petalburg: enable luks encryption

This commit is contained in:
Aly Raffauf 2024-05-03 07:18:10 -04:00
parent e77ca2458c
commit 72e025fb49

View file

@ -8,44 +8,44 @@
type = "gpt"; type = "gpt";
partitions = { partitions = {
ESP = { ESP = {
priority = 1; size = "1024M";
name = "ESP";
start = "1M";
end = "1024M";
type = "EF00"; type = "EF00";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot"; mountpoint = "/boot";
mountOptions = [
"defaults"
];
}; };
}; };
root = { luks = {
size = "100%"; size = "100%";
content = { content = {
type = "btrfs"; type = "luks";
extraArgs = ["-f"]; # Override existing partition name = "crypted";
# Subvolumes must set a mountpoint in order to be mounted, content = {
# unless their parent is mounted type = "btrfs";
subvolumes = { extraArgs = ["-f"];
# Subvolume name is different from mountpoint subvolumes = {
"rootfs" = {mountpoint = "/";}; "/root" = {
# For use with future impermanence setups mountpoint = "/";
"persist" = { mountOptions = ["compress=zstd" "noatime"];
mountpoint = "/persist"; };
mountOptions = ["compress=zstd" "noatime"]; "persist" = {
}; mountpoint = "/persist";
# Subvolume name is the same as the mountpoint mountOptions = ["compress=zstd" "noatime"];
"home" = { };
mountOptions = ["compress=zstd"]; "/home" = {
mountpoint = "/home"; mountpoint = "/home";
}; mountOptions = ["compress=zstd" "noatime"];
# Parent is not mounted so the mountpoint must be set };
"nix" = { "/nix" = {
mountOptions = ["compress=zstd" "noatime"]; mountpoint = "/nix";
mountpoint = "/nix"; mountOptions = ["compress=zstd" "noatime"];
};
}; };
}; };
mountpoint = "/partition-root";
}; };
}; };
}; };