Add impermanence create option
Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
This commit is contained in:
		| @@ -18,7 +18,7 @@ | ||||
|   }; | ||||
|  | ||||
|   environment = { | ||||
|     persistence."/persist/state"."/var/lib/docker" = { }; | ||||
|     persistence."/persist/state"."/var/lib/docker".create = "directory"; | ||||
|     systemPackages = with pkgs; [ docker-compose ]; | ||||
|   }; | ||||
|  | ||||
|   | ||||
| @@ -1,9 +1,4 @@ | ||||
| { | ||||
|   config, | ||||
|   lib, | ||||
|   pkgs, | ||||
|   ... | ||||
| }: | ||||
| { config, pkgs, ... }: | ||||
| { | ||||
|   imports = [ ./options.nix ]; | ||||
|  | ||||
|   | ||||
| @@ -121,6 +121,16 @@ in | ||||
|                         type = str; | ||||
|                         readOnly = true; | ||||
|                       }; | ||||
|  | ||||
|                       create = mkOption { | ||||
|                         type = enum [ | ||||
|                           "none" | ||||
|                           "file" | ||||
|                           "directory" | ||||
|                         ]; | ||||
|                         default = "none"; | ||||
|                         description = "Whether to create the file or directory in persistence if it does not exist."; | ||||
|                       }; | ||||
|                     }; | ||||
|                   } | ||||
|                 ) | ||||
| @@ -257,6 +267,7 @@ in | ||||
|                 source=${lib.strings.escapeShellArg c._sourceRoot} | ||||
|                 target=${lib.strings.escapeShellArg c._targetRoot} | ||||
|                 path=${lib.strings.escapeShellArg c.path} | ||||
|                 create=${lib.strings.escapeShellArg c.create} | ||||
|  | ||||
|                 ${builtins.readFile ./scripts/start.sh} | ||||
|               ''; | ||||
| @@ -264,6 +275,7 @@ in | ||||
|                 source=${lib.strings.escapeShellArg c._sourceRoot} | ||||
|                 target=${lib.strings.escapeShellArg c._targetRoot} | ||||
|                 path=${lib.strings.escapeShellArg c.path} | ||||
|                 create=${lib.strings.escapeShellArg c.create} | ||||
|  | ||||
|                 ${builtins.readFile ./scripts/stop.sh} | ||||
|               ''; | ||||
|   | ||||
| @@ -1,22 +1,49 @@ | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| # shellcheck disable=SC2154 | ||||
| echo "Starting impermanence mount with source: $source, target: $target, path: $path." | ||||
| echo "Starting impermanence mount with source: $source, target: $target, path: $path, create: $create" | ||||
|  | ||||
| source_current="$source" | ||||
| target_current="$target" | ||||
|  | ||||
| IFS='/' read -ra path_parts <<< "$path" | ||||
| unset "path_parts[-1]" | ||||
| IFS='/' read -ra parts <<< "$path" | ||||
| leaf="${parts[-1]}" | ||||
|  | ||||
| for part in "${path_parts[@]}"; do | ||||
|   source_current="$source_current/$part" | ||||
|   target_current="$target_current/$part" | ||||
| for part in "${parts[@]}"; do | ||||
|   source_current+="/$part" | ||||
|   target_current+="/$part" | ||||
|  | ||||
|   if [[ ! -d "$source_current" ]]; then | ||||
|   if [[ -e "$source_current" ]]; then | ||||
|     read -r mode owner group <<< "$(stat -c '%a %u %g' "$source_current")" | ||||
|  | ||||
|     if [[ -d "$source_current" ]]; then | ||||
|       install -d -m "$mode" -o "$owner" -g "$group" "$target_current" | ||||
|       continue | ||||
|     fi | ||||
|  | ||||
|     if [[ "$part" != "$leaf" ]]; then | ||||
|       echo "Error: $source_current is not a directory, persistence for $path can not be applied." | ||||
|       exit 1 | ||||
|     fi | ||||
|  | ||||
|     install -m "$mode" -o "$owner" -g "$group" /dev/null "$target_current" | ||||
|   fi | ||||
|  | ||||
|   if [[ "$create" == "none" ]]; then | ||||
|     break | ||||
|   fi | ||||
|  | ||||
|   read -r mode owner group <<< "$(stat -c '%a %u %g' "$source_current")" | ||||
|   install -d -m "$mode" -o "$owner" -g "$group" "$target_current" | ||||
|   if [[ -e "$target_current" ]]; then | ||||
|     template="$target_current" | ||||
|   else | ||||
|     template="${source_current%/*}" | ||||
|   fi | ||||
|  | ||||
|   read -r mode owner group <<< "$(stat -c '%a %u %g' "$template")" | ||||
|  | ||||
|   if [[ "$part" == "$leaf" && "$create" == "file" ]]; then | ||||
|     install -m "$mode" -o "$owner" -g "$group" /dev/null "$source_current" | ||||
|   else | ||||
|     install -d -m "$mode" -o "$owner" -g "$group" "$source_current" | ||||
|   fi | ||||
| done | ||||
|   | ||||
| @@ -1,7 +1,7 @@ | ||||
| # shellcheck shell=bash | ||||
|  | ||||
| # shellcheck disable=SC2154 | ||||
| echo "Stopping impermanence mount with source: $source, target: $target, path: $path." | ||||
| echo "Stopping impermanence mount with source: $source, target: $target, path: $path, create: $create" | ||||
|  | ||||
| source_current="$source" | ||||
| target_current="$target" | ||||
|   | ||||
| @@ -73,16 +73,17 @@ copy_keys() { | ||||
|  | ||||
|     local user | ||||
|     user=$(basename "$path") | ||||
|  | ||||
|     mkdir -p "$root/persist/state/home/$user/.config/sops-nix" | ||||
|     cp -f "$flake/secrets/$key/key.txt" "$root/persist/state/home/$user/.config/sops-nix/key.txt" | ||||
|   done | ||||
| } | ||||
|  | ||||
| set_permissions() { | ||||
|   for path in "$flake/hosts/$host/users"/*; do | ||||
|     local user | ||||
|     user=$(basename "$path") | ||||
|     chown -R "$(cat "$flake/hosts/$host/users/$user/uid"):100" "$root/persist/state/home/$user" | ||||
|     owner=$(cat "$flake/hosts/$host/users/$user/uid") | ||||
|     group=100 | ||||
|     chown "$owner:$group" \ | ||||
|       "$root/persist/state/home/$user" \ | ||||
|       "$root/persist/state/home/$user/.config" \ | ||||
|       "$root/persist/state/home/$user/.config/sops-nix" \ | ||||
|       "$root/persist/state/home/$user/.config/sops-nix/key.txt" | ||||
|   done | ||||
| } | ||||
|  | ||||
| @@ -144,26 +145,18 @@ main() { | ||||
|   set_password_file | ||||
|  | ||||
|   case "$mode" in | ||||
|     install) | ||||
|       prepare_disk "destroy,format,mount" | ||||
|       copy_keys | ||||
|       set_permissions | ||||
|       install | ||||
|       if [[ "$copy_config_flag" == "true" ]]; then copy_config; fi | ||||
|       if [[ "$reboot_flag" == "true" ]]; then finish; fi | ||||
|       ;; | ||||
|     repair) | ||||
|       prepare_disk "mount" | ||||
|       copy_keys | ||||
|       install | ||||
|       if [[ "$copy_config_flag" == "true" ]]; then copy_config; fi | ||||
|       if [[ "$reboot_flag" == "true" ]]; then finish; fi | ||||
|       ;; | ||||
|     install) prepare_disk "destroy,format,mount";; | ||||
|     repair) prepare_disk "mount";; | ||||
|     *) | ||||
|       echo "Invalid mode: $mode" | ||||
|       usage | ||||
|       ;; | ||||
|   esac | ||||
|  | ||||
|   copy_keys | ||||
|   install | ||||
|   [[ "$copy_config_flag" == "true" ]] && copy_config | ||||
|   [[ "$reboot_flag" == "true" ]] && finish | ||||
| } | ||||
|  | ||||
| main "$@" | ||||
|   | ||||
| @@ -14,7 +14,7 @@ | ||||
|   }; | ||||
|  | ||||
|   environment = { | ||||
|     persistence."/persist/state"."/var/lib/containers" = { }; | ||||
|     persistence."/persist/state"."/var/lib/containers".create = "directory"; | ||||
|  | ||||
|     systemPackages = with pkgs; [ | ||||
|       podman-compose | ||||
|   | ||||
| @@ -37,7 +37,7 @@ lib.mkMerge [ | ||||
|     }; | ||||
|   } | ||||
|   (lib.mkIf rootless { | ||||
|     environment.persistence."/persist/state"."${home}/.local/share/docker" = { }; | ||||
|     environment.persistence."/persist/state"."${home}/.local/share/docker".create = "directory"; | ||||
|  | ||||
|     systemd.user = { | ||||
|       services.docker.after = [ | ||||
|   | ||||
| @@ -9,7 +9,7 @@ | ||||
|   ... | ||||
| }: | ||||
| { | ||||
|   environment.persistence."/persist/state"."${home}/.local/share/containers" = { }; | ||||
|   environment.persistence."/persist/state"."${home}/.local/share/containers".create = "directory"; | ||||
|  | ||||
|   home-manager.users.${user} = { | ||||
|     imports = [ inputs.quadlet-nix.homeManagerModules.quadlet ]; | ||||
|   | ||||
| @@ -4,15 +4,9 @@ I have automated myself out of a job. How to use: | ||||
|  | ||||
| 1. Boot into installer | ||||
|  | ||||
| 2. Unlock luks partition | ||||
| 2. Connect to the internet with `sudo nmcli device wifi connect "<SSID>" [--ask]` | ||||
|  | ||||
| 3. Connect to the internet with `nmcli` | ||||
|  | ||||
|   ```bash | ||||
|   sudo nmcli device wifi connect "<SSID>" [--ask] | ||||
|   ``` | ||||
|  | ||||
| 4. Run `sudo nix-install /etc/nixos -m install|repair -h host [-k key] [-c] [-r]"` | ||||
| 3. Run `sudo nix-install /etc/nixos -m install|repair -h host [-k key] [-c] [-r]"` | ||||
|  | ||||
| ## Reinstalling the Installer | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user