flake/hosts/dust/preservation.nix

60 lines
1.3 KiB
Nix

{ lib, ... }:
{
sops.age.sshKeyPaths = lib.mkForce [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
fileSystems."/persist".neededForBoot = true;
preservation.enable = true;
preservation.preserveAt."/persist" = {
directories = [
"/var/log"
"/var/lib"
"/etc/secureboot"
];
files = [
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
users.guanranwang = {
directories = [
"Desktop"
"Documents"
"Downloads"
"Music"
"Pictures"
"Videos"
#"Public"
#"Templates"
".ssh"
".mozilla/firefox"
".thunderbird"
".cache"
".local/share"
".local/state"
".config/gh"
".config/fcitx5"
".config/obs-studio"
];
files = [ ".config/sops/age/keys.txt" ];
};
};
systemd.tmpfiles.settings.preservation =
let
mkTmpfile = {
user = "guanranwang";
group = "users";
mode = "0755";
};
in
{
"/home/guanranwang/.config".d = mkTmpfile;
"/home/guanranwang/.mozilla".d = mkTmpfile;
"/home/guanranwang/.local/share".d = mkTmpfile;
"/home/guanranwang/.local/state".d = mkTmpfile;
};
}