init now automaticly imports all pools

2024-12-31 13:33:24 +01:00
parent 8c488d50a8
commit 9f81b1497d
3 changed files with 27 additions and 14 deletions
--- a/machines/modules/disko/default.nix
+++ b/machines/modules/disko/default.nix
@@ -176,7 +176,7 @@ in
                mountpoint = "none";
                encryption = "aes-256-gcm";
                keyformat = "passphrase";
-                keylocation = "file:///tmp/root.key";
+                keylocation = "file:///tmp/secret.key";
              };
              # use this to read the key during boot
              postCreateHook = ''
@@ -186,22 +186,27 @@ in
            "encrypted/root" = {
              type = "zfs_fs";
              mountpoint = "/";
+              options.mountpoint = "legacy";
            };
            "encrypted/var" = {
              type = "zfs_fs";
              mountpoint = "/var";
+              options.mountpoint = "legacy";
            };
            "encrypted/etc" = {
              type = "zfs_fs";
              mountpoint = "/etc";
+              options.mountpoint = "legacy";
            };
            "encrypted/home" = {
              type = "zfs_fs";
              mountpoint = "/home";
+              options.mountpoint = "legacy";
            };
            "encrypted/nix" = {
              type = "zfs_fs";
              mountpoint = "/nix";
+              options.mountpoint = "legacy";
            };
            reserved = {
              # for cow delete if pool is full
@@ -230,7 +235,7 @@ in
                mountpoint = "none";
                encryption = "aes-256-gcm";
                keyformat = "passphrase";
-                keylocation = "file:///tmp/storage.key";
+                keylocation = "file:///tmp/secret.key";
              };
              # use this to read the key during boot
              postCreateHook = ''
@@ -240,6 +245,7 @@ in
            "encrypted/data" = {
              type = "zfs_fs";
              mountpoint = "/data";
+              options.mountpoint = "legacy";
            };
            reserved = {
              # for cow delete if pool is full
@@ -255,11 +261,14 @@ in
      };
    };

+    boot.zfs.devNodes = cfg.devNodes;
+
    fileSystems."/".neededForBoot = true;
    fileSystems."/etc".neededForBoot = true;
    fileSystems."/boot".neededForBoot = true;
    fileSystems."/var".neededForBoot = true;
    fileSystems."/home".neededForBoot = true;
    fileSystems."/nix".neededForBoot = true;
+    fileSystems."/data".neededForBoot = true;
  };
 }
--- a/machines/modules/malobeo/initssh.nix
+++ b/machines/modules/malobeo/initssh.nix
@@ -32,6 +32,7 @@ in
      zfs = {
        forceImportAll = true;
        requestEncryptionCredentials = true;
+        
      };
      initrd = {
        availableKernelModules = cfg.ethernetDrivers;
@@ -48,18 +49,18 @@ in
        secrets = {
          "/etc/ssh/initrd" = "/etc/ssh/initrd";
        };
+        systemd.services.zfs-remote-unlock = {
+          description = "Prepare for ZFS remote unlock";
+          wantedBy = ["initrd.target"];
+          after = ["systemd-networkd.service"];
+          path = with pkgs; [ zfs ];
+          serviceConfig.Type = "oneshot";
+          script = ''
+            echo "systemctl default" >> /var/empty/.profile
+          '';
+        };
      };
      kernelParams = [ "ip=::::${hostName}-initrd::dhcp" ];
-      systemd.services.zfs-remote-unlock = {
-        description = "Prepare for ZFS remote unlock";
-        wantedBy = ["initrd.target"];
-        after = ["systemd-networkd.service"];
-        path = with pkgs; [ zfs ];
-        serviceConfig.Type = "oneshot";
-        script = ''
-          echo "systemctl default" >> /var/empty/.profile
-        '';
-      };
    };
  };
 }