feat(installer): add multi-disk BTRFS support

- Allow selecting multiple drives in the TTY installer using gum choose --no-limit. - Add installer/disko-btrfs-multi.nix template for BTRFS RAID/Single setups. - Dynamically generate multi-disk disko configurations with LUKS-on-every-disk. - Default to BTRFS 'single' data and 'raid1' metadata for maximum capacity across mismatched drives (e.g., 20GB + 120GB SSDs). - Update roadmap and structure documentation to reflect the new capabilities.
2026-04-26 19:44:34 +01:00
parent 6de8ecd093
commit c66f0b19cd
4 changed files with 174 additions and 6 deletions
--- a/installer/disko-btrfs-multi.nix
+++ b/installer/disko-btrfs-multi.nix
@@ -0,0 +1,76 @@
+{
+  disko.devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "@MAIN_DRIVE@";
+        content = {
+          type = "gpt";
+          partitions = {
+            ESP = {
+              priority = 1;
+              name = "ESP";
+              start = "1M";
+              end = "1G";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [ "umask=0077" ];
+              };
+            };
+            luks = {
+              size = "100%";
+              content = {
+                type = "luks";
+                name = "crypted_main";
+                settings = {
+                  allowDiscards = true;
+                  passwordFile = "/dev/shm/nomarchy-luks.key";
+                };
+                content = {
+                  type = "btrfs";
+                  extraArgs = [ "-f" "-d single" "-m raid1" @BTRFS_DEVICES@ ];
+                  subvolumes = {
+                    "@" = {
+                      mountpoint = "/";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "@persist" = {
+                      mountpoint = "/persist";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "@home" = {
+                      mountpoint = "/home";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "@nix" = {
+                      mountpoint = "/nix";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "@log" = {
+                      mountpoint = "/var/log";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                    "@snapshots" = {
+                      mountpoint = "/.snapshots";
+                      mountOptions = [ "compress=zstd" "noatime" ];
+                    };
+                  };
+                  postCreateHook = ''
+                    MNTPOINT=$(mktemp -d)
+                    mount -t btrfs /dev/mapper/crypted_main $MNTPOINT
+                    btrfs subvolume snapshot -r $MNTPOINT/@ $MNTPOINT/root-blank
+                    umount $MNTPOINT
+                  '';
+                };
+              };
+            };
+          };
+        };
+      };
+      @ADDITIONAL_DISKS@
+    };
+  };
+}
--- a/installer/install.sh
+++ b/installer/install.sh
@@ -282,8 +282,8 @@ select_disk() {
    local picker
    picker=$(printf '%s' "$rows" | column -t -s $'\t')
    local choice
-    choice=$(printf '%s\n' "$picker" | gum choose --header "Select target drive")
-    TARGET_DRIVE=$(awk '{print $1}' <<<"$choice")
+    choice=$(printf '%s\n' "$picker" | gum choose --no-limit --header "Select target drive(s) - Use Space to select multiple for BTRFS RAID/Single")
+    TARGET_DRIVE=$(awk '{print $1}' <<<"$choice" | xargs)

    if [[ -z "$TARGET_DRIVE" ]]; then
        error "No drive selected"
@@ -806,6 +806,49 @@ edit_fields() {
 # STEP 9: EXECUTION
 # ============================================================================

+# Pre-wipe the target drive before invoking disko.
+#
+# disko (at our pinned revision) gates two destructive steps on blkid:
+#   - lib/types/gpt.nix runs `sgdisk --clear` only when blkid sees no PT
+#   - lib/types/filesystem.nix skips mkfs entirely when blkid reports the
+#     target FS type already exists on the partition device
+#
+# On a previously-installed disk those branches mis-fire: blkid sees the old
+# GPT and the old vfat ESP, so disko overlays its new partition entries on
+# the existing table without zapping and skips mkfs.vfat, leaving the kernel
+# to read a stale FAT BPB on the new (slightly different) ESP extent. mount
+# then errors with "wrong fs type, bad option, bad superblock".
+prewipe_target_drive() {
+    local drive="$1"
+
+    info "Pre-wiping $drive (clearing stale signatures)..."
+
+    # Tear down anything a prior aborted run left active.
+    umount -R /mnt 2>/dev/null || true
+    cryptsetup close crypted 2>/dev/null || true
+    swapoff -a 2>/dev/null || true
+
+    local part
+    if compgen -G "${drive}*" >/dev/null; then
+        for part in "${drive}"?*; do
+            [[ -b "$part" ]] || continue
+            wipefs -af "$part" >/dev/null 2>&1 || true
+        done
+    fi
+    wipefs -af "$drive" >/dev/null 2>&1 || true
+
+    sgdisk --zap-all "$drive" >/dev/null 2>&1 || true
+
+    # 16 MiB covers LUKS2 binary headers (0–4 MiB) and the BTRFS first
+    # superblock (64 KiB) — wipefs alone misses damaged variants of these.
+    dd if=/dev/zero of="$drive" bs=1M count=16 conv=fsync status=none 2>/dev/null || true
+
+    partprobe "$drive" 2>/dev/null || true
+    udevadm settle
+
+    success "Pre-wipe complete"
+}
+
 execute_installation() {
    if [[ "$DRY_RUN" == "true" ]]; then
        execute_dry_run
@@ -815,12 +858,59 @@ execute_installation() {
    section "Installing Nomarchy"

    # 9.1 Partition with disko
-    info "Partitioning disk..."
+    info "Partitioning disk(s)..."
+    for d in $TARGET_DRIVE; do
+        prewipe_target_drive "$d"
+    done
+
    local disko_file tmp_disko
-    disko_file="$NOMARCHY_REPO/installer/disko-golden.nix"
    tmp_disko=$(mktemp --suffix=.nix)

-    sed "s|@TARGET_DRIVE@|${TARGET_DRIVE}|g" "$disko_file" > "$tmp_disko"
+    local drives=($TARGET_DRIVE)
+    if [[ ${#drives[@]} -gt 1 ]]; then
+        disko_file="$NOMARCHY_REPO/installer/disko-btrfs-multi.nix"
+        local main_drive="${drives[0]}"
+        local btrfs_devs=""
+        local additional_disks=""
+
+        for (( i=1; i<${#drives[@]}; i++ )); do
+            local d="${drives[$i]}"
+            local name="extra_$i"
+            local luks_name="crypted_$name"
+            
+            btrfs_devs+=", \"/dev/mapper/$luks_name\""
+            
+            additional_disks+="      $name = {
+        type = \"disk\";
+        device = \"$d\";
+        content = {
+          type = \"gpt\";
+          partitions = {
+            luks = {
+              size = \"100%\";
+              content = {
+                type = \"luks\";
+                name = \"$luks_name\";
+                settings = {
+                  allowDiscards = true;
+                  passwordFile = \"/dev/shm/nomarchy-luks.key\";
+                };
+                content = {
+                  type = \"btrfs\";
+                };
+              };
+            };
+          };
+        };
+      };
+"
+        done
+
+        sed "s|@MAIN_DRIVE@|${main_drive}|g; s|@BTRFS_DEVICES@|${btrfs_devs}|g; s|@ADDITIONAL_DISKS@|${additional_disks}|g" "$disko_file" > "$tmp_disko"
+    else
+        disko_file="$NOMARCHY_REPO/installer/disko-golden.nix"
+        sed "s|@TARGET_DRIVE@|${TARGET_DRIVE}|g" "$disko_file" > "$tmp_disko"
+    fi

    # Provide the LUKS passphrase via tmpfs so the secret never touches a
    # spinning disk. /dev/shm is tmpfs on the live ISO. We restrict perms