feat(nixos): make persist options

2025-07-07 14:10:10 +08:00 · 2025-07-07 14:10:10 +08:00 · 6d43b0db3b
commit 6d43b0db3b
parent 4e74db3938
2 changed files with 66 additions and 23 deletions
--- a/nix/modules/machine/root/ephemeral.nix
+++ b/nix/modules/machine/root/ephemeral.nix
@ -1,23 +1,14 @@
-{
+{ config, lib, ... }:
  config,
  lib,
  inputs,
  ...
 }:
 let
  inherit (lib) mkMerge mkIf mkAfter;
 in
 {
  flake.modules.nixos.default =
    { hostName, ... }:
    let
      inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) root;
    in
    {
      imports = [ inputs.impermanence.nixosModules.impermanence ];
      config = mkMerge [
        # Ephemeral by default - assumes btrfs
-        (mkIf (root.ephemeral or true) {
+        (mkIf (config.flake.manifest.hosts.nixos.${hostName}.machine.root.ephemeral or true) {
          boot.initrd.postDeviceCommands = mkAfter ''
            mkdir /btrfs_tmp
            mount /dev/root_vg/root /btrfs_tmp
@ -26,18 +17,19 @@ in
              btrfs subvolume delete "/btrfs_tmp/root"
            fi
          '';
-          programs.fuse.userAllowOther = true;
+          persistFiles = [
-          fileSystems."/persist".neededForBoot = true;
+            #TODO: move to system config
-          environment.persistence."/persist" = {
+            "/etc/machine-id"
-            hideMounts = true;
+            #TODO: move to ssh config
-            files = [
+            "/etc/ssh/ssh_host_ed25519_key"
-              "/etc/ssh/ssh_host_ed25519_key"
+            "/etc/ssh/ssh_host_ed25519_key.pub"
-              "/etc/ssh/ssh_host_ed25519_key.pub"
+            "/etc/ssh/ssh_host_rsa_key"
-              "/etc/ssh/ssh_host_rsa_key"
+            "/etc/ssh/ssh_host_rsa_key.pub"
-              "/etc/ssh/ssh_host_rsa_key.pub"
+          ];
-              "/etc/machine-id"
+          persistDirs = [
-            ];
+            "/var/lib/systemd"
-          };
+            "/var/lib/nixos"
          ];
        })
      ];
    };
--- a/nix/modules/options/persist.nix
+++ b/nix/modules/options/persist.nix
@ -0,0 +1,51 @@
 {
  lib,
  inputs,
  config,
  ...
 }:
 let
  inherit (lib) mkOption;
  inherit (config.flake.lib.options) mkStrOption;
  inherit (lib.types)
    listOf
    str
    coercedTo
    submodule
    ;
  permOpts = {
    user = mkStrOption "root";
    group = mkStrOption "root";
    mode = mkStrOption "0755";
  };
  mkOpts =
    type: opts:
    mkOption {
      default = [ ];
      type = listOf (
        coercedTo str (d: { ${type} = d; }) (submodule {
          options = {
            ${type} = mkStrOption "";
          } // opts;
        })
      );
    };
 in
 {
  flake.modules.nixos.default =
    { config, ... }:
    {
      imports = [ inputs.impermanence.nixosModules.impermanence ];
      options.persistDirs = mkOpts "directory" permOpts;
      options.persistFiles = mkOpts "file" { parentDirectory = permOpts; };
      config = {
        programs.fuse.userAllowOther = true;
        fileSystems."/persist".neededForBoot = true;
        environment.persistence."/persist" = {
          hideMounts = true;
          directories = config.persistDirs;
          files = config.persistFiles;
        };
      };
    };
 }