From a10fb33c29b30b795b09f44dddea3e3330cd3d34 Mon Sep 17 00:00:00 2001
From: ahtlon <atlan@ahtlon.de>
Date: Mon, 16 Dec 2024 16:58:07 +0100
Subject: [PATCH] [fanny] disable mounting root datasets and add encrypted swap

---
 .gitignore                       | 1 +
 machines/modules/disko/fanny.nix | 9 +++++++++
 2 files changed, 10 insertions(+)

diff --git a/.gitignore b/.gitignore
index bb24878..a2fa571 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ result
 *.qcow2
 .direnv/
 book/
+fanny-efi-vars.fd
diff --git a/machines/modules/disko/fanny.nix b/machines/modules/disko/fanny.nix
index 53380c6..9366fe6 100644
--- a/machines/modules/disko/fanny.nix
+++ b/machines/modules/disko/fanny.nix
@@ -17,6 +17,13 @@
                 mountOptions = [ "umask=0077" ];
               };
             };
+            encryptedSwap = {
+              size = "8G"; #set to 100M for testing
+              content =  {
+                type = "swap";
+                randomEncryption = true;
+              };
+            };
             zfs = {
               size = "100%";
               content = {
@@ -70,6 +77,7 @@
         # Workaround: cannot import 'zroot': I/O error in disko tests
         options.cachefile = "none";
         rootFsOptions = {
+          mountpoint = "none";
           compression = "zstd";
           "com.sun:auto-snapshot" = "false";
         };
@@ -114,6 +122,7 @@
       storage = {
         type = "zpool";
         mode = "mirror";
+        rootFsOptions = { mountpoint = "none"; };
 
         datasets = {
           encrypted = {