infra/nix/os/modules/encryptedDisk.nix

{ lib
, config
, ... }:
with lib;                     

let
  cfg = config.hardware.encryptedDisk;
  ownLib = import ../lib/default.nix { };
in {
  options.hardware.encryptedDisk = {
    enable = mkEnableOption "Enable encrypted filesystem layout";
    diskId = mkOption {
      type = types.string;
    };
  };

  config = lib.mkIf cfg.enable {
    fileSystems."/boot" = {
      device = (ownLib.disk.bootFsDevice cfg.diskId);
      fsType = "vfat";
    };

    fileSystems."/" = {
      device = (ownLib.disk.rootFsDevice cfg.diskId);
      fsType = "btrfs";
      options = [ "subvol=nixos" ];
    };

    fileSystems."/home" = {
      device = (ownLib.disk.rootFsDevice cfg.diskId);
      fsType = "btrfs";
      options = [ "subvol=home" ];
    };

    swapDevices = [ { device = (ownLib.disk.swapFsDevice cfg.diskId); } ];

    boot.loader.grub = {
      device = (ownLib.disk.bootGrubDevice cfg.diskId);
      enableCryptodisk = true;
    };

    boot.initrd.luks.devices = [
      {
        name =
          let
            splitstring = builtins.split "/" (ownLib.disk.bootLuksDevice cfg.diskId);
            lastelem = (builtins.length splitstring)-1;
          in
            builtins.elemAt splitstring lastelem;
        device = (ownLib.disk.bootLuksDevice cfg.diskId);
        preLVM = true;
        allowDiscards = true;
      }
    ];
  };
}
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`{ lib`
			`, config`
			`, ... }:`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`with lib;`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00
			`let`
			`cfg = config.hardware.encryptedDisk;`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`ownLib = import ../lib/default.nix { };`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`in {`
			`options.hardware.encryptedDisk = {`
			`enable = mkEnableOption "Enable encrypted filesystem layout";`
			`diskId = mkOption {`
			`type = types.string;`
			`};`
			`};`

			`config = lib.mkIf cfg.enable {`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`fileSystems."/boot" = {`
			`device = (ownLib.disk.bootFsDevice cfg.diskId);`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`fsType = "vfat";`
			`};`

			`fileSystems."/" = {`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`device = (ownLib.disk.rootFsDevice cfg.diskId);`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`fsType = "btrfs";`
			`options = [ "subvol=nixos" ];`
			`};`

			`fileSystems."/home" = {`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`device = (ownLib.disk.rootFsDevice cfg.diskId);`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`fsType = "btrfs";`
			`options = [ "subvol=home" ];`
			`};`

nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`swapDevices = [ { device = (ownLib.disk.swapFsDevice cfg.diskId); } ];`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00
			`boot.loader.grub = {`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`device = (ownLib.disk.bootGrubDevice cfg.diskId);`
move all expressions to nix/; include modularized home-manager config 2018-10-31 19:52:39 +01:00			`enableCryptodisk = true;`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`};`

nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`boot.initrd.luks.devices = [`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`{`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`name =`
			`let`
			`splitstring = builtins.split "/" (ownLib.disk.bootLuksDevice cfg.diskId);`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`lastelem = (builtins.length splitstring)-1;`
nix/devices: implement disk-prepare 2018-11-10 19:24:24 +01:00			`in`
			`builtins.elemAt splitstring lastelem;`
			`device = (ownLib.disk.bootLuksDevice cfg.diskId);`
make * composable; add install medium; archive prevoius code 2018-10-30 13:38:36 +01:00			`preLVM = true;`
			`allowDiscards = true;`
			`}`
			`];`
			`};`
			`}`