83 lines
2.3 KiB
Nix
83 lines
2.3 KiB
Nix
{ disko, modulesPath, ... }:
|
|
{
|
|
imports = [ disko.nixosModules.disko "${modulesPath}/profiles/qemu-guest.nix" ];
|
|
|
|
disko.devices = {
|
|
disk = {
|
|
main = {
|
|
type = "disk";
|
|
device = "/dev/disk/by-id/ata-QEMU_DVD-ROM_QM00003";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
esp = {
|
|
size = "512M";
|
|
type = "ef00";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "vfat";
|
|
mountpoint = "/boot";
|
|
mountOptions = [
|
|
# Do not set the executable bit on files and prevent access from
|
|
# non-root users.
|
|
"dmask=0077"
|
|
"fmask=0177"
|
|
|
|
"noatime"
|
|
];
|
|
};
|
|
};
|
|
persistence-encrypted = {
|
|
start = "513M";
|
|
size = "100%";
|
|
# type = "8309";
|
|
content = {
|
|
type = "luks";
|
|
name = "persistence";
|
|
settings = {
|
|
allowDiscards = true;
|
|
};
|
|
passwordFile = "/tmp/secret.key";
|
|
content = {
|
|
type = "btrfs";
|
|
subvolumes = {
|
|
"/root" = {
|
|
mountpoint = "/persistence";
|
|
mountOptions = [
|
|
# Do not write access times on files. This is a common
|
|
# practice to reduce the number of unnecessary writes
|
|
# since we don't need access times or use any program that
|
|
# needs them.
|
|
"noatime"
|
|
];
|
|
};
|
|
"/swap" = {
|
|
mountpoint = "/.swap";
|
|
swap.swapfile.size = "8G";
|
|
};
|
|
};
|
|
};
|
|
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
nodev."/" = {
|
|
fsType = "tmpfs";
|
|
mountOptions = [
|
|
"defaults"
|
|
"size=25%"
|
|
"mode=755"
|
|
"noatime"
|
|
];
|
|
};
|
|
};
|
|
|
|
# Regularly correct bit rot.
|
|
# Well it should correct if i had some kind of raid system
|
|
# services.btrfs.autoScrub.enable = true;
|
|
}
|