impermanence: service init

2024-12-31 16:00:33 +01:00 · 2024-12-31 16:00:33 +01:00 · 8826591295
commit 8826591295
parent c2c5cdf50b
1 changed files with 67 additions and 0 deletions
--- a/services/impermanence.nix
+++ b/services/impermanence.nix
@ -0,0 +1,67 @@
+{
+  lib,
+  config,
+  impermanence,
+  ...
+}:
+
+with lib;
+let
+  persistUser = user: {
+    inherit (user) name;
+    value = {
+      directories = [
+        ".config/home-manager"
+        ".local/state"
+        {
+          directory = ".gnupg";
+          mode = "0700";
+        }
+        {
+          directory = ".ssh";
+          mode = "0700";
+        }
+      ];
+    };
+  };
+in
+{
+  imports = [
+    impermanence.nixosModules.impermanence
+  ];
+}
+// mkIf (elem "impermanence" config.machine.services) {
+  environment.persistence."/persist" = {
+    hideMounts = true;
+    directories =
+      [
+        "/etc/nixos"
+        # Stores auto assigned user/group ids
+        "/var/lib/nixos"
+        "/var/log"
+        # User directories
+      ]
+      ++ optional config.services.ollama.enable "/var/lib/private/ollama"
+      ++ optional config.programs.virt-manager.enable "/var/lib/libvirt"
+      ++ optional config.networking.networkmanager.enable "/etc/NetworkManager/system-connections"
+      ++ optionals config.virtualisation.podman.enable [
+        "/var/lib/containers/storage"
+        "/run/containers/storage"
+      ];
+
+    files =
+      [
+        "/etc/machine-id"
+      ]
+      # remember last user and user sessions
+      ++ optional config.programs.regreet.enable "/var/cache/regreet/cache.toml"
+      ++ optional config.services.printing.enable "/etc/staticcups/printers.conf"
+      ++ optionals config.services.openssh.enable [
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+      ];
+    users = listToAttrs (map persistUser config.machine.administrators);
+  };
+}