2019-10-24 02:20:38 +02:00
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
2019-12-20 05:54:26 +01:00
|
|
|
let mainUserHome = "/home/palo";
|
|
|
|
in {
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
# grub configuration
|
|
|
|
# ------------------
|
|
|
|
boot.loader.grub = {
|
2019-12-20 05:54:26 +01:00
|
|
|
device = "/dev/sda";
|
|
|
|
enable = true;
|
2019-10-24 02:20:38 +02:00
|
|
|
version = 2;
|
|
|
|
};
|
|
|
|
|
|
|
|
# lvm volume group
|
|
|
|
# ----------------
|
2019-12-20 05:54:26 +01:00
|
|
|
boot.initrd.luks.devices = [{
|
|
|
|
name = "vg";
|
|
|
|
device = "/dev/sda2";
|
|
|
|
preLVM = true;
|
|
|
|
}];
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
# NTFS support
|
|
|
|
# ------------
|
2019-12-20 05:54:26 +01:00
|
|
|
environment.systemPackages = [ pkgs.ntfs3g ];
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
# root
|
|
|
|
# ----
|
|
|
|
fileSystems."/" = {
|
|
|
|
options = [ "noatime" "nodiratime" "discard" ];
|
2019-12-20 05:54:26 +01:00
|
|
|
device = "/dev/vg/root";
|
|
|
|
fsType = "ext4";
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
# boot
|
|
|
|
# ----
|
|
|
|
fileSystems."/boot" = {
|
|
|
|
device = "/dev/sda1";
|
|
|
|
fsType = "ext4";
|
|
|
|
};
|
|
|
|
|
|
|
|
# home
|
|
|
|
# ----
|
|
|
|
fileSystems."/home" = {
|
2019-12-20 05:54:26 +01:00
|
|
|
options = [ "noatime" "nodiratime" ];
|
|
|
|
device = "/dev/mapper/decrypted_home";
|
|
|
|
fsType = "ext4";
|
2019-10-24 02:20:38 +02:00
|
|
|
encrypted = {
|
2019-12-20 05:54:26 +01:00
|
|
|
enable = true;
|
2019-10-24 02:20:38 +02:00
|
|
|
keyFile = "/mnt-root/root/keys/home.key";
|
2019-12-20 05:54:26 +01:00
|
|
|
label = "decrypted_home";
|
|
|
|
blkDev = "/dev/mapper/store-home";
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# var/lib/docker
|
|
|
|
# --------------
|
|
|
|
fileSystems."/var/lib/docker" = {
|
2019-12-20 05:54:26 +01:00
|
|
|
options = [ "noatime" "nodiratime" ];
|
|
|
|
device = "/dev/mapper/decrypted_docker";
|
|
|
|
fsType = "ext4";
|
2019-10-24 02:20:38 +02:00
|
|
|
encrypted = {
|
2019-12-20 05:54:26 +01:00
|
|
|
enable = true;
|
2019-10-24 02:20:38 +02:00
|
|
|
keyFile = "/mnt-root/root/keys/docker.key";
|
2019-12-20 05:54:26 +01:00
|
|
|
label = "decrypted_docker";
|
|
|
|
blkDev = "/dev/mapper/store-docker";
|
2019-10-24 02:20:38 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# automount
|
|
|
|
# ---------
|
|
|
|
fileSystems."/media" = {
|
|
|
|
device = "/dev/disk/by-uuid/f7fa1c0e-ac9f-4955-b4bd-644c1ddb0d89";
|
|
|
|
fsType = "ext4";
|
|
|
|
options = [
|
|
|
|
"nofail"
|
|
|
|
"noauto"
|
|
|
|
#"x-systemd.device-timeout=1ms"
|
|
|
|
];
|
|
|
|
};
|
2019-12-20 05:54:26 +01:00
|
|
|
systemd.mounts = [{
|
|
|
|
enable = true;
|
|
|
|
options = "nofail,noauto";
|
|
|
|
type = "ext4";
|
|
|
|
wantedBy = [ "multi-user.target" ];
|
|
|
|
what = "/dev/disk/by-uuid/f7fa1c0e-ac9f-4955-b4bd-644c1ddb0d89";
|
|
|
|
where = "/media";
|
|
|
|
}];
|
2019-10-24 02:20:38 +02:00
|
|
|
|
|
|
|
}
|
|
|
|
|