Reinstall raven

2024-06-21 14:06:28 +02:00 · 2024-06-21 14:06:28 +02:00 · ad3b9ab43f
commit ad3b9ab43f
parent 001ebc9b1f
4 changed files with 57 additions and 24 deletions
--- a/machines/default.nix
+++ b/machines/default.nix
@ -4,7 +4,7 @@ let
 in
 {
  raven = {
-    #targetHost = "192.168.94.1";
+    targetHost = "raven.fablab-nea.de";
    system = "x86_64-linux";
    extraModules = [
      hardware.common-cpu-intel
--- a/machines/raven/configuration.nix
+++ b/machines/raven/configuration.nix
@ -3,6 +3,7 @@
 {
  imports = [
    ./hardware-configuration.nix
+    ./disko.nix
    ./services
  ];

--- a/machines/raven/disko.nix
+++ b/machines/raven/disko.nix
@ -0,0 +1,54 @@
+{
+  disko.devices = {
+    disk = {
+      nvme = {
+        type = "disk";
+        device = "/dev/disk/by-id/ata-WD_Green_2.5_240GB_232497451701";
+        content = {
+          type = "gpt";
+          partitions = {
+            esp = {
+              type = "EF00";
+              size = "1024M";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "uid=0" "gid=0" "fmask=0077" "dmask=0077" "nodev" "nosuid" "noexec" ];
+              };
+            };
+            luks = {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "raven-crypt";
+                settings = {
+                  allowDiscards = true;
+                };
+                extraFormatArgs = [ "--hash sha512 --use-random --pbkdf argon2id --iter-time 5000 --pbkdf-memory ${builtins.toString (4*1024*1024)} --pbkdf-parallel 4" ];
+                content = {
+                  type = "btrfs";
+                  extraArgs = [ "-f" ];
+                  subvolumes = {
+                    "/root" = {
+                      mountpoint = "/";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "/home" = {
+                      mountpoint = "/home";
+                      mountOptions = [ "compress=zstd" "noatime" "nodev" "nosuid" ];
+                    };
+                    "/nix" = {
+                      mountpoint = "/nix";
+                      mountOptions = [ "compress=zstd" "noatime" "noatime" "nodev" ];
+                    };
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/machines/raven/hardware-configuration.nix
+++ b/machines/raven/hardware-configuration.nix
@ -20,35 +20,13 @@
        "cryptd"
      ];
      kernelModules = [ "dm-snapshot" ];
-
-      luks.devices.root = {
-        name = "root";
-        device = "/dev/disk/by-uuid/ee78659c-52a5-4e81-8028-b43de08b6a55";
-        preLVM = true;
-        allowDiscards = true;
-        keyFileSize = 4096;
-        keyFile = "/dev/disk/by-id/usb-jalr_RAM_Mass_Storage_DE6270431F6F342C-0:0";
-        keyFileTimeout = 5;
-      };
-      systemd.enable = true;
    };

    loader = {
      systemd-boot.enable = true;
+      systemd-boot.configurationLimit = 20;
      efi.efiSysMountPoint = "/boot";
      efi.canTouchEfiVariables = true;
    };
  };
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-uuid/80209d1b-27c6-423d-93e8-cd39e1893873";
-      fsType = "btrfs";
-      options = [ "discard=async" "noatime" "compress=zstd" ];
-    };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/20A0-5FD8";
-      fsType = "vfat";
-    };
-  };
 }