add bcachefs type with support for encryption

nix-community · May 20, 2023 · 3acf796 · 3acf796
1 parent efb2016
commit 3acf796
Show file tree

Hide file tree

Showing 3 changed files with 66 additions and 2 deletions.
diff --git a/types/bcachefs.nix b/types/bcachefs.nix
@@ -0,0 +1,63 @@
+{ config, options, lib, diskoLib, optionTypes, ... }:
+{
+  options = {
+    type = lib.mkOption {
+      type = lib.types.enum [ "bcachefs" ];
+      internal = true;
+      description = "Type";
+    };
+    name = lib.mkOption {
+      type = lib.types.str;
+      description = "Name of the Bcachefs partition";
+    };
+    keyFile = lib.mkOption {
+      type = lib.types.nullOr optionTypes.absolute-pathname;
+      default = null;
+      description = "Path to the key for encryption";
+      example = "/tmp/disk.key";
+    };
+    content = diskoLib.deviceType;
+    _meta = lib.mkOption {
+      internal = true;
+      readOnly = true;
+      type = lib.types.functionTo diskoLib.jsonType;
+      default = dev:
+        lib.optionalAttrs (config.content != null) (config.content._meta dev);
+      description = "Metadata";
+    };
+    _create = diskoLib.mkCreateOption {
+      inherit config options;
+      default = { dev }: ''
+        mkfs.bcachefs ${dev}
+        if ${config.keyFile}; then
+          bcachefs set-passphrase ${dev} < ${config.keyFile}
+          bcachefs unlock ${dev} < ${config.keyFile}
+        fi
+      '';
+    };
+    _mount = diskoLib.mkMountOption {
+      inherit config options;
+      default = { dev }: ''
+        cryptsetup status ${config.name} >/dev/null 2>/dev/null ||
+          cryptsetup luksOpen ${dev} ${config.name} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
+        ${lib.optionalString (config.content != null) contentMount.dev or ""}
+      '';
+    };
+    _config = lib.mkOption {
+      internal = true;
+      readOnly = true;
+      default = dev: [ ]
+        # If initrdUnlock is true, then add a device entry to the initrd.luks.devices config.
+        ++ (lib.optional config.initrdUnlock [{ boot.initrd.luks.devices.${config.name}.device = dev; }])
+        ++ (lib.optional (config.content != null) (config.content._config "/dev/mapper/${config.name}"));
+      description = "NixOS configuration";
+    };
+    _pkgs = lib.mkOption {
+      internal = true;
+      readOnly = true;
+      type = lib.types.functionTo (lib.types.listOf lib.types.package);
+      default = pkgs: [ pkgs.cryptsetup ] ++ (lib.optionals (config.content != null) (config.content._pkgs pkgs));
+      description = "Packages";
+    };
+  };
+}
diff --git a/types/default.nix b/types/default.nix
@@ -24,7 +24,7 @@ rec {
 
     # option for valid contents of devices
     deviceType = lib.mkOption {
-      type = lib.types.nullOr (diskoLib.subType { inherit (subTypes) table btrfs filesystem zfs mdraid luks lvm_pv swap; });
+      type = lib.types.nullOr (diskoLib.subType { inherit (subTypes) table bcachefs btrfs filesystem zfs mdraid luks lvm_pv swap; });
       default = null;
       description = "The type of device";
     };
@@ -340,6 +340,7 @@ rec {
 
   subTypes = lib.mapAttrs (_: diskoLib.mkSubType) {
     nodev = ./nodev.nix;
+    bcachefs = ./bcachefs.nix;
     btrfs = ./btrfs.nix;
     btrfs_subvol = ./btrfs_subvol.nix;
     filesystem = ./filesystem.nix;

diff --git a/types/table.nix b/types/table.nix
@@ -20,7 +20,7 @@
             description = "Partition type";
           };
           fs-type = lib.mkOption {
-            type = lib.types.nullOr (lib.types.enum [ "btrfs" "ext2" "ext3" "ext4" "fat16" "fat32" "hfs" "hfs+" "linux-swap" "ntfs" "reiserfs" "udf" "xfs" ]);
+            type = lib.types.nullOr (lib.types.enum [ "bcachefs" "btrfs" "ext2" "ext3" "ext4" "fat16" "fat32" "hfs" "hfs+" "linux-swap" "ntfs" "reiserfs" "udf" "xfs" ]);
             default = null;
             description = "Filesystem type to use";
           };