diff --git a/hosts/12kingdoms-rakushun/disko-fs.nix b/hosts/12kingdoms-rakushun/disko-fs.nix index b64c1e5a..07f4c1ab 100644 --- a/hosts/12kingdoms-rakushun/disko-fs.nix +++ b/hosts/12kingdoms-rakushun/disko-fs.nix @@ -40,10 +40,10 @@ size = "100%"; content = { type = "luks"; - name = "crypted"; + name = "encrypted"; settings = { keyFile = "/dev/disk/by-label/OPI5P_DSC"; # The keyfile is stored on a USB stick - # The maxium size of the keyfile is 8192 bytes + # The maximum size of the keyfile is 8192 bytes keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command fallbackToPassword = true; @@ -69,8 +69,16 @@ ]; content = { type = "btrfs"; - extraArgs = ["-f"]; + extraArgs = ["-f"]; # Force override existing partition subvolumes = { + # mount the top-level subvolume at /btr_pool + # it will be used by btrbk to create snapshots + "/" = { + mountpoint = "/btr_pool"; + # btrfs's top-level subvolume, internally has an id 5 + # we can access all other subvolumes from this subvolume. + mountOptions = ["subvolid=5"]; + }; "@nix" = { mountpoint = "/nix"; mountOptions = ["compress-force=zstd:1" "noatime"]; diff --git a/hosts/12kingdoms-suzu/disko-fs.nix b/hosts/12kingdoms-suzu/disko-fs.nix index 975dbd1f..fafef7dc 100644 --- a/hosts/12kingdoms-suzu/disko-fs.nix +++ b/hosts/12kingdoms-suzu/disko-fs.nix @@ -40,10 +40,10 @@ size = "100%"; content = { type = "luks"; - name = "crypted"; + name = "encrypted"; settings = { keyFile = "/dev/disk/by-label/OPI5_DSC"; # The keyfile is stored on a USB stick - # The maxium size of the keyfile is 8192 bytes + # The maximum size of the keyfile is 8192 bytes keyFileSize = 512 * 64; # match the `bs * count` of the `dd` command keyFileOffset = 512 * 128; # match the `bs * skip` of the `dd` command fallbackToPassword = true; @@ -69,8 +69,16 @@ ]; content = { type = "btrfs"; - extraArgs = ["-f"]; + extraArgs = ["-f"]; # Force override existing partition subvolumes = { + # mount the top-level subvolume at /btr_pool + # it will be used by btrbk to create snapshots + "/" = { + mountpoint = "/btr_pool"; + # btrfs's top-level subvolume, internally has an id 5 + # we can access all other subvolumes from this subvolume. + mountOptions = ["subvolid=5"]; + }; "@nix" = { mountpoint = "/nix"; mountOptions = ["compress-force=zstd:1" "noatime"]; diff --git a/hosts/idols-ai/hardware-configuration.nix b/hosts/idols-ai/hardware-configuration.nix index 2acc5c4b..b242d194 100644 --- a/hosts/idols-ai/hardware-configuration.nix +++ b/hosts/idols-ai/hardware-configuration.nix @@ -45,7 +45,7 @@ boot.initrd = { # unlocked luks devices via a keyfile or prompt a passphrase. - luks.devices."crypted-nixos" = { + luks.devices."encrypted-nixos" = { # NOTE: DO NOT use device name here(like /dev/sda, /dev/nvme0n1p2, etc), use UUID instead. # https://github.com/ryan4yin/nix-config/issues/43 device = "/dev/disk/by-uuid/a21ca82a-9ee6-4e5c-9d3f-a93e84e4e0f4"; @@ -63,6 +63,14 @@ }; }; + fileSystems."/btr_pool" = { + device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd"; + fsType = "btrfs"; + # btrfs's top-level subvolume, internally has an id 5 + # we can access all other subvolumes from this subvolume. + options = ["subvolid=5"]; + }; + # equal to `mount -t tmpfs tmpfs /` fileSystems."/" = { device = "tmpfs"; diff --git a/hosts/k8s/disko-config/kubevirt-disko-fs.nix b/hosts/k8s/disko-config/kubevirt-disko-fs.nix index 8d8c385b..4bfe6d56 100644 --- a/hosts/k8s/disko-config/kubevirt-disko-fs.nix +++ b/hosts/k8s/disko-config/kubevirt-disko-fs.nix @@ -75,8 +75,16 @@ ]; content = { type = "btrfs"; - extraArgs = ["-f"]; + extraArgs = ["-f"]; # Force override existing partition subvolumes = { + # mount the top-level subvolume at /btr_pool + # it will be used by btrbk to create snapshots + "/" = { + mountpoint = "/btr_pool"; + # btrfs's top-level subvolume, internally has an id 5 + # we can access all other subvolumes from this subvolume. + mountOptions = ["subvolid=5"]; + }; "@nix" = { mountpoint = "/nix"; mountOptions = ["compress-force=zstd:1" "noatime"]; diff --git a/modules/nixos/base/btrbk.nix b/modules/nixos/base/btrbk.nix new file mode 100644 index 00000000..e97c9824 --- /dev/null +++ b/modules/nixos/base/btrbk.nix @@ -0,0 +1,24 @@ +{ + # Tool for creating snapshots and remote backups of btrfs subvolumes + # https://github.com/digint/btrbk + services.btrbk.instances.btrbk = { + # How often this btrbk instance is started. See systemd.time(7) for more information about the format. + onCalendar = "daily"; + settings = { + # keep daily snapshots for 14 days + snapshot_preserve = "14d"; + # keep all snapshots for 2 days, no matter how frequently you (or your cron job) run btrbk + snapshot_preserve_min = "2d"; + volume = { + "/btr_pool" = { + subvolume = { + "@persistent" = { + snapshot_create = "always"; + }; + }; + target = "/snapshots"; + }; + }; + }; + }; +}