nixos/global/fs/zfs/split.nix

{ pkgs
, lib
, config
, ... }: with lib; let
  cfg = config.global.fs.zfs.split;
in mkIf cfg.enable {
  # unconditionally enable fstrim for xfs and ext4
  services.fstrim.enable = mkDefault true;

  # enable swraid for split raid1 system array
  boot.swraid.enable = mkDefault true;
  boot.swraid.mdadmConf = mkDefault ''
    PROGRAM ${cfg.mdProg}
  '';

  # secret filesystem backed by LUKS on swraid
  fileSystems."/nix/var/secret" =
  { device = "/dev/disk/by-uuid/${cfg.secret}";
    fsType = "ext4";
    options = [ "noatime" ];
    neededForBoot = true;
    depends = [ "/nix/var" ];
  };

  # import system state pool after encrypted filesystems become available for key loading
  boot.initrd.systemd.services."zfs-import-${config.global.fs.store}".after = [ "cryptsetup.target" ];
}
feat(fs): add zfs split store options 2024-02-10 00:16:09 +08:00			`{ pkgs`
			`, lib`
			`, config`
			`, ... }: with lib; let`
			`cfg = config.global.fs.zfs.split;`
			`in mkIf cfg.enable {`
			`# unconditionally enable fstrim for xfs and ext4`
			`services.fstrim.enable = mkDefault true;`

			`# enable swraid for split raid1 system array`
			`boot.swraid.enable = mkDefault true;`
			`boot.swraid.mdadmConf = mkDefault ''`
			`PROGRAM ${cfg.mdProg}`
			`'';`

			`# secret filesystem backed by LUKS on swraid`
			`fileSystems."/nix/var/secret" =`
			`{ device = "/dev/disk/by-uuid/${cfg.secret}";`
			`fsType = "ext4";`
			`options = [ "noatime" ];`
			`neededForBoot = true;`
			`depends = [ "/nix/var" ];`
			`};`

			`# import system state pool after encrypted filesystems become available for key loading`
			`boot.initrd.systemd.services."zfs-import-${config.global.fs.store}".after = [ "cryptsetup.target" ];`
			`}`