94 lines
2.7 KiB
Nix
94 lines
2.7 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
impermanence,
|
|
...
|
|
}:
|
|
|
|
with lib;
|
|
let
|
|
persistUser = user: {
|
|
inherit (user) name;
|
|
value = {
|
|
directories = [
|
|
".config/home-manager"
|
|
".local/state"
|
|
{
|
|
directory = ".gnupg";
|
|
mode = "0700";
|
|
}
|
|
{
|
|
directory = ".ssh";
|
|
mode = "0700";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
in
|
|
{
|
|
imports = [
|
|
impermanence.nixosModules.impermanence
|
|
];
|
|
}
|
|
// mkIf (elem "impermanence" config.machine.services) {
|
|
environment.persistence."/persist" = {
|
|
hideMounts = true;
|
|
directories =
|
|
[
|
|
"/etc/nixos"
|
|
# Stores auto assigned user/group ids
|
|
"/var/lib/nixos"
|
|
"/var/log"
|
|
# User directories
|
|
]
|
|
++ optional config.services.ollama.enable "/var/lib/private/ollama"
|
|
++ optional config.services.mysql.enable "/var/lib/mysql"
|
|
++ optional config.programs.virt-manager.enable "/var/lib/libvirt"
|
|
++ optional config.networking.networkmanager.enable "/etc/NetworkManager/system-connections"
|
|
++ optional config.services.nginx.enable "/var/www"
|
|
++ optional config.services.forgejo.enable "/var/lib/forgejo"
|
|
++ optional config.services.radicale.enable config.services.radicale.settings.storage.filesystem_folder
|
|
++ optionals config.mailserver.enable [
|
|
"/var/lib/dovecot"
|
|
"/var/vmail"
|
|
]
|
|
++ optionals config.security.acme.acceptTerms [
|
|
"/etc/letsencrypt"
|
|
"/var/lib/acme"
|
|
]
|
|
++ optionals config.virtualisation.podman.enable [
|
|
"/var/lib/containers/storage"
|
|
"/run/containers/storage"
|
|
];
|
|
|
|
files =
|
|
[
|
|
"/etc/machine-id"
|
|
]
|
|
# remember last user and user sessions
|
|
++ optional config.programs.regreet.enable "/var/lib/regreet/state.toml"
|
|
++ optional config.services.printing.enable "/etc/staticcups/printers.conf"
|
|
++ optionals config.services.openssh.enable [
|
|
"/etc/ssh/ssh_host_ed25519_key"
|
|
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
"/etc/ssh/ssh_host_rsa_key"
|
|
"/etc/ssh/ssh_host_rsa_key.pub"
|
|
];
|
|
users = listToAttrs (map persistUser config.machine.administrators);
|
|
};
|
|
|
|
# link current home manager profile if it exists
|
|
# impermanence mounts come after system activation during boot
|
|
# we check the persistent location and link to the expected mount point
|
|
system.activationScripts.profile-init.text = concatStrings (
|
|
map (
|
|
user:
|
|
with user; # bash
|
|
''
|
|
if [[ -d /persist/home/${name}/.local/state/nix/profiles/profile ]]; then
|
|
ln -sfn /home/${name}/.local/state/nix/profiles/profile /home/${name}/.nix-profile
|
|
fi
|
|
''
|
|
) config.machine.administrators
|
|
);
|
|
}
|