adtya/configuration.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use btrfs and snapshotting for impermanence

Browse source
This commit is contained in:
Adithya 2023-04-26 22:57:32 +05:30
parent 74ee94fba0
commit 26457aa7e9
Signed by: adtya
GPG key ID: 48FC9915FFD326D0
5 changed files with 42 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
home/default.nix
View file

@ -5,12 +5,6 @@ in
{ {
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
fileSystems."/home/${user.primary.userName}" = {
device = "tmpfs";
fsType = "tmpfs";
options = [ "mode=0755" "uid=1000" "gid=100" ];
};
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.users.${user.primary.userName} = { pkgs, ... }: { home-manager.users.${user.primary.userName} = { pkgs, ... }: {
@ -31,9 +25,11 @@ in
xdg.mimeApps.enable = true; xdg.mimeApps.enable = true;
xdg.userDirs.enable = true; xdg.userDirs.enable = true;
xdg.desktopEntries."nixos-manual".name = "NixOS Manual"; xdg.desktopEntries."nixos-manual" = {
xdg.desktopEntries."nixos-manual".exec = "nixos-help"; name = "NixOS Manual";
xdg.desktopEntries."nixos-manual".noDisplay = true; exec = "nixos-help";
noDisplay = true;
};
home.stateVersion = "23.05"; home.stateVersion = "23.05";
}; };

1
hosts/skipper/default.nix
View file

@ -5,6 +5,7 @@
./services ./services
./persistence.nix ./persistence.nix
./plymouth.nix ./plymouth.nix
./rollback.nix
./secureboot.nix ./secureboot.nix
./security.nix ./security.nix
./virtualisation.nix ./virtualisation.nix

1
hosts/skipper/hardware/default.nix
View file

@ -12,6 +12,7 @@
}; };
loader.efi.canTouchEfiVariables = true; loader.efi.canTouchEfiVariables = true;
resumeDevice = "/dev/vg0/swap"; resumeDevice = "/dev/vg0/swap";
supportedFilesystems = [ "btrfs" ];
}; };
swapDevices = [{ device = "/dev/vg0/swap"; }]; swapDevices = [{ device = "/dev/vg0/swap"; }];

19
hosts/skipper/hardware/filesystem.nix
View file

@ -1,33 +1,38 @@
{ ... }: { { ... }: {
fileSystems = { fileSystems = {
"/" = { "/" = {
device = "tmpfs"; device = "/dev/vg0/system";
fsType = "tmpfs"; fsType = "btrfs";
options = [ "defaults" "uid=0" "gid=0" "mode=0755" ]; options = [ "subvol=@root" "compress-force=zstd" "noatime" ];
neededForBoot = true; neededForBoot = true;
}; };
"/home" = {
device = "/dev/vg0/system";
fsType = "btrfs";
options = [ "subvol=@home" "compress-force=zstd" "noatime" ];
};
"/nix" = { "/nix" = {
device = "/dev/vg0/system"; device = "/dev/vg0/system";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@nix" "compress-force=zstd" ]; options = [ "subvol=/@nix" "compress-force=zstd" "noatime" ];
neededForBoot = true; neededForBoot = true;
}; };
"/persist" = { "/persist" = {
device = "/dev/vg0/system"; device = "/dev/vg0/system";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@persist" "compress-force=zstd" ]; options = [ "subvol=/@persist" "compress-force=zstd" "noatime" ];
neededForBoot = true; neededForBoot = true;
}; };
"/tmp" = { "/tmp" = {
device = "/dev/vg0/system"; device = "/dev/vg0/system";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/@tmp" "compress-force=zstd" "nosuid" "nodev" ]; options = [ "subvol=/@tmp" "compress-force=zstd" "nosuid" "nodev" "noatime" ];
neededForBoot = true; neededForBoot = true;
}; };
"/mnt/system" = { "/mnt/system" = {
device = "/dev/vg0/system"; device = "/dev/vg0/system";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=/" "compress-force=zstd" ]; options = [ "subvol=/" "compress-force=zstd" "noatime" ];
}; };
"/boot" = { "/boot" = {
device = "/dev/disk/by-partlabel/ESP"; device = "/dev/disk/by-partlabel/ESP";

23
hosts/skipper/rollback.nix
View file

@ -1,27 +1,32 @@
{ lib, ... }: { { ... }: {
boot.initrd.postDeviceCommands = lib.mkBefore '' boot.initrd.systemd.services.rollback = {
description = "Rollback root subvolume to blank state";
wantedBy = [ "initrd.target" ];
after = [ "dev-vg0-system.device" ];
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
mkdir -p /mnt mkdir -p /mnt
mount -o subvol=/ /dev/vg0/system /mnt mount -o subvol=/ /dev/vg0/system /mnt
btrfs subvolume list -o /mnt | btrfs subvolume list -o /mnt/@root | cut -f9 -d' ' | while read subvolume; do
cut -f9 -d' ' |
while read subvolume; do
echo "deleting /$subvolume subvolume..." echo "deleting /$subvolume subvolume..."
btrfs subvolume delete "/mnt/$subvolume" btrfs subvolume delete "/mnt/$subvolume"
done && done &&
echo "deleting /root subvolume..." && echo "deleting /root subvolume..." &&
btrfs subvolume delete "/mnt/@root" btrfs subvolume delete "/mnt/@root"
echo "restoring blank /root subvolume..." echo "restoring blank /root subvolume..."
btrfs subvolume snapshot /mnt/@root-blank /mnt/@root btrfs subvolume snapshot "/mnt/@root-blank" "/mnt/@root"
echo "deleting /home subvolume..." echo "deleting /home subvolume..."
btrfs subvolume delete /mnt/@home btrfs subvolume delete "/mnt/@home"
echo "restoring blank /home subvolume..." echo "restoring blank /home subvolume..."
btrfs subvolume snapshot /mnt/@home-blank /mnt/@home btrfs subvolume snapshot "/mnt/@home-blank" "/mnt/@home"
umount /mnt umount /mnt
''; '';
};
} }