From 2751a9750cda6e017efe2943c671638e74fc1b57 Mon Sep 17 00:00:00 2001
From: Rouven Seifert <rouven@rfive.de>
Date: Thu, 16 Feb 2023 22:08:44 +0100
Subject: [PATCH] switched to btrfs

---
 .sops.yaml                                |  2 +-
 hosts/thinkpad/default.nix                |  6 +--
 hosts/thinkpad/hardware-configuration.nix | 38 +++++++++-----
 secrets/thinkpad.yaml                     | 62 +++++++++++------------
 4 files changed, 59 insertions(+), 49 deletions(-)
 mode change 100755 => 100644 hosts/thinkpad/hardware-configuration.nix

diff --git a/.sops.yaml b/.sops.yaml
index 40bb237..4ad122e 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,6 +1,6 @@
 keys:
   - &rouven 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
-  - &thinkpad age1adv7rejxykyve466dx7pykzgdawkgzeneql3wgwv02gx72cyeewqsm3wn6
+  - &thinkpad age1pwdahgk2yty9w8cw5ht90mral76h0ndp3vkp93xm4g0cttjlsvgqn8vlys
   - &nuc age1930r9v2y57zkwghlxapj348c4rfnmr70de898cdhu5rue5cpagzq74wymk
 creation_rules:
   - path_regex: secrets/thinkpad\.yaml$
diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix
index 25e24e3..a1770e0 100755
--- a/hosts/thinkpad/default.nix
+++ b/hosts/thinkpad/default.nix
@@ -15,8 +15,7 @@
   boot = {
     loader.systemd-boot.enable = true;
     loader.efi.canTouchEfiVariables = true;
-    kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
-    supportedFilesystems = [ "zfs" ];
+    kernelPackages = pkgs.linuxPackages_latest;
   };
 
   time.timeZone = "Europe/Berlin";
@@ -80,8 +79,7 @@
     printing.enable = true;
     fprintd.enable = true; # log in using fingerprint
     openssh.enable = true; # enabled ssh to have the host keys
-    zfs.autoScrub.enable = true; # periodically check filesystem and repair it
-    zfs.trim.enable = true; # weekly ssd trimming
+    btrfs.autoScrub.enable = true; # periodically check filesystem and repair it
   };
 
   programs.steam.enable = true; # putting steam in here cause in home manager it doesn't work
diff --git a/hosts/thinkpad/hardware-configuration.nix b/hosts/thinkpad/hardware-configuration.nix
old mode 100755
new mode 100644
index 6519779..b7d1e40
--- a/hosts/thinkpad/hardware-configuration.nix
+++ b/hosts/thinkpad/hardware-configuration.nix
@@ -13,38 +13,50 @@
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
+  boot.initrd.luks.devices."luksroot" = {
+    device = "/dev/disk/by-uuid/6b89181c-71e0-4e84-8523-2456d3e28400";
+    allowDiscards = true;
+  };
 
   fileSystems."/" =
     {
-      device = "rpool/nixos/root";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
+      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
+      fsType = "btrfs";
+      options = [ "subvol=root" "compress=zstd" "discard=async" "noatime" ];
     };
 
+
   fileSystems."/home" =
     {
-      device = "rpool/nixos/home";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
+      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
+      fsType = "btrfs";
+      options = [ "subvol=home" "compress=zstd" "discard=async" "noatime" ];
     };
 
   fileSystems."/var/lib" =
     {
-      device = "rpool/nixos/var/lib";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
+      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
+      fsType = "btrfs";
+      options = [ "subvol=lib" "compress=zstd" "discard=async" "noatime" ];
     };
 
   fileSystems."/var/log" =
     {
-      device = "rpool/nixos/var/log";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
+      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
+      fsType = "btrfs";
+      options = [ "subvol=log" "compress=zstd" "discard=async" "noatime" ];
+    };
+
+  fileSystems."/nix/store" =
+    {
+      device = "/dev/disk/by-uuid/3d44cde5-17a2-4023-b9ae-3a02ae68aa81";
+      fsType = "btrfs";
+      options = [ "subvol=store" "compress=zstd" "discard=async" "noatime" ];
     };
 
   fileSystems."/boot" =
     {
-      device = "/dev/disk/by-uuid/96DD-4C81";
+      device = "/dev/disk/by-uuid/B174-4DAE";
       fsType = "vfat";
     };
 
diff --git a/secrets/thinkpad.yaml b/secrets/thinkpad.yaml
index 5efa7af..3079e37 100644
--- a/secrets/thinkpad.yaml
+++ b/secrets/thinkpad.yaml
@@ -1,51 +1,51 @@
-wireless-env: ENC[AES256_GCM,data:Ff4K563edWDrcnXmkF61W3dAdXiZHRTDxBAcy0W6EFxy76r7HTc7wXnqQyQiS9LCJd9nBTjHuWKi2xbeewWlnHbVz1OuAoV7FrWuNd27gf6I6e3n8lURIjaGMXX2ttzzVdvoviFmA12ZQzj8diS+MTNGzHrAHR/ZNEmNS3qFLIe8EHWCFAqcByuURB2lw6kIz8GBB//Cu5fAhncorppbMIQbhNj6LX0GRm6177EIeG9hOc/oc3mTMZ6HJEEIjJEQHK5z0UMj9Q==,iv:Rq+MrdCHaIXgUKqSUr/lmrcWPl2K2WRcotKSX5FkiFw=,tag:ijyM4lHrigvI41kyG/WjDw==,type:str]
+wireless-env: ENC[AES256_GCM,data:BPRubHOwQfJxB6aKh35BDwGlP+0QE9YDSbLJ4jIIKmQGhtJ6S+Haoqr+68Siy+P7ZfISbMk6mEOvpoEl23eB5yODvbCrwhYeffZYPrKCsgLTF0R/KXiXwpHTPNma74n2b+c9/BXfAuoLDmNdV+6+Is3BAyhbjyRJPnJgAEXt+v8sBKsrbwZK0sZERwcQotwwKh5nmwQOyfNOaSnDOEegcC11O76/GwSBP7LC7NVVFUiyOieJjF9hvOoXRrag/A/DCu5INQoJ7g==,iv:uFIGvz7poAOMCcfSmh3dwyEH7o8H7HcDDwQEsRNBmN0=,tag:j9pEBS6onwslgQ4AlqvWZw==,type:str]
 uni:
-    zih: ENC[AES256_GCM,data:XwpN5u2X3YBZqxtb7COASMA=,iv:RmOYmjiNhXjs1iNq5WTZeVYmQArjqNpp6/a+9EkiIfw=,tag:Hcb0ECIM6HB4kM6/JudaMQ==,type:str]
+    zih: ENC[AES256_GCM,data:KoiT/w5SsUEFAC5beCs3R5o=,iv:qQRZfdtbiAIWUAkdgrpdR8AWDdedn9yl9NcRm0ymE2A=,tag:uyhy5n40PgsWuaEofJjmog==,type:str]
 wireguard:
     dorm:
-        private: ENC[AES256_GCM,data:iibKc6YvL99Jf9RQA+4YlI65Yw0jtosOCid1q+beUpcn5jA3AOqKB3wjcJM=,iv:N3xAETIeRo7vRq+/3QMdUYJtaZQr7iIgnGoD5rnHsRc=,tag:Fyc12YxfqM/NuDuiyKQpvg==,type:str]
-        preshared: ENC[AES256_GCM,data:213FbLKK5RQa8uADicr7k/YyLI1L0oUR6vuGYX6PunvylKD619WCTZLoya8=,iv:RVs713dJO79C8vStcvIq9/kAWlE8wpKVJd3NjtTKI+g=,tag:yedynedj8BGaJpISY2y9ww==,type:str]
+        private: ENC[AES256_GCM,data:l2SEIEoljGLrEDWEVdfJiVdLafyAmlR4wKzKtz/xsLL6kEGveK/dgsDvjiU=,iv:5YktJB0g/2Agd+0+synPjZUsxxa5JPorFn975Vr/PF4=,tag:c6CmppUVMcjrip4YraBurQ==,type:str]
+        preshared: ENC[AES256_GCM,data:sb6vHcYO6c+m2jegangICr3v2toTFdSwt/rgCKD7q4UB/qR8U5CaAEjQdXY=,iv:QwQbNxx4+xTL14ID10bS7HWxKWzkoMSV6wHu8qytbEU=,tag:ozsK2gqayY56uOTGZtCNqQ==,type:str]
 email:
-    tu-dresden: ENC[AES256_GCM,data:13YAHNUqwmwj1yqOle+M1us=,iv:Ed960kTLUeq2lq0NogRmGXS69yKT2Mwst5XBrd110bY=,tag:6HNlFPTYXNzfsXTlwg1+uQ==,type:str]
-    rfive: ENC[AES256_GCM,data:dyJEoaq8EKqMD0loWr0H5gXepwptZ8givA==,iv:WAT4LsBbIA/po2xd5R0K5HAsqbw+WigLJWo0T8ftPTE=,tag:Tjs9zETfxXZsS43hC6+13Q==,type:str]
-    google: ENC[AES256_GCM,data:1BeiGEku2zE9uS8WR3yRgA==,iv:uRaDPblZpxdAH72EaV2Rjho/MZsiVjqFsVSJHzz3GrU=,tag:Vs9GWbwFrdg8vYnLROaOGA==,type:str]
-    ifsr: ENC[AES256_GCM,data:yeYK+dZwSaL3oKS0UE8Plmh6dVKWTA==,iv:xrBlx9C6uau6hVHVZDTcdMegI0475QQR4ZCjIwq7kP0=,tag:D4G15DIkswldCRa63P1IgQ==,type:str]
+    tu-dresden: ENC[AES256_GCM,data:JRSfF2tnZX6NRPXFdJE5c7Q=,iv:phOzSD2XUcnvSneKtmMmB5zYrnXcZL1PzsurWLsy9gA=,tag:sxC5hLb7Rd4j5/mEi8Zu6A==,type:str]
+    rfive: ENC[AES256_GCM,data:noHhc37RxE/UZtTcllCb0r57ke7mauZNpQ==,iv:kbhXBDcRigSxbPyQu5HS8xG+WfehEYNi+uGC6lcvHEw=,tag:CPHmf85Fr54P8zj/dShazg==,type:str]
+    google: ENC[AES256_GCM,data:MObdBDErPOyPISOoc8zlQA==,iv:cPJgKjHR838Pm4O+WI52ZO4v4ds4GU351oU0HDSDfsg=,tag:dy+ApExgn26+3Osu5B2kaQ==,type:str]
+    ifsr: ENC[AES256_GCM,data:cJT5du8Jwy+rh286H55P2bEIIPtNpg==,iv:1qYzIqSWJ68GTGfl0x0YRZMPQAGAmibI1GKfdDWOrO4=,tag:sbHPs81bL88Ns75Mu+OUnQ==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age:
-        - recipient: age1adv7rejxykyve466dx7pykzgdawkgzeneql3wgwv02gx72cyeewqsm3wn6
+        - recipient: age1pwdahgk2yty9w8cw5ht90mral76h0ndp3vkp93xm4g0cttjlsvgqn8vlys
           enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnd1UrV1pRSHhzL1dKWTBv
-            WkM0d0xLL1ErbDMyNmIwRlB5dDU5Sm5DYWxjCnVoVjN5RmRRNURpSm94Z1lKb2pn
-            dWJLZEpVR3hWeWlrd0hCOW41WWptZHcKLS0tIHJnWUlwV2RxMFZQMFBzQisyeGIz
-            ZGFKS3ZXR216SXpBK1E2d3IyS2h3WjAK6xFl7yDaLald51Dts1lL+M4IF84bzsgy
-            1RJiIAGi3/0R4f6GxH7oXaV14zXDk/6lw3VJbwIcgC9FSVcW1FJXIQ==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBCQ243byszWm45UmpialpS
+            OVVsTEFQNDZrS3NRdUc1aFBOcTFyclZkenpzCmtXcnlsZGNBOTBhZVJSNFdrck9i
+            MHI0WjA4dy9DTFk3cWwydkJvR0h3RmsKLS0tIGxsM0hzUmg4RVBUOTI3QTZMZG4x
+            d1J5UHJDYjlZWEV1aEVDSmxhWDB0anMKMNzyd465AdMyX0o9NxF+hcLyROcd8xoJ
+            39K5xIDzcqpu6HfoZk1kZ/TT1DS2Xiw0rDuJHWdfpnS8zNe6DL3a7Q==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2023-01-31T14:10:56Z"
-    mac: ENC[AES256_GCM,data:bxqaG3QXd1W9rSlcTUYnv+RvScjt53lyteTniLUNbLMmDcYDonTK6E+pudhrq0OWoRGfsKQrfrTWmAQZg4jRWr+M6zLt2IFrLar5b/XYuGdMD9+nEGxnpRfvmOeHDGCFAmG98H1A35Y9YPGA4vEzuxCKRNG5Somk81sPt9x0C7Q=,iv:zNcxle9LiWKE6Zu2xpagR5VFLQsoabpGwswa7FFb3BI=,tag:o9vGc35oofTmCsu2sWHx6Q==,type:str]
+    lastmodified: "2023-02-16T20:53:53Z"
+    mac: ENC[AES256_GCM,data:mcQexhVzXr28XF6KyN9MckSpD03q5tJl/IgL1CCeyvBRY4TkxBuTMKld22R9pp46StMfg16A2j2voTc546ayribLgIfn78wxa0sraaYoir+/xaF697EoO8UfthHPdmd8DHru7yoOFx0F4k2jNHGSIEi+FNrflUu+L8PxZ7Kyzms=,iv:HKW9WpufHCpUNSM048g2djj+h1vwB+gnL84hZH1LuJw=,tag:6Hj9ua1wsIvlsIvn5eOvXw==,type:str]
     pgp:
-        - created_at: "2023-01-28T13:13:40Z"
+        - created_at: "2023-02-16T20:53:51Z"
           enc: |-
             -----BEGIN PGP MESSAGE-----
 
-            wcFMAzUXo8ZPJwGLAQ//X2vlfKYO00ydDER64ca6cIvSTuNvteohKAmPZ+HNGhdy
-            UaPpmQyXo4hI98yT90/x3E/MWCUJSEeKnNkoga28PHS0Gna+nk8q/t11ITMs7Pcu
-            PJZreqs+eK2rgimpOx862OEY9ur/9+q8rgAmcRiuxhdwA+B23yrr8I+BcfCaUnTG
-            kXjv8eFzzoZ6g7vPDHYIcTISdlBvtM06TmikzxZ7TefE/19iFt0tvdmPy/s7YchC
-            Dk80ULIUI61yg7y4B1fczDPH5k/WWCjO3NfQ/mezkrD2RMmQPkeDnvvpeGrgZtD4
-            7sV7/TpNchFBjvnhCp5v2BaQN/r4jpCDdmU1rfc0ZfSuwcmUwwSJKS4cd5yb1gC+
-            hYBevnNNepgiKYv1yXbNT92o4eI0QMe0nS1RnDZN3kTQxzS7Z/BbAj1yDjbl0zIq
-            t70quVCr4UintGRhm7pdMj8UIItOm2ef+Je+/hgXLPm+Quijt4fJjHS4IyK9neCf
-            j59iQ3aFUbEp9eu2M8pUI75dnZHM4NX7I+4VRseSD+LAXQoB7q19JWnCyA33rOjG
-            zXA89pVY0TKnjqNEISzTPqVIn4GF7hxFhY2r04F1lVBBd0uwKrWQttEbj9ndtKGV
-            HZqnVH+SiPmW5A3Tws3XkoyXstNbYc/ZRxMfmhlaID3T/7IZVweYV+YyCJxqwqTS
-            UQF93xbqnw11ry/LJ7Q8ShVe/VliZ+ztt+X+Buf7FvZscBus0PnVKVYtQRcy2XqS
-            KF3FPAEoDAMaB0Az+Io+w1LZLYjoqaFzr8MJrq2GHZ2Daw==
-            =lpTG
+            wcFMAzUXo8ZPJwGLAQ/+NB4eFL48UlOgU36c4fo5eGFAFCx54wovfOq33S3yc5tx
+            UewzA5DZ9FECG8vl/CvxDNZdDZcdHWdF8r0MEKtToMMuDgcw4c1oDyZsKPCycWJm
+            /vzVnmQDD1TfS1FoZNLU+IHm1VZ6c51s1A24KhIZc4fre0U4jA9JXv2ZelCJzzOm
+            5PqOdItIl/avnDH7Q5iBBsHkebM3exrpq0VzUABaiiR6mjcn8uhh5T11oxgMZgvD
+            AzP+IsBHh1dkuhy5tV0eUtzD95aYvofuszIFSe6Aj/HX7Iod/C70M5KWQNMQhqXI
+            d2YRZc9VGcrZ0RgYnUyoC15h7k91tO9UHhAbR9IG3j7px5QLs8/JjaUi64wIRbDd
+            EiT+vbmpv3V2aqAdwRGOOd5buWrrdLIyk+2BdmtVqOtI2kOrQr328J3uM7+z1c55
+            iE5QlS8zZL8zY+5sSCpijmKNPGe4SsJxJ72PLyT+y9DwI4259uNW2fpt+ZsT4yWr
+            MWv/EvuPuIq774odk5B+ECvucUcufJ2j0R1XoVGVvNc6N8VZiMGpfYx7+w6soEQQ
+            GDaNJ1ETw4nYOvb19nF+ymKFhRz1fV7w6QRn6vI0tBO3UTGR1bx6+D5oM+OazzgA
+            HcQGrxn/sAVKm/zXri479VNw5w4T4F5qhXaYyYhQmssKGBEpqhm02jzy8NRaUmPS
+            UQEuypPFKDKZhGW5GeToRNYnlrd/txV8n/bvRN2OrhkgHN0D8HLn/X9AW3dd/KnT
+            FIL5dAFoBIC5GFu0xNGyuA/9MLNWRpwMF7tU3vr2726iTQ==
+            =3Wti
             -----END PGP MESSAGE-----
           fp: 116987A8DD3F78FF8601BF4DB95E8FE6B11C4D09
     unencrypted_suffix: _unencrypted