Skip to content

Commit

Permalink
Setup impermanence on top of ZFS
Browse files Browse the repository at this point in the history
  • Loading branch information
Pierre Dal-Pra committed Mar 9, 2024
1 parent b7769d7 commit 5616c2a
Show file tree
Hide file tree
Showing 9 changed files with 140 additions and 11 deletions.
16 changes: 16 additions & 0 deletions flake.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
impermanence.url = "github:nix-community/impermanence";

# Flake libraries
flake-utils.url = "github:numtide/flake-utils";
Expand All @@ -39,6 +40,7 @@
, agenix
, home-manager
, disko
, impermanence
, flake-utils
, ...
}:
Expand Down Expand Up @@ -84,6 +86,7 @@
home-manager
agenix
disko
impermanence
system
revision;
};
Expand Down
10 changes: 8 additions & 2 deletions lib/mk-nixos.nix
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,20 @@ name: { lib
, home-manager
, agenix
, disko
, impermanence
, system
, revision
}:

let
pkgs = overlays system;
specialArgs = { inherit myLib; };
persistence = {
system = "/persistent-system";
homes = "/persistent-homes";
};
specialArgs = { inherit myLib impermanence persistence; };
baseConfig = _: {
age.identityPaths = [ "/etc/agenix/key" ];
age.identityPaths = [ "${persistence.system}/key" ];
system.configurationRevision = revision;
networking.hostName = name;
};
Expand All @@ -31,6 +36,7 @@ lib.nixosSystem {
../system/configuration.nix
specificConfig
diskoConfig
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
];
}
1 change: 1 addition & 0 deletions lib/overlays.nix
Original file line number Diff line number Diff line change
Expand Up @@ -21,3 +21,4 @@ import nixpkgs {
unstableOverlay
];
}

1 change: 1 addition & 0 deletions system/configuration.nix
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ _:
imports = [
./apps.nix
./users.nix
./impermanence.nix
./wm.nix
];

Expand Down
55 changes: 55 additions & 0 deletions system/impermanence.nix
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
{ lib, config, persistence, impermanence, ... }:

let
persistentHomePath = user: "${persistence.homes}/${user}";
in
{

environment.persistence.${persistence.system} = {
hideMounts = true;

files = [
"/etc/machine-id"
];
};

home-manager.users.pdalpra = {
imports = [
impermanence.nixosModules.home-manager.impermanence
];

home.persistence.pdalpra = {
persistentStoragePath = persistentHomePath "pdalpra";
allowOther = true;

directories = [
"Code"
"Desktop"
"Documents"
"Downloads"
"Music"
"Pictures"
"Videos"
".ssh"
".local/share/atuin"
];

};
};

system.activationScripts.persistent-dirs.text =
let
users = lib.attrValues config.users.users;
mkHomePersist = user:
let
path = persistentHomePath user.name;
in
lib.optionalString user.createHome ''
mkdir -p ${path}
chown ${user.name}:${user.group} ${path}
chmod ${user.homeMode} ${path}
'';
in
lib.concatLines (map mkHomePersist users);

}
4 changes: 4 additions & 0 deletions system/machines/vm/configuration.nix
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
{


# Required by ZFS
networking.hostId = "fcd4a364";

boot = {
initrd.availableKernelModules = [
"ata_piix"
Expand Down
59 changes: 50 additions & 9 deletions system/machines/vm/disks.nix
Original file line number Diff line number Diff line change
@@ -1,8 +1,32 @@
{ disks ? [ "/dev/sda" ], ... }:
{ config, lib, persistence, ... }:

let
mainDisk = builtins.elemAt disks 0;
mainDisk = "/dev/sda";
swapSize = "4G";
blankSnapshot = "main/root@blank";
poolName = "main";
zfs_fs = mountpoint: options: {
inherit mountpoint;
type = "zfs_fs";
options.mountpoint = "legacy";
} // options;
in
{
services.zfs.trim.enable = true;

fileSystems = {
${persistence.system}.neededForBoot = true;
${persistence.homes}.neededForBoot = true;
};

boot = {
supportedFilesystems = [ "zfs" ];
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
initrd.postDeviceCommands = lib.mkAfter ''
zfs rollback -r ${blankSnapshot} && echo "Blank snapshot restored"
'';
};

disko.devices = {
disk.main = {
device = mainDisk;
Expand All @@ -13,20 +37,23 @@ in
ESP = {
name = "ESP";
type = "EF00";
size = "512M";
size = "1G";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
name = "root";
end = "-2G";
luks = {
end = "-${swapSize}";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
type = "luks";
name = "encrypted";
extraOpenArgs = [ "--allow-discards" ];
content = {
type = "zfs";
pool = poolName;
};
};
};
swap = {
Expand All @@ -39,5 +66,19 @@ in
};
};
};
zpool.${poolName} = {
type = "zpool";
mode = ""; # unmirrored
options.ashift = "13"; # 8k blocks
rootFsOptions.canmount = "off";
datasets = {
root = zfs_fs "/" {
postCreateHook = "zfs snapshot ${blankSnapshot}";
};
nix = zfs_fs "/nix" { };
persistentSystem = zfs_fs persistence.system { };
persistentHomes = zfs_fs persistence.homes { };
};
};
};
}
2 changes: 2 additions & 0 deletions system/users.nix
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
age.secrets.pdalpra.file = ../secrets/pdalpra.age;
age.secrets.root.file = ../secrets/root.age;

programs.fuse.userAllowOther = true;

users = {
mutableUsers = false;
defaultUserShell = pkgs.bash;
Expand Down

0 comments on commit 5616c2a

Please sign in to comment.