I see there are two efi partitions, is that in case one disk fails?
Yes, because the EFI partitions are out of the ZFS mirrored pool.
In that case, would you have to manually generate a new boot config with an edited
efiSysMountPoint?
Yes if /mnt/efiboot/efi1 is not available (underlying disk missing), but otherwise a copy of the EFI is done during the nixos rebuild by the cp -r /efiboot/efi1/* /efiboot/efi2 in boot.loaded.systemd-boot.extraInstallCommands.
AFAICS, in the case where it’s /mnt/efiboot/efi2 which is not available, a nixos rebuild would not fail, the failing mount and cp would just echo an error message (since that shell script is not using set -e).
However, using rm -rf /efiboot/efi2; cp -r /efiboot/efi1 /efiboot/efi2 would be cleaner.
Would it make sense to add a config specialisation for this contingency?
See Feature Request: boot.loader.systemd-boot.mirroredBoots · Issue #152155 · NixOS/nixpkgs · GitHub
and the (draft) PR: https://github.com/NixOS/nixpkgs/pull/246897 which is mainly calling systemd-boot-builder.py on each EFI mountpoint.
Related, I see further down you define
fileSystems."/efiboot/efi2", is there a reason why this one is mounted instead of the other one?
I guess that, in a non-degraded state, /efiboot/efi1 is found first and mounted by systemd-boot due to boot.loader.systemd-boot.efi.efiSysMountPoint = "/efiboot/efi1";
If that’s correct and if /efiboot/efi1 has a deterministic priority over /efiboot/efi2, it might work to skip defining fileSystems."/efiboot/efi1", but I would not bet on that. All mirrored EFI mountpoints are defined in the nixos test of the draft PR nixos/systemd-boot: Add mirroredBoots by Gerg-L · Pull Request #246897 · NixOS/nixpkgs · GitHub