From f7f7dee1905e0b096c2f145aa79f373e7448f7fd Mon Sep 17 00:00:00 2001 From: osbm Date: Sun, 19 Oct 2025 21:31:09 +0300 Subject: [PATCH] fix --- hosts/nixos/apollo/configuration.nix | 47 +++---- hosts/nixos/apollo/hardware-configuration.nix | 125 +----------------- modules/nixos/options.nix | 12 ++ 3 files changed, 39 insertions(+), 145 deletions(-) diff --git a/hosts/nixos/apollo/configuration.nix b/hosts/nixos/apollo/configuration.nix index 0a21669..aa70bd3 100644 --- a/hosts/nixos/apollo/configuration.nix +++ b/hosts/nixos/apollo/configuration.nix @@ -7,7 +7,6 @@ imports = [ ./hardware-configuration.nix ../../../modules/nixos - inputs.disko.nixosModules.disko inputs.impermanence.nixosModules.impermanence ]; @@ -32,34 +31,36 @@ sound.enable = false; hibernation.enable = false; - # Disable disko module since we have manual disko config in hardware-configuration.nix - disko.enable = false; + disko = { + enable = true; + fileSystem = "zfs"; + systemd-boot = true; + + initrd-ssh = { + enable = true; + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPfnV+qqUCJf92npNW4Jy0hIiepCJFBDJHXBHnUlNX0k" + ]; + ethernetDrivers = [ "virtio_pci" ]; + }; + + zfs = { + enable = true; + hostID = "0f7de22e"; + root = { + useTmpfs = false; # Use ZFS root, not tmpfs + encrypt = true; + disk1 = "vda"; + impermanenceRoot = true; # Wipe root on boot with ZFS snapshots + }; + }; + }; }; }; i18n.inputMethod.enable = lib.mkForce false; system.stateVersion = "25.11"; networking.hostName = "apollo"; - networking.hostId = "0f7de22e"; # Required for ZFS - - # ZFS configuration - boot.zfs.requestEncryptionCredentials = true; - - # Initrd SSH for remote unlocking - boot.initrd.network.enable = true; - boot.initrd.availableKernelModules = [ "virtio_pci" ]; - boot.initrd.network.ssh = { - enable = true; - port = 22; - shell = "/bin/cryptsetup-askpass"; - authorizedKeys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPfnV+qqUCJf92npNW4Jy0hIiepCJFBDJHXBHnUlNX0k" - ]; - hostKeys = [ "/etc/ssh/initrd" ]; - }; - boot.initrd.secrets = { - "/etc/ssh/initrd" = "/etc/ssh/initrd"; - }; # Enable zram swap zramSwap.enable = true; diff --git a/hosts/nixos/apollo/hardware-configuration.nix b/hosts/nixos/apollo/hardware-configuration.nix index 9d1bb02..5c9e404 100644 --- a/hosts/nixos/apollo/hardware-configuration.nix +++ b/hosts/nixos/apollo/hardware-configuration.nix @@ -1,127 +1,8 @@ { config, lib, ... }: { - disko.devices = { - disk = { - main = { - device = "/dev/vda"; # Change this to match your actual disk - type = "disk"; - content = { - type = "gpt"; - partitions = { - ESP = { - priority = 1; - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "umask=0077" ]; - }; - }; - zfs = { - size = "100%"; - content = { - type = "zfs"; - pool = "rpool"; - }; - }; - }; - }; - }; - }; - zpool = { - rpool = { - type = "zpool"; - options = { - ashift = "12"; - autotrim = "on"; - }; - rootFsOptions = { - acltype = "posixacl"; - atime = "off"; - canmount = "off"; - compression = "zstd"; - dnodesize = "auto"; - normalization = "formD"; - xattr = "sa"; - mountpoint = "none"; - encryption = "on"; - keylocation = "prompt"; - keyformat = "passphrase"; - }; - datasets = { - # Reserved space to prevent pool from becoming full - "local/reserved" = { - type = "zfs_fs"; - options = { - refreservation = "1G"; - mountpoint = "none"; - }; - }; - # Nix store - "local/nix" = { - type = "zfs_fs"; - mountpoint = "/nix"; - options.mountpoint = "/nix"; - }; - # Persistent data - "safe/persist" = { - type = "zfs_fs"; - mountpoint = "/persist"; - options = { - mountpoint = "/persist"; - }; - postCreateHook = "zfs snapshot rpool/safe/persist@empty"; - }; - }; - }; - }; - nodev = { - "/" = { - fsType = "tmpfs"; - mountOptions = [ - "defaults" - "size=2G" - "mode=755" - ]; - }; - }; - }; - - # ZFS-specific boot configuration - boot.supportedFilesystems = [ "zfs" ]; + # Disko configuration is now managed by osbmModules.hardware.disko + # All disk configuration moved to configuration.nix - # Bootloader configuration - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - # Required for ZFS nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - - # Mark /persist as needed for boot (required by impermanence) -fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - options = [ "defaults" "size=2G" "mode=755" ]; -}; - -fileSystems."/boot" = { - device = "/dev/disk/by-partlabel/disk-main-ESP"; - fsType = "vfat"; -}; - -fileSystems."/nix" = { - device = "rpool/local/nix"; - fsType = "zfs"; - options = [ "zfsutil" ]; -}; - -fileSystems."/persist" = { - device = "rpool/safe/persist"; - fsType = "zfs"; - options = [ "zfsutil" ]; - neededForBoot = true; -}; - -} \ No newline at end of file +} diff --git a/modules/nixos/options.nix b/modules/nixos/options.nix index d5db454..d14da81 100644 --- a/modules/nixos/options.nix +++ b/modules/nixos/options.nix @@ -233,6 +233,18 @@ }; root = { + useTmpfs = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Use tmpfs for root instead of ZFS (with ZFS datasets for /nix and /persist)"; + }; + + tmpfsSize = lib.mkOption { + type = lib.types.str; + default = "2G"; + description = "Size of tmpfs root filesystem"; + }; + encrypt = lib.mkOption { type = lib.types.bool; default = true;