merged zfs.nix and erase-your-darlings.nix

2025-12-10 00:43:56 -05:00 · 2023-05-21 18:01:30 -04:00 · 2023-05-21 18:01:30 -04:00 · e1d4cb64c2
commit e1d4cb64c2
parent 3a1f1245e8
2 changed files with 27 additions and 19 deletions
--- a/systems/gerg-desktop/zfs.nix
+++ b/systems/gerg-desktop/zfs.nix
@ -1,15 +1,41 @@
-{config, ...}: {
+{
+  config,
+  lib,
+  ...
+}: {
+  #link some stuff
+  systemd.tmpfiles.rules = [
+    "L+ /etc/ssh/ssh_host_ed25519_key  - - - - /persist/ssh/ssh_host_ed25519_key"
+    "L+ /etc/ssh/ssh_host_ed25519_key.pub  - - - - /persist/ssh/ssh_host_ed25519_key.pub"
+    "L+ /etc/nixos - - - - /persist/nixos"
+  ];
+  #create machine-id for spotify
+  environment.etc = {
+    "machine-id".text = "b6431c2851094770b614a9cfa78fb6ea";
+  };
+  #make sure the sopskey is found
+  sops.age.sshKeyPaths = lib.mkForce ["/persist/ssh/ssh_host_ed25519_key"];
+  fileSystems."/persist".neededForBoot = true;
+
  boot = {
    zfs = {
      devNodes = "/dev/disk/by-id/";
      forceImportAll = true;
    };
    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
+    #disable hibernate and set cache max
    kernelParams = ["nohibernate" "zfs.zfs_arc_max=17179869184"];
    supportedFilesystems = ["zfs" "vfat"];
    initrd = {
+      #module for multiple swap devices
      kernelModules = ["dm_mod"];
+      #keyboard module for zfs password
      availableKernelModules = ["hid_generic"];
+      #wipe / and /var on boot
+      postDeviceCommands = lib.mkAfter ''
+        zfs rollback -r rpool/root@empty
+        zfs rollback -r rpool/var@empty
+      '';
    };
    plymouth.enable = false;
    loader = {