!oNSIfazDqEcwhcOjSL:matrix.org

disko

356 Members
disko - declarative disk partitioning - https://github.com/nix-community/disko89 Servers

You have reached the beginning of time (for this room).

SenderMessageTime
12 May 2025
@noneyescat:matrix.orgmomoIf I recall correctly, this command used to work properly six months ago. So I'm not entirely sure if there have been any changes to the options that might be causing this issue :(16:08:05
@lassulus:lassul.uslassulushmm, it looks like a nixpkgs bug16:44:06
@ersei:ersei.net@ersei:ersei.net joined the room.19:58:27
@ersei:ersei.net@ersei:ersei.netHey all, is there any specific thing I need to do to use disko with multipath?19:59:49
13 May 2025
@unmolded_can:matrix.orgunmolded_can joined the room.07:57:15
@unmolded_can:matrix.orgunmolded_can

Hi all, struggling though the docs _create zfs* options I eventually got the disko config to work. However, because I have used encrypted zfs root and /nix datasets (across different pools) I have encountered a dependency issue (I think) on boot.
`
zpool = {
zroot = {
type = "zpool";
mode = {
topology={
type = "topology";
vdev = [
{
members = [ "crucialMx500500g1" ];
}
];
};
};
options = {
# Workaround: cannot import 'zroot': I/O error in disko tests
cachefile = "none";
ashift = "12";
};
rootFsOptions = {
mountpoint = "none";
compression = "lz4";
acltype = "posixacl";
xattr = "sa";
atime = "off";
};
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
datasets = {
root = {
type = "zfs_fs";
mountpoint = "/";
options = {
encryption = "aes-256-gcm";
keyformat = "passphrase";
keylocation = "prompt";
};
};
};
};
# };

    fast = {
      type = "zpool";
      mode = {
      topology={
        type = "topology";
        vdev = [
          {
            mode = "mirror";
            members = [ "samsung990Pro4t1" "samsung990Pro4t2" ];
          }
        ];
      };
      };
      mountpoint = "/mnt/fast";
      options = {
        ashift = "12";
      };
      rootFsOptions = {
        mountpoint = "none";
        atime = "off";
        compression = "lz4";

        encryption = "aes-256-gcm";
        keyformat = "hex";
        keylocation = "file:///etc/zfs/keys/fast.hex";
      };
      datasets = {
        nix = {
          type = "zfs_fs";
          mountpoint = "/nix";
          options = {
           compression = "zstd";
          };
        };
        game = {
          type = "zfs_volume";
          size = "1T";
          options = {
            volblocksize = "128K";
          };
          # content = {
          #   type = "filesystem";
          #   format = "ntfs";
          # };
        };
      };
    };
  };

`
Based on the stage 1 boot messages, initrd/linux is loading the key zroot/root via a passphrase, then loading the fast pool key. It can't since the fast pool key is in the zroot/root pool. After failing to load the key it then mounts zroot/root which then now makes the key available.
I have found https://github.com/nix-community/disko/issues/141 but the linked https://github.com/nix-community/disko/pull/218/files only affects creation it seems. Any help would be appreciated.

08:08:10
@unmolded_can:matrix.orgunmolded_can *

Hi all, struggling though the docs _create zfs* options I eventually got the disko config to work. However, because I have used encrypted zfs root and /nix datasets (across different pools) I have encountered a dependency issue (I think) on boot.

`
Based on the stage 1 boot messages, initrd/linux is loading the key zroot/root via a passphrase, then loading the fast pool key. It can't since the fast pool key is in the zroot/root pool. After failing to load the key it then mounts zroot/root which then now makes the key available.
I have found https://github.com/nix-community/disko/issues/141 but the linked https://github.com/nix-community/disko/pull/218/files only affects creation it seems. Any help would be appreciated.

08:09:36
@unmolded_can:matrix.orgunmolded_can *

Hi all, struggling though the docs _create zfs* options I eventually got the disko config to work. However, because I have used encrypted zfs root and /nix datasets (across different pools) I have encountered a dependency issue (I think) on boot.

      zpool = {
        zroot = {
          type = "zpool";
          mode = {
          topology={
            type = "topology";
            vdev = [
              {
                members = [ "crucialMx500500g1" ];
              }
            ];
          };
          };
          options = {
            # Workaround: cannot import 'zroot': I/O error in disko tests
            cachefile = "none";
            ashift = "12";
          };
          rootFsOptions = {
            mountpoint = "none";
            compression = "lz4";
            acltype = "posixacl";
            xattr = "sa";
            atime = "off";
          };
          postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot@blank$' || zfs snapshot zroot@blank";
          datasets = {
            root = {
              type = "zfs_fs";
              mountpoint = "/";
              options = {
                encryption = "aes-256-gcm";
                keyformat = "passphrase";
                keylocation = "prompt";
              };
            };
          };
        };
        # };

        fast = {
          type = "zpool";
          mode = {
          topology={
            type = "topology";
            vdev = [
              {
                mode = "mirror";
                members = [ "samsung990Pro4t1" "samsung990Pro4t2" ];
              }
            ];
          };
          };
          mountpoint = "/mnt/fast";
          options = {
            ashift = "12";
          };
          rootFsOptions = {
            mountpoint = "none";
            atime = "off";
            compression = "lz4";

            encryption = "aes-256-gcm";
            keyformat = "hex";
            keylocation = "file:///etc/zfs/keys/fast.hex";
          };
          datasets = {
            nix = {
              type = "zfs_fs";
              mountpoint = "/nix";
              options = {
               compression = "zstd";
              };
            };
            game = {
              type = "zfs_volume";
              size = "1T";
              options = {
                volblocksize = "128K";
              };
              # content = {
              #   type = "filesystem";
              #   format = "ntfs";
              # };
            };
          };
        };
      };

Based on the stage 1 boot messages, initrd/linux is loading the key zroot/root via a passphrase, then loading the fast pool key. It can't since the fast pool key is in the zroot/root pool. After failing to load the key it then mounts zroot/root which then now makes the key available.
I have found https://github.com/nix-community/disko/issues/141 but the linked https://github.com/nix-community/disko/pull/218/files only affects creation it seems. Any help would be appreciated.

08:10:22
@unmolded_can:matrix.orgunmolded_canDid some more digging into the code and found https://github.com/nix-community/disko/blob/85555d27ded84604ad6657ecca255a03fd878607/lib/types/zfs_fs.nix#L165-L170 which implies there is no way to set https://nixos.org/manual/nixos/stable/options#opt-fileSystems._name_.depends for zfs. I guess I can try adding that config in a seperate file and hope nixos/nixpkgs merges the attributes correctly. Actually rereading the issue I found says to do exactly that (last 2 messages, don't skim). So I guess that is the solution. Use depends directly (though you have to read the code to know to use the zfs mountpoint as the nix attr key) instead of through disko08:31:53
@unmolded_can:matrix.orgunmolded_can * Did some more digging into the code and found https://github.com/nix-community/disko/blob/85555d27ded84604ad6657ecca255a03fd878607/lib/types/zfs_fs.nix#L165-L170 which implies there is no way to set https://nixos.org/manual/nixos/stable/options#opt-fileSystems._name_.depends for zfs. I guess I can try adding that config in a seperate file and hope nixos/nixpkgs merges the attributes correctly. Actually rereading the issue I found says to do exactly that (last 2 messages, don't skim). So I guess that is the solution. Use depends directly instead of through disko 08:35:46
@unmolded_can:matrix.orgunmolded_can adding fileSystems."/nix".depends = [ "/ or /etc/zfs/keys" ] doesn't seems to force the mount. It still goes load key root, load key fast (fail), mount root, fail to mount /nix and crash. For whatever reason I can't do fileSystems."/mnt/fast/.depends = ... as nixos during build itself fails with a fileSystems."/mnt/fast".device attribute missing (disko issue?). Either way, I think I'll put my /nix and related boot required mounts on the same pool as root to avoid this zfs key and mount dependency hell (though I'm not sure if I'll escape by encrypting the datasets individually; might have to encrypt whole pool so I only need 1 key load). :/ 09:53:05
@unmolded_can:matrix.orgunmolded_can * adding fileSystems."/nix".depends = [ "/ or /etc/zfs/keys" ] doesn't seems to force the mount. It still goes load key root, load key fast (fail), mount root, fail to mount /nix and crash. For whatever reason I can't do fileSystems."/mnt/fast/.depends = ... as nixos during build itself fails with a No device specified for mount point '/mnt/fast' attribute missing (disko issue?). Either way, I think I'll put my /nix and related boot required mounts on the same pool as root to avoid this zfs key and mount dependency hell (though I'm not sure if I'll escape by encrypting the datasets individually; might have to encrypt whole pool so I only need 1 key load). :/ 09:57:08
@unmolded_can:matrix.orgunmolded_can * adding fileSystems."/nix".depends = [ "/ or /etc/zfs/keys" ] doesn't seems to force the mount. It still goes load key root, load key fast (fail), mount root, fail to mount /nix and crash. For whatever reason I can't do fileSystems."/mnt/fast/.depends = ... as nixos during build itself fails with a No device specified for mount point '/mnt/fast' (disko issue?). Either way, I think I'll put my /nix and related boot required mounts on the same pool as root to avoid this zfs key and mount dependency hell (though I'm not sure if I'll escape by encrypting the datasets individually; might have to encrypt whole pool so I only need 1 key load). :/ 09:57:16
@noneyescat:matrix.orgmomo
In reply to @lassulus:lassul.us
hmm, it looks like a nixpkgs bug
any plans to fix it? 🥹 		12:38:28
@lassulus:lassul.uslassulusah sure, upload your config somewhere and the command to reproduce it and maybe someone can take a look :)12:39:05
@noneyescat:matrix.orgmomomaybe I should open an issue?My config is in the same repo named *disk.nix*12:45:13

Show newer messages

Back to Room ListRoom Version: 10