| 10 May 2026 |
 Albert Larsan | If you can manage to navigate the mess that are my dotfiles, you can look at the spruce-frame host at https://git.sr.ht/~albertlarsan68/dotfiles
TMDU: The disk is crypted by luks. Inside luks there is a lvm PV. The VG contains two LVs: A 64-gig swap (for hibernation) and the rest is my btrfs volume. Standard-ish Impermanence setup, just made sure that the script that cleans up the root only runs once resume has been attempted. | 13:49:03 |
 sudoforge | ah, fair. hibernation on a zvol is a bad idea (although technically still... possible) | 13:52:06 |
| sudoforge | you'd just need to patch the kernel to address the missing support :P | 13:53:05 |
| sudoforge | are you using disko to configure your disk, by chance? | 13:54:07 |
| sudoforge | * | 13:57:30 |
 trumee | no i am not using disko atm. | 14:00:11 |
| trumee | I am currently using ZFS, but planning to migrate since i need hibernation. | 14:00:51 |
| sudoforge | well, the good news is that a separate swap partition would work fine, and can be encrypted (if you do that), so you can continue using ZFS as your main filesystem. | 14:05:07 |
| Albert Larsan | Note that having multiple LUKS containers on a single system has… complications. | 14:06:01 |
| sudoforge | others have already addressed what you need to do, but i'd be happy to provide additional clarification if needed. | 14:06:00 |
| sudoforge | i haven't found that to be the case at all. | 14:06:35 |
| Albert Larsan | I have auto-unlock with TPM on my server machines, and getting that to behave was a journey | 14:07:22 |
| sudoforge | i have passphrase fallback, and use clevis + tang for my servers. | 14:08:11 |
| Albert Larsan | And typing two unlock passphrases at boot is annoying too (especially on a laptop) | 14:08:31 |
| sudoforge | you only need to do that if the passphrase differs. | 14:08:54 |
| Albert Larsan | Having swap and storage live in the same lvm vg is nice to be able to modulate size between the two without having to resize the luks containers (which is a royal pain IME) | 14:11:37 |
| Albert Larsan | I was trying to unlock a data disk with a keyfile on the main (tpm-unlocked) disk, but I abandonned this and went to unlock both disks with the tpm instead. | 14:12:41 |
| sudoforge | ah, neat. my servers all have passphrase fallback, which i can administer through IMPI, but primarily boot and decrypt the disks using clevis and tang, requiring 2 of 2: TPM, and the tang server | 14:14:27 |
| sudoforge | * | 14:15:45 |
| Albert Larsan | I use laptops for servers, so no IPMI. There is ssh-based passphrase fallback, but it requires me to notice that the host is down, find a way to connect to its initrd ssh, and remember the correct command to ask systemd to prompt me the password. | 14:15:52 |
| Albert Larsan | I use systemd-crypt{setup,enroll}, not clevis though | 14:16:57 |
| trumee | I am not sure if hibernate is safe with zfs, https://github.com/openzfs/zfs/issues/12842 | 14:18:20 |
| trumee | also, https://github.com/NixOS/nixpkgs/blob/93de6bf9ed923bf2d0991db61c2fd127f6e984ae/nixos/modules/tasks/filesystems/zfs.nix#L229-L236 | 14:20:12 |
| Albert Larsan | I never got a file-based hibernation working on btrfs, that is why I have my onion. | 14:20:54 |
| sudoforge | @rajil:rajils.com both of the links you provided are related to using swap (and hibernation) on a zfs zvol.
what we've described here is setting up swap on a secondary (or tertiary) partition, without formatting it as ZFS.
| 14:23:47 |
| sudoforge | i have file-based swap under encrypted btrfs on my laptop working and don't recall having to do anything special. did you last try this several years ago, perhaps? | 14:25:32 |
| trumee | yes, i have a separate non-zfs swap partition. But ZFS does not like hibernate, there could be pool corruption. | 14:25:40 |
| Albert Larsan | I tried about two years ago, on a Fedora system (with an Nvidia graphic card). When I made the switch to NixOS (on my current laptop), I decided it wasn’t worth the trouble (especially with impermanence and other stuff) | 14:30:08 |
 Albert | I had success with this guide
https://sawyershepherd.org/post/hibernating-to-an-encrypted-swapfile-on-btrfs-with-nixos/ | 14:33:18 |
| sudoforge | i'm not sure that's the case; the openzfs disk formatting guide even explicitly instructs users to create a swap partition. | 14:33:53 |
