| 8 Aug 2024 |
 eyJhb | NIX_TOP_LEVEL_PATH=$(nix build --impure -I nixos-config=./machines/gerd.nix --json --expr "(import <nixpkgs/nixos> {}).config.system.build.toplevel" | jq -r '.[].outputs.out')
NIX_DISKO_SCRIPT=$(nix build --impure -I nixos-config=./machines/gerd.nix --json --expr "(import <nixpkgs/nixos> {}).config.system.build.diskoScriptNoDeps" | jq -r '.[].outputs.out')
nixos-anywhere --store-paths "$NIX_DISKO_SCRIPT" "$NIX_TOP_LEVEL_PATH" "$USERNAME@$IP"
Works just fine without LUKS.
{ lib, ... }:
let
makeZFSDatasets = datasets: (lib.mapAttrs' (n: v: lib.nameValuePair v.dataset ({
type = "zfs_fs";
mountpoint = n;
options.mountpoint = "legacy";
} // (if v ? extra then v.extra else {}))) datasets);
in {
disko.devices = {
disk.disk1 = {
type = "disk";
device = lib.mkDefault "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "cryptroot";
settings.allowDiscards = true;
# passwordFile = "/tmp/luks.pass";
content = {
type = "zfs";
pool = "rpool";
};
};
};
};
};
};
zpool = {
rpool = {
type = "zpool";
# rootFsOptions.compression = "zstd";
rootFsOptions = {
compression = "on";
atime = "off";
acltype = "posixacl";
xattr = "sa";
# test
# "com.sun:auto-snapshot" = "false";
# "com.klarasystems:vdev_zaps_v2" = "false";
};
datasets = let
baseDatasets = {
"/" = { dataset = "root"; extra = { postCreateHook = "zfs snapshot rpool/root@blank"; }; };
"/nix".dataset = "local/nix";
"/state/stash".dataset = "local/stash";
"/state/home".dataset = "safe/home";
"/state/root".dataset = "safe/persistent";
# extra datasets
"/srv/forgejo" = { dataset = "safe/svcs/forgejo"; extra.options.quota = "5G"; };
};
in (makeZFSDatasets baseDatasets);
};
};
};
}
| 11:34:16 |
 lassulus | why the nodeps output? the normal output would put cryptsetup into PATH | 11:34:54 |
| eyJhb | I seem to remember I yanked it from some manual. | 11:35:59 |
| eyJhb | But, that might be me misremembering. | 11:36:08 |
| eyJhb | I've changed it away from nodeps now :) | 11:37:00 |
| eyJhb | Yeah, seems to work now. Thanks for solving me being stupid lassulus ! | 11:37:32 |
| eyJhb | Also, I had to reread the nodeps a couple of times, my mind couldn't understand what NODE ps was, and why node was relevant. | 11:38:12 |
| lassulus | :D maybe I should have written NoDeps | 11:40:21 |
| eyJhb | We got to it in the end :p Thank you for the quick response :D Now I can continue | 11:42:33 |
| 10 Aug 2024 |
 matthewcroughan | Disko can't make something with an arbitrary sector start or gpt table length can it? | 21:48:22 |
| matthewcroughan | Is it possible with the gpt type to dd a nix store path to a partition? | 22:06:21 |
| matthewcroughan | I guess that'd be done in the postCreate hook, but it's quite an unsafe thing to do | 22:13:05 |
| matthewcroughan | not clear how to access the disko vars or what ones to access to get the absolute path to the partition in question, by nix evaluation | 22:13:25 |
| 11 Aug 2024 |
| matthewcroughan | Here's what I'm talking about, and the best I could come up with | 14:23:32 |
| matthewcroughan | devices = {
disk = {
disk1 = rec {
type = "disk";
device = "/dev/disk/by-id/usb-Generic-_SD_MMC_20120501030900000-0:0";
postCreateHook = ''
lsblk
cat ${uboot}/bl2.bin > /dev/disk/by-partlabel/disk-disk1-bl2
cat ${uboot}/fip.bin > /dev/disk/by-partlabel/disk-disk1-fip
sgdisk -A 1:set:2 ${device}
'';
content = {
type = "gpt";
partitions = {
bl2 = {
start = "34";
end = "8191";
priority = 1;
type = "8300";
};
fip = {
start = "8192";
end = "12287";
priority = 2;
type = "8300";
};
| 14:23:35 |
| matthewcroughan | * ...
disko.devices = {
disk = {
disk1 = rec {
type = "disk";
device = "/dev/disk/by-id/usb-Generic-_SD_MMC_20120501030900000-0:0";
postCreateHook = ''
lsblk
cat ${uboot}/bl2.bin > /dev/disk/by-partlabel/disk-disk1-bl2
cat ${uboot}/fip.bin > /dev/disk/by-partlabel/disk-disk1-fip
sgdisk -A 1:set:2 ${device}
'';
content = {
type = "gpt";
partitions = {
bl2 = {
start = "34";
end = "8191";
priority = 1;
type = "8300";
};
fip = {
start = "8192";
end = "12287";
priority = 2;
type = "8300";
};
...
| 14:23:44 |
| matthewcroughan | notice how I've just guessed the by-partlabel paths and it's not happening by nix evaluation, and how I've had to use a recursive set to get the device path | 14:24:24 |
| matthewcroughan | This also won't work in the image builder, it will only work for running the real disko script due to the dependency on the device path which will differ in the VM
| 14:24:49 |
| matthewcroughan | Another issue with using disko for embedded is that the label name is derived from the attributes | 16:01:57 |
| matthewcroughan | Device Start End Sectors Type-UUID UUID Name Attrs
/dev/sda1 2048 8191 6144 0FC63DAF-8483-4772-8E79-3D69D8477DE4 1422349D-2826-4F14-B386-22BAA5192059 disk-disk1-bl2
/dev/sda2 8192 12287 4096 0FC63DAF-8483-4772-8E79-3D69D8477DE4 1A62DEAA-68A3-4601-A69A-7ADFE4ECDED9 disk-disk1-fip
/dev/sda3 12288 2109439 2097152 C12A7328-F81F-11D2-BA4B-00A0C93EC93B FAB4CFF0-8873-4B78-B61E-E6252BA5EEDD disk-disk1-boot
/dev/sda4 2109440 62332927 60223488 0FC63DAF-8483-4772-8E79-3D69D8477DE4 5A0ACF68-C9C3-4822-A92D-99A02DCFA863 disk-disk1-root
| 16:01:58 |
| matthewcroughan | the name is disk-disk1-fip and not fip, but the u-boot bl2 (second stage bootloader) specifically reads this label and matches a string | 16:02:24 |
| matthewcroughan | So this seems like another awkward point for disko, where I'm unable to coerce it into doing the right thing for the use-case | 16:02:50 |
| matthewcroughan | I managed to end up with the following error on bcachefs creation, maybe the diskoScript is too fast?
starting version 1.9: disk_accounting_v2 opts=compression=lz4
initializing new filesystem
going read-write
initializing freespace
IO error: Operation not permitted
| 16:03:36 |
| matthewcroughan | Posted that to #bcache anyway, having so many issues with it lately | 16:07:10 |
| lassulus | You can override the partition Labels. Also some attributes are available in the hooks like the device | 16:08:07 |
| lassulus | Just run env in the hook and look at the output | 16:08:21 |
| matthewcroughan | In reply to @lassulus:lassul.us
You can override the partition Labels. Also some attributes are available in the hooks like the device I may be able to, but this then makes it even more risky to run outside of the image builder, since the partlabel may conflict with a real world part label | 16:08:48 |
| matthewcroughan | of something else also plugged into the machine | 16:09:07 |
| matthewcroughan | In reply to @lassulus:lassul.us
You can override the partition Labels. Also some attributes are available in the hooks like the device "in the hooks" have you got a literal example? | 16:09:45 |
| matthewcroughan | is it like config.disko.something._hooks ? | 16:09:54 |
