Hi
I’m currently using grub, could I use systemd-boot instead?
- mirror works: unplugged 1 disks and everything keeps working
- Some systems are luks encrypted zfs, others are unencrypted
- Remote unlocking luks
my disko
{ disks
, swapInGB
, luks
, zfs_ashift
, zfs_refreservationInGB
, lib
, ...
}:
let
single = (lib.length disks == 1);
in
{
disko.devices = {
disk = lib.genAttrs disks
(device:
let
# NOTE: disk name should not be too long: https://github.com/nix-community/disko/issues/389
# /dev/disk/by-id/ata-SanDisk_SD8SMAT-032G-1006_1234564084256
n1 = lib.removePrefix "_" (builtins.replaceStrings [ "/" ] [ "_" ] (builtins.baseNameOf device));
n2 = (lib.concatStrings [ "abcdefg" n1 ]); # Make it long enough if someone would use /dev/sda instead of by-id
stringLength = builtins.stringLength n2;
idLength = 6;
idex1 = builtins.sub stringLength idLength;
n3 = builtins.substring idex1 stringLength n2; # 4084256
shortMain = (lib.concatStrings [ "main" n3 ]); # main4084256
shortCrypt = (lib.concatStrings [ "crypted" n3 ]); # crypted4084256
dindex = lib.lists.findFirstIndex (d: d == device) null disks;
in
{
inherit device;
type = "disk";
name = shortMain;
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for grub MBR
};
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
} // lib.optionalAttrs single {
mountpoint = "/boot";
} // lib.optionalAttrs (!single) {
mountpoint = "/boot${toString dindex}";
# We want to still be able to boot without one of these
mountOptions = [ "nofail" ];
};
};
} // lib.optionalAttrs (swapInGB > 0) {
SWAP = {
size = (lib.concatStrings [ (builtins.toString swapInGB) "G" ]);
content = {
type = "swap";
randomEncryption = true;
resumeDevice = true; # Resume from hiberation from this device
};
};
} // lib.optionalAttrs (!luks) {
ZFS = {
size = "100%";
content = {
type = "zfs";
pool = "rpool";
};
};
} // lib.optionalAttrs luks {
luks = {
size = "100%";
content = {
type = "luks";
name = shortCrypt;
content = {
type = "zfs";
pool = "rpool";
};
};
};
};
};
});
zpool.rpool = {
type = "zpool";
mode = lib.mkIf (!single) "mirror";
options = {
ashift = (builtins.toString zfs_ashift);
# Auto trimming could maybe be bad for my SSDs. Will instead have the OS do `zpool trim` on a schedule.
# autotrim = "on";
listsnapshots = "on";
};
rootFsOptions = {
# This is more or less required for certain things to not break, for systemd-journald posixacls are required
acltype = "posixacl";
canmount = "off";
# zstd is slower but compresses more than lz4
compression = "lz4";
dnodesize = "auto";
mountpoint = "none";
normalization = "formD";
atime = "on";
relatime = "on";
# To improve performance of certain extended attributes
xattr = "sa";
"com.sun:auto-snapshot" = "false";
};
postCreateHook = ''
zfs snapshot -r rpool@blank
# zfs set keylocation="prompt" "rpool";
'';
datasets = {
# Static reservation so the pool will never be 100% full.
#
# If a pool fills up completely, delete this & reclaim space; don't
# forget to re-create it afterwards!
"reserved" = {
type = "zfs_fs";
options.canmount = "off";
options.mountpoint = "none";
options.refreservation = (lib.concatStrings [ (builtins.toString zfs_refreservationInGB) "G" ]);
options.primarycache = "none";
options.secondarycache = "none";
};
## Root system container
"nixos" = {
type = "zfs_fs";
options.mountpoint = "none";
};
## Ephemeral datasets
"nixos/local" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"nixos/local/root" = {
type = "zfs_fs";
mountpoint = "/";
options.mountpoint = "legacy";
# options.mountpoint = "/";
# postCreateHook = "zfs snapshot rpool/nixos/local/root@blank";
};
"nixos/local/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
options.mountpoint = "legacy";
# options.mountpoint = "/nix";
# Disable writing access time, disables if a file's access time is updated when the file is read. This can result in significant performance gains, but might confuse some software like mailers.
options.atime = "off";
options.relatime = "off";
};
"nixos/local/cache" = {
type = "zfs_fs";
mountpoint = "/cache";
options.mountpoint = "legacy";
# options.mountpoint = "/cache";
};
## Persistent datasets
"nixos/safe" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"nixos/safe/home" = {
type = "zfs_fs";
mountpoint = "/home";
options.mountpoint = "legacy";
# options.mountpoint = "/home";
options."com.sun:auto-snapshot" = "true";
};
"nixos/safe/persist" = {
type = "zfs_fs";
mountpoint = "/persist";
options.mountpoint = "legacy";
# options.mountpoint = "/persist";
options."com.sun:auto-snapshot" = "true";
};
};
};
};
}