nixos-config/nixos/machines/orbi/hardware-configuration/disko-config.nix

# nix run github:nix-community/nixos-anywhere -- --copy-host-keys --disk-encryption-keys /run/secret.key /home/palo/orbi/run/secret.key --flake .#orbi root@95.216.66.212
{ config, lib, ... }:
let
  disks = [ "sda" "sdb" ];
in
{
  disko.devices = {
    disk =
      lib.genAttrs disks (disk: {
        type = "disk";
        device = "/dev/${disk}";
        content = {
          type = "gpt";
          partitions = {
            boot = {
              priority = 0;
              size = "1M";
              type = "EF02"; # for grub MBR
            };
            ESP = {
              priority = 1;
              size = "500M";
              type = "EF00";
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = if disk == "sda" then "/boot" else "/boot_${disk}";
                mountOptions = [ "defaults" ];
              };
            };
            root = {
              priority = 10;
              size = "500G";
              content = {
                type = "luks";
                name = "root_${disk}";
                # if you want to use the key for interactive login be sure there is no trailing newline
                # for example use `echo -n "password" > /run/secret.key`
                # for example use `pass show hetzner/orbi/master_password | head -c -1 > /run/secret.key`
                # or use nixos-anywhere --disk-encryption-keys /run/secret.key <local-path>
                passwordFile = "/run/secret.key";
                settings = {
                  allowDiscards = true;
                };
                content = {
                  type = "zfs";
                  pool = "zroot";
                };
              };
            };
            media = {
              priority = 50;
              size = "100%";
              content = {
                type = "luks";
                # if you want to use the key for interactive login be sure there is no trailing newline
                # for example use `echo -n "password" > /run/secret.key`
                # for example use `pass show hetzner/orbi/master_password | head -c -1 > /run/secret.key`
                # or use nixos-anywhere --disk-encryption-keys /run/secret.key <local-path>
                passwordFile = "/run/secret.key";
                settings = {
                  allowDiscards = true;
                };
                name = "media_${disk}";
                content = {
                  type = "zfs";
                  pool = "zmedia";
                };
              };
            };
          };
        };
      });


    zpool = {

      zroot = {
        type = "zpool";
        mode = "mirror";
        rootFsOptions = {
          mountpoint = "none";
          canmount = "off";
          compression = "lz4";
        };
        datasets = {
          "root" = {
            type = "zfs_fs";
            mountpoint = "/";
            options = {
              mountpoint = "legacy";
              compression = "lz4";
            };
          };
          "store" = {
            type = "zfs_fs";
            mountpoint = "/nix/store";
            options = {
              mountpoint = "legacy";
              compression = "lz4";
            };
          };
        };
      };

      # `zpool import -f zraid` once on the first boot and reboot
      zmedia = {
        type = "zpool";
        rootFsOptions = {
          mountpoint = "none";
          canmount = "off";
        };
        datasets = {
          "media" = {
            type = "zfs_fs";
            mountpoint = "/media";
            options = {
              mountpoint = "legacy";
              compression = "lz4";
              #"com.sun:auto-snapshot:daily" = false;
              #"com.sun:auto-snapshot:weekly" = false;
              #"com.sun:auto-snapshot:monthly" = false;
            };
          };
          # todo make sure this disk has some minimum space
          "nextcloud" = {
            type = "zfs_fs";
            mountpoint = "/var/lib/nextcloud";
            options = {
              mountpoint = "legacy";
              compression = "lz4";
              "com.sun:auto-snapshot:hourly" = toString true;
              "com.sun:auto-snapshot:daily" = toString true;
              #"com.sun:auto-snapshot:weekly" = false;
              #"com.sun:auto-snapshot:monthly" = false;
            };
          };
        };
      };

    };
  };

}
orbi works now 2024-03-02 21:19:12 +01:00			`# nix run github:nix-community/nixos-anywhere -- --copy-host-keys --disk-encryption-keys /run/secret.key /home/palo/orbi/run/secret.key --flake .#orbi root@95.216.66.212`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`{ config, lib, ... }:`
			`let`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`disks = [ "sda" "sdb" ];`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`in`
			`{`
			`disko.devices = {`
			`disk =`
			`lib.genAttrs disks (disk: {`
			`type = "disk";`
			`device = "/dev/${disk}";`
			`content = {`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`type = "gpt";`
			`partitions = {`
			`boot = {`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`priority = 0;`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`size = "1M";`
			`type = "EF02"; # for grub MBR`
			`};`
			`ESP = {`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`priority = 1;`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`size = "500M";`
			`type = "EF00";`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`content = {`
			`type = "filesystem";`
			`format = "vfat";`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`mountpoint = if disk == "sda" then "/boot" else "/boot_${disk}";`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`mountOptions = [ "defaults" ];`
			`};`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`};`
			`root = {`
working on orbi partition type. 2024-02-26 21:17:02 +01:00			`priority = 10;`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`size = "500G";`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`content = {`
Now it works like it should be with orbi 2024-02-29 00:32:48 +01:00			`type = "luks";`
			`name = "root_${disk}";`
orbi works now 2024-03-02 21:19:12 +01:00			`# if you want to use the key for interactive login be sure there is no trailing newline`
			# for example use `echo -n "password" > /run/secret.key`
			# for example use `pass show hetzner/orbi/master_password \| head -c -1 > /run/secret.key`
			`# or use nixos-anywhere --disk-encryption-keys /run/secret.key <local-path>`
			`passwordFile = "/run/secret.key";`
Now it works like it should be with orbi 2024-02-29 00:32:48 +01:00			`settings = {`
			`allowDiscards = true;`
			`};`
			`content = {`
			`type = "zfs";`
			`pool = "zroot";`
			`};`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`};`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`};`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`media = {`
			`priority = 50;`
			`size = "100%";`
			`content = {`
Now it works like it should be with orbi 2024-02-29 00:32:48 +01:00			`type = "luks";`
orbi works now 2024-03-02 21:19:12 +01:00			`# if you want to use the key for interactive login be sure there is no trailing newline`
			# for example use `echo -n "password" > /run/secret.key`
			# for example use `pass show hetzner/orbi/master_password \| head -c -1 > /run/secret.key`
			`# or use nixos-anywhere --disk-encryption-keys /run/secret.key <local-path>`
			`passwordFile = "/run/secret.key";`
Now it works like it should be with orbi 2024-02-29 00:32:48 +01:00			`settings = {`
			`allowDiscards = true;`
			`};`
			`name = "media_${disk}";`
			`content = {`
			`type = "zfs";`
			`pool = "zmedia";`
			`};`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`};`
			`};`
working on orbi partition type. 2024-02-26 09:44:59 +01:00			`};`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`};`
wip on orbi 2024-02-24 03:20:01 +01:00			`});`
update robi and started with orbi 2023-12-09 17:15:50 +01:00

			`zpool = {`

			`zroot = {`
			`type = "zpool";`
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`mode = "mirror";`
update robi and started with orbi 2023-12-09 17:15:50 +01:00			`rootFsOptions = {`
			`mountpoint = "none";`
			`canmount = "off";`
			`compression = "lz4";`
			`};`
			`datasets = {`
			`"root" = {`
			`type = "zfs_fs";`
			`mountpoint = "/";`
			`options = {`
			`mountpoint = "legacy";`
			`compression = "lz4";`
			`};`
			`};`
			`"store" = {`
			`type = "zfs_fs";`
			`mountpoint = "/nix/store";`
			`options = {`
			`mountpoint = "legacy";`
			`compression = "lz4";`
			`};`
			`};`
			`};`
			`};`

			# `zpool import -f zraid` once on the first boot and reboot
orbi works and steam is a component now 2024-02-28 23:17:23 +01:00			`zmedia = {`
			`type = "zpool";`
			`rootFsOptions = {`
			`mountpoint = "none";`
			`canmount = "off";`
			`};`
			`datasets = {`
			`"media" = {`
			`type = "zfs_fs";`
			`mountpoint = "/media";`
			`options = {`
			`mountpoint = "legacy";`
			`compression = "lz4";`
			`#"com.sun:auto-snapshot:daily" = false;`
			`#"com.sun:auto-snapshot:weekly" = false;`
			`#"com.sun:auto-snapshot:monthly" = false;`
			`};`
			`};`
			`# todo make sure this disk has some minimum space`
			`"nextcloud" = {`
			`type = "zfs_fs";`
			`mountpoint = "/var/lib/nextcloud";`
			`options = {`
			`mountpoint = "legacy";`
			`compression = "lz4";`
			`"com.sun:auto-snapshot:hourly" = toString true;`
			`"com.sun:auto-snapshot:daily" = toString true;`
			`#"com.sun:auto-snapshot:weekly" = false;`
			`#"com.sun:auto-snapshot:monthly" = false;`
			`};`
			`};`
			`};`
			`};`

update robi and started with orbi 2023-12-09 17:15:50 +01:00			`};`
			`};`

			`}`