nyancat/flake
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nixos: impermanence -> perservation

Browse source
This commit is contained in:
Guanran Wang 2024-09-07 14:49:47 +08:00
parent b3377dab48
commit 54fdbc1f38
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
5 changed files with 53 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
flake.lock
View file

@ -159,21 +159,6 @@
"type": "github" "type": "github"
} }
}, },
"impermanence": {
"locked": {
"lastModified": 1724489415,
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lanzaboote": { "lanzaboote": {
"inputs": { "inputs": {
"crane": [ "crane": [
@ -298,6 +283,21 @@
"type": "github" "type": "github"
} }
}, },
"preservation": {
"locked": {
"lastModified": 1725460242,
"narHash": "sha256-9n9Ygta1MCfpbF9D88tG2B4EL5nuSz4eIOAofGSlxoE=",
"owner": "WilliButz",
"repo": "preservation",
"rev": "02e731a820d05107bc648460f8630d0d80a5ffd4",
"type": "github"
},
"original": {
"owner": "WilliButz",
"repo": "preservation",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"colmena": "colmena", "colmena": "colmena",
@ -308,12 +308,12 @@
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"gitignore": "gitignore", "gitignore": "gitignore",
"home-manager": "home-manager", "home-manager": "home-manager",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote", "lanzaboote": "lanzaboote",
"neovim": "neovim", "neovim": "neovim",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"pre-commit-hooks-nix": "pre-commit-hooks-nix", "pre-commit-hooks-nix": "pre-commit-hooks-nix",
"preservation": "preservation",
"rust-overlay": "rust-overlay", "rust-overlay": "rust-overlay",
"sops-nix": "sops-nix", "sops-nix": "sops-nix",
"systems": "systems", "systems": "systems",

6
flake.nix
View file

@ -28,9 +28,6 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
impermanence = {
url = "github:nix-community/impermanence";
};
lanzaboote = { lanzaboote = {
url = "github:nix-community/lanzaboote"; url = "github:nix-community/lanzaboote";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@ -50,6 +47,9 @@
nixos-hardware = { nixos-hardware = {
url = "github:NixOS/nixos-hardware"; url = "github:NixOS/nixos-hardware";
}; };
preservation = {
url = "github:WilliButz/preservation";
};
sops-nix = { sops-nix = {
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";

25
hosts/dust/default.nix
View file

@ -6,16 +6,23 @@
... ...
}: }:
{ {
imports = [ imports =
../../nixos/profiles/sing-box [
../../nixos/profiles/wireless ../../nixos/profiles/sing-box
../../nixos/profiles/wireless
./anti-feature.nix ./anti-feature.nix
./disko.nix ./disko.nix
./hardware-configuration.nix ./hardware-configuration.nix
./impermanence.nix ./lanzaboote.nix
./lanzaboote.nix ./preservation.nix
]; ]
++ (with inputs; [
disko.nixosModules.disko
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
preservation.nixosModules.preservation
]);
networking.hostName = "dust"; networking.hostName = "dust";
time.timeZone = "Asia/Shanghai"; time.timeZone = "Asia/Shanghai";

20
hosts/dust/impermanence.nix → hosts/dust/preservation.nix
View file

@ -2,8 +2,8 @@
{ {
sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
fileSystems."/persist".neededForBoot = true; fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = { preservation.enable = true;
hideMounts = true; preservation.preserveAt."/persist" = {
directories = [ directories = [
"/var/log" "/var/log"
"/var/lib" "/var/lib"
@ -15,6 +15,7 @@
"/etc/ssh/ssh_host_rsa_key" "/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub" "/etc/ssh/ssh_host_rsa_key.pub"
]; ];
users.guanranwang = { users.guanranwang = {
directories = [ directories = [
"Desktop" "Desktop"
@ -43,4 +44,19 @@
]; ];
}; };
}; };
systemd.tmpfiles.settings.preservation =
let
mkTmpfile = {
user = "guanranwang";
group = "users";
mode = "0755";
};
in
{
"/home/guanranwang/.config".d = mkTmpfile;
"/home/guanranwang/.mozilla".d = mkTmpfile;
"/home/guanranwang/.local/share".d = mkTmpfile;
"/home/guanranwang/.local/state".d = mkTmpfile;
};
} }

4
nixos/profiles/core/default.nix
View file

@ -12,10 +12,6 @@
./zram.nix ./zram.nix
] ]
++ (with inputs; [ ++ (with inputs; [
disko.nixosModules.disko
home-manager.nixosModules.home-manager
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
self.nixosModules.default self.nixosModules.default
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
]); ]);