feat: build configurations dynamically for arch

2025-12-06 09:07:21 +01:00 · 2025-11-08 13:49:03 +01:00 · 2025-11-08 13:49:03 +01:00 · a5a1afed3d
commit a5a1afed3d
parent 0ef76106ee
45 changed files with 289 additions and 210 deletions
--- a/hosts/nixos/x86_64-linux/pyramid/disk-config.nix
+++ b/hosts/nixos/x86_64-linux/pyramid/disk-config.nix
@ -0,0 +1,80 @@
+{
+  disko.devices = {
+    disk = {
+      nvme0n1 = {
+        type = "disk";
+        device = "/dev/nvme0n1";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              label = "boot";
+              name = "ESP";
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [
+                  "defaults"
+                ];
+              };
+            };
+            luks = {
+              size = "100%";
+              label = "luks";
+              content = {
+                type = "luks";
+                name = "cryptroot";
+                extraOpenArgs = [
+                  "--allow-discards"
+                  "--perf-no_read_workqueue"
+                  "--perf-no_write_workqueue"
+                ];
+                # https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
+                settings = { crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10" ]; };
+                content = {
+                  type = "btrfs";
+                  extraArgs = [ "-L" "nixos" "-f" ];
+                  subvolumes = {
+                    "/root" = {
+                      mountpoint = "/";
+                      mountOptions = [ "subvol=root" "compress=zstd" "noatime" ];
+                    };
+                    "/home" = {
+                      mountpoint = "/home";
+                      mountOptions = [ "subvol=home" "compress=zstd" "noatime" ];
+                    };
+                    "/nix" = {
+                      mountpoint = "/nix";
+                      mountOptions = [ "subvol=nix" "compress=zstd" "noatime" ];
+                    };
+                    "/persist" = {
+                      mountpoint = "/persist";
+                      mountOptions = [ "subvol=persist" "compress=zstd" "noatime" ];
+                    };
+                    "/log" = {
+                      mountpoint = "/var/log";
+                      mountOptions = [ "subvol=log" "compress=zstd" "noatime" ];
+                    };
+                    "/swap" = {
+                      mountpoint = "/swap";
+                      swap.swapfile.size = "64G";
+                    };
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+
+  fileSystems = {
+    "/persist".neededForBoot = true;
+    "/home".neededForBoot = true;
+    "/var/log".neededForBoot = true;
+  };
+}