From c9189d5094d84c2f53c33c8792057e53739ec0fa Mon Sep 17 00:00:00 2001
From: Greg Burd <gburd@symas.com>
Date: Thu, 21 Sep 2023 14:19:52 -0400
Subject: [PATCH] btrfs

---
 NOTES                                     | 43 +++++++++++++++++++++++
 hosts/common/optional/ephemeral-btrfs.nix |  7 ++++
 2 files changed, 50 insertions(+)

diff --git a/NOTES b/NOTES
index 93a16e5..f323538 100644
--- a/NOTES
+++ b/NOTES
@@ -12,6 +12,47 @@
   https://dev.to/stack-labs/manage-your-secrets-in-git-with-sops-common-operations-118g
 
 INSTALL:
+export device=/dev/nvme0n1
+printf "label: gpt\n,550M,U\n,,L\n" | sfdisk ${device}
+mkfs.fat -F 32 ${device}
+cryptsetup --verify-passphrase -v luksFormat "${device}p2"
+cryptsetup open "${device}p2"enc
+mkfs.btrfs /dev/mapper/enc
+mount /dev/mapper/enc /mnt
+btrfs subvolume create /mnt/root
+btrfs subvolume create /mnt/nix
+btrfs subvolume create /mnt/persist
+btrfs subvolume create /mnt/swap
+btrfs subvolume create /mnt/logs
+
+mount -o compress=zstd,subvol=root /dev/mapper/enc /mnt
+mkdir /mnt/{nix,persist,swap,logs}
+mount -o compress=zstd,noatime,subvol=nix /dev/mapper/enc /mnt/nix
+mount -o compress=zstd,subvol=persist /dev/mapper/enc /mnt/persist
+mount -o compress=zstd,noatime,subvol=logs /dev/mapper/enc /mnt/logs
+mount -o noatime,subvol=swap /dev/mapper/enc /mnt/swap
+
+mkdir /mnt/boot
+mount /dev/sda1 /mnt/boot
+
+nixos-generate-config --root /mnt
+nano /mnt/etc/nixos/configuration.nix # manually add mount options
+nixos-install
+
+nixos-generate-config --show-hardware-config
+
+fileSystems = {
+  "/".options = [ "compress=zstd" ];
+  "/nix".options = [ "compress=zstd" "noatime" ];
+  "/persist".options = [ "compress=zstd" "noatime" ];
+  "/logs".options = [ "compress=zstd" "noatime" ];
+  "/swap".options = [ "noatime" ];
+};
+
+btrfs filesystem mkswapfile --size 8g --uuid clear /swap/swapfile
+swapDevices = [ { device = "/swap/swapfile"; } ];
+nixos-rebulid switch
+
 export NIX_CONFIG="experimental-features = nix-command flakes"
 nix-env -iA nixos.pinentry nixos.git
 echo pinentry-program $(which pinentry) >> ~/.gnupg/gpg-agent.conf
@@ -32,3 +73,5 @@ clear; sudo nixos-rebuild dry-activate --flake .#loki
 
 -------
   services.pcscd.enable = true;
+
+https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html
\ No newline at end of file
diff --git a/hosts/common/optional/ephemeral-btrfs.nix b/hosts/common/optional/ephemeral-btrfs.nix
index de9834f..da6679c 100644
--- a/hosts/common/optional/ephemeral-btrfs.nix
+++ b/hosts/common/optional/ephemeral-btrfs.nix
@@ -66,6 +66,13 @@ in
       neededForBoot = true;
     };
 
+    "/logs" = {
+      device = "/dev/disk/by-label/${hostname}";
+      fsType = "btrfs";
+      options = [ "subvol=logs" "noatime" "compress=zstd" ];
+      neededForBoot = true;
+    };
+
     "/swap" = {
       device = "/dev/disk/by-label/${hostname}";
       fsType = "btrfs";