From 80328959afaaa503f68ced846b240ac07f55ffd5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Benjamin=20B=C3=A4dorf?= <hello@benjaminbaedorf.eu>
Date: Sun, 29 Oct 2023 20:33:11 +0100
Subject: [PATCH] feat: make docker run on zfs, add unlocking docs

---
 docs/unlocking-root.md                      | 8 +++++++-
 flake.nix                                   | 2 ++
 hosts/nachtigall/hardware-configuration.nix | 5 +++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/docs/unlocking-root.md b/docs/unlocking-root.md
index 8832b93..2ec0d9a 100644
--- a/docs/unlocking-root.md
+++ b/docs/unlocking-root.md
@@ -1,3 +1,9 @@
 # Unlocking the root partition on boot
 
-After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH on port 2222. After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.
+After a boot, the encrypted root partition will have to be unlocked. This is done by accessing the server via SSH with user root on port 2222.
+
+```
+ssh root@nachtigall.pub.solar -p2222
+```
+
+ After connecting, paste the crypt passphrase you can find in the shared keepass. This will disconnect the SSH session right away and the server will keep booting into stage 2.
diff --git a/flake.nix b/flake.nix
index 48b6fa1..06d6146 100644
--- a/flake.nix
+++ b/flake.nix
@@ -108,6 +108,7 @@
                 extraOptions = ''
                   --data-root /var/lib/docker
                 '';
+                storageDriver = "zfs";
               };
 
               services.openssh.enable = true;
@@ -154,6 +155,7 @@
               };
             };
           };
+
           deploy.nodes = self.pub-solar.lib.deploy.mkDeployNodes self.nixosConfigurations {
             nachtigall = {
               sshUser = username;
diff --git a/hosts/nachtigall/hardware-configuration.nix b/hosts/nachtigall/hardware-configuration.nix
index 0224632..9aab804 100644
--- a/hosts/nachtigall/hardware-configuration.nix
+++ b/hosts/nachtigall/hardware-configuration.nix
@@ -28,6 +28,11 @@
       fsType = "zfs";
     };
 
+  fileSystems."/var/lib/docker" =
+    { device = "root_pool/data/docker";
+      fsType = "zfs";
+    };
+
   fileSystems."/boot1" =
     { device = "/dev/disk/by-uuid/5493-EFF5";
       fsType = "vfat";