{ config, ... }: {
  disko.devices = {
    disk = {
      main = {
        type = "disk";
        device = config.snowflake.hardware.diskDevice;
        content = {
          type = "gpt";
          partitions = {
            boot = {
              name = "boot";
              size = "1M";
              type = "EF02";
              priority = 1;
            };

            efi = {
              name = "EFI";
              size = "512M";
              type = "EF00";
              priority = 2;
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/efi";
                mountOptions = [ "fmask=0137" "dmask=0027" ];
              };
            };
            xbootldr = {
              name = "XBOOTLDR";
              size = "512M";
              type = "EA00";
              priority = 3;
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/boot";
                mountOptions = [ "defaults" ];
              };
            };

            cryptswap = {
              size = "34G";
              label = "luksswap";
              priority = 4;
              content = {
                type = "luks";
                name = "cryptswap";
                settings = { allowDiscards = true; };
                content = {
                  type = "swap";
                  randomEncryption = true;
                };
              };
            };

            cryptroot = {
              size = "100%";
              label = "luksroot";
              priority = 5;
              content = {
                type = "luks";
                name = "cryptroot";
                # passwordFile = "/tmp/secret.key"; # Interactive; you can use this directive to automate the process. Populate using: `echo "password" >/tmp/secret.key` on the remote machine
                settings = { allowDiscards = true; };
                # additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
                content = {
                  type = "btrfs";
                  extraArgs = [ "-L" "nixos" "-f" ];
                  subvolumes = {
                    "@" = {
                      mountpoint = "/";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@"
                      ];
                    };
                    "@home" = {
                      mountpoint = "/home";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@home"
                      ];
                    };
                    "@log" = {
                      mountpoint = "/var/log";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@log"
                      ];
                    };
                    "@docker" = {
                      mountpoint = "/var/lib/docker";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@docker"
                      ];
                    };
                    "@nix" = {
                      mountpoint = "/nix";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@nix"
                      ];
                    };
                  };
                };
              };
            };
          };
        };
      };
      storage = {
        type = "disk";
        device = "/dev/sdb";
        content = {
          type = "gpt";
          partitions = {
            cryptroot = {
              size = "100%";
              label = "luksdata";
              priority = 5;
              content = {
                type = "luks";
                name = "cryptdata";
                # passwordFile = "/tmp/secret.key"; # Interactive; you can use this directive to automate the process. Populate using: `echo "password" >/tmp/secret.key` on the remote machine
                settings = { allowDiscards = true; };
                # additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
                content = {
                  type = "btrfs";
                  extraArgs = [ "-L" "DISK1" "-f" ];
                  subvolumes = {
                    "@data" = {
                      mountpoint = "/mnt/disk1";
                      mountOptions = [
                        "ssd"
                        "noatime"
                        "compress=zstd:1"
                        "space_cache=v2"
                        "subvol=@"
                      ];
                    };
                  };
                };
              };
            };
          };
        };
      };
    };
  };
}