From 2e04132dd1770cac5854e76c69fb7717eabbf170 Mon Sep 17 00:00:00 2001 From: jay Date: Sun, 6 Jul 2025 00:23:14 -0400 Subject: [PATCH] Add impermanence implementation. --- flake.lock | 16 +++++++++++ flake.nix | 4 +++ nodes/hosts/common/configuration.nix | 1 + nodes/hosts/lappy/configuration.nix | 3 +- nodes/hosts/lappy/impermanence.nix | 41 ++++++++++++++++++++++++++++ nodes/hosts/nixy/impermanence.nix | 40 +++++++++++++++++++++++++++ 6 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 nodes/hosts/lappy/impermanence.nix create mode 100644 nodes/hosts/nixy/impermanence.nix diff --git a/flake.lock b/flake.lock index b3939d6..6c681f8 100644 --- a/flake.lock +++ b/flake.lock @@ -388,6 +388,21 @@ "type": "github" } }, + "impermanence-stable-nixos": { + "locked": { + "lastModified": 1737831083, + "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=", + "owner": "nix-community", + "repo": "impermanence", + "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "impermanence", + "type": "github" + } + }, "nix-darwin": { "inputs": { "nixpkgs": [ @@ -616,6 +631,7 @@ "disko-stable-nixos": "disko-stable-nixos", "home-manager-stable-nixos": "home-manager-stable-nixos", "hyprpanel-stable-nixos": "hyprpanel-stable-nixos", + "impermanence-stable-nixos": "impermanence-stable-nixos", "nix-flatpak-stable-nixos": "nix-flatpak-stable-nixos", "nixpkgs": "nixpkgs_2", "nixpkgs-stable-nixos": "nixpkgs-stable-nixos", diff --git a/flake.nix b/flake.nix index cb37556..107267e 100644 --- a/flake.nix +++ b/flake.nix @@ -20,6 +20,10 @@ hyprpanel-stable-nixos = { url = "github:Jas-SinghFSU/Hyprpanel"; }; + + impermanence-stable-nixos = { + url = "github:nix-community/impermanence"; + }; nix-flatpak-stable-nixos = { url = "github:gmodena/nix-flatpak/?ref=latest"; diff --git a/nodes/hosts/common/configuration.nix b/nodes/hosts/common/configuration.nix index 7fdd79d..cd69763 100644 --- a/nodes/hosts/common/configuration.nix +++ b/nodes/hosts/common/configuration.nix @@ -4,6 +4,7 @@ inputs.nix-flatpak.nixosModules.nix-flatpak inputs.stylix.nixosModules.stylix inputs.home-manager.nixosModules.home-manager + inputs.impermanence.nixosModules.impermanence inputs.sops-nix.nixosModules.sops ./programs/emulation.nix ./programs/firefox.nix diff --git a/nodes/hosts/lappy/configuration.nix b/nodes/hosts/lappy/configuration.nix index 7724e5a..54523e6 100644 --- a/nodes/hosts/lappy/configuration.nix +++ b/nodes/hosts/lappy/configuration.nix @@ -2,12 +2,13 @@ # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, inputs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix + ./impermanence.nix ./programs/sof-firmware.nix # Not working yet. #./services/fprintd.nix diff --git a/nodes/hosts/lappy/impermanence.nix b/nodes/hosts/lappy/impermanence.nix new file mode 100644 index 0000000..4d35aa4 --- /dev/null +++ b/nodes/hosts/lappy/impermanence.nix @@ -0,0 +1,41 @@ +{lib, ...}: { + # Reset root subvolume on boot + boot.initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/mapper/cryptroot /btrfs_tmp # CONFIRM THIS IS CORRECT FROM findmnt + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; + + # Use /persist as the persistence root, matching Disko's mountpoint + environment.persistence."/nix/persist" = { + hideMounts = true; + directories = [ + "/etc" # System configuration (Keep this here for persistence via bind-mount) + "/var/spool" # Mail queues, cron jobs + "/srv" # Web server data, etc. + "/root" + "/home" + ]; + files = [ + ]; + }; +} diff --git a/nodes/hosts/nixy/impermanence.nix b/nodes/hosts/nixy/impermanence.nix new file mode 100644 index 0000000..f643f1e --- /dev/null +++ b/nodes/hosts/nixy/impermanence.nix @@ -0,0 +1,40 @@ +{lib, ...}: { + # Reset root subvolume on boot + boot.initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/disk/by-uuid/77021dd1-9fa5-4e9f-9be2-ba943e6de77c /btrfs_tmp # CONFIRM THIS IS CORRECT FROM findmnt + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; + + # Use /persist as the persistence root, matching Disko's mountpoint + environment.persistence."/nix/persist" = { + hideMounts = true; + directories = [ + "/etc" # System configuration (Keep this here for persistence via bind-mount) + "/var/spool" # Mail queues, cron jobs + "/srv" # Web server data, etc. + "/root" + ]; + files = [ + ]; + }; +}