diff options
-rw-r--r-- | flake.lock | 16 | ||||
-rw-r--r-- | flake.nix | 2 | ||||
-rw-r--r-- | machines/x220/default.nix | 34 | ||||
-rw-r--r-- | machines/x220/disko-config.nix | 48 | ||||
-rw-r--r-- | machines/x220/disko.nix | 76 | ||||
-rw-r--r-- | machines/x220/hardware-configuration.nix | 2 |
6 files changed, 152 insertions, 26 deletions
diff --git a/flake.lock b/flake.lock index 5acc33b..82a17fc 100644 --- a/flake.lock +++ b/flake.lock @@ -41,6 +41,21 @@ "type": "github" } }, + "impermanence": { + "locked": { + "lastModified": 1727649413, + "narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "d0b38e550039a72aff896ee65b0918e975e6d48e", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1728056216, @@ -77,6 +92,7 @@ "inputs": { "disko": "disko", "home-manager": "home-manager", + "impermanence": "impermanence", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs" } diff --git a/flake.nix b/flake.nix index ed19fcc..3da2fb9 100644 --- a/flake.nix +++ b/flake.nix @@ -11,6 +11,7 @@ nixos-hardware.url = "github:NixOS/nixos-hardware/master"; disko.url = "github:nix-community/disko"; disko.inputs.nixpkgs.follows = "nixpkgs"; + impermanence.url = "github:nix-community/impermanence"; }; outputs = { self, nixpkgs, ... }@inputs: @@ -55,6 +56,7 @@ x220 = nixosSystem "x86_64-linux" "x220" [ inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x220 inputs.disko.nixosModules.disko + inputs.impermanence.nixosModules.impermanence inputs.home-manager.nixosModules.default { home-manager.useGlobalPkgs = true; diff --git a/machines/x220/default.nix b/machines/x220/default.nix index 92e229b..a4914ca 100644 --- a/machines/x220/default.nix +++ b/machines/x220/default.nix @@ -47,6 +47,39 @@ # wget ]; + fileSystems."/persist".neededForBoot = true; + environment.persistence."/persistent" = { + enable = true; # NB: Defaults to true, not needed + hideMounts = true; + directories = [ + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + "/etc/NetworkManager/system-connections" + { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; } + ]; + files = [ + "/etc/machine-id" + "/etc/shadow" + { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; } + ]; + users.pn = { + directories = [ + "Downloads" + "Music" + "Pictures" + "Documents" + "Videos" + "VirtualBox VMs" + { directory = ".gnupg"; mode = "0700"; } + { directory = ".ssh"; mode = "0700"; } + { directory = ".local/share/keyrings"; mode = "0700"; } + ".local/share/direnv" + ]; + }; + }; + # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; @@ -69,6 +102,5 @@ # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/machines/x220/disko-config.nix b/machines/x220/disko-config.nix index cdf31bd..3512416 100644 --- a/machines/x220/disko-config.nix +++ b/machines/x220/disko-config.nix @@ -8,30 +8,30 @@ { lib, config, ... }: { - boot.initrd.postDeviceCommands = '' - mkdir /btrfs_tmp - mount -t btrfs -o subvol=root,defaults ${config.disko.devices.disk.main.device} /btrfs_tmp - if [[ -e /btrfs_tmp/root ]]; then - mkdir -p /btrfs_tmp/old_roots - timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") - mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" - fi - - delete_subvolume_recursively() { - IFS=$'\n' - for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do - delete_subvolume_recursively "/btrfs_tmp/$i" - done - btrfs subvolume delete "$1" - } - - for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do - delete_subvolume_recursively "$i" - done - - btrfs subvolume create /btrfs_tmp/root - umount /btrfs_tmp - ''; + #boot.initrd.postDeviceCommands = '' + #mkdir /btrfs_tmp + #mount -t btrfs -o subvol=root,defaults ${config.disko.devices.disk.main.device} /btrfs_tmp + #if [[ -e /btrfs_tmp/root ]]; then + #mkdir -p /btrfs_tmp/old_roots + #timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + #mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + #fi +# + #delete_subvolume_recursively() { + #IFS=$'\n' + #for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + #delete_subvolume_recursively "/btrfs_tmp/$i" + #done + #btrfs subvolume delete "$1" + #} +# + #for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + #delete_subvolume_recursively "$i" + #done +# + #btrfs subvolume create /btrfs_tmp/root + #umount /btrfs_tmp + #''; disko.devices = { disk = { diff --git a/machines/x220/disko.nix b/machines/x220/disko.nix new file mode 100644 index 0000000..714cafa --- /dev/null +++ b/machines/x220/disko.nix @@ -0,0 +1,76 @@ +{ + device ? throw "Set this to your disk device, e.g. /dev/sda", + ... +}: { + disko.devices = { + disk.main = { + inherit device; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + swap = { + size = "13G"; + content = { + type = "swap"; + resumeDevice = true; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "lvm_pv"; + vg = "root_vg"; + }; + }; + }; + }; + }; + lvm_vg = { + root_vg = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + + subvolumes = { + "/root" = { + mountpoint = "/"; + }; + + "/persist" = { + mountOptions = ["subvol=persist" "noatime"]; + mountpoint = "/persist"; + }; + + "/nix" = { + mountOptions = ["subvol=nix" "noatime"]; + mountpoint = "/nix"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/machines/x220/hardware-configuration.nix b/machines/x220/hardware-configuration.nix index 3f696de..9190ff7 100644 --- a/machines/x220/hardware-configuration.nix +++ b/machines/x220/hardware-configuration.nix @@ -6,7 +6,7 @@ { imports = [ (modulesPath + "/installer/scan/not-detected.nix") - ./disko-config.nix + (import ./disko.nix { device = "/dev/sda"; }) ]; boot.loader.systemd-boot.enable = true; |