Add chromium

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>

hosts/common/system/configs/impermanence/default.nix

@@ -0,0 +1,43 @@
+{ inputs, pkgs, ... }:
+{
+  imports = [ inputs.impermanence.nixosModules.impermanence ];
+
+  boot.initrd.systemd =
+    let
+      bins = with pkgs; [
+        coreutils
+        util-linux
+        findutils
+        btrfs-progs
+      ];
+    in
+    {
+      initrdBin = bins;
+
+      services.impermanence = {
+        description = "Rollback BTRFS subvolumes to a pristine state";
+
+        serviceConfig.Type = "oneshot";
+        wantedBy = [ "initrd.target" ];
+        before = [ "sysroot.mount" ];
+        after = [ "cryptsetup.target" ];
+        unitConfig.DefaultDependencies = "no";
+
+        path = bins;
+        script = builtins.readFile ./impermanence.sh;
+      };
+    };
+
+  fileSystems."/persist".neededForBoot = true;
+
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    directories = [
+      "/etc/nixos"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/var/log"
+    ];
+    files = [ "/etc/machine-id" ];
+  };
+}

hosts/common/system/configs/impermanence/impermanence.sh

@@ -0,0 +1,25 @@
+delete_subvolume_recursively() {
+  IFS=$'\n'
+  for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+    delete_subvolume_recursively "/mnt/btrfs/$i"
+  done
+  btrfs subvolume delete "$1"
+}
+
+mkdir -p /mnt/btrfs
+mount /dev/mapper/luks /mnt/btrfs
+
+if [[ -e /mnt/btrfs/@ ]]; then
+  mkdir -p /mnt/btrfs/@.bak
+  timestamp=$(date --date="@$(stat -c %Y /mnt/btrfs/@)" "+%Y-%m-%-d_%H:%M:%S")
+  mv /mnt/btrfs/@ "/mnt/btrfs/@.bak/$timestamp"
+fi
+
+find /mnt/btrfs/@.bak/ -maxdepth 1 -mtime +14 | while IFS= read -r i; do
+  delete_subvolume_recursively "$i"
+done
+
+btrfs subvolume create /mnt/btrfs/@
+
+umount /mnt/btrfs
+rmdir /mnt/btrfs