try preservation

2025-12-17 00:51:28 -06:00 · 2025-12-17 00:51:28 -06:00 · e9b8c54312
commit e9b8c54312
parent 438f48ebf0
3 changed files with 87 additions and 3 deletions
--- a/hosts/i001/flake.nix
+++ b/hosts/i001/flake.nix
@ -10,7 +10,8 @@

    ros_neovim.url = "git+https://git.joshuabell.xyz/ringofstorms/nvim";

-    impermanence.url = "github:nix-community/impermanence";
+    # impermanence.url = "github:nix-community/impermanence";
+    preservation.url = "github:nix-community/preservation";
  };

  outputs =
@ -34,7 +35,8 @@
              inherit inputs;
            };
            modules = [
-              inputs.impermanence.nixosModules.impermanence
+              # inputs.impermanence.nixosModules.impermanence
+              inputs.preservation.nixosModules.preservation
              inputs.home-manager.nixosModules.default

              inputs.ros_neovim.nixosModules.default
@ -65,7 +67,8 @@

              ./hardware-configuration.nix
              ./hardware-mounts.nix
-              ./impermanence.nix
+              # ./impermanence.nix
+              ./preservation.nix
              (
                {
                  config,
--- a/hosts/i001/hardware-mounts.nix
+++ b/hosts/i001/hardware-mounts.nix
@ -64,6 +64,8 @@ lib.mkMerge [
        "X-mount.mkdir"
        "X-mount.subdir=@persist"
      ];
+      # NOTE for impermanence
+      neededForBoot = true;
    };
  }
  # SWAP (optional)
@ -139,10 +141,12 @@ lib.mkMerge [
      wantedBy = [
        # "initrd.target"
        "sysroot.mount"
+        "persist.mount"
        "initrd-root-fs.target"
      ];
      before = [
        "sysroot.mount"
+        "persist.mount"
        "initrd-root-fs.target"
      ];

--- a/hosts/i001/preservation.nix
+++ b/hosts/i001/preservation.nix
@ -0,0 +1,77 @@
+{ ... }:
+{
+  preservation = {
+    enable = true;
+
+    # Preserve system-wide directories and files at /persist
+    preserveAt = {
+      "/persist" = {
+        hideMounts = true;
+
+        # Directories to persist (bind-mount by default)
+        directories = [
+          "/var/log"
+          "/var/lib/nixos"
+          "/var/lib/systemd/coredump"
+          "/var/lib/systemd/timers"
+
+          "/etc/nixos"
+          "/etc/ssh"
+
+          "/etc/NetworkManager/system-connections"
+          "/var/lib/bluetooth"
+          "/var/lib/NetworkManager"
+          "/var/lib/iwd"
+          "/var/lib/fail2ban"
+        ];
+
+        # Files to persist
+        files = [
+          # Persist machine-id early (initrd)
+          { file = "/etc/machine-id"; inInitrd = true; }
+
+          # SSH host keys: ensure correct handling with symlinks
+          { file = "/etc/ssh/ssh_host_rsa_key"; how = "symlink"; configureParent = true; }
+          { file = "/etc/ssh/ssh_host_ed25519_key"; how = "symlink"; configureParent = true; }
+        ];
+
+        # Per-user persistence
+        users = {
+          luser = {
+            directories = [
+              ".ssh"
+              ".gnupg"
+
+              "projects"
+              ".config/nixos-config"
+
+              ".config/atuin"
+              ".local/share/atuin"
+
+              ".local/share/zoxide"
+
+              # KDE
+              ".config/kdeconnect"
+
+              # Chrome
+              ".config/google-chrome"
+
+              # neovim ros_neovim
+              ".local/state/nvim_ringofstorms_helium"
+            ];
+            files = [ ];
+          };
+        };
+      };
+    };
+  };
+
+  # Configure intermediate system-wide directories that may need custom modes
+  # (Example: none required beyond defaults here.)
+
+  # If you need custom ownership/modes for parent directories, use tmpfiles:
+  # systemd.tmpfiles.settings.preservation = {
+  #   "/foo".d = { user = "foo"; group = "bar"; mode = "0775"; };
+  #   "/foo/bar".d = { user = "bar"; group = "bar"; mode = "0755"; };
+  # };
+}