diff --git a/flake.nix b/flake.nix index 5659c43..95bc850 100755 --- a/flake.nix +++ b/flake.nix @@ -138,7 +138,7 @@ config.nixosModules.mantle config.nixosModules.crust inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.nur.modules.nixos.default inputs.sops-nix.nixosModules.sops ]; @@ -149,7 +149,6 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.impermanence.nixosModules.impermanence # inputs.lix-module.nixosModules.default inputs.microvm.nixosModules.host inputs.sops-nix.nixosModules.sops @@ -161,7 +160,7 @@ config.nixosModules.core config.nixosModules.mantle inputs.home-manager.nixosModules.home-manager - inputs.lix-module.nixosModules.default + # inputs.lix-module.nixosModules.default inputs.sops-nix.nixosModules.sops ]; iso = inputs.self.lib.mkLinuxSystem [ diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index 16f6ec8..d6517dd 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -50,6 +50,7 @@ in comfyui firefly-iii forgejo + impermanence jellyfin mastodon microvm @@ -71,10 +72,9 @@ in inherit (modules) acme caddy - logrotate + impermanence microvm sambaEris - postgresEris ; }; }; diff --git a/modules/nixos/impermanence/default.nix b/modules/nixos/impermanence/default.nix new file mode 100644 index 0000000..97d18aa --- /dev/null +++ b/modules/nixos/impermanence/default.nix @@ -0,0 +1,6 @@ +{ flake, ... }: +{ + imports = [ + flake.inputs.impermanence.nixosModules.impermanence + ]; +} diff --git a/systems/eris/config/filesystem.nix b/systems/eris/config/filesystem.nix index 7e27956..079d81e 100755 --- a/systems/eris/config/filesystem.nix +++ b/systems/eris/config/filesystem.nix @@ -1,42 +1,45 @@ { flake, config, + lib, ... }: let - inherit (flake.config.machines.devices) ceres; - ceresSecrets = config.sops.secrets."network/server".path; - - sambaDrives = [ - "samba0" - ]; - - sambaFolders = [ - "storage" - ]; - - sambaMounts = sambaDrive: folder: { - name = "${ceres.${sambaDrive}.mount}/${folder}"; - value = { - device = "${ceres.${sambaDrive}.device}/${folder}"; - fsType = "cifs"; - options = ceres.${sambaDrive}.options ++ [ - "credentials=${ceresSecrets}" - ]; - }; - }; - + inherit (flake.config.people) user0; + rootDevice = "/dev/disk/by-label/root"; + bootDevice = "/dev/disk/by-label/BOOT"; in - { fileSystems = { "/" = { - device = "/dev/disk/by-uuid/df2d42e7-e91c-4525-a8d9-80aa0897b1be"; - fsType = "ext4"; + device = rootDevice; + fsType = "btrfs"; + options = [ + "subvol=root" + ]; + }; + "/nix" = { + device = rootDevice; + fsType = "btrfs"; + options = [ + "subvol=nix" + ]; + }; + "/persist" = { + device = rootDevice; + fsType = "btrfs"; + neededForBoot = true; + options = [ + "subvol=persist" + ]; }; "/boot" = { - device = "/dev/disk/by-uuid/B645-7527"; + device = bootDevice; fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; }; "/mnt/storage" = { device = "/dev/md0"; @@ -47,23 +50,91 @@ in "x-systemd.device-timeout=10" ]; }; - } - // (builtins.listToAttrs ( - builtins.concatMap (drive: map (folder: sambaMounts drive folder) sambaFolders) sambaDrives - )); + "/etc/ssh" = { + neededForBoot = true; + }; + }; + environment.persistence."/persist" = { + directories = [ + "/var/cache" + "/var/lib" + { + directory = "/etc/ssh"; + mode = "u=rwx,g=rx,o=rx"; + user = "root"; + } + ]; + hideMounts = true; + users.${user0} = { + directories = [ + ".cache" + ".config" + ".local/share/direnv" + ".local/state/nix" + { + directory = ".ssh"; + mode = "u=rwx,g=,o="; + } + ]; + }; + }; + boot = { + initrd.postResumeCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount -o subvolid=5 ${rootDevice} /btrfs_tmp - swapDevices = [ - { device = "/dev/disk/by-uuid/9a2e032d-8627-49cf-8f3f-8fdf2be5fed4"; } - ]; + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi - boot.swraid.enable = true; - boot.swraid.mdadmConf = '' - ARRAY /dev/md0 metadata=1.2 name=eris:storage UUID=64659038:a939a18d:8cdc0f3f:97171a50 - ''; + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; + swraid.enable = true; + mdadmConf = '' + ARRAY /dev/md0 metadata=1.2 name=eris:storage UUID=64659038:a939a18d:8cdc0f3f:97171a50 + ''; + }; systemd.tmpfiles.rules = [ + "Z ${config.home-manager.users.${user0}.home.homeDirectory} 0755 ${user0} users -" "d /mnt/storage 2775 root root -" ]; - services.udisks2.enable = true; } + +# sudo mount /dev/disk/by-label/root /mnt +# sudo btrfs subvolume create /mnt/persist +# sudo btsfs subvolume create /mnt/rootDevice +# sudo btrfs subvolume create /mnt/nix +# sudo umount /mnt + +# sudo mount -o subvol=root /dev/disk/by-label/root /mnt + +# sudo mount -o subvol=nix /dev/disk/by-label/root /mnt/nix +# sudo mount -o subvol=persist /dev/disk/by-label/root /mnt/persist + +# sudo mount /dev/disk/by-label/BOOT /mnt/boot + +# sudo nixos-generate-config --root /mnt + +# sudo nixos-install --root /mnt + +# sudo nixos-enter --root /mnt +# nixos-rebuild boot +# exit + +# sudo reboot