| 27 Nov 2024 |
 netpleb | I have a disks.nix in my git repo, added it to my configuration, and disko-install ... worked perfectly! My my disks config looks like (basically it is the luks-btrfs example in the docs):
{
disko.devices = {
disk = {
main = {
type = "disk";
# When using disko-install, we can overwrite this value (device) from the commandline:
# $ sudo nix run 'github:nix-community/disko/latest#disko-install' -- --write-efi-boot-entries --flake '/tmp/config/etc/nixos#mymachine' --disk main /dev/sda
# see: https://github.com/nix-community/disko/blob/master/docs/disko-install.md
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
# disable settings.keyFile if you want to use interactive password entry
#passwordFile = "/tmp/secret.key"; # Interactive
settings = {
allowDiscards = true;
# keyFile = "/tmp/secret.key";
};
# additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "8G";
};
};
};
};
};
};
};
};
};
};
}
| 18:35:59 |
| netpleb | Then I added a second nvme device to the machine and booted it up. I noticed that the machine switched the original /dev/nvme0n1 over to /dev/nvme1n1 and the new device is now /dev/nvme0n1, but it booted up just fine. I am guessing that is becuase (correctly) disko set fileSystems."/".device = "crypted". So far so good. | 18:40:29 |
| netpleb | but here is my question: can I somehow simply update my disks.nix file and use disko to add the 2nd device to the btrfs filesystem? or do I need to run the respective btrfs device add ... and btrfs balance start -mconvert=raid1 commands myself? | 18:45:58 |
| netpleb | * but here is my question: can I somehow simply update my disks.nix file and use disko to add the 2nd device to the btrfs filesystem? or do I need to run the respective btrfs device add ... and btrfs balance start -mconvert=raid1 commands myself (which is of course how I have done it in a non-declarative pre-disko world)? | 18:46:27 |
|  TheDragon left the room. | 23:33:42 |
| 29 Nov 2024 |
 Mic92 | netpleb: there is a format mode that should not destroy your existing disk and add missing partitions disks etc. But I am not sure this works for raid conversion yet. | 13:07:19 |
| Mic92 | I don't think we have any convert for this use case | 13:07:42 |
| Mic92 | lassulus: https://github.com/nix-community/disko/pull/891/files#r1863500583 I need your help with one _unmount option definition. I don't yet understand yet, how thse magic { fs = ; dev = }; attrs are working and when I cannot use them | 13:08:30 |
 lassulus | whats the error? I think you need to use config.content._unmount.fs instead of the top level thingie? | 13:17:39 |
| Mic92 | I think I fixed | 13:22:04 |
| Mic92 | Interestingly I think I found now a bug in the disko mount code. | 13:37:50 |
| Mic92 | https://buildbot.thalheim.io/#/builders/64/builds/872/steps/1/logs/stdio | 13:37:52 |
| Mic92 | Here it imports the zpool before resolving device dependencies. | 13:38:09 |
| Mic92 | lassulus: any idea how to solve this? | 13:39:34 |
| lassulus | You added a reverse list | 13:40:22 |
| Mic92 | Not this is mount not unmount | 13:40:45 |
| lassulus | https://github.com/nix-community/disko/pull/891/files#diff-84f980eccc1d3f99c10f8b0e6c5c5fc2af2069517533c4c4d73264a190e85188R647 | 13:41:00 |
| Mic92 | thx | 13:44:21 |
| Mic92 | Ok. CI is green now. Ready for review! | 13:50:31 |
| Mic92 | lassulus: oh, new edge case for veritysetup. We would need a device that is used at mount time, that is different from the device at boot time. | 15:43:59 |
| lassulus | uh | 15:45:16 |
| lassulus | I'm not sure I understand :D | 15:45:25 |
| Mic92 | lassulus: So you first format /dev/sda with ext4, than mount it, write to it, unmount it. And than you run veritysetup format /dev/sda /dev/sdb. /dev/sdb is than your hash device that stores the hash merkel tree. At boot time you than mount veritysetup open mydevice /dev/sda /dev/sdb and mount /dev/mapper/mydevice to where ever it needs to go. | 15:48:12 |
| lassulus | can't you mount it in a tmpdir for the first mount and mount it with veritysetup for the mount step? | 15:52:58 |
| Mic92 | lassulus: no, because mounted veritysetup devices are read-only | 15:54:38 |
| Mic92 | The idea is to have immutable filesystems that can be verified and not tempered with. | 15:55:18 |
| lassulus | ah, well the mount command from disko is just used for installation anyway | 15:57:35 |
| lassulus | so you just define the /dev/sda in there and the verity thingie in the config? | 15:57:51 |
| lassulus | type would be similiar to the luks type | 15:58:11 |
| lassulus changed their profile picture. | 18:30:30 |
