Get basic PoC up and running on mx.kaareskovgaard.net

Now zpool-helper can create the zpool and datasets. But there's no reconsiliation of existing zpools and datasets. However everything gets encrypted as it should, and unlocked on boot.
2025-08-07 00:01:36 +02:00 · 2025-08-07 00:01:36 +02:00 · aaf4d1e5a3
commit aaf4d1e5a3
parent 71b4792fdd
2 changed files with 4 additions and 3 deletions
--- a/nix/modules/nixos/fs/zfs/default.nix
+++ b/nix/modules/nixos/fs/zfs/default.nix
@ -12,11 +12,10 @@ let
    { name, value }:
    let
      enc = lib.strings.optionalString (!isTest) ''
-
+        \
        --encryption-key-mount=${lib.escapeShellArg value.encryptionKeyOpenbao.mount} \
        --encryption-key-name=${lib.escapeShellArg value.encryptionKeyOpenbao.name} \
-        --encryption-key-field=${lib.escapeShellArg value.encryptionKeyOpenbao.field} \
+        --encryption-key-field=${lib.escapeShellArg value.encryptionKeyOpenbao.field}'';
      '';
    in
    ''
      ${zpoolSetup} setup ${enc} \
--- a/nix/packages/zpool-setup/default.nix
+++ b/nix/packages/zpool-setup/default.nix
@ -7,6 +7,8 @@
  crateName = "zpool-setup";
  replacePath = true;
  runtimeInputs = [
    pkgs.openbao
    pkgs.uutils-coreutils-noprefix
    pkgs.zfs
  ];
 }