Raphaël Numbus
75 lines
1.9 KiB
Nix
75 lines
1.9 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
cfg = config.numbus.hardware.disks;
|
|
|
|
contentCount = builtins.length cfg.content.list;
|
|
parityCount = builtins.length cfg.parity.list;
|
|
|
|
dataMirror = {
|
|
disko.devices.disk = listToAttrs (imap0 (i: device: {
|
|
name = "mirror-${toString i}";
|
|
value = {
|
|
type = "disk";
|
|
inherit device;
|
|
content = {
|
|
type = cfg.partitionTableScheme;
|
|
partitions.raid = {
|
|
size = cfg.content.partition.size;
|
|
content = {
|
|
type = "mdraid";
|
|
name = "mirror";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}) (cfg.content.list ++ cfg.parity.list));
|
|
|
|
disko.devices.mdadm.mirror = {
|
|
type = "mdadm";
|
|
level = 1;
|
|
content = {
|
|
type = "luks";
|
|
name = "mirror";
|
|
settings.keyFile = "/run/secrets/disks/mirror";
|
|
initrdUnlock = false;
|
|
content = {
|
|
type = "filesystem";
|
|
format = cfg.content.partition.filesystem;
|
|
mountpoint = "/mnt/data";
|
|
mountOptions = [ "noauto" "nofail" ];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
in
|
|
|
|
{
|
|
config = mkIf (contentCount == 1 && parityCount == 1) (mkMerge [
|
|
dataMirror
|
|
{
|
|
systemd.services.mount-mirror = {
|
|
description = "Mount the disks mirror.";
|
|
before = [ "mnt-data.mount" ];
|
|
requiredBy = [ "mnt-data.mount" ];
|
|
requires = [ "sops-install-secrets.service" ];
|
|
path = [ pkgs.cryptsetup pkgs.util-linux ];
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
RemainAfterExit = true;
|
|
};
|
|
script = ''
|
|
if [ ! -e /dev/mapper/mirror ]; then
|
|
cryptsetup open /dev/md/mirror mirror --key-file /run/secrets/disks/mirror
|
|
fi
|
|
mkdir -p /mnt/data
|
|
if ! mountpoint -q /mnt/data; then
|
|
mount -t ${cfg.content.partition.filesystem} /dev/mapper/mirror /mnt/data
|
|
fi
|
|
'';
|
|
};
|
|
}
|
|
]);
|
|
} |