fix: prepare for installing /w nixos-anywhere

2025-09-12 17:14:06 -05:00 · 2025-09-12 17:14:06 -05:00 · 3ae9e4aae3
commit 3ae9e4aae3
parent b025dbac46
4 changed files with 92 additions and 84 deletions
--- a/hosts/titanium/disko.nix
+++ b/hosts/titanium/disko.nix
@ -7,70 +7,76 @@
  # `sudo nix --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount /tmp/disk-config.nix`
  disko.devices = {
    disk = {
-      main-disk = {
+      main = {
 	      type = "disk";
 	      device = "/dev/disk/by-path/pci-0000:08:00.0-ata-2";
 	      content = {
-		type = "gpt";
-		partitions = {
-		  ESP = {
-		    size = "512M";
-		    type = "EF00";
-		    content = {
-		      type = "filesystem";
-		      format = "vfat";
-		      mountpoint = "/boot";
-		      mountOptions = [ "umask=0077" ];
-		    };
-		  };
-		  luks = {
-		    size = "100%";  # Full Disk Encryption
-		    content = {
-		      type = "luks";
-		      name = "crypted";
-		      # disable settings.keyFile if you want to use interactive password entry
-		      # passwordFile = "/tmp/secret.key";  # Interactive
-		      settings = {
-			allowDiscards = true;
-			#keyFile = "/tmp/secret.key";
-		      };
-		      #additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
-		      content = {
-			type = "btrfs";
-			extraArgs = [ "-f" ];  # What?
-			subvolumes = {
-			  "/root" = {
-			    mountpoint = "/";
-			    mountOptions = [
-			      "compress=zstd"
-			      "noatime"
-			    ];
-			  };
-			  "/home" = {
-			    mountpoint = "/home";
-			    mountOptions = [
-			      "compress=zstd"
-			      "noatime"
-			    ];
-			  };
-			  "/nix" = {
-			    mountpoint = "/nix";
-			    mountOptions = [
-			      "compress=zstd"
-			      "noatime"
-			    ];
-			  };
-			  "/swap" = {
-			    mountpoint = "/.swapvol";
-			    swap.swapfile.size = "16G";
-			  };
-			};
-		      };
-		    };
-		  };
-		};
+					type = "gpt";
+					partitions = {
+					  ESP = {
+					    size = "512M";
+					    type = "EF00";
+					    content = {
+					      type = "filesystem";
+					      format = "vfat";
+					      mountpoint = "/boot";
+					      mountOptions = [ "umask=0077" ];
+					    };
+					  };
+					  luks = {
+					    size = "100%";  # Full Disk Encryption
+					    content = {
+					      type = "luks";
+					      name = "crypted";
+					      # disable settings.keyFile if you want to use interactive password entry
+					      # passwordFile = "/tmp/secret.key";  # Interactive
+					      extraOpenArgs = [
+									"--allow-discards"
+									"--perf-no_read_workqueue"
+									"--perf-no_write_workqueue"
+								];
+					      settings = {
+									allowDiscards = true;
+									crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10" ];
+									#keyFile = "/tmp/secret.key";
+					      };
+					      #additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
+					      content = {
+									type = "btrfs";
+									extraArgs = [ "-L" "nixos" "-f" ];  # What?
+									subvolumes = {
+									  "/root" = {
+									    mountpoint = "/";
+									    mountOptions = [
+									      "compress=zstd"
+									      "noatime"
+									    ];
+									  };
+									  "/home" = {
+									    mountpoint = "/home";
+									    mountOptions = [
+									      "compress=zstd"
+									      "noatime"
+									    ];
+									  };
+									  "/nix" = {
+									    mountpoint = "/nix";
+									    mountOptions = [
+									      "compress=zstd"
+									      "noatime"
+									    ];
+									  };
+									  "/swap" = {
+									    mountpoint = "/.swapvol";
+									    swap.swapfile.size = "32G";
+									  };
+									};
+					      };
+					    };
+					  };
+					};
 	      };
-	};
+			};
    };
  };
 }