Add impermanence

6 files changed, 152 insertions, 26 deletions

diff --git a/flake.lock b/flake.lock
index 5acc33b..82a17fc 100644
--- a/flake.lock
+++ b/flake.lock
@@ -41,6 +41,21 @@
         "type": "github"
       }
     },
+    "impermanence": {
+      "locked": {
+        "lastModified": 1727649413,
+        "narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "d0b38e550039a72aff896ee65b0918e975e6d48e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
     "nixos-hardware": {
       "locked": {
         "lastModified": 1728056216,
@@ -77,6 +92,7 @@
       "inputs": {
         "disko": "disko",
         "home-manager": "home-manager",
+        "impermanence": "impermanence",
         "nixos-hardware": "nixos-hardware",
         "nixpkgs": "nixpkgs"
       }
diff --git a/flake.nix b/flake.nix
index ed19fcc..3da2fb9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -11,6 +11,7 @@
 		nixos-hardware.url = "github:NixOS/nixos-hardware/master";
 		disko.url = "github:nix-community/disko";
   		disko.inputs.nixpkgs.follows = "nixpkgs";
+		impermanence.url = "github:nix-community/impermanence";
 	};
 
 	outputs = { self, nixpkgs, ... }@inputs: 
@@ -55,6 +56,7 @@
 			x220 = nixosSystem "x86_64-linux" "x220" [
 				inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x220
 				inputs.disko.nixosModules.disko
+				inputs.impermanence.nixosModules.impermanence
 				inputs.home-manager.nixosModules.default
 				{
 					home-manager.useGlobalPkgs = true;
diff --git a/machines/x220/default.nix b/machines/x220/default.nix
index 92e229b..a4914ca 100644
--- a/machines/x220/default.nix
+++ b/machines/x220/default.nix
@@ -47,6 +47,39 @@
 #  wget
 	];
 
+	fileSystems."/persist".neededForBoot = true;
+	environment.persistence."/persistent" = {
+    enable = true;  # NB: Defaults to true, not needed
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/bluetooth"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/etc/NetworkManager/system-connections"
+      { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
+    ];
+    files = [
+      "/etc/machine-id"
+	"/etc/shadow"
+      { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
+    ];
+    users.pn = {
+      directories = [
+        "Downloads"
+        "Music"
+        "Pictures"
+        "Documents"
+        "Videos"
+        "VirtualBox VMs"
+        { directory = ".gnupg"; mode = "0700"; }
+        { directory = ".ssh"; mode = "0700"; }
+        { directory = ".local/share/keyrings"; mode = "0700"; }
+        ".local/share/direnv"
+      ];
+    };
+  };
+
 # Some programs need SUID wrappers, can be configured further or are
 # started in user sessions.
 # programs.mtr.enable = true;
@@ -69,6 +102,5 @@
 # this value at the release version of the first install of this system.
 # Before changing this value read the documentation for this option
 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-	system.stateVersion = "24.05"; # Did you read the comment?
 
 }
diff --git a/machines/x220/disko-config.nix b/machines/x220/disko-config.nix
index cdf31bd..3512416 100644
--- a/machines/x220/disko-config.nix
+++ b/machines/x220/disko-config.nix
@@ -8,30 +8,30 @@
 { lib, config, ... }:
 {
 
-  boot.initrd.postDeviceCommands = ''
-    mkdir /btrfs_tmp
-    mount -t btrfs -o subvol=root,defaults ${config.disko.devices.disk.main.device} /btrfs_tmp
-    if [[ -e /btrfs_tmp/root ]]; then
-        mkdir -p /btrfs_tmp/old_roots
-        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
-        mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
-    fi
-
-    delete_subvolume_recursively() {
-        IFS=$'\n'
-        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
-            delete_subvolume_recursively "/btrfs_tmp/$i"
-        done
-        btrfs subvolume delete "$1"
-    }
-
-    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
-        delete_subvolume_recursively "$i"
-    done
-
-    btrfs subvolume create /btrfs_tmp/root
-    umount /btrfs_tmp
-  '';
+  #boot.initrd.postDeviceCommands = ''
+    #mkdir /btrfs_tmp
+    #mount -t btrfs -o subvol=root,defaults ${config.disko.devices.disk.main.device} /btrfs_tmp
+    #if [[ -e /btrfs_tmp/root ]]; then
+        #mkdir -p /btrfs_tmp/old_roots
+        #timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
+        #mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    #fi
+#
+    #delete_subvolume_recursively() {
+        #IFS=$'\n'
+        #for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+            #delete_subvolume_recursively "/btrfs_tmp/$i"
+        #done
+        #btrfs subvolume delete "$1"
+    #}
+#
+    #for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+        #delete_subvolume_recursively "$i"
+    #done
+#
+    #btrfs subvolume create /btrfs_tmp/root
+    #umount /btrfs_tmp
+  #'';
 
   disko.devices = {
     disk = {
diff --git a/machines/x220/disko.nix b/machines/x220/disko.nix
new file mode 100644
index 0000000..714cafa
--- /dev/null
+++ b/machines/x220/disko.nix
@@ -0,0 +1,76 @@
+{
+  device ? throw "Set this to your disk device, e.g. /dev/sda",
+  ...
+}: {
+  disko.devices = {
+    disk.main = {
+      inherit device;
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "ESP";
+            size = "500M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          swap = {
+            size = "13G";
+            content = {
+              type = "swap";
+              resumeDevice = true;
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              type = "lvm_pv";
+              vg = "root_vg";
+            };
+          };
+        };
+      };
+    };
+    lvm_vg = {
+      root_vg = {
+        type = "lvm_vg";
+        lvs = {
+          root = {
+            size = "100%FREE";
+            content = {
+              type = "btrfs";
+              extraArgs = ["-f"];
+
+              subvolumes = {
+                "/root" = {
+                  mountpoint = "/";
+                };
+
+                "/persist" = {
+                  mountOptions = ["subvol=persist" "noatime"];
+                  mountpoint = "/persist";
+                };
+
+                "/nix" = {
+                  mountOptions = ["subvol=nix" "noatime"];
+                  mountpoint = "/nix";
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
diff --git a/machines/x220/hardware-configuration.nix b/machines/x220/hardware-configuration.nix
index 3f696de..9190ff7 100644
--- a/machines/x220/hardware-configuration.nix
+++ b/machines/x220/hardware-configuration.nix
@@ -6,7 +6,7 @@
 {
   imports =
     [ (modulesPath + "/installer/scan/not-detected.nix")
-	./disko-config.nix
+      (import ./disko.nix { device = "/dev/sda"; })
     ];
 
   boot.loader.systemd-boot.enable = true;