nixos: impermanence -> perservation

This commit is contained in:
Guanran Wang 2024-09-07 14:49:47 +08:00
parent b3377dab48
commit 54fdbc1f38
Signed by: nyancat
GPG key ID: 91F97D9ED12639CF
5 changed files with 53 additions and 34 deletions

View file

@ -159,21 +159,6 @@
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1724489415,
"narHash": "sha256-ey8vhwY/6XCKoh7fyTn3aIQs7WeYSYtLbYEG87VCzX4=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "c7f5b394397398c023000cf843986ee2571a1fd7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": [
@ -298,6 +283,21 @@
"type": "github"
}
},
"preservation": {
"locked": {
"lastModified": 1725460242,
"narHash": "sha256-9n9Ygta1MCfpbF9D88tG2B4EL5nuSz4eIOAofGSlxoE=",
"owner": "WilliButz",
"repo": "preservation",
"rev": "02e731a820d05107bc648460f8630d0d80a5ffd4",
"type": "github"
},
"original": {
"owner": "WilliButz",
"repo": "preservation",
"type": "github"
}
},
"root": {
"inputs": {
"colmena": "colmena",
@ -308,12 +308,12 @@
"flake-utils": "flake-utils",
"gitignore": "gitignore",
"home-manager": "home-manager",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"neovim": "neovim",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"pre-commit-hooks-nix": "pre-commit-hooks-nix",
"preservation": "preservation",
"rust-overlay": "rust-overlay",
"sops-nix": "sops-nix",
"systems": "systems",

View file

@ -28,9 +28,6 @@
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence = {
url = "github:nix-community/impermanence";
};
lanzaboote = {
url = "github:nix-community/lanzaboote";
inputs.nixpkgs.follows = "nixpkgs";
@ -50,6 +47,9 @@
nixos-hardware = {
url = "github:NixOS/nixos-hardware";
};
preservation = {
url = "github:WilliButz/preservation";
};
sops-nix = {
url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs";

View file

@ -6,16 +6,23 @@
...
}:
{
imports = [
imports =
[
../../nixos/profiles/sing-box
../../nixos/profiles/wireless
./anti-feature.nix
./disko.nix
./hardware-configuration.nix
./impermanence.nix
./lanzaboote.nix
];
./preservation.nix
]
++ (with inputs; [
disko.nixosModules.disko
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
preservation.nixosModules.preservation
]);
networking.hostName = "dust";
time.timeZone = "Asia/Shanghai";

View file

@ -2,8 +2,8 @@
{
sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist" = {
hideMounts = true;
preservation.enable = true;
preservation.preserveAt."/persist" = {
directories = [
"/var/log"
"/var/lib"
@ -15,6 +15,7 @@
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
users.guanranwang = {
directories = [
"Desktop"
@ -43,4 +44,19 @@
];
};
};
systemd.tmpfiles.settings.preservation =
let
mkTmpfile = {
user = "guanranwang";
group = "users";
mode = "0755";
};
in
{
"/home/guanranwang/.config".d = mkTmpfile;
"/home/guanranwang/.mozilla".d = mkTmpfile;
"/home/guanranwang/.local/share".d = mkTmpfile;
"/home/guanranwang/.local/state".d = mkTmpfile;
};
}

View file

@ -12,10 +12,6 @@
./zram.nix
]
++ (with inputs; [
disko.nixosModules.disko
home-manager.nixosModules.home-manager
impermanence.nixosModules.impermanence
lanzaboote.nixosModules.lanzaboote
self.nixosModules.default
sops-nix.nixosModules.sops
]);