From 72e025fb49d19448b98f960ac899c0deb085a5dd Mon Sep 17 00:00:00 2001 From: Aly Raffauf Date: Fri, 3 May 2024 07:18:10 -0400 Subject: [PATCH] petalburg: enable luks encryption --- hosts/petalburg/disko.nix | 54 +++++++++++++++++++-------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/hosts/petalburg/disko.nix b/hosts/petalburg/disko.nix index 54d34b71..a6a16273 100644 --- a/hosts/petalburg/disko.nix +++ b/hosts/petalburg/disko.nix @@ -8,44 +8,44 @@ type = "gpt"; partitions = { ESP = { - priority = 1; - name = "ESP"; - start = "1M"; - end = "1024M"; + size = "1024M"; type = "EF00"; content = { type = "filesystem"; format = "vfat"; mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; }; }; - root = { + luks = { size = "100%"; content = { - type = "btrfs"; - extraArgs = ["-f"]; # Override existing partition - # Subvolumes must set a mountpoint in order to be mounted, - # unless their parent is mounted - subvolumes = { - # Subvolume name is different from mountpoint - "rootfs" = {mountpoint = "/";}; - # For use with future impermanence setups - "persist" = { - mountpoint = "/persist"; - mountOptions = ["compress=zstd" "noatime"]; - }; - # Subvolume name is the same as the mountpoint - "home" = { - mountOptions = ["compress=zstd"]; - mountpoint = "/home"; - }; - # Parent is not mounted so the mountpoint must be set - "nix" = { - mountOptions = ["compress=zstd" "noatime"]; - mountpoint = "/nix"; + type = "luks"; + name = "crypted"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + subvolumes = { + "/root" = { + mountpoint = "/"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "persist" = { + mountpoint = "/persist"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "/home" = { + mountpoint = "/home"; + mountOptions = ["compress=zstd" "noatime"]; + }; + "/nix" = { + mountpoint = "/nix"; + mountOptions = ["compress=zstd" "noatime"]; + }; }; }; - mountpoint = "/partition-root"; }; }; };