| 24 Mar 2024 |
 ElvishJerricco | you need to open them with cryptsetup open | 23:48:59 |
 conr | oh i'm sorry, yes. open them | 23:49:45 |
| conr | NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 10.9T 0 disk
└─sda1 8:1 0 10.9T 0 part
└─crypthdd1 254:3 0 10.9T 0 crypt
sdb 8:16 0 10.9T 0 disk
└─sdb1 8:17 0 10.9T 0 part
└─crypthdd2 254:4 0 10.9T 0 crypt
sdc 8:32 0 1.8T 0 disk
└─sdc1 8:33 0 1.8T 0 part
└─cryptssd1 254:5 0 1.8T 0 crypt
sdd 8:48 0 1.8T 0 disk
└─sdd1 8:49 0 1.8T 0 part
└─cryptssd2 254:6 0 1.8T 0 crypt
nvme0n1 259:0 0 931.5G 0 disk
├─nvme0n1p1 259:1 0 1G 0 part /boot
├─nvme0n1p2 259:2 0 32M 0 part
│ └─cryptkey 254:0 0 16M 0 crypt
├─nvme0n1p3 259:3 0 32G 0 part
│ └─cryptswap 254:1 0 32G 0 crypt [SWAP]
└─nvme0n1p4 259:4 0 898.5G 0 part
└─cryptroot 254:2 0 898.5G 0 crypt
| 23:53:02 |
| conr | ok got it | 23:53:03 |
| ElvishJerricco | conr: yea so now you create a pool with those cryptssd1 devices and whatnot | 23:55:31 |
| 25 Mar 2024 |
| conr | cool. got it. | 00:06:06 |
| conr | * cool. got it setup. | 00:06:16 |
| conr | do i need to create a /etc/crypttab | 00:27:40 |
| conr | i don't have one | 00:27:42 |
 hexa | if this is a fresh install, nixos-generate-config should create hardware-configuration.nix with boot.inird.luks.devices entries | 00:29:32 |
| conr | i'm trying to just load it in level 2, not level 1 | 00:30:38 |
| ElvishJerricco | stage* 2 | 00:30:58 |
| ElvishJerricco | conr: Don't create /etc/crypttab. Just use the environment.etc option to have nixos create it. | 00:31:22 |
| conr | right stage 2 | 00:31:23 |
| conr | ok then add each value manually after? | 00:32:08 |
| conr | * ok then add each disk manually after? | 00:32:16 |
| ElvishJerricco | environment.etc.crypttab.text = ''
cryptssd1 /dev/disk/by-uuid/asdfasdf /dev/mapper/cryptkey keyfile-size=8192
cryptssd2 /dev/disk/by-uuid/wxyzwxya /dev/mapper/cryptkey keyfile-size=8192
'';
| 00:32:56 |
| ElvishJerricco | you don't need to edit /etc/crypttab at all. Just have nixos manage it like that | 00:33:07 |
| conr | ooo i like it | 00:33:14 |
| conr | Worked on the first try! | 00:49:02 |
| conr | how to i make this work recursively? systemd.tmpfiles.rules = [ "d /mnt/data1 0755 conor users" ]; | 01:28:26 |
| ElvishJerricco | conr: You can follow that line with another one like Z /mnt/data1 0755 conor users to recursively set the mode and ownership of a directory | 01:32:53 |
| conr | In reply to @elvishjerricco:matrix.org
conr: You can follow that line with another one like Z /mnt/data1 0755 conor users to recursively set the mode and ownership of a directory so like
systemd.tmpfiles.rules = [
"d /mnt/data1 0755 conor users"
"Z /mnt/data1 0755 conor users"
];
| 01:38:05 |
| ElvishJerricco | I think that would work yea | 01:38:26 |
| conr | works | 01:43:29 |
| conr | so for lanzaboote, do i need the niv folder forever? | 01:45:10 |
| conr | like commit it to my repo? | 01:45:25 |
| conr | * so for lanzaboote, do i need the niv nix folder forever? | 01:45:43 |
| conr | maybe i need to integrate it with my flake? | 01:50:22 |
| conr | i'll ask secure-boot | 01:50:55 |
