chore: switch to zfs on luks

2023-05-11 12:53:52 +02:00 · 2023-05-11 12:53:52 +02:00 · cdd35390fb
commit cdd35390fb
parent 14ef8ef877
2 changed files with 11 additions and 8 deletions
--- a/hosts/ward/fs.nix
+++ b/hosts/ward/fs.nix
@ -16,7 +16,7 @@
          partitions = [
            (partEfi "efi" "0%" "1GiB")
            (partSwap "swap" "1GiB" "17GiB")
-            (partZfs "rpool" "17GiB" "100%")
+            (partLuksZfs "rpool" "17GiB" "100%")
          ];
        };
      };
--- a/nix/lib.nix
+++ b/nix/lib.nix
@ -69,11 +69,17 @@ in rec {
          randomEncryption = true;
        };
      };
-      partZfs = name: start: end: {
-        inherit name start end;
+      partLuksZfs = name: start: end: {
+        inherit start end;
+        name = "enc-${name}";
        content = {
-          type = "zfs";
-          pool = name;
+          type = "luks";
+          name = "enc-${name}";
+          extraOpenArgs = ["--allow-discards"];
+          content = {
+            type = "zfs";
+            pool = name;
+          };
        };
      };
    };
@ -90,9 +96,6 @@ in rec {
          mountpoint = "none";
          canmount = "off";
          devices = "off";
-          encryption = "aes-256-gcm";
-          keyformat = "passphrase";
-          keylocation = "prompt";
        };
        options.ashift = "12";
      };