From c28731a1a7a26393c854992c4b1914cf0b640ddf Mon Sep 17 00:00:00 2001
From: Leyla Becker <git@jan-leila.com>
Date: Mon, 9 Dec 2024 16:57:13 -0600
Subject: [PATCH] made impermanence work

---
 configurations/nixos/defiant/disko-config.nix | 18 ++++++++++++++++--
 configurations/nixos/defiant/impermanence.nix |  8 ++------
 2 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/configurations/nixos/defiant/disko-config.nix b/configurations/nixos/defiant/disko-config.nix
index 82fd480..677a646 100644
--- a/configurations/nixos/defiant/disko-config.nix
+++ b/configurations/nixos/defiant/disko-config.nix
@@ -48,6 +48,9 @@ in {
       hd_18_tb_a = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXVEB";
       hd_18_tb_b = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTCXWSC";
       hd_18_tb_c = zfsDisk "/dev/disk/by-id/ata-ST18000NE000-3G6101_ZVTD10EH";
+      hd_18_tb_d = zfsDisk "/dev/disk/by-id/ata-ST18000NT001-3NF101_ZVTE0S3Q";
+      hd_18_tb_e = zfsDisk "/dev/disk/by-id/ata-ST18000NT001-3NF101_ZVTEF27J";
+      hd_18_tb_f = zfsDisk "/dev/disk/by-id/ata-ST18000NT001-3NF101_ZVTEZACV";
 
       ssd_4_tb_a = cacheDisk "/dev/disk/by-id/nvme-Samsung_SSD_990_PRO_4TB_S7KGNU0X907881F";
     };
@@ -59,12 +62,14 @@ in {
             type = "topology";
             vdev = [
               {
-                # should this only mirror for this inital config with 3 drives we will used raidz2 for future configs???
-                mode = "mirror";
+                mode = "raidz2";
                 members = [
                   "hd_18_tb_a"
                   "hd_18_tb_b"
                   "hd_18_tb_c"
+                  "hd_18_tb_d"
+                  "hd_18_tb_e"
+                  "hd_18_tb_f"
                 ];
               }
             ];
@@ -113,6 +118,15 @@ in {
               canmount = "on";
             };
           };
+          "local/system/sops" = {
+            type = "zfs_fs";
+            mountpoint = import ../../../const/sops_age_key_directory.nix;
+            options = {
+              atime = "off";
+              relatime = "off";
+              canmount = "on";
+            };
+          };
           "local/system/root" = {
             type = "zfs_fs";
             mountpoint = "/";
diff --git a/configurations/nixos/defiant/impermanence.nix b/configurations/nixos/defiant/impermanence.nix
index 9d8b2af..13a380e 100644
--- a/configurations/nixos/defiant/impermanence.nix
+++ b/configurations/nixos/defiant/impermanence.nix
@@ -1,8 +1,4 @@
-{
-  lib,
-  config,
-  ...
-}: {
+{lib, ...}: {
   boot.initrd.postResumeCommands = lib.mkAfter ''
     zfs rollback -r rpool/local/system/root@blank
     zfs rollback -r rpool/local/home/leyla@blank
@@ -51,6 +47,7 @@
   fileSystems."/home/leyla".neededForBoot = true;
   fileSystems."/persist/system/root".neededForBoot = true;
   fileSystems."/persist/home/leyla".neededForBoot = true;
+  fileSystems.${import ../../../const/sops_age_key_directory.nix}.neededForBoot = true;
 
   environment.persistence."/persist/system/root" = {
     enable = true;
@@ -79,7 +76,6 @@
     ];
     files = [
       "/etc/machine-id"
-      config.environment.sessionVariables.SOPS_AGE_KEY_FILE
     ];
   };