[Nix-dev] Help wanted with Nixos on ZFS in an encrypted LUKS volume

Ricardo M. Correia rcorreia at wizy.org
Mon Apr 3 16:36:49 CEST 2017 

Hi Vince,

NixOS does support ZFS on top of an encrypted LUKS volume (I've been using
this configuration myself for years), but I'm not 100% sure it will work
fine in your particular situation.

The error you are seeing is because ZFS is detecting 2 (or more) ZFS pools
with the same name in your system. This usually happens when you're
fiddling with ZFS pool creation using different partition layouts and do
not properly destroy a pool before creating another one with the same name.

As specified in the error message, this can be solved by specifying the ZFS
pool by its ID number instead of by name, e.g., by changing all instances
of the string "zroot" in your NixOS configuration to the ID number of the
pool. That said, I've never seen a NixOS configuration like this, so I'm
not 100% sure it will work correctly (feel free to file a new bug if this
type of configuration doesn't work).

To find out the ID number of the correct ZFS pool, you will have to run
(possibly in a LiveCD environment) the "zpool import" command and look at
the ID number of the correct ZFS pool (where "correct" is the one that is
located in your LUKS partition, and both the pool state and all its devices
are in the "ONLINE" state). See below for a sample output of the "zpool
import" command when 2 ZFS pools have the same name [1].

That said, the easiest way to fix your issue, and my recommendation, is for
you to perform a new installation but this time create the ZFS pool only
once, on top of your LUKS volume, with a new name (such as "rpool" instead
of "zroot", for example). This will avoid any ambiguities as to where your
ZFS pool is located.

I hope this helps!

[1]

$ zpool import
   pool: test
     id: 18056344713568302535
  state: ONLINE
 action: The pool can be imported using its name or numeric identifier.
 config:

test              ONLINE
 /tmp/test2.tmp  ONLINE

   pool: test
     id: 12658723009881072891
  state: ONLINE
 action: The pool can be imported using its name or numeric identifier.
 config:

test              ONLINE
 /tmp/test1.tmp  ONLINE


On Sun, Apr 2, 2017 at 9:06 PM, <nixos at vince.lol> wrote:

> Hi fellow Nix enthusiasts,
>
> I'm trying to install Nixos on a ZFS root filesystem which in turn resides
> in an encrypted volume (using LUKS).
> I already succeeded in a minimal ZFS install on an unencrypted partition,
> and I also succeeded in installing in an encrypted LUKS volume with ext4 as
> root fs.
> But with the combination I get errors during stage 1; the zpool that
> contains the root dataset cannot be imported. This occurs after I enter the
> correct LUKS passphrase.
> This made me question if this is at all possible (it should, shouldn't
> it?). Could some of you please take a look? I documented most of it in the
> gist here: https://gist.github.com/awesomefireduck/
> ffea6517042af87b8b7ef6ea1c7d50e3 . If you need more information I'd be
> happy to supply it.
>
> Sincerely,
> Vince
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20170403/d76bca88/attachment.html>

More information about the nix-dev mailing list