dvogeldev · December 26, 2020 16:59
diff --git a/nixos-encrypted-zfs.sh b/nixos-encrypted-zfs.sh
 #!/bin/sh

 # FIRST STOP THE zfs-zed SERVICE
 systemctl stop zfs-zed

 # FORCE UNLOAD ZFS KERNEL MODULES
 lsmod | grep zfs | cut -d' ' -f1 | xargs rmmod -f

 # NOW ADD THE FOLLOWING TO /etc/nixos/configuration.nix
 #
 #   boot.supportedFilesystems = [ "zfs" ];
 #   boot.zfs.enableUnstable = true;
 #

 # AND REBUILD
 nixos-rebuild switch --upgrade

 # PARTITON DISK: 1 512MB EFI & REST ZFS
 parted --script /dev/nvme0n1 -- \
       mklabel gpt \
       mkpart esp fat32 1MiB 512MiB \
       mkpart primary 512MiB 100% \
       set 1 boot on

 # CREATE AN ENCRYPTED ZFS POOL
 zpool create -f \
      -o ashift=12 \
      -O encryption=on \
      -O keyformat=passphrase \
      -O mountpoint=none \
      rpool \
      /dev/nvme0n1p2

 # CREATE A SWAP PARTITION
 zfs create \
    -V 4G \
    -b $(getconf PAGESIZE) \
    -o compression=zle \
    -o logbias=throughput \
    -o sync=always \
    -o primarycache=metadata \
    -o secondarycache=none \
    -o com.sun:auto-snapshot=false \
    rpool/swap
 mkswap -f /dev/zvol/rpool/swap
 swapon /dev/zvol/rpool/swap

 # CREATE A ROOT PARTITION
 zfs create \
    -o mountpoint=legacy \
    rpool/root
 mkdir -p /mnt
 mount -t zfs rpool/root /mnt

 # CREATE A HOME PARTITION
 zfs create \
    -o mountpoint=legacy \
    -o compression=on \
    rpool/home
 mkdir -p /mnt/home
 mount -t zfs rpool/home /mnt/home

 # CREATE A BOOT PARTITON
 mkfs.fat -F 32 -n BOOT /dev/nvme0n1p1
 mkdir -p /mnt/boot
 mount -t vfat /dev/nvme0n1p1 /mnt/boot

 # NOW GENERATE NIXOS CONFIG FOR /mnt
 nixos-generate-config --root /mnt

 # NOW ADD THE FOLLOWING TO /mnt/etc/nixos/configuration.nix
 #
 #   boot.initrd.supportedFilesystems = [ "zfs" ];
 #   boot.supportedFilesystems = [ "zfs" ];
 #   boot.zfs.enableUnstable = true;
 #   services.zfs.autoScrub.enable = true;
 # 
 #   network.hostName = "pants";
 #   network.hostId = "abcdef01";
 # 

 # NOW INSTALL NIXOS
 nixos-install

 # NOW CLEANUP & REBOOT
 umount /mnt/{home,boot}
 umount /mnt
 swapoff -a
 zfs export -a
 reboot
	#!/bin/sh

	# FIRST STOP THE zfs-zed SERVICE
	systemctl stop zfs-zed

	# FORCE UNLOAD ZFS KERNEL MODULES
	lsmod \| grep zfs \| cut -d' ' -f1 \| xargs rmmod -f

	# NOW ADD THE FOLLOWING TO /etc/nixos/configuration.nix
	#
	# boot.supportedFilesystems = [ "zfs" ];
	# boot.zfs.enableUnstable = true;
	#

	# AND REBUILD
	nixos-rebuild switch --upgrade

	# PARTITON DISK: 1 512MB EFI & REST ZFS
	parted --script /dev/nvme0n1 -- \
	mklabel gpt \
	mkpart esp fat32 1MiB 512MiB \
	mkpart primary 512MiB 100% \
	set 1 boot on

	# CREATE AN ENCRYPTED ZFS POOL
	zpool create -f \
	-o ashift=12 \
	-O encryption=on \
	-O keyformat=passphrase \
	-O mountpoint=none \
	rpool \
	/dev/nvme0n1p2

	# CREATE A SWAP PARTITION
	zfs create \
	-V 4G \
	-b $(getconf PAGESIZE) \
	-o compression=zle \
	-o logbias=throughput \
	-o sync=always \
	-o primarycache=metadata \
	-o secondarycache=none \
	-o com.sun:auto-snapshot=false \
	rpool/swap
	mkswap -f /dev/zvol/rpool/swap
	swapon /dev/zvol/rpool/swap

	# CREATE A ROOT PARTITION
	zfs create \
	-o mountpoint=legacy \
	rpool/root
	mkdir -p /mnt
	mount -t zfs rpool/root /mnt

	# CREATE A HOME PARTITION
	zfs create \
	-o mountpoint=legacy \
	-o compression=on \
	rpool/home
	mkdir -p /mnt/home
	mount -t zfs rpool/home /mnt/home

	# CREATE A BOOT PARTITON
	mkfs.fat -F 32 -n BOOT /dev/nvme0n1p1
	mkdir -p /mnt/boot
	mount -t vfat /dev/nvme0n1p1 /mnt/boot

	# NOW GENERATE NIXOS CONFIG FOR /mnt
	nixos-generate-config --root /mnt

	# NOW ADD THE FOLLOWING TO /mnt/etc/nixos/configuration.nix
	#
	# boot.initrd.supportedFilesystems = [ "zfs" ];
	# boot.supportedFilesystems = [ "zfs" ];
	# boot.zfs.enableUnstable = true;
	# services.zfs.autoScrub.enable = true;
	#
	# network.hostName = "pants";
	# network.hostId = "abcdef01";
	#

	# NOW INSTALL NIXOS
	nixos-install

	# NOW CLEANUP & REBOOT
	umount /mnt/{home,boot}
	umount /mnt
	swapoff -a
	zfs export -a
	reboot