 fileSystems.“/var/log”.neededForBoot = true;
}