ok here we ggo. #NixOS ZFS root on the backup NAS

ok I've got a live image, /run/current-system/sw appears to be "ok I suppose we can sort of have a standard Unix-looking filesystem but not really"

and now I get to figure out how the fuck to do NixOS root on ZFS

update: success! NixOS is now running on Yttrium. Is there a declarative way to tell my zpool to expand to the other drives in my machine, or do I do that th old way?

update: NFS shared to my primary NAS, fwupd installed, nfs server running, this is actually working

I feel like the Linux community really fucked up in not embracing things like secure boot and mandatory disk encryption with TPM2 binding after the lies spread by anti-UEFI, anti-Secureboot people born out of misunderstandings about Windows 8 requirements

@freya we're in favor of that sort of thing, yeah, though it's .... TPM binding is nice but it's an after-the-fact detection system, which, while still genuinely helpful, is less comforting for us with an activist threat model than it would be to a corporation for which everything comes down to financial loss and can be averaged out and forgotten

@freya signed boot, now, we're hugely in favor of that. we've been chewing for years on what it would have to be like workflow-wise to provide high assurances to non-experts.

@ireneista something like what AVB does?

@freya well the hard part in our view is, with a source-based distro, when does signing happen?

@ireneista that's true, s'why I'm not a fan of source-based distros like gentoo myself\

@freya @ireneista oh hey, that's my work (verified boot on Linux, specifically Gentoo)