tux/tawm
1
0
Fork 0
mirror of https://github.com/tuxdotrs/tawm.git synced 2025-07-05 20:56:33 +05:30
Code Issues Packages Projects Releases Wiki Activity

add impermanence

Browse Source
This commit is contained in:
0xTux
2024-10-09 10:47:56 +05:30
parent 8cb4470c6e
commit 4468963be3
10 changed files with 137 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
flake.lock generated
View File

@ -236,6 +236,21 @@
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1727649413,
"narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "d0b38e550039a72aff896ee65b0918e975e6d48e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"libpng": {
"flake": false,
"locked": {
@ -501,6 +516,7 @@
"inputs": {
"disko": "disko",
"home-manager": "home-manager",
"impermanence": "impermanence",
"nix-vscode-extensions": "nix-vscode-extensions",
"nixos-hardware": "nixos-hardware",
"nixos-wsl": "nixos-wsl",

1
flake.nix
View File

@ -27,6 +27,7 @@
nixpkgs-f2k.url = "github:moni-dz/nixpkgs-f2k";
nur.url = "github:nix-community/nur";
sops-nix.url = "github:Mic92/sops-nix";
impermanence.url = "github:nix-community/impermanence";
};
outputs = {

4
hosts/alpha/default.nix
View File

@ -99,5 +99,9 @@
fonts.packages = with pkgs; [(nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];})];
environment.persistence."/persist" = {
enable = false;
};
system.stateVersion = "23.11";
}

4
hosts/arcturus/default.nix
View File

@ -132,5 +132,9 @@
fonts.packages = with pkgs; [(nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];})];
environment.persistence."/persist" = {
enable = false;
};
system.stateVersion = "23.11";
}

61
hosts/canopus/default.nix
View File

@ -1,14 +1,16 @@
{
inputs,
pkgs,
lib,
...
}: {
imports = [
inputs.nixos-hardware.nixosModules.asus-zephyrus-ga503
inputs.disko.nixosModules.default
(import ./disko.nix {device = "/dev/nvme0n1";})
(import ./disko.nix {device = "/dev/nvme0n1";})
./hardware-configuration.nix
../common
../../modules/nixos/desktop
../../modules/nixos/desktop/awesome
@ -46,7 +48,43 @@
boot = {
kernelPackages = pkgs.linuxPackages_zen;
supportedFilesystems = ["ntfs"];
initrd.systemd.enable = true;
initrd.systemd = {
enable = lib.mkForce true;
services.wipe-my-fs = {
wantedBy = ["initrd.target"];
after = ["initrd-root-device.target"];
before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir /btrfs_tmp
mount /dev/disk/by-partlabel/disk-primary-root /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
};
loader = {
systemd-boot = {
@ -213,5 +251,24 @@
fonts.packages = with pkgs; [(nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];})];
programs.fuse.userAllowOther = true;
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
directories = [
"/var/log"
"/var/lib/tailscale"
"/var/lib/nixos"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
};
system.stateVersion = "24.11";
}

4
hosts/canopus/disko.nix
View File

@ -27,9 +27,9 @@
mountOptions = ["compress=zstd"]; # Compression for better performance
mountpoint = "/"; # Root subvolume
};
"/persistent" = {
"/persist" = {
mountOptions = ["compress=zstd"]; # Compression for persistent data
mountpoint = "/persistent"; # Persistent subvolume
mountpoint = "/persist"; # Persistent subvolume
};
"/nix" = {
mountOptions = [

28
hosts/canopus/home.nix
View File

@ -1,4 +1,8 @@
{pkgs, ...}: {
{
pkgs,
username,
...
}: {
imports = [
../common/home.nix
../../modules/home-manager/awesome
@ -58,5 +62,27 @@
mailspring
];
home.persistence."/persist/home/${username}" = {
directories = [
"Downloads"
"Music"
"Wallpapers"
"Documents"
"Videos"
"Projects"
"Stuff"
".mozilla"
".ssh"
".local/share/nvim"
".local/share/Smart\ Code\ ltd"
];
files = [
".zsh_history"
".zcompdump"
".wakatime.cfg"
];
allowOther = true;
};
home.stateVersion = "24.11";
}

17
hosts/common/default.nix
View File

@ -3,9 +3,17 @@
username,
outputs,
config,
lib,
inputs,
...
}: {
}: let
# Sops needs acess to the keys before the persist dirs are even mounted; so
# just persisting the keys won't work, we must point at /persist
hasOptinPersistence = config.environment.persistence."/persist".enable;
in {
imports = [
inputs.impermanence.nixosModules.impermanence
../../modules/nixos/sops.nix
];
@ -91,6 +99,13 @@
settings = {
PasswordAuthentication = false;
};
hostKeys = [
{
path = "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
];
};
};

3
hosts/common/home.nix
View File

@ -1,9 +1,12 @@
{
outputs,
username,
inputs,
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
../../modules/home-manager/shell
../../modules/home-manager/git
../../modules/home-manager/starship

5
hosts/sirius/default.nix
View File

@ -7,6 +7,7 @@
}: {
imports = [
inputs.nixos-wsl.nixosModules.wsl
../common
../../modules/nixos/virtualisation/docker.nix
];
@ -44,5 +45,9 @@
fonts.packages = with pkgs; [(nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];})];
environment.persistence."/persist" = {
enable = false;
};
system.stateVersion = "23.11";
}