rebmit/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

treewide: drop impermanence in favor of preservation

Browse source
This commit is contained in:
Lu Wang 2024-12-26 13:35:29 +08:00
parent 6c422a41c6
commit f28c4d7d7c
Signed by: rebmit
SSH key fingerprint: SHA256:3px8QV1zEerIrEWHaqtH5rR9kjetyRST5EipOPrd+bU
26 changed files with 198 additions and 210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
flake.lock
View file

@ -251,21 +251,6 @@
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1734772301,
"narHash": "sha256-mQEQQzCTUlDiEw/EbblB510P/GQOmIPtKoJrqDqeGVc=",
"owner": "nix-community",
"repo": "impermanence",
"rev": "0ab2f858dfefe73402eb53fbe6a3bad4f6702d5f",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "impermanence",
"type": "github"
}
},
"lanzaboote": {
"inputs": {
"crane": "crane",
@ -397,6 +382,21 @@
"type": "github"
}
},
"preservation": {
"locked": {
"lastModified": 1734453061,
"narHash": "sha256-FfHXIRuyTmv9/U3ioOu3jnij1NPA6ywk7GdC3A+FMAA=",
"owner": "WilliButz",
"repo": "preservation",
"rev": "9ee89d71475c0f4a6e97ed4a9169e377222ea8d6",
"type": "github"
},
"original": {
"owner": "WilliButz",
"repo": "preservation",
"type": "github"
}
},
"rebmit": {
"inputs": {
"devshell": "devshell",
@ -449,7 +449,6 @@
"git-hooks-nix"
],
"home-manager": "home-manager",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"niri-flake": "niri-flake",
"nixpkgs": [
@ -461,6 +460,7 @@
"rebmit",
"nixpkgs-unstable"
],
"preservation": "preservation",
"rebmit": "rebmit",
"sops-nix": "sops-nix",
"treefmt-nix": [

2
flake.nix
View file

@ -31,7 +31,7 @@
# nixos modules
impermanence.url = "github:nix-community/impermanence";
preservation.url = "github:WilliButz/preservation";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";

1
flake/home-manager.nix
View file

@ -18,6 +18,7 @@ let
applications.base
fish
helix
preservation
tmux
yazi
# keep-sorted end

2
flake/hosts.nix
View file

@ -49,7 +49,7 @@ let
name:
nixosModules
++ [
inputs.impermanence.nixosModules.impermanence
inputs.preservation.nixosModules.preservation
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
inputs.disko.nixosModules.disko

2
flake/nixos.nix
View file

@ -28,11 +28,11 @@ let
system.boot.kernel.latest
system.boot.systemd-initrd
system.common
system.global-persistence
system.nix.gc
system.nix.registry
system.nix.settings
system.nix.version
system.preservation
users.root
# keep-sorted end
];

53
home-manager/modules/home/global-persistence.nix
View file

@ -1,53 +0,0 @@
# Portions of this file are sourced from
# https://github.com/linyinfeng/dotfiles/blob/b618b0fd16fb9c79ab7199ed51c4c0f98a392cea/home-manager/modules/home/global-persistence.nix
{
config,
lib,
osConfig,
...
}:
with lib;
let
cfg = config.home.globalPersistence;
sysCfg = osConfig.environment.globalPersistence;
in
{
options.home.globalPersistence = {
enable = mkEnableOption "global presistence storage";
home = mkOption {
type = types.str;
description = ''
Home directory.
'';
};
directories = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
A list of directories in your home directory that you want to link to persistent storage.
'';
};
files = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
A list of files in your home directory you want to link to persistent storage.
'';
};
enabled = mkOption {
type = types.bool;
default = false;
description = ''
Is global home persistence storage enabled.
'';
};
};
config = mkIf (osConfig != null && sysCfg.enable) {
home.globalPersistence = {
inherit (sysCfg.user) directories;
inherit (sysCfg.user) files;
enabled = cfg.enable;
};
};
}

57
home-manager/modules/preservation.nix Normal file
View file

@ -0,0 +1,57 @@
{
config,
lib,
osConfig,
...
}:
with lib;
let
cfg = config.preservation;
sysCfg = osConfig.preservation;
in
{
options.preservation = {
enable = mkEnableOption "the preservation module";
preserveAt = mkOption {
type = types.attrsOf (
types.submodule (
{ ... }:
{
options = {
directories = mkOption {
type = with types; listOf (coercedTo str (d: { directory = d; }) anything);
default = [ ];
description = ''
Specify a list of directories that should be preserved for this user.
The paths are interpreted relative to the user's home directory.
'';
};
files = mkOption {
type = with types; listOf (coercedTo str (f: { file = f; }) anything);
default = [ ];
description = ''
Specify a list of files that should be preserved for this user.
The paths are interpreted relative to the user's home directory.
'';
};
};
}
)
);
default = { };
description = ''
Specify a set of locations and the corresponding state that
should be preserved for this user.
'';
};
};
config = {
warnings = mkIf (cfg.enable && !sysCfg.enable) [
''
The preservation module is enabled in Home Manager but disabled system-wide.
As a result, the settings will not take effect.
''
];
};
}

2
home-manager/profiles/applications/desktop.nix
View file

@ -17,7 +17,7 @@
# keep-sorted end
];
home.globalPersistence.directories = [
preservation.preserveAt."/persist".directories = [
".thunderbird"
".zotero"

2
home-manager/profiles/darkman/default.nix
View file

@ -10,7 +10,7 @@ in
{
services.darkman.enable = true;
home.globalPersistence.directories = [ ".cache/darkman" ];
preservation.preserveAt."/persist".directories = [ ".cache/darkman" ];
systemd.user.tmpfiles.rules = [
"C %h/.cache/darkman/mode.txt - - - - ${defaultMode}"

4
home-manager/profiles/development/default.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
home.globalPersistence.directories = [
"Projects"
];
preservation.preserveAt."/persist".directories = [ "Projects" ];
}

2
home-manager/profiles/direnv/default.nix
View file

@ -5,5 +5,5 @@
nix-direnv.enable = true;
};
home.globalPersistence.directories = [ ".local/share/direnv" ];
preservation.preserveAt."/persist".directories = [ ".local/share/direnv" ];
}

2
home-manager/profiles/firefox/default.nix
View file

@ -178,7 +178,7 @@
};
};
home.globalPersistence.directories = [ ".mozilla" ];
preservation.preserveAt."/persist".directories = [ ".mozilla" ];
programs.niri.browser = lib.mkDefault [ "firefox" ];
}

2
home-manager/profiles/fish/default.nix
View file

@ -39,5 +39,5 @@
'';
};
home.globalPersistence.directories = [ ".local/share/fish" ];
preservation.preserveAt."/persist".directories = [ ".local/share/fish" ];
}

17
home-manager/profiles/preservation/default.nix Normal file
View file

@ -0,0 +1,17 @@
{ lib, osConfig, ... }:
{
preservation = {
enable = true;
preserveAt."/persist" = {
directories =
[
".cache/nix"
".local/share/nix"
".ssh"
]
++ lib.optionals osConfig.services.gnome.gnome-keyring.enable [
".local/share/keyrings"
];
};
};
}

2
home-manager/profiles/syncthing/default.nix
View file

@ -2,5 +2,5 @@
{
services.syncthing.enable = true;
home.globalPersistence.directories = [ ".local/state/syncthing" ];
preservation.preserveAt."/persist".directories = [ ".local/state/syncthing" ];
}

4
home-manager/profiles/valent/default.nix
View file

@ -15,7 +15,5 @@
Install.WantedBy = [ "graphical-session.target" ];
};
home.globalPersistence.directories = [
".config/valent"
];
preservation.preserveAt."/persist".directories = [ ".config/valent" ];
}

2
home-manager/profiles/xdg-user-dirs/default.nix
View file

@ -13,7 +13,7 @@
videos = "$HOME/Videos";
};
home.globalPersistence.directories = [
preservation.preserveAt."/persist".directories = [
"Documents"
"Downloads"
"Music"

79
nixos/modules/system/global-persistence.nix
View file

@ -1,79 +0,0 @@
# Portions of this file are sourced from
# https://github.com/linyinfeng/dotfiles/blob/b618b0fd16fb9c79ab7199ed51c4c0f98a392cea/nixos/modules/environment/global-persistence/default.nix
{
config,
lib,
...
}:
let
cfg = config.environment.globalPersistence;
userCfg =
name:
assert config.home-manager.users.${name}.home.globalPersistence.enabled;
{
inherit name;
value = {
inherit (config.home-manager.users.${name}.home.globalPersistence) home directories files;
};
};
usersCfg = lib.listToAttrs (map userCfg cfg.user.users);
in
with lib;
{
options.environment.globalPersistence = {
enable = mkEnableOption "global persistence storage";
root = mkOption {
type = types.str;
description = ''
The root of persistence storage.
'';
};
directories = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Directories to bind mount to persistent storage.
'';
};
files = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Files that should be stored in persistent storage.
'';
};
user = {
users = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Persistence for users.
'';
};
directories = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Directories to bind mount to persistent storage for users.
Paths should be relative to home of user.
'';
};
files = mkOption {
type = with types; listOf str;
default = [ ];
description = ''
Files to link to persistent storage for users.
Paths should be relative to home of user.
'';
};
};
};
config = mkIf cfg.enable {
environment.persistence."${cfg.root}" = {
hideMounts = true;
inherit (cfg) directories files;
users = usersCfg;
};
};
}

2
nixos/profiles/services/gnome-keyring/default.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
services.gnome.gnome-keyring.enable = true;
environment.globalPersistence.user.directories = [ ".local/share/keyrings" ];
}

2
nixos/profiles/services/openssh/default.nix
View file

@ -90,6 +90,4 @@ in
};
restartUnits = [ "sshd.service" ];
};
environment.globalPersistence.user.directories = [ ".ssh" ];
}

2
nixos/profiles/system/boot/secure-boot.nix
View file

@ -9,5 +9,5 @@
pkiBundle = "/etc/secureboot";
};
environment.globalPersistence.directories = [ "/etc/secureboot" ];
preservation.preserveAt."/persist".directories = [ "/etc/secureboot" ];
}

27
nixos/profiles/system/global-persistence.nix
View file

@ -1,27 +0,0 @@
{ config, ... }:
{
assertions = [
{
assertion = config.fileSystems ? "/persist";
message = ''
`config.fileSystems."/persist"` must be set.
'';
}
];
environment.globalPersistence = {
enable = true;
root = "/persist";
directories = [
"/var/cache"
"/var/lib"
"/var/log"
"/var/tmp"
];
files = [
"/etc/machine-id"
];
};
systemd.suppressedSystemUnits = [ "systemd-machine-id-commit.service" ];
}

5
nixos/profiles/system/nix/settings.nix
View file

@ -20,9 +20,4 @@
builders-use-substitutes = true;
};
};
environment.globalPersistence.user.directories = [
".cache/nix"
".local/share/nix"
];
}

94
nixos/profiles/system/preservation.nix Normal file
View file

@ -0,0 +1,94 @@
{ config, lib, ... }:
{
assertions = [
{
assertion = config.fileSystems ? "/persist";
message = ''
`config.fileSystems."/persist"` must be set.
'';
}
];
preservation = {
enable = true;
preserveAt = lib.mkMerge (
lib.mapAttrsToList (
name: hmCfg:
lib.mapAttrs (_: preserve: {
users.${name} = {
home = hmCfg.home.homeDirectory;
inherit (preserve) directories files;
};
}) hmCfg.preservation.preserveAt
) (lib.filterAttrs (_: hmCfg: hmCfg.preservation.enable) config.home-manager.users)
++ lib.singleton {
"/persist" = {
directories = [
{
directory = "/var/cache";
inInitrd = true;
}
{
directory = "/var/lib";
inInitrd = true;
}
{
directory = "/var/log";
inInitrd = true;
}
{
directory = "/var/tmp";
inInitrd = true;
}
];
files = [
{
file = "/etc/machine-id";
inInitrd = true;
how = "symlink";
configureParent = true;
}
];
};
}
);
};
# https://github.com/NixOS/nixpkgs/pull/351151#issuecomment-2549025171
systemd.services.systemd-machine-id-commit = {
unitConfig.ConditionPathIsMountPoint = [
""
"/persist/etc/machine-id"
];
serviceConfig.ExecStart = [
""
"systemd-machine-id-setup --commit --root /persist"
];
};
# https://willibutz.github.io/preservation/examples.html
systemd.tmpfiles.settings.preservation = lib.mkMerge (
lib.mapAttrsToList (name: hmCfg: {
"${hmCfg.home.homeDirectory}/.config".d = {
user = name;
group = config.users.users.${name}.group;
mode = "0755";
};
"${hmCfg.home.homeDirectory}/.local".d = {
user = name;
group = config.users.users.${name}.group;
mode = "0755";
};
"${hmCfg.home.homeDirectory}/.local/share".d = {
user = name;
group = config.users.users.${name}.group;
mode = "0755";
};
"${hmCfg.home.homeDirectory}/.local/state".d = {
user = name;
group = config.users.users.${name}.group;
mode = "0755";
};
}) (lib.filterAttrs (_: hmCfg: hmCfg.preservation.enable) config.home-manager.users)
);
}

7
nixos/profiles/users/rebmit/default.nix
View file

@ -34,16 +34,9 @@ in
sopsFile = config.sops.secretFiles.get "local.yaml";
};
environment.globalPersistence.user.users = [ "rebmit" ];
home-manager.users.rebmit =
{ ... }:
{
home.globalPersistence = {
enable = true;
home = homeDirectory;
};
programs.git = {
userName = "Lu Wang";
userEmail = "rebmit@rebmit.moe";

2
nixos/profiles/virtualization/libvirtd/default.nix
View file

@ -7,6 +7,4 @@
swtpm.enable = true;
};
};
environment.globalPersistence.user.directories = [ ".config/libvirt" ];
}