karaolidis/nix
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add impermanence create option

Browse Source 
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
Nick Karaolidis
2025-05-30 00:13:21 +01:00
parent 3a03406b99
commit ba74461ed8
10 changed files with 71 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/common/configs/system/docker/default.nix
View File

@@ -18,7 +18,7 @@
}; };
environment = { environment = {
persistence."/persist/state"."/var/lib/docker" = { }; persistence."/persist/state"."/var/lib/docker".create = "directory";
systemPackages = with pkgs; [ docker-compose ]; systemPackages = with pkgs; [ docker-compose ];
}; };

7
hosts/common/configs/system/impermanence/default.nix
View File

@@ -1,9 +1,4 @@
{ { config, pkgs, ... }:
config,
lib,
pkgs,
...
}:
{ {
imports = [ ./options.nix ]; imports = [ ./options.nix ];

12
hosts/common/configs/system/impermanence/options.nix
View File

@@ -121,6 +121,16 @@ in
type = str; type = str;
readOnly = true; readOnly = true;
}; };
create = mkOption {
type = enum [
"none"
"file"
"directory"
];
default = "none";
description = "Whether to create the file or directory in persistence if it does not exist.";
};
}; };
} }
) )
@@ -257,6 +267,7 @@ in
source=${lib.strings.escapeShellArg c._sourceRoot} source=${lib.strings.escapeShellArg c._sourceRoot}
target=${lib.strings.escapeShellArg c._targetRoot} target=${lib.strings.escapeShellArg c._targetRoot}
path=${lib.strings.escapeShellArg c.path} path=${lib.strings.escapeShellArg c.path}
create=${lib.strings.escapeShellArg c.create}
${builtins.readFile ./scripts/start.sh} ${builtins.readFile ./scripts/start.sh}
''; '';
@@ -264,6 +275,7 @@ in
source=${lib.strings.escapeShellArg c._sourceRoot} source=${lib.strings.escapeShellArg c._sourceRoot}
target=${lib.strings.escapeShellArg c._targetRoot} target=${lib.strings.escapeShellArg c._targetRoot}
path=${lib.strings.escapeShellArg c.path} path=${lib.strings.escapeShellArg c.path}
create=${lib.strings.escapeShellArg c.create}
${builtins.readFile ./scripts/stop.sh} ${builtins.readFile ./scripts/stop.sh}
''; '';

45
hosts/common/configs/system/impermanence/scripts/start.sh
View File

@@ -1,22 +1,49 @@
# shellcheck shell=bash # shellcheck shell=bash
# shellcheck disable=SC2154 # shellcheck disable=SC2154
echo "Starting impermanence mount with source: $source, target: $target, path: $path." echo "Starting impermanence mount with source: $source, target: $target, path: $path, create: $create"
source_current="$source" source_current="$source"
target_current="$target" target_current="$target"
IFS='/' read -ra path_parts <<< "$path" IFS='/' read -ra parts <<< "$path"
unset "path_parts[-1]" leaf="${parts[-1]}"
for part in "${path_parts[@]}"; do for part in "${parts[@]}"; do
source_current="$source_current/$part" source_current+="/$part"
target_current="$target_current/$part" target_current+="/$part"
if [[ ! -d "$source_current" ]]; then if [[ -e "$source_current" ]]; then
read -r mode owner group <<< "$(stat -c '%a %u %g' "$source_current")"
if [[ -d "$source_current" ]]; then
install -d -m "$mode" -o "$owner" -g "$group" "$target_current"
continue
fi
if [[ "$part" != "$leaf" ]]; then
echo "Error: $source_current is not a directory, persistence for $path can not be applied."
exit 1
fi
install -m "$mode" -o "$owner" -g "$group" /dev/null "$target_current"
fi
if [[ "$create" == "none" ]]; then
break break
fi fi
read -r mode owner group <<< "$(stat -c '%a %u %g' "$source_current")" if [[ -e "$target_current" ]]; then
install -d -m "$mode" -o "$owner" -g "$group" "$target_current" template="$target_current"
else
template="${source_current%/*}"
fi
read -r mode owner group <<< "$(stat -c '%a %u %g' "$template")"
if [[ "$part" == "$leaf" && "$create" == "file" ]]; then
install -m "$mode" -o "$owner" -g "$group" /dev/null "$source_current"
else
install -d -m "$mode" -o "$owner" -g "$group" "$source_current"
fi
done done

2
hosts/common/configs/system/impermanence/scripts/stop.sh
View File

@@ -1,7 +1,7 @@
# shellcheck shell=bash # shellcheck shell=bash
# shellcheck disable=SC2154 # shellcheck disable=SC2154
echo "Stopping impermanence mount with source: $source, target: $target, path: $path." echo "Stopping impermanence mount with source: $source, target: $target, path: $path, create: $create"
source_current="$source" source_current="$source"
target_current="$target" target_current="$target"

37
hosts/common/configs/system/nix-install/install.sh
View File

@@ -73,16 +73,17 @@ copy_keys() {
local user local user
user=$(basename "$path") user=$(basename "$path")
mkdir -p "$root/persist/state/home/$user/.config/sops-nix" mkdir -p "$root/persist/state/home/$user/.config/sops-nix"
cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt" cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt"
done
}
set_permissions() { owner=$(cat "$flake/hosts/$host/users/$user/uid")
for path in "$flake/hosts/$host/users"/*; do group=100
local user chown "$owner:$group" \
user=$(basename "$path") "$root/persist/state/home/$user" \
chown -R "$(cat "$flake/hosts/$host/users/$user/uid"):100" "$root/persist/state/home/$user" "$root/persist/state/home/$user/.config" \
"$root/persist/state/home/$user/.config/sops-nix" \
"$root/persist/state/home/$user/.config/sops-nix/key.txt"
done done
} }
@@ -144,26 +145,18 @@ main() {
set_password_file set_password_file
case "$mode" in case "$mode" in
install) install) prepare_disk "destroy,format,mount";;
prepare_disk "destroy,format,mount" repair) prepare_disk "mount";;
copy_keys
set_permissions
install
if [[ "$copy_config_flag" == "true" ]]; then copy_config; fi
if [[ "$reboot_flag" == "true" ]]; then finish; fi
;;
repair)
prepare_disk "mount"
copy_keys
install
if [[ "$copy_config_flag" == "true" ]]; then copy_config; fi
if [[ "$reboot_flag" == "true" ]]; then finish; fi
;;
*) *)
echo "Invalid mode: $mode" echo "Invalid mode: $mode"
usage usage
;; ;;
esac esac
copy_keys
install
[[ "$copy_config_flag" == "true" ]] && copy_config
[[ "$reboot_flag" == "true" ]] && finish
} }
main "$@" main "$@"

2
hosts/common/configs/system/podman/default.nix
View File

@@ -14,7 +14,7 @@
}; };
environment = { environment = {
persistence."/persist/state"."/var/lib/containers" = { }; persistence."/persist/state"."/var/lib/containers".create = "directory";
systemPackages = with pkgs; [ systemPackages = with pkgs; [
podman-compose podman-compose

2
hosts/common/configs/user/console/docker/default.nix
View File

@@ -37,7 +37,7 @@ lib.mkMerge [
}; };
} }
(lib.mkIf rootless { (lib.mkIf rootless {
environment.persistence."/persist/state"."${home}/.local/share/docker" = { }; environment.persistence."/persist/state"."${home}/.local/share/docker".create = "directory";
systemd.user = { systemd.user = {
services.docker.after = [ services.docker.after = [

2
hosts/common/configs/user/console/podman/default.nix
View File

@@ -9,7 +9,7 @@
... ...
}: }:
{ {
environment.persistence."/persist/state"."${home}/.local/share/containers" = { }; environment.persistence."/persist/state"."${home}/.local/share/containers".create = "directory";
home-manager.users.${user} = { home-manager.users.${user} = {
imports = [ inputs.quadlet-nix.homeManagerModules.quadlet ]; imports = [ inputs.quadlet-nix.homeManagerModules.quadlet ];

10
hosts/installer/README.md
View File

@@ -4,15 +4,9 @@ I have automated myself out of a job. How to use:
1. Boot into installer 1. Boot into installer
2. Unlock luks partition 2. Connect to the internet with `sudo nmcli device wifi connect "<SSID>" [--ask]`
3. Connect to the internet with `nmcli` 3. Run `sudo nix-install /etc/nixos -m install|repair -h host [-k key] [-c] [-r]"`
```bash
sudo nmcli device wifi connect "<SSID>" [--ask]
```
4. Run `sudo nix-install /etc/nixos -m install|repair -h host [-k key] [-c] [-r]"`
## Reinstalling the Installer ## Reinstalling the Installer