From 7c300eb385e471674dc1e93ec2305540916c0a96 Mon Sep 17 00:00:00 2001
From: ahtlon <atlan@ahtlon.de>
Date: Tue, 4 Mar 2025 17:53:34 +0100
Subject: [PATCH] Revert "[disko] Bit of a hack but the storage partition now
 gets mounted after zroot using a file on the disk."

This reverts commit 4a6768346293b827f3adff632499a71bb568eb73.
---
 machines/modules/disko/default.nix   | 6 +++---
 machines/modules/malobeo/initssh.nix | 2 ++
 machines/testvm/configuration.nix    | 2 +-
 scripts/remote-install-encrypt.sh    | 2 --
 4 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/machines/modules/disko/default.nix b/machines/modules/disko/default.nix
index 7911beba..e2b7e24e 100644
--- a/machines/modules/disko/default.nix
+++ b/machines/modules/disko/default.nix
@@ -187,7 +187,6 @@ in
               postCreateHook = lib.mkIf cfg.encryption ''
                 zfs set keylocation="prompt" zroot/encrypted;
               '';
-
             };
             "encrypted/root" = {
               type = "zfs_fs";
@@ -245,12 +244,13 @@ in
               };
               # use this to read the key during boot
               postCreateHook = lib.mkIf cfg.encryption ''
-                zfs set keylocation="file:///root/secret.key" storage/encrypted;
+                zfs set keylocation="prompt" storage/encrypted;
               '';
             };
             "encrypted/data" = {
               type = "zfs_fs";
               mountpoint = "/data";
+              options.mountpoint = "legacy";
             };
             "encrypted/data/microvms" = {
               type = "zfs_fs";
@@ -271,7 +271,7 @@ in
     };
 
     boot.zfs.devNodes = lib.mkDefault cfg.devNodes;
-    boot.zfs.extraPools = lib.mkIf cfg.storage.enable [ "storage" ];
+
     fileSystems."/".neededForBoot = true;
     fileSystems."/etc".neededForBoot = true;
     fileSystems."/boot".neededForBoot = true;
diff --git a/machines/modules/malobeo/initssh.nix b/machines/modules/malobeo/initssh.nix
index 6a68622c..8286084f 100644
--- a/machines/modules/malobeo/initssh.nix
+++ b/machines/modules/malobeo/initssh.nix
@@ -30,7 +30,9 @@ in
       loader.efi.canTouchEfiVariables = true;
       supportedFilesystems = [ "vfat" "zfs" ];
       zfs = {
+        forceImportAll = true;
         requestEncryptionCredentials = true;
+        
       };
       initrd = {
         availableKernelModules = cfg.ethernetDrivers;
diff --git a/machines/testvm/configuration.nix b/machines/testvm/configuration.nix
index 003a0178..b338fbca 100644
--- a/machines/testvm/configuration.nix
+++ b/machines/testvm/configuration.nix
@@ -24,7 +24,7 @@ in
 
   malobeo.disks = {
     enable = true;
-    encryption = true;
+    encryption = false;
     hostId = "83abc8cb";
     devNodes = "/dev/disk/by-path/";
     root = {
diff --git a/scripts/remote-install-encrypt.sh b/scripts/remote-install-encrypt.sh
index 4d24adcd..bd1de42d 100755
--- a/scripts/remote-install-encrypt.sh
+++ b/scripts/remote-install-encrypt.sh
@@ -40,11 +40,9 @@ trap cleanup EXIT
 
 # Create the directory where sshd expects to find the host keys
 install -d -m755 "$temp/etc/ssh/"
-install -d -m755 "$temp/root/"
 
 diskKey=$(sops -d $pwpath/disk.key)
 echo "$diskKey" > /tmp/secret.key
-echo "$diskKey" > $temp/root/secret.key
 
 sops -d "$pwpath/$hostkey" > "$temp/etc/ssh/$hostname"