yaroslav
49 lines
1.1 KiB
Nix
49 lines
1.1 KiB
Nix
{...}:
|
|
{
|
|
boot.initrd.clevis = {
|
|
enable = true;
|
|
devices."luks-zroot".secretFile = ../../secrets/Ratchet/main.jwe;
|
|
devices."luks-swap".secretFile = ../../secrets/Ratchet/main.jwe;
|
|
};
|
|
|
|
boot.initrd.luks.devices = {
|
|
luks-zroot.device = "/dev/nvme0n1p2";
|
|
luks-swap.device = "/dev/nvme0n1p3";
|
|
};
|
|
|
|
boot.zfs.requestEncryptionCredentials = [ ];
|
|
|
|
swapDevices = [ { device = "/dev/mapper/luks-swap"; } ];
|
|
boot.kernel.sysctl."vm.swappiness" = 0;
|
|
|
|
fileSystems = {
|
|
"/" = {
|
|
device = "none";
|
|
fsType = "tmpfs";
|
|
options = ["defaults" "size=1G" "mode=755"];
|
|
};
|
|
"/nix" = {
|
|
device = "ratchet-zroot/system/nix";
|
|
fsType = "zfs";
|
|
};
|
|
"/home" = {
|
|
device = "ratchet-zroot/system/home";
|
|
fsType = "zfs";
|
|
};
|
|
"/boot" = {
|
|
device = "/dev/nvme0n1p1";
|
|
fsType = "vfat";
|
|
options = [ "fmask=0022" "dmask=0022" ];
|
|
};
|
|
"/home/yaroslav/tmp" = {
|
|
device = "none";
|
|
fsType = "tmpfs";
|
|
};
|
|
"/Volumes/Trash" = {
|
|
device = "aphelion:/Volumes/Trash";
|
|
options = ["x-mount.mkdir" "user" "rw" "noauto" ];
|
|
fsType = "nfs";
|
|
};
|
|
};
|
|
|
|
} |