| 24 Mar 2024 |
 ElvishJerricco | you partition the disk, then you use cryptsetup luksFormat, then you use cryptsetup open | 23:47:48 |
| ElvishJerricco | you need to open them | 23:47:55 |
 conr | so did i do it right or need to do it over? | 23:48:00 |
| ElvishJerricco | seems like you're probably good if you did luksFormat already | 23:48:11 |
| conr | so now i can create the zpool and point to the /sda1, sdb1, etc...? | 23:48:46 |
| ElvishJerricco | no | 23:48:50 |
| ElvishJerricco | again | 23:48:52 |
| ElvishJerricco | for the third time | 23:48:54 |
| ElvishJerricco | you need to open them with cryptsetup open | 23:48:59 |
| conr | oh i'm sorry, yes. open them | 23:49:45 |
| conr | NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 10.9T 0 disk
└─sda1 8:1 0 10.9T 0 part
└─crypthdd1 254:3 0 10.9T 0 crypt
sdb 8:16 0 10.9T 0 disk
└─sdb1 8:17 0 10.9T 0 part
└─crypthdd2 254:4 0 10.9T 0 crypt
sdc 8:32 0 1.8T 0 disk
└─sdc1 8:33 0 1.8T 0 part
└─cryptssd1 254:5 0 1.8T 0 crypt
sdd 8:48 0 1.8T 0 disk
└─sdd1 8:49 0 1.8T 0 part
└─cryptssd2 254:6 0 1.8T 0 crypt
nvme0n1 259:0 0 931.5G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
├─nvme0n1p2 259:2 0 32M 0 part
│ └─cryptkey 254:0 0 16M 0 crypt
├─nvme0n1p3 259:3 0 32G 0 part
│ └─cryptswap 254:1 0 32G 0 crypt [SWAP]
└─nvme0n1p4 259:4 0 898.5G 0 part
└─cryptroot 254:2 0 898.5G 0 crypt
| 23:53:02 |
| conr | ok got it | 23:53:03 |
| ElvishJerricco | conr: yea so now you create a pool with those cryptssd1 devices and whatnot | 23:55:31 |
| 25 Mar 2024 |
| conr | cool. got it. | 00:06:06 |
| conr | * cool. got it setup. | 00:06:16 |
| conr | do i need to create a /etc/crypttab | 00:27:40 |
| conr | i don't have one | 00:27:42 |
 hexa | if this is a fresh install, nixos-generate-config should create hardware-configuration.nix with boot.inird.luks.devices entries | 00:29:32 |
| conr | i'm trying to just load it in level 2, not level 1 | 00:30:38 |
| ElvishJerricco | stage* 2 | 00:30:58 |
| ElvishJerricco | conr: Don't create /etc/crypttab. Just use the environment.etc option to have nixos create it. | 00:31:22 |
| conr | right stage 2 | 00:31:23 |
| conr | ok then add each value manually after? | 00:32:08 |
| conr | * ok then add each disk manually after? | 00:32:16 |
| ElvishJerricco | environment.etc.crypttab.text = ''
cryptssd1 /dev/disk/by-uuid/asdfasdf /dev/mapper/cryptkey keyfile-size=8192
cryptssd2 /dev/disk/by-uuid/wxyzwxya /dev/mapper/cryptkey keyfile-size=8192
'';
| 00:32:56 |
| ElvishJerricco | you don't need to edit /etc/crypttab at all. Just have nixos manage it like that | 00:33:07 |
| conr | ooo i like it | 00:33:14 |
| conr | Worked on the first try! | 00:49:02 |
| conr | how to i make this work recursively? systemd.tmpfiles.rules = [ "d /mnt/data1 0755 conor users" ]; | 01:28:26 |
| ElvishJerricco | conr: You can follow that line with another one like Z /mnt/data1 0755 conor users to recursively set the mode and ownership of a directory | 01:32:53 |
