diff options
| author | lassulus <lassulus@lassul.us> | 2022-08-25 13:14:07 +0200 |
|---|---|---|
| committer | lassulus <lassulus@lassul.us> | 2022-08-25 15:32:09 +0200 |
| commit | dd99e29edc994056d5f700e24a75406115e98dff (patch) | |
| tree | 10709b66fec84d7412ccbc9d12d2d42a7d06850c /example | |
| parent | 1237ac36db1a457ae561134d191d2924a9ce5ffc (diff) | |
fix cryptsetup luksOpen idempotency, add luks-lvm test
Diffstat (limited to 'example')
| -rw-r--r-- | example/luks-lvm.nix | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/example/luks-lvm.nix b/example/luks-lvm.nix new file mode 100644 index 0000000..d0b4d26 --- /dev/null +++ b/example/luks-lvm.nix @@ -0,0 +1,78 @@ +{ + type = "devices"; + content = { + vdb = { + type = "table"; + format = "gpt"; + partitions = [ + { + type = "partition"; + part-type = "ESP"; + start = "1MiB"; + end = "100MiB"; + fs-type = "FAT32"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + options = [ + "defaults" + ]; + }; + } + { + type = "partition"; + part-type = "primary"; + start = "100MiB"; + end = "100%"; + content = { + type = "luks"; + algo = "aes-xts..."; + name = "crypted"; + keyfile = "/tmp/secret.key"; + extraArgs = [ + "--hash sha512" + "--iter-time 5000" + ]; + content = { + type = "lvm"; + name = "pool"; + lvs = { + root = { + type = "lv"; + size = "100M"; + mountpoint = "/"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + options = [ + "defaults" + ]; + }; + }; + home = { + type = "lv"; + size = "10M"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + }; + raw = { + type = "lv"; + size = "10M"; + content = { + type = "noop"; + }; + }; + }; + }; + }; + } + ]; + }; + }; +} |