nix/os: more work on partition handling

Justfile

@@ -76,15 +76,35 @@ hm-iterate-qtile:
 # Sorry, this is a manual step for now. Please see nix/os/modules/encryptedDisk.nix for the layout
 disk-prepare:
 	echo NOT IMPLEMENTED
+	# GPT partition table
+	# part1: size: 1MiB 	type: 4 BIOS BOOT
+	# part2: size: 512MiB label: 2-DISKID		(36 char limit?)
+	# part3: size: * 			label: 3-DISKID		(36 char limit?)
+	# cryptsetup format part3
+	# vgcreate DISKID part3
+	# lvcreate DISKID -L 8G -n swap
+	# lvcreate DISKID -l 100%FREE -n root
+	# sudo mkfs.vfat -F32 part2
+	# sudo mkfs.btrfs /dev/DISKID/root
+	# sudo mkswap /dev/DISKID/swap
+	# sudo mount /dev/DISKID/root /mnt
+	# sudo btrfs subvolume create nixos
+	# sudo btrfs subvolume create home
+	# sudo mount /dev/disk/by-partlabel/3-DISKID /mnt/DISKID-root
+	# pushd /dev/disk/by-partlabel/3-DISKID /mnt/DISKID-root
+	# sudo btrfs subvolume create nixos
+	# sudo mkdir nixos/{boot,home}
+	# sudo btrfs subvolume create home
+	# 
 
 # Mount the target disk specified by device configuration directory. The 'dir' argument points to a device configuration, e.g. 'nix/os/devices/steveej-live-mmc-SL32G_0x259093f6'
 disk-mount dir:
-	just -v _device diskMount {{dir}}
+	just -v _device diskMount {{dir}} --argstr rebuildarg "dummy"
 
 # Unmount target disk, specified by device configuration directory
 disk-umount dir:
-	just -v _device diskUmount {{dir}}
+	just -v _device diskUmount {{dir}} --argstr rebuildarg "dummy"
 
 # Perform an offline installation on the mounted the target disk, specified by device configuration directory
 disk-install dir:
-	just -v _device diskInstall {{dir}}
+	just -v _device diskInstall {{dir}} --argstr rebuildarg "dummy"

nix/os/devices/default.nix

@@ -31,12 +31,12 @@ in {
     ID=${diskId}
     echo Mounting $ID
     set -xe
-    cryptsetup luksOpen /dev/disk/by-partlabel/$ID-part3 $ID-part3
+    cryptsetup luksOpen /dev/disk/by-id/$ID-part3 $ID-part3
     vgchange -ay $ID
     mkdir -p /mnt/$ID-root
     mount /dev/$ID/root /mnt/$ID-root -o subvol=nixos
     mount /dev/$ID/root /mnt/$ID-root/home -o subvol=home
-    mount /dev/disk/by-partlabel/$ID-part2 /mnt/$ID-root/boot
+    mount /dev/disk/by-id/$ID-part2 /mnt/$ID-root/boot
   '';
 
   diskUmount = pkgs.writeScript "script" ''

nix/os/modules/encryptedDisk.nix

@@ -6,13 +6,23 @@ with lib;
 let
   cfg = config.hardware.encryptedDisk;
 
+
   volumeGroup = cfg.diskId;
+
+  # This is important at install-time
   bootGrubDevice = lib.concatStrings [ "/dev/disk/by-id/" cfg.diskId ];
-  bootFsDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" cfg.diskId "-part2" ];
+
-  bootLuksDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" cfg.diskId "-part3" ];
+  # These are guaranteed by LVM
   rootFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/root" ];
   swapFsDevice = lib.concatStrings [ "/dev/" volumeGroup "/swap" ];
 
+  # TODO: verify the GPT PARTLABEL cap at 36 chars
+  shortenPartlabel = name: (builtins.substring 0 36 name);
+  # Cannot use the disk ID here because might be different at install vs. runtime.
+  # Example: MMC card which is used in the internal reader vs. USB reader
+  bootFsDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" (shortenPartlabel ("2-"+cfg.diskId))];
+  bootLuksDevice = lib.concatStrings [ "/dev/disk/by-partlabel/" (shortenPartlabel ("3-"+cfg.diskId))];
+
 in {
   options.hardware.encryptedDisk = {
     enable = mkEnableOption "Enable encrypted filesystem layout";