Pihole: finishing touches for external storage

systems/aarch64-linux/Pihole/default.nix

@@ -8,6 +8,54 @@
 let
   stateVersion = "24.05";
   hostName = "Pihole";
+
+  # Script to unlock /sda and create /home symlinks, mount /swap, etc.
+  start-pihole_script = pkgs.writeShellScriptBin "start-pihole" ''
+    #!/usr/bin/env bash
+
+    # Script to unlock the /sda partition and setup its files.
+
+    # check if the current user is root
+    if [ "$(id -u)" != "0" ]; then
+      echo "This script must be run as root" 1>&2
+      exit 1
+    fi
+
+    # Immediately exit on any errors
+    set -e
+
+    # local storage partition
+    echo "Unlocking storage partition:"
+    cryptsetup luksOpen /dev/disk/by-uuid/b09893d7-cc1f-4482-bf7a-126d03923b45 sda
+
+    # mount local storage
+    if [ ! -f /dev/mapper/sda ]; then
+      echo "Mounting and symlinking home:"
+      mount -o relatime /dev/mapper/sda /sda
+
+      if [ $? -eq "0" ]; then
+        # Symlink @home files out into my actual home
+        # See https://superuser.com/a/633610
+
+        ln -s sda/@home/* /home/aires
+      else
+        echo "Failed to mount @home"
+      fi
+
+      echo "Mounting and symlinking swap:"
+      mount -o subvol=@swap,noatime /dev/mapper/sda /swap
+
+      if [ $? -eq "0" ]; then
+        swapon /swap/swapfile
+      else
+        echo "Failed to mount swap"
+      fi
+    else
+      echo "Failed to unlock sda."
+    fi
+
+    exit 0
+  '';
 in
 {
   imports = [ ./hardware-configuration.nix ];
@@ -37,9 +85,10 @@ in
       btrfs-progs
       cryptsetup
       libraspberrypi
+      linuxKernel.kernels.linux_rpi4
       raspberrypifw
       raspberrypi-eeprom
-      linuxKernel.kernels.linux_rpi4
+      start-pihole_script
     ];
     services = {
       autoUpgrade = {

systems/aarch64-linux/Pihole/hardware-configuration.nix

@@ -17,17 +17,13 @@
       "dtparam=audio=on"
     ];
 
-    # Configure bootloader
+    # Switch to a compatible bootloader
     loader = lib.mkForce {
       grub.enable = false;
       generic-extlinux-compatible.enable = true;
     };
   };
 
-  #boot.kernelParams = [
-  #	"console=serial0,115200n8"
-  #];
-
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
     fsType = "ext4";
@@ -38,13 +34,6 @@
     ];
   };
 
-  swapDevices = [
-    {
-      device = "/swapfile";
-      size = 2048;
-    }
-  ];
-
   hardware = {
     enableRedistributableFirmware = true;
     raspberry-pi."4" = {