feat(nixos): make persist options

2025-07-07 14:10:10 +08:00 · 2025-07-07 14:10:10 +08:00 · a6fdc1b6e6
commit a6fdc1b6e6
parent a83523bbf1
2 changed files with 66 additions and 23 deletions
--- a/nix/modules/machine/root/ephemeral.nix
+++ b/nix/modules/machine/root/ephemeral.nix
@ -1,23 +1,14 @@
-{
-  config,
-  lib,
-  inputs,
-  ...
-}:
+{ config, lib, ... }:
 let
  inherit (lib) mkMerge mkIf mkAfter;
 in
 {
  flake.modules.nixos.default =
    { hostName, ... }:
-    let
-      inherit (config.flake.manifest.hosts.nixos.${hostName}.machine) root;
-    in
    {
-      imports = [ inputs.impermanence.nixosModules.impermanence ];
      config = mkMerge [
        # Ephemeral by default - assumes btrfs
-        (mkIf (root.ephemeral or true) {
+        (mkIf (config.flake.manifest.hosts.nixos.${hostName}.machine.root.ephemeral or true) {
          boot.initrd.postDeviceCommands = mkAfter ''
            mkdir /btrfs_tmp
            mount /dev/root_vg/root /btrfs_tmp
@ -26,18 +17,19 @@ in
              btrfs subvolume delete "/btrfs_tmp/root"
            fi
          '';
-          programs.fuse.userAllowOther = true;
-          fileSystems."/persist".neededForBoot = true;
-          environment.persistence."/persist" = {
-            hideMounts = true;
-            files = [
-              "/etc/ssh/ssh_host_ed25519_key"
-              "/etc/ssh/ssh_host_ed25519_key.pub"
-              "/etc/ssh/ssh_host_rsa_key"
-              "/etc/ssh/ssh_host_rsa_key.pub"
-              "/etc/machine-id"
-            ];
-          };
+          persistFiles = [
+            #TODO: move to system config
+            "/etc/machine-id"
+            #TODO: move to ssh config
+            "/etc/ssh/ssh_host_ed25519_key"
+            "/etc/ssh/ssh_host_ed25519_key.pub"
+            "/etc/ssh/ssh_host_rsa_key"
+            "/etc/ssh/ssh_host_rsa_key.pub"
+          ];
+          persistDirs = [
+            "/var/lib/systemd"
+            "/var/lib/nixos"
+          ];
        })
      ];
    };
--- a/nix/modules/options/persist.nix
+++ b/nix/modules/options/persist.nix
@ -0,0 +1,51 @@
+{
+  lib,
+  inputs,
+  config,
+  ...
+}:
+let
+  inherit (lib) mkOption;
+  inherit (config.flake.lib.options) mkStrOption;
+  inherit (lib.types)
+    listOf
+    str
+    coercedTo
+    submodule
+    ;
+  permOpts = {
+    user = mkStrOption "root";
+    group = mkStrOption "root";
+    mode = mkStrOption "0755";
+  };
+  mkOpts =
+    type: opts:
+    mkOption {
+      default = [ ];
+      type = listOf (
+        coercedTo str (d: { ${type} = d; }) (submodule {
+          options = {
+            ${type} = mkStrOption "";
+          } // opts;
+        })
+      );
+    };
+in
+{
+  flake.modules.nixos.default =
+    { config, ... }:
+    {
+      imports = [ inputs.impermanence.nixosModules.impermanence ];
+      options.persistDirs = mkOpts "directory" permOpts;
+      options.persistFiles = mkOpts "file" { parentDirectory = permOpts; };
+      config = {
+        programs.fuse.userAllowOther = true;
+        fileSystems."/persist".neededForBoot = true;
+        environment.persistence."/persist" = {
+          hideMounts = true;
+          directories = config.persistDirs;
+          files = config.persistFiles;
+        };
+      };
+    };
+}