From 4fa113f27409d3348f1f4416355683accacde7ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jonas=20R=C3=B6ger?= <jonas.roeger@tu-dortmund.de>
Date: Tue, 24 Mar 2026 19:24:02 +0100
Subject: [PATCH] experimental: harbor disko schema

---
 flake.nix                      |  4 ++
 hosts/harbor/configuration.nix |  1 +
 hosts/harbor/disko.nix         | 71 ++++++++++++++++++++++++++++++++++
 3 files changed, 76 insertions(+)
 create mode 100644 hosts/harbor/disko.nix

diff --git a/flake.nix b/flake.nix
index b72f9f0..768cb34 100644
--- a/flake.nix
+++ b/flake.nix
@@ -13,6 +13,8 @@
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    disko.url = "github:nix-community/disko";
+    disko.inputs.nixpkgs.follows = "nixpkgs";
     plasma-manager = {
       url = "github:pjones/plasma-manager";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -48,6 +50,7 @@
     self,
     nixpkgs,
     nixpkgs-unstable,
+    disko,
     nixos-hardware,
     home-manager,
     nixos-cosmic,
@@ -120,6 +123,7 @@
           ({...}: {nixpkgs.overlays = [overlay-unstable self.overlays.default audio.overlays.default];})
           ({...}: {nixpkgs.config.allowUnfree = true;})
           inputs.sops-nix.nixosModules.sops
+          inputs.disko.nixosModules.disko
           ./modules
           ./hosts/harbor/configuration.nix
         ];
diff --git a/hosts/harbor/configuration.nix b/hosts/harbor/configuration.nix
index 97eebf2..3f69f89 100644
--- a/hosts/harbor/configuration.nix
+++ b/hosts/harbor/configuration.nix
@@ -5,6 +5,7 @@
 }: {
   imports = [
     ./hardware-configuration.nix
+    ./disko.nix
   ];
 
   # Secret management
diff --git a/hosts/harbor/disko.nix b/hosts/harbor/disko.nix
new file mode 100644
index 0000000..9a3b8a8
--- /dev/null
+++ b/hosts/harbor/disko.nix
@@ -0,0 +1,71 @@
+let
+  btrfsopt = [
+    "compress=zstd"
+    "noatime"
+    "ssd"
+    "space_cache=v2"
+    "user_subvol_rm_allowed"
+  ];
+in {
+  disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "/dev/sda";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              name = "boot";
+              size = "1M";
+              type = "ef02";
+            };
+            esp = {
+              name = "esp";
+              size = "500M";
+              type = "ef00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            luks = {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "nixos";
+                passwordFile = "/tmp/pass";
+                additionalKeyFiles = ["/nixos-enc.key"];
+                extraFormatArgs = [
+                  "--type luks1"
+                  "--iter-time 3000"
+                ];
+                settings = {
+                  allowDiscards = true;
+                };
+                content = {
+                  type = "btrfs";
+                  subvolumes = {
+                    "@root" = {
+                      mountpoint = "/";
+                      mountOptions = btrfsopt;
+                    };
+                    "@home" = {
+                      mountpoint = "/home";
+                      mountOptions = btrfsopt;
+                    };
+                    "@nix" = {
+                      mountpoint = "/nix";
+                      mountOptions = btrfsopt;
+                    };
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}