Put impermanence behind an option to make kopia work.

2024-09-25 10:33:27 +01:00
parent 92a59e004a
commit c565aba76c
2 changed files with 74 additions and 59 deletions
--- a/common/impermanence.nix
+++ b/common/impermanence.nix
@@ -1,71 +1,84 @@
-{ pkgs, inputs, ... }:
+{ pkgs, inputs, lib, config, ... }:
+let
+  cfg = config.custom.impermanence;
+in
 {
-  environment.persistence = {
-    "/persist" = {
-      directories = [ "/var/lib/nixos" ];
-      files = [
-        "/etc/machine-id"
-        "/etc/ssh/ssh_host_ed25519_key"
-        "/etc/ssh/ssh_host_ed25519_key.pub"
-        "/etc/ssh/ssh_host_rsa_key"
-        "/etc/ssh/ssh_host_rsa_key.pub"
-      ];
+  options.custom.impermanence = {
+    enable = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = "Enable impermanent root fs";
    };
  };

-  fileSystems."/".options = [
-    "compress=zstd"
-    "noatime"
-  ];
-  fileSystems."/nix".options = [
-    "compress=zstd"
-    "noatime"
-  ];
-  fileSystems."/persist".options = [
-    "compress=zstd"
-    "noatime"
-  ];
-  fileSystems."/persist".neededForBoot = true;
-  fileSystems."/var/log".options = [
-    "compress=zstd"
-    "noatime"
-  ];
-  fileSystems."/var/log".neededForBoot = true;
+  config = lib.mkIf cfg.enable {
+    environment.persistence = {
+      "/persist" = {
+        directories = [ "/var/lib/nixos" ];
+        files = [
+          "/etc/machine-id"
+          "/etc/ssh/ssh_host_ed25519_key"
+          "/etc/ssh/ssh_host_ed25519_key.pub"
+          "/etc/ssh/ssh_host_rsa_key"
+          "/etc/ssh/ssh_host_rsa_key.pub"
+        ];
+      };
+    };

-  users.mutableUsers = false;
+    fileSystems."/".options = [
+      "compress=zstd"
+      "noatime"
+    ];
+    fileSystems."/nix".options = [
+      "compress=zstd"
+      "noatime"
+    ];
+    fileSystems."/persist".options = [
+      "compress=zstd"
+      "noatime"
+    ];
+    fileSystems."/persist".neededForBoot = true;
+    fileSystems."/var/log".options = [
+      "compress=zstd"
+      "noatime"
+    ];
+    fileSystems."/var/log".neededForBoot = true;

-  # rollback results in sudo lectures after each reboot
-  security.sudo.extraConfig = ''
-    Defaults lecture = never
-  '';
+    users.mutableUsers = false;

-  # needed for allowOther in the home-manager impermanence config
-  programs.fuse.userAllowOther = true;
+    # rollback results in sudo lectures after each reboot
+    security.sudo.extraConfig = ''
+      Defaults lecture = never
+    '';

-  # reset / at each boot
-  # Note `lib.mkBefore` is used instead of `lib.mkAfter` here.
-  boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
-    mkdir /mnt
-    mount /dev/mapper/luksroot /mnt
-    if [[ -e /mnt/root ]]; then
-        mkdir -p /mnt/old_roots
-        timestamp=$(date --date="@$(stat -c %Y /mnt/root)" "+%Y-%m-%-d_%H:%M:%S")
-        mv /mnt/root "/mnt/old_roots/$timestamp"
-    fi
+    # needed for allowOther in the home-manager impermanence config
+    programs.fuse.userAllowOther = true;

-    delete_subvolume_recursively() {
-        IFS=$'\n'
-        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
-            delete_subvolume_recursively "/mnt/$i"
-        done
-        btrfs subvolume delete "$1"
-    }
+    # reset / at each boot
+    # Note `lib.mkBefore` is used instead of `lib.mkAfter` here.
+    boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
+      mkdir /mnt
+      mount /dev/mapper/luksroot /mnt
+      if [[ -e /mnt/root ]]; then
+          mkdir -p /mnt/old_roots
+          timestamp=$(date --date="@$(stat -c %Y /mnt/root)" "+%Y-%m-%-d_%H:%M:%S")
+          mv /mnt/root "/mnt/old_roots/$timestamp"
+      fi

-    for i in $(find /mnt/old_roots/ -maxdepth 1 -mtime +30); do
-        delete_subvolume_recursively "$i"
-    done
+      delete_subvolume_recursively() {
+          IFS=$'\n'
+          for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+              delete_subvolume_recursively "/mnt/$i"
+          done
+          btrfs subvolume delete "$1"
+      }

-    btrfs subvolume create /mnt/root
-    umount /mnt
-  '';
+      for i in $(find /mnt/old_roots/ -maxdepth 1 -mtime +30); do
+          delete_subvolume_recursively "$i"
+      done
+
+      btrfs subvolume create /mnt/root
+      umount /mnt
+    '';
+  };
 }