refactor: make luks names predictable

hosts/sire/default.nix

@@ -44,9 +44,10 @@
   # services.telegraf.extraConfig.inputs.github = {};
 
   guests = let
-    mkGuest = guestName: {
+    mkGuest = guestName: {enableStorageDataset ? false, ...}: {
       autostart = true;
       zfs."/state" = {
+        # TODO make one option out of that? and split into two readonly options automatically?
         pool = "rpool";
         dataset = "local/guests/${guestName}";
       };
@@ -54,6 +55,10 @@
         pool = "rpool";
         dataset = "safe/guests/${guestName}";
       };
+      zfs."/storage" = lib.mkIf enableStorageDataset {
+        pool = "storage";
+        dataset = "safe/guests/${guestName}";
+      };
       modules = [
         ../../modules
         ./guests/common.nix
@@ -62,9 +67,9 @@
       ];
     };
 
-    mkMicrovm = guestName: {
+    mkMicrovm = guestName: opts: {
       ${guestName} =
-        mkGuest guestName
+        mkGuest guestName opts
         // {
           backend = "microvm";
           microvm = {
@@ -76,9 +81,9 @@
     };
 
     # deadnix: skip
-    mkContainer = guestName: {
+    mkContainer = guestName: opts: {
       ${guestName} =
-        mkGuest guestName
+        mkGuest guestName opts
         // {
           backend = "container";
           container.macvlan = "lan";
@@ -87,11 +92,11 @@
   in
     lib.mkIf (!minimal) (
       {}
-      // mkMicrovm "samba"
-      // mkMicrovm "grafana"
-      // mkMicrovm "influxdb"
-      // mkMicrovm "loki"
-      // mkMicrovm "paperless"
+      // mkMicrovm "samba" {enableStorageDataset = true;}
+      // mkMicrovm "grafana" {}
+      // mkMicrovm "influxdb" {}
+      // mkMicrovm "loki" {}
+      // mkMicrovm "paperless" {}
       #// mkMicrovm "minecraft"
       #// mkMicrovm "immich"
       #// mkMicrovm "firefly"

hosts/sire/fs.nix

@@ -2,32 +2,34 @@
   config,
   lib,
   ...
-}: {
+}: let
+  inherit (config.repo.secrets.local) disks;
+in {
   disko.devices = {
     disk =
       {
-        m2-ssd-1 = {
+        ${disks.m2-ssd-1} = {
           type = "disk";
-          device = "/dev/disk/by-id/${config.repo.secrets.local.disk.m2-ssd-1}";
+          device = "/dev/disk/by-id/${disks.m2-ssd-1}";
           content = with lib.disko.gpt; {
             type = "table";
             format = "gpt";
             partitions = [
               (partEfi "efi" "0%" "1GiB")
-              (partLuksZfs "rpool" "1GiB" "100%")
+              (partLuksZfs disks.m2-ssd-1 "rpool" "1GiB" "100%")
             ];
           };
         };
-        m2-ssd-2 = {
+        ${disks.m2-ssd-2} = {
           type = "disk";
-          device = "/dev/disk/by-id/${config.repo.secrets.local.disk.m2-ssd-2}";
-          content = lib.disko.content.luksZfs "rpool";
+          device = "/dev/disk/by-id/${disks.m2-ssd-2}";
+          content = lib.disko.content.luksZfs disks.m2-ssd-2 "rpool";
         };
       }
-      // lib.genAttrs config.repo.secrets.local.disk.hdds-tank (disk: {
+      // lib.genAttrs disks.hdds-storage (disk: {
         type = "disk";
         device = "/dev/disk/by-id/${disk}";
-        content = lib.disko.content.luksZfs "tank";
+        content = lib.disko.content.luksZfs disk "storage";
       });
     zpool = with lib.disko.zfs; {
       rpool = mkZpool {
@@ -38,7 +40,7 @@
             "safe/guests" = unmountable;
           };
       };
-      tank = mkZpool {
+      storage = mkZpool {
         mode = "raidz1";
         datasets = {
           "safe/guests" = unmountable;
@@ -75,7 +77,7 @@
           filesystems = {
             "rpool/local/state<" = true;
             "rpool/safe<" = true;
-            "tank/safe<" = true;
+            "storage/safe<" = true;
           };
           snapshotting = {
             type = "periodic";
@@ -112,7 +114,4 @@
       ];
     };
   };
-
-  boot.initrd.luks.devices.enc-rpool.allowDiscards = true;
-  boot.initrd.luks.devices.enc-tank.allowDiscards = true;
 }