ringofstorms/dotfiles
ringofstorms/dotfiles
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

wip docs for remote deploys

Browse source
This commit is contained in:
RingOfStorms (Joshua Bell) 2025-12-17 22:31:49 -06:00
parent ece48b65b7
commit 827ba897ba
7 changed files with 1422 additions and 146 deletions
Download patch file Download diff file Expand all files Collapse all files

112
hosts/i001/flake.lock generated
View file

@ -3,11 +3,11 @@
"common": {
"locked": {
"dir": "flakes/common",
"lastModified": 1765991726,
"narHash": "sha256-oblFg2soKB7yi9DDXbzWKn8tnA1aoojKrA3+aVx+wb0=",
"lastModified": 1766010612,
"narHash": "sha256-3aKy/FcWFSeA/1bJbslAvWDSXLF4yygykt5OpHK6cTQ=",
"ref": "refs/heads/master",
"rev": "75b37cc9ec2014dd8dea941bb3faf9c0b665c6d0",
"revCount": 941,
"rev": "ece48b65b79ac2caf6c6be771a9f1809de8bc65b",
"revCount": 949,
"type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
},
@ -23,11 +23,11 @@
},
"locked": {
"dir": "flakes/de_plasma",
"lastModified": 1765991726,
"narHash": "sha256-oblFg2soKB7yi9DDXbzWKn8tnA1aoojKrA3+aVx+wb0=",
"lastModified": 1766010612,
"narHash": "sha256-3aKy/FcWFSeA/1bJbslAvWDSXLF4yygykt5OpHK6cTQ=",
"ref": "refs/heads/master",
"rev": "75b37cc9ec2014dd8dea941bb3faf9c0b665c6d0",
"revCount": 941,
"rev": "ece48b65b79ac2caf6c6be771a9f1809de8bc65b",
"revCount": 949,
"type": "git",
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
},
@ -37,6 +37,42 @@
"url": "https://git.joshuabell.xyz/ringofstorms/dotfiles"
}
},
"deploy-rs": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs_2",
"utils": "utils"
},
"locked": {
"lastModified": 1762286984,
"narHash": "sha256-9I2H9x5We6Pl+DBYHjR1s3UT8wgwcpAH03kn9CqtdQc=",
"owner": "serokell",
"repo": "deploy-rs",
"rev": "9c870f63e28ec1e83305f7f6cb73c941e699f74f",
"type": "github"
},
"original": {
"owner": "serokell",
"repo": "deploy-rs",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@ -61,7 +97,7 @@
},
"home-manager_2": {
"inputs": {
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1765979862,
@ -110,6 +146,22 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1743014863,
"narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1765762245,
"narHash": "sha256-3iXM/zTqEskWtmZs3gqNiVtRTsEjYAedIaLL0mSBsrk=",
@ -125,7 +177,7 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_4": {
"locked": {
"lastModified": 1765838191,
"narHash": "sha256-m5KWt1nOm76ILk/JSCxBM4MfK3rYY7Wq9/TZIIeGnT8=",
@ -141,7 +193,7 @@
"type": "github"
}
},
"nixpkgs_4": {
"nixpkgs_5": {
"locked": {
"lastModified": 1764776358,
"narHash": "sha256-MxXSCRiV7DI5U3Ra1UxVJTTUyKsONAE8+8QdSXsGIhA=",
@ -1043,15 +1095,16 @@
"inputs": {
"common": "common",
"de_plasma": "de_plasma",
"deploy-rs": "deploy-rs",
"home-manager": "home-manager_2",
"impermanence": "impermanence",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_4",
"ros_neovim": "ros_neovim"
}
},
"ros_neovim": {
"inputs": {
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_5",
"nvim_plugin-Almo7aya/openingh.nvim": "nvim_plugin-Almo7aya/openingh.nvim",
"nvim_plugin-CopilotC-Nvim/CopilotChat.nvim": "nvim_plugin-CopilotC-Nvim/CopilotChat.nvim",
"nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring": "nvim_plugin-JoosepAlviste/nvim-ts-context-commentstring",
@ -1142,6 +1195,39 @@
"repo": "rust-overlay",
"type": "github"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
}
},
"root": "root",

19
hosts/i001/flake.nix
View file

@ -11,7 +11,6 @@
ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim";
impermanence.url = "github:nix-community/impermanence";
# preservation.url = "github:nix-community/preservation";
};
outputs =
@ -36,7 +35,6 @@
};
modules = [
inputs.impermanence.nixosModules.impermanence
# inputs.preservation.nixosModules.preservation
inputs.home-manager.nixosModules.default
inputs.ros_neovim.nixosModules.default
@ -44,14 +42,14 @@
ringofstorms-nvim.includeAllRuntimeDependencies = true;
})
# inputs.de_plasma.nixosModules.default
# ({
# ringofstorms.dePlasma = {
# enable = true;
# gpu.intel.enable = true;
# sddm.autologinUser = "luser";
# };
# })
inputs.de_plasma.nixosModules.default
({
ringofstorms.dePlasma = {
enable = true;
gpu.intel.enable = true;
sddm.autologinUser = "luser";
};
})
inputs.common.nixosModules.essentials
inputs.common.nixosModules.git
@ -69,7 +67,6 @@
./hardware-mounts.nix
./impermanence.nix
./impermanence-tools.nix
# ./preservation.nix
(
{
config,

35
hosts/i001/impermanence-tools.sh
View file

@ -464,7 +464,7 @@ cmd_diff() {
# Build list of bind mounts backed by /persist so we can filter them out.
local persist_mounts
persist_mounts=$(awk '$2 ~ /^\/persist($|\//) { print $2 }' /proc/self/mounts || true)
persist_mounts=$(awk '$2 ~ "^/persist(/|$)" { print $2 }' /proc/self/mounts || true)
is_persist_backed() {
local p
@ -590,3 +590,36 @@ cmd_diff() {
browse_diff_tree "$snapshot_name" "$snapshot_dir" "$diff_list" "$initial_prefix"
rm -f "$diff_list"
}
main() {
if [ "$#" -lt 1 ]; then
usage
exit 1
fi
local cmd
cmd="$1"
shift || true
case "$cmd" in
gc)
cmd_gc "$@"
;;
ls)
cmd_ls "$@"
;;
diff)
cmd_diff "$@"
;;
--help|-h|help)
usage
;;
*)
echo "Unknown subcommand: $cmd" >&2
usage
exit 1
;;
esac
}
main "$@"

93
hosts/i001/preservation.nix
View file

@ -1,93 +0,0 @@
{ ... }:
{
preservation = {
enable = true;
# Preserve system-wide directories and files at /persist
preserveAt = {
"/persist" = {
commonMountOptions = [
"x-gvfs-hide"
"x-gdu.hide"
];
# Directories to persist (bind-mount by default)
directories = [
"/var/log"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/var/lib/systemd/timers"
"/etc/nixos"
"/etc/ssh"
"/etc/NetworkManager/system-connections"
"/var/lib/bluetooth"
"/var/lib/NetworkManager"
"/var/lib/iwd"
"/var/lib/fail2ban"
];
# Files to persist
files = [
# Persist machine-id early (initrd) via symlink for ConditionFirstBoot compatibility
{ file = "/etc/machine-id"; inInitrd = true; how = "symlink"; configureParent = true; }
# SSH host keys: ensure correct handling with symlinks
{ file = "/etc/ssh/ssh_host_rsa_key"; how = "symlink"; configureParent = true; }
{ file = "/etc/ssh/ssh_host_ed25519_key"; how = "symlink"; configureParent = true; }
];
# Per-user persistence
users = {
luser = {
directories = [
".ssh"
".gnupg"
"projects"
".config/nixos-config"
".config/atuin"
".local/share/atuin"
".local/share/zoxide"
# KDE
".config/kdeconnect"
# Chrome
".config/google-chrome"
# neovim ros_neovim
".local/state/nvim_ringofstorms_helium"
];
files = [ ];
};
};
};
};
};
# Configure intermediate system-wide directories that may need custom modes
# (Example: none required beyond defaults here.)
# Let systemd-machine-id-commit write the transient ID to the persistent volume.
# This avoids activation failure when /etc/machine-id is a symlink.
systemd.services.systemd-machine-id-commit = {
unitConfig.ConditionPathIsMountPoint = [
""
"/persist/etc/machine-id"
];
serviceConfig.ExecStart = [
""
"systemd-machine-id-setup --commit --root /persist"
];
};
# If you need custom ownership/modes for parent directories, use tmpfiles:
# systemd.tmpfiles.settings.preservation = {
# "/foo".d = { user = "foo"; group = "bar"; mode = "0775"; };
# "/foo/bar".d = { user = "bar"; group = "bar"; mode = "0755"; };
# };
}