From f28c4d7d7c40edd6f971313b6d5fd2e9d9f31804 Mon Sep 17 00:00:00 2001 From: Lu Wang Date: Thu, 26 Dec 2024 13:35:29 +0800 Subject: [PATCH] treewide: drop impermanence in favor of preservation --- flake.lock | 32 +++---- flake.nix | 2 +- flake/home-manager.nix | 1 + flake/hosts.nix | 2 +- flake/nixos.nix | 2 +- .../modules/home/global-persistence.nix | 53 ----------- home-manager/modules/preservation.nix | 57 +++++++++++ .../profiles/applications/desktop.nix | 2 +- home-manager/profiles/darkman/default.nix | 2 +- home-manager/profiles/development/default.nix | 4 +- home-manager/profiles/direnv/default.nix | 2 +- home-manager/profiles/firefox/default.nix | 2 +- home-manager/profiles/fish/default.nix | 2 +- .../profiles/preservation/default.nix | 17 ++++ home-manager/profiles/syncthing/default.nix | 2 +- home-manager/profiles/valent/default.nix | 4 +- .../profiles/xdg-user-dirs/default.nix | 2 +- nixos/modules/system/global-persistence.nix | 79 ---------------- .../services/gnome-keyring/default.nix | 2 - nixos/profiles/services/openssh/default.nix | 2 - nixos/profiles/system/boot/secure-boot.nix | 2 +- nixos/profiles/system/global-persistence.nix | 27 ------ nixos/profiles/system/nix/settings.nix | 5 - nixos/profiles/system/preservation.nix | 94 +++++++++++++++++++ nixos/profiles/users/rebmit/default.nix | 7 -- .../virtualization/libvirtd/default.nix | 2 - 26 files changed, 198 insertions(+), 210 deletions(-) delete mode 100644 home-manager/modules/home/global-persistence.nix create mode 100644 home-manager/modules/preservation.nix create mode 100644 home-manager/profiles/preservation/default.nix delete mode 100644 nixos/modules/system/global-persistence.nix delete mode 100644 nixos/profiles/system/global-persistence.nix create mode 100644 nixos/profiles/system/preservation.nix diff --git a/flake.lock b/flake.lock index 877319f..d11543c 100644 --- a/flake.lock +++ b/flake.lock @@ -251,21 +251,6 @@ "type": "github" } }, - "impermanence": { - "locked": { - "lastModified": 1734772301, - "narHash": "sha256-mQEQQzCTUlDiEw/EbblB510P/GQOmIPtKoJrqDqeGVc=", - "owner": "nix-community", - "repo": "impermanence", - "rev": "0ab2f858dfefe73402eb53fbe6a3bad4f6702d5f", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "impermanence", - "type": "github" - } - }, "lanzaboote": { "inputs": { "crane": "crane", @@ -397,6 +382,21 @@ "type": "github" } }, + "preservation": { + "locked": { + "lastModified": 1734453061, + "narHash": "sha256-FfHXIRuyTmv9/U3ioOu3jnij1NPA6ywk7GdC3A+FMAA=", + "owner": "WilliButz", + "repo": "preservation", + "rev": "9ee89d71475c0f4a6e97ed4a9169e377222ea8d6", + "type": "github" + }, + "original": { + "owner": "WilliButz", + "repo": "preservation", + "type": "github" + } + }, "rebmit": { "inputs": { "devshell": "devshell", @@ -449,7 +449,6 @@ "git-hooks-nix" ], "home-manager": "home-manager", - "impermanence": "impermanence", "lanzaboote": "lanzaboote", "niri-flake": "niri-flake", "nixpkgs": [ @@ -461,6 +460,7 @@ "rebmit", "nixpkgs-unstable" ], + "preservation": "preservation", "rebmit": "rebmit", "sops-nix": "sops-nix", "treefmt-nix": [ diff --git a/flake.nix b/flake.nix index f104eb2..f43b248 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,7 @@ # nixos modules - impermanence.url = "github:nix-community/impermanence"; + preservation.url = "github:WilliButz/preservation"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/flake/home-manager.nix b/flake/home-manager.nix index 02ebaa7..4a5875a 100644 --- a/flake/home-manager.nix +++ b/flake/home-manager.nix @@ -18,6 +18,7 @@ let applications.base fish helix + preservation tmux yazi # keep-sorted end diff --git a/flake/hosts.nix b/flake/hosts.nix index fa4b2e0..caa9a47 100644 --- a/flake/hosts.nix +++ b/flake/hosts.nix @@ -49,7 +49,7 @@ let name: nixosModules ++ [ - inputs.impermanence.nixosModules.impermanence + inputs.preservation.nixosModules.preservation inputs.home-manager.nixosModules.home-manager inputs.sops-nix.nixosModules.sops inputs.disko.nixosModules.disko diff --git a/flake/nixos.nix b/flake/nixos.nix index 36665ee..aea0393 100644 --- a/flake/nixos.nix +++ b/flake/nixos.nix @@ -28,11 +28,11 @@ let system.boot.kernel.latest system.boot.systemd-initrd system.common - system.global-persistence system.nix.gc system.nix.registry system.nix.settings system.nix.version + system.preservation users.root # keep-sorted end ]; diff --git a/home-manager/modules/home/global-persistence.nix b/home-manager/modules/home/global-persistence.nix deleted file mode 100644 index c39a6e3..0000000 --- a/home-manager/modules/home/global-persistence.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Portions of this file are sourced from -# https://github.com/linyinfeng/dotfiles/blob/b618b0fd16fb9c79ab7199ed51c4c0f98a392cea/home-manager/modules/home/global-persistence.nix -{ - config, - lib, - osConfig, - ... -}: -with lib; -let - cfg = config.home.globalPersistence; - sysCfg = osConfig.environment.globalPersistence; -in -{ - options.home.globalPersistence = { - enable = mkEnableOption "global presistence storage"; - home = mkOption { - type = types.str; - description = '' - Home directory. - ''; - }; - directories = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - A list of directories in your home directory that you want to link to persistent storage. - ''; - }; - files = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - A list of files in your home directory you want to link to persistent storage. - ''; - }; - enabled = mkOption { - type = types.bool; - default = false; - description = '' - Is global home persistence storage enabled. - ''; - }; - }; - - config = mkIf (osConfig != null && sysCfg.enable) { - home.globalPersistence = { - inherit (sysCfg.user) directories; - inherit (sysCfg.user) files; - enabled = cfg.enable; - }; - }; -} diff --git a/home-manager/modules/preservation.nix b/home-manager/modules/preservation.nix new file mode 100644 index 0000000..e90ba10 --- /dev/null +++ b/home-manager/modules/preservation.nix @@ -0,0 +1,57 @@ +{ + config, + lib, + osConfig, + ... +}: +with lib; +let + cfg = config.preservation; + sysCfg = osConfig.preservation; +in +{ + options.preservation = { + enable = mkEnableOption "the preservation module"; + preserveAt = mkOption { + type = types.attrsOf ( + types.submodule ( + { ... }: + { + options = { + directories = mkOption { + type = with types; listOf (coercedTo str (d: { directory = d; }) anything); + default = [ ]; + description = '' + Specify a list of directories that should be preserved for this user. + The paths are interpreted relative to the user's home directory. + ''; + }; + files = mkOption { + type = with types; listOf (coercedTo str (f: { file = f; }) anything); + default = [ ]; + description = '' + Specify a list of files that should be preserved for this user. + The paths are interpreted relative to the user's home directory. + ''; + }; + }; + } + ) + ); + default = { }; + description = '' + Specify a set of locations and the corresponding state that + should be preserved for this user. + ''; + }; + }; + + config = { + warnings = mkIf (cfg.enable && !sysCfg.enable) [ + '' + The preservation module is enabled in Home Manager but disabled system-wide. + As a result, the settings will not take effect. + '' + ]; + }; +} diff --git a/home-manager/profiles/applications/desktop.nix b/home-manager/profiles/applications/desktop.nix index 69c668e..9e5451b 100644 --- a/home-manager/profiles/applications/desktop.nix +++ b/home-manager/profiles/applications/desktop.nix @@ -17,7 +17,7 @@ # keep-sorted end ]; - home.globalPersistence.directories = [ + preservation.preserveAt."/persist".directories = [ ".thunderbird" ".zotero" diff --git a/home-manager/profiles/darkman/default.nix b/home-manager/profiles/darkman/default.nix index c348f58..9a64b1c 100644 --- a/home-manager/profiles/darkman/default.nix +++ b/home-manager/profiles/darkman/default.nix @@ -10,7 +10,7 @@ in { services.darkman.enable = true; - home.globalPersistence.directories = [ ".cache/darkman" ]; + preservation.preserveAt."/persist".directories = [ ".cache/darkman" ]; systemd.user.tmpfiles.rules = [ "C %h/.cache/darkman/mode.txt - - - - ${defaultMode}" diff --git a/home-manager/profiles/development/default.nix b/home-manager/profiles/development/default.nix index 91dad36..bb5c715 100644 --- a/home-manager/profiles/development/default.nix +++ b/home-manager/profiles/development/default.nix @@ -1,6 +1,4 @@ { ... }: { - home.globalPersistence.directories = [ - "Projects" - ]; + preservation.preserveAt."/persist".directories = [ "Projects" ]; } diff --git a/home-manager/profiles/direnv/default.nix b/home-manager/profiles/direnv/default.nix index da92adf..e217215 100644 --- a/home-manager/profiles/direnv/default.nix +++ b/home-manager/profiles/direnv/default.nix @@ -5,5 +5,5 @@ nix-direnv.enable = true; }; - home.globalPersistence.directories = [ ".local/share/direnv" ]; + preservation.preserveAt."/persist".directories = [ ".local/share/direnv" ]; } diff --git a/home-manager/profiles/firefox/default.nix b/home-manager/profiles/firefox/default.nix index 46e2bb6..706f04b 100644 --- a/home-manager/profiles/firefox/default.nix +++ b/home-manager/profiles/firefox/default.nix @@ -178,7 +178,7 @@ }; }; - home.globalPersistence.directories = [ ".mozilla" ]; + preservation.preserveAt."/persist".directories = [ ".mozilla" ]; programs.niri.browser = lib.mkDefault [ "firefox" ]; } diff --git a/home-manager/profiles/fish/default.nix b/home-manager/profiles/fish/default.nix index 8bb40f0..29de403 100644 --- a/home-manager/profiles/fish/default.nix +++ b/home-manager/profiles/fish/default.nix @@ -39,5 +39,5 @@ ''; }; - home.globalPersistence.directories = [ ".local/share/fish" ]; + preservation.preserveAt."/persist".directories = [ ".local/share/fish" ]; } diff --git a/home-manager/profiles/preservation/default.nix b/home-manager/profiles/preservation/default.nix new file mode 100644 index 0000000..8566593 --- /dev/null +++ b/home-manager/profiles/preservation/default.nix @@ -0,0 +1,17 @@ +{ lib, osConfig, ... }: +{ + preservation = { + enable = true; + preserveAt."/persist" = { + directories = + [ + ".cache/nix" + ".local/share/nix" + ".ssh" + ] + ++ lib.optionals osConfig.services.gnome.gnome-keyring.enable [ + ".local/share/keyrings" + ]; + }; + }; +} diff --git a/home-manager/profiles/syncthing/default.nix b/home-manager/profiles/syncthing/default.nix index 305f96c..6283c35 100644 --- a/home-manager/profiles/syncthing/default.nix +++ b/home-manager/profiles/syncthing/default.nix @@ -2,5 +2,5 @@ { services.syncthing.enable = true; - home.globalPersistence.directories = [ ".local/state/syncthing" ]; + preservation.preserveAt."/persist".directories = [ ".local/state/syncthing" ]; } diff --git a/home-manager/profiles/valent/default.nix b/home-manager/profiles/valent/default.nix index 93cc280..c0582a8 100644 --- a/home-manager/profiles/valent/default.nix +++ b/home-manager/profiles/valent/default.nix @@ -15,7 +15,5 @@ Install.WantedBy = [ "graphical-session.target" ]; }; - home.globalPersistence.directories = [ - ".config/valent" - ]; + preservation.preserveAt."/persist".directories = [ ".config/valent" ]; } diff --git a/home-manager/profiles/xdg-user-dirs/default.nix b/home-manager/profiles/xdg-user-dirs/default.nix index 05c2b95..6e773eb 100644 --- a/home-manager/profiles/xdg-user-dirs/default.nix +++ b/home-manager/profiles/xdg-user-dirs/default.nix @@ -13,7 +13,7 @@ videos = "$HOME/Videos"; }; - home.globalPersistence.directories = [ + preservation.preserveAt."/persist".directories = [ "Documents" "Downloads" "Music" diff --git a/nixos/modules/system/global-persistence.nix b/nixos/modules/system/global-persistence.nix deleted file mode 100644 index af30cca..0000000 --- a/nixos/modules/system/global-persistence.nix +++ /dev/null @@ -1,79 +0,0 @@ -# Portions of this file are sourced from -# https://github.com/linyinfeng/dotfiles/blob/b618b0fd16fb9c79ab7199ed51c4c0f98a392cea/nixos/modules/environment/global-persistence/default.nix -{ - config, - lib, - ... -}: -let - cfg = config.environment.globalPersistence; - userCfg = - name: - assert config.home-manager.users.${name}.home.globalPersistence.enabled; - { - inherit name; - value = { - inherit (config.home-manager.users.${name}.home.globalPersistence) home directories files; - }; - }; - usersCfg = lib.listToAttrs (map userCfg cfg.user.users); -in -with lib; -{ - options.environment.globalPersistence = { - enable = mkEnableOption "global persistence storage"; - root = mkOption { - type = types.str; - description = '' - The root of persistence storage. - ''; - }; - directories = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - Directories to bind mount to persistent storage. - ''; - }; - files = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - Files that should be stored in persistent storage. - ''; - }; - user = { - users = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - Persistence for users. - ''; - }; - directories = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - Directories to bind mount to persistent storage for users. - Paths should be relative to home of user. - ''; - }; - files = mkOption { - type = with types; listOf str; - default = [ ]; - description = '' - Files to link to persistent storage for users. - Paths should be relative to home of user. - ''; - }; - }; - }; - - config = mkIf cfg.enable { - environment.persistence."${cfg.root}" = { - hideMounts = true; - inherit (cfg) directories files; - users = usersCfg; - }; - }; -} diff --git a/nixos/profiles/services/gnome-keyring/default.nix b/nixos/profiles/services/gnome-keyring/default.nix index 462bbfb..081985c 100644 --- a/nixos/profiles/services/gnome-keyring/default.nix +++ b/nixos/profiles/services/gnome-keyring/default.nix @@ -1,6 +1,4 @@ { ... }: { services.gnome.gnome-keyring.enable = true; - - environment.globalPersistence.user.directories = [ ".local/share/keyrings" ]; } diff --git a/nixos/profiles/services/openssh/default.nix b/nixos/profiles/services/openssh/default.nix index 60b97a0..75cf1ca 100644 --- a/nixos/profiles/services/openssh/default.nix +++ b/nixos/profiles/services/openssh/default.nix @@ -90,6 +90,4 @@ in }; restartUnits = [ "sshd.service" ]; }; - - environment.globalPersistence.user.directories = [ ".ssh" ]; } diff --git a/nixos/profiles/system/boot/secure-boot.nix b/nixos/profiles/system/boot/secure-boot.nix index 7842dbb..58f536e 100644 --- a/nixos/profiles/system/boot/secure-boot.nix +++ b/nixos/profiles/system/boot/secure-boot.nix @@ -9,5 +9,5 @@ pkiBundle = "/etc/secureboot"; }; - environment.globalPersistence.directories = [ "/etc/secureboot" ]; + preservation.preserveAt."/persist".directories = [ "/etc/secureboot" ]; } diff --git a/nixos/profiles/system/global-persistence.nix b/nixos/profiles/system/global-persistence.nix deleted file mode 100644 index d11e5cb..0000000 --- a/nixos/profiles/system/global-persistence.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, ... }: -{ - assertions = [ - { - assertion = config.fileSystems ? "/persist"; - message = '' - `config.fileSystems."/persist"` must be set. - ''; - } - ]; - - environment.globalPersistence = { - enable = true; - root = "/persist"; - directories = [ - "/var/cache" - "/var/lib" - "/var/log" - "/var/tmp" - ]; - files = [ - "/etc/machine-id" - ]; - }; - - systemd.suppressedSystemUnits = [ "systemd-machine-id-commit.service" ]; -} diff --git a/nixos/profiles/system/nix/settings.nix b/nixos/profiles/system/nix/settings.nix index 8fa92f8..2d0654a 100644 --- a/nixos/profiles/system/nix/settings.nix +++ b/nixos/profiles/system/nix/settings.nix @@ -20,9 +20,4 @@ builders-use-substitutes = true; }; }; - - environment.globalPersistence.user.directories = [ - ".cache/nix" - ".local/share/nix" - ]; } diff --git a/nixos/profiles/system/preservation.nix b/nixos/profiles/system/preservation.nix new file mode 100644 index 0000000..7b38040 --- /dev/null +++ b/nixos/profiles/system/preservation.nix @@ -0,0 +1,94 @@ +{ config, lib, ... }: +{ + assertions = [ + { + assertion = config.fileSystems ? "/persist"; + message = '' + `config.fileSystems."/persist"` must be set. + ''; + } + ]; + + preservation = { + enable = true; + preserveAt = lib.mkMerge ( + lib.mapAttrsToList ( + name: hmCfg: + lib.mapAttrs (_: preserve: { + users.${name} = { + home = hmCfg.home.homeDirectory; + inherit (preserve) directories files; + }; + }) hmCfg.preservation.preserveAt + ) (lib.filterAttrs (_: hmCfg: hmCfg.preservation.enable) config.home-manager.users) + ++ lib.singleton { + "/persist" = { + directories = [ + { + directory = "/var/cache"; + inInitrd = true; + } + { + directory = "/var/lib"; + inInitrd = true; + } + { + directory = "/var/log"; + inInitrd = true; + } + { + directory = "/var/tmp"; + inInitrd = true; + } + ]; + files = [ + { + file = "/etc/machine-id"; + inInitrd = true; + how = "symlink"; + configureParent = true; + } + ]; + }; + } + ); + }; + + # https://github.com/NixOS/nixpkgs/pull/351151#issuecomment-2549025171 + systemd.services.systemd-machine-id-commit = { + unitConfig.ConditionPathIsMountPoint = [ + "" + "/persist/etc/machine-id" + ]; + serviceConfig.ExecStart = [ + "" + "systemd-machine-id-setup --commit --root /persist" + ]; + }; + + # https://willibutz.github.io/preservation/examples.html + systemd.tmpfiles.settings.preservation = lib.mkMerge ( + lib.mapAttrsToList (name: hmCfg: { + "${hmCfg.home.homeDirectory}/.config".d = { + user = name; + group = config.users.users.${name}.group; + mode = "0755"; + }; + "${hmCfg.home.homeDirectory}/.local".d = { + user = name; + group = config.users.users.${name}.group; + mode = "0755"; + }; + "${hmCfg.home.homeDirectory}/.local/share".d = { + user = name; + group = config.users.users.${name}.group; + mode = "0755"; + }; + "${hmCfg.home.homeDirectory}/.local/state".d = { + user = name; + group = config.users.users.${name}.group; + mode = "0755"; + }; + }) (lib.filterAttrs (_: hmCfg: hmCfg.preservation.enable) config.home-manager.users) + ); +} diff --git a/nixos/profiles/users/rebmit/default.nix b/nixos/profiles/users/rebmit/default.nix index daf355c..922dc18 100644 --- a/nixos/profiles/users/rebmit/default.nix +++ b/nixos/profiles/users/rebmit/default.nix @@ -34,16 +34,9 @@ in sopsFile = config.sops.secretFiles.get "local.yaml"; }; - environment.globalPersistence.user.users = [ "rebmit" ]; - home-manager.users.rebmit = { ... }: { - home.globalPersistence = { - enable = true; - home = homeDirectory; - }; - programs.git = { userName = "Lu Wang"; userEmail = "rebmit@rebmit.moe"; diff --git a/nixos/profiles/virtualization/libvirtd/default.nix b/nixos/profiles/virtualization/libvirtd/default.nix index 35cdad3..8b0cbda 100644 --- a/nixos/profiles/virtualization/libvirtd/default.nix +++ b/nixos/profiles/virtualization/libvirtd/default.nix @@ -7,6 +7,4 @@ swtpm.enable = true; }; }; - - environment.globalPersistence.user.directories = [ ".config/libvirt" ]; }