From 1682c71bdfb1d78f883ec3739d1b87742b3cc238 Mon Sep 17 00:00:00 2001 From: Aleksandr Lebedev Date: Tue, 17 Dec 2024 19:05:43 +0100 Subject: [PATCH] disko + impermanence pc --- flake.lock | 37 ++++++++++- flake.nix | 33 ++++++++-- nixos/configuration.nix | 4 +- nixos/fastfetch/default.nix | 5 +- nixos/home.nix | 4 +- nixos/homepc-hardware-conf.nix | 18 +---- nixos/modules/disko/impermanence-disko.nix | 76 ++++++++++++++++++++++ nixos/modules/impermanence/default.nix | 47 +++++++++++++ nixos/modules/impermanence/home.nix | 29 +++++++++ 9 files changed, 224 insertions(+), 29 deletions(-) create mode 100644 nixos/modules/disko/impermanence-disko.nix create mode 100644 nixos/modules/impermanence/default.nix create mode 100644 nixos/modules/impermanence/home.nix diff --git a/flake.lock b/flake.lock index 65a6fd7..4a57485 100644 --- a/flake.lock +++ b/flake.lock @@ -764,6 +764,22 @@ } }, "nixpkgs_4": { + "locked": { + "lastModified": 1731763621, + "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { "locked": { "lastModified": 1732238832, "narHash": "sha256-sQxuJm8rHY20xq6Ah+GwIUkF95tWjGRd1X8xF+Pkk38=", @@ -861,6 +877,7 @@ "hyprland": "hyprland", "nixpkgs": "nixpkgs_3", "nixvim": "nixvim", + "sops-nix": "sops-nix", "stylix": "stylix" } }, @@ -880,6 +897,24 @@ "type": "github" } }, + "sops-nix": { + "inputs": { + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1733965552, + "narHash": "sha256-GZ4YtqkfyTjJFVCub5yAFWsHknG1nS/zfk7MuHht4Fs=", + "owner": "Mic92", + "repo": "sops-nix", + "rev": "2d73fc6ac4eba4b9a83d3cb8275096fbb7ab4004", + "type": "github" + }, + "original": { + "owner": "Mic92", + "repo": "sops-nix", + "type": "github" + } + }, "stylix": { "inputs": { "base16": "base16", @@ -890,7 +925,7 @@ "flake-utils": "flake-utils_2", "gnome-shell": "gnome-shell", "home-manager": "home-manager_3", - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "systems": "systems_3", "tinted-foot": "tinted-foot", "tinted-kitty": "tinted-kitty", diff --git a/flake.nix b/flake.nix index c0d0755..0aab82a 100644 --- a/flake.nix +++ b/flake.nix @@ -17,11 +17,19 @@ apple-silicon-support.url = "github:zzywysm/nixos-asahi"; #nur.url = "github:nix-community/NUR"; + sops-nix.url = "github:Mic92/sops-nix"; home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + impermanence.url = "github:nix-community/impermanence"; }; outputs = { self, nixpkgs, stylix, nixvim, ... }@inputs: @@ -37,6 +45,15 @@ arm = "aarch64-linux"; x86 = "x86_64-linux"; username = "kylekrein"; + + general-modules = [ + #inputs.sops-nix.nixosModules.sops + inputs.home-manager.nixosModules.default + stylix.nixosModules.stylix + + ]; + + first-nixos-install = "1729112485"; #stat -c %W / in { nixosConfigurations = { @@ -47,8 +64,10 @@ hostname = "${username}-homepc"; isLaptop = false; system = x86; + useImpermanence = true; }; inherit username; + inherit first-nixos-install; inherit inputs; }; system = x86; @@ -60,15 +79,17 @@ # }; # }; modules = [ + inputs.impermanence.nixosModules.impermamence + inputs.disko.nixosModules.default + (import ./nixos/modules/disko/impermanence-disko.nix { device = "/dev/nvme0n1"; } ) + ./nixos/modules/impermanence #nur.nixosModules.nur ./nixos/configuration.nix ./nixos/nvidia.nix ./nixos/homepc-hardware-conf.nix - inputs.home-manager.nixosModules.default - stylix.nixosModules.stylix ./nixos/libvirt.nix #nix-flatpak.nixosModules.default - ]; + ] ++ general-modules; }; "${username}-mac" = nixpkgs.lib.nixosSystem { specialArgs = { @@ -76,8 +97,10 @@ hostname = "${username}-mac"; isLaptop = true; system = arm; + useImpermanence = false; }; inherit username; + inherit first-nixos-install; inherit inputs; }; system = arm; @@ -96,9 +119,7 @@ inputs.apple-silicon-support.nixosModules.default ./nixos/mac-hardware-conf.nix ./nixos/macos/configuration.nix - inputs.home-manager.nixosModules.default - stylix.nixosModules.stylix - ]; + ] ++ general-modules; }; }; }; diff --git a/nixos/configuration.nix b/nixos/configuration.nix index 8223ca7..40d221d 100644 --- a/nixos/configuration.nix +++ b/nixos/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ config, lib, pkgs, stylix, hwconfig, username, nixvim, inputs, ... }: +{ config, lib, pkgs, stylix, hwconfig, first-nixos-install, username, nixvim, inputs, ... }: { imports = [ # Include the results of the hardware scan. @@ -314,7 +314,7 @@ }; home-manager = { - extraSpecialArgs = {inherit pkgs; inherit hwconfig; inherit username; inherit nixvim; inherit inputs;}; + extraSpecialArgs = {inherit pkgs; inherit hwconfig; inherit username; inherit first-nixos-install; inherit nixvim; inherit inputs;}; users = { "${username}" = import ./home.nix; }; diff --git a/nixos/fastfetch/default.nix b/nixos/fastfetch/default.nix index d156c4b..5a715d8 100644 --- a/nixos/fastfetch/default.nix +++ b/nixos/fastfetch/default.nix @@ -1,3 +1,4 @@ +{ hwconfig, first-nixos-install, ... }: { programs.fastfetch = { enable = true; @@ -84,14 +85,14 @@ "break" { type = "custom"; - format = "┌────────────────────Uptime / Age────────────────────┐"; + format = "┌────────────────────Age / Uptime────────────────────┐"; } { type = "command"; key = "│  "; text = #bash '' - birth_install=$(stat -c %W /) + birth_install=${if hwconfig.useImpermanence then "${first-nixos-install}" else "$(stat -c %W /)"} current=$(date +%s) delta=$((current - birth_install)) delta_days=$((delta / 86400)) diff --git a/nixos/home.nix b/nixos/home.nix index 801a1dd..7beffe7 100644 --- a/nixos/home.nix +++ b/nixos/home.nix @@ -1,4 +1,4 @@ -{ config, pkgs, stylix, hwconfig, username, inputs, ... }: +{ config, pkgs, stylix, hwconfig, first-nixos-install, username, inputs, ... }: let #nur = import (builtins.fetchTarball { @@ -17,7 +17,7 @@ ./nixvim ./fastfetch #"${if hostname != "nixosbtw" then ./macos/homemac.nix else ./empty.nix }" - ]; + ] ++ if hwconfig.useImpermanence then [ ./modules/impermanence/home.nix ] else []; # Home Manager needs a bit of information about you and the paths it should # manage. home.username = username; diff --git a/nixos/homepc-hardware-conf.nix b/nixos/homepc-hardware-conf.nix index c007890..8fb7993 100644 --- a/nixos/homepc-hardware-conf.nix +++ b/nixos/homepc-hardware-conf.nix @@ -8,32 +8,18 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/10040de2-c5df-42c9-94fa-d6d9d76397f4"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/9973-FDA6"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/88d26139-5a1c-4ced-bd0f-a0f118d7e773"; } - ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's # still possible to use this option, but it's recommended to use it in conjunction # with explicit per-interface declarations with `networking.interfaces..useDHCP`. networking.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.virbr0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; diff --git a/nixos/modules/disko/impermanence-disko.nix b/nixos/modules/disko/impermanence-disko.nix new file mode 100644 index 0000000..10f240b --- /dev/null +++ b/nixos/modules/disko/impermanence-disko.nix @@ -0,0 +1,76 @@ +{ + device ? throw "Set this to your disk device, e.g. /dev/sda", + ... +}: { + disko.devices = { + disk.main = { + inherit device; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + swap = { + size = "32G"; + content = { + type = "swap"; + resumeDevice = true; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "lvm_pv"; + vg = "root_vg"; + }; + }; + }; + }; + }; + lvm_vg = { + root_vg = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + + subvolumes = { + "/root" = { + mountpoint = "/"; + }; + + "/persist" = { + mountOptions = ["subvol=persist" "noatime"]; + mountpoint = "/persist"; + }; + + "/nix" = { + mountOptions = ["subvol=nix" "noatime"]; + mountpoint = "/nix"; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/nixos/modules/impermanence/default.nix b/nixos/modules/impermanence/default.nix new file mode 100644 index 0000000..8862597 --- /dev/null +++ b/nixos/modules/impermanence/default.nix @@ -0,0 +1,47 @@ +{ ... }: +{ + + fileSystems."/persist".neededForBoot = true; + environment.persistence."/persist/system" = { + hideMounts = true; + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/bluetooth" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + "/etc/NetworkManager/system-connections" + { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; } + ]; + files = [ + "/etc/machine-id" + { file = "/var/keys/secret_file"; parentDirectory = { mode = "u=rwx,g=,o="; }; } + ]; + }; + + programs.fuse.userAllowOther = true; + boot.initrd.postDeviceCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/root_vg/root /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; +} diff --git a/nixos/modules/impermanence/home.nix b/nixos/modules/impermanence/home.nix new file mode 100644 index 0000000..eaaa4fa --- /dev/null +++ b/nixos/modules/impermanence/home.nix @@ -0,0 +1,29 @@ +{ username, ... }: +{ + imports = [ + inputs.impermanence.nixosModules.home-manager.impermanence + ]; + home.persistence."/persist/home/${username}" = { + directories = [ + "Downloads" + "Music" + "Pictures" + "Documents" + "Videos" + "VirtualBox VMs" + ".gnupg" + ".ssh" + ".nixops" + ".local/share/keyrings" + ".local/share/direnv" + { + directory = ".local/share/Steam"; + method = "symlink"; + } + ]; + files = [ + ".screenrc" + ]; + allowOther = true; + }; +}