Use impermanence

2024-12-12 01:38:47 -07:00
parent 3f846d783a
commit 0350752a50
4 changed files with 136 additions and 84 deletions
--- a/modules/home/impermanence.nix
+++ b/modules/home/impermanence.nix
@@ -0,0 +1,58 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.sydnix.impermanence;
+in {
+  options = {
+    sydnix.impermanence = {
+      enable = mkOption {
+        description = "Enable Impermanence";
+        type = types.bool;
+        default = false;
+      };
+
+      directories = mkOption {
+        description = "";
+        type = with types;
+          listOf (coercedTo str (d: { directory = d; }) userDir);
+        default = [];
+      };
+
+      files = mkOption {
+        description = "";
+        type = with types;
+          listOf (coercedTo str (f: { file = f; }) userFile);
+        default = [];
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    systemd.services.erase-home-darlings =
+      let service = {
+            description = "Rollback home to a blank state on boot";
+            wantedBy = [
+              "multi-user.target"
+            ];
+            after = [
+              "home.mount"
+            ];
+            path = [ pkgs.zfs pkgs.babashka ];
+            # unitConfig.DefaultDependencies = "no";
+            serviceConfig = {
+              Type = "oneshot";
+              RemainAfterExit = true;
+              ExecStart =
+                let script = ./erase-home-darlings.clj;
+                in ''${pkgs.babashka}/bin/bb "${script}" 3'';
+            };
+            stopIfChanged = false;
+            restartIfChanged = false;
+          };
+      in if config.boot.initrd.systemd.enable
+         then service
+         else throw "sydnix.impermanence currently requires config.boot.initrd.systemd.enable'!";
+  };
+}
--- a/modules/nixos/impermanence.nix
+++ b/modules/nixos/impermanence.nix
@@ -0,0 +1,66 @@
+# Requires boot.initrd.enable = true and boot.initrd.systemd.enable = true!
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.sydnix.impermanence;
+in {
+  options = {
+    sydnix.impermanence = {
+      enable = mkOption {
+        description = "Enable Impermanence";
+        type = types.bool;
+        default = false;
+      };
+
+      directories = mkOption {
+        description = "";
+        type = with types; listOf anything;
+        default = [];
+      };
+
+      files = mkOption {
+        description = "";
+
+        type = with types; listOf anything;
+        default = [];
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    boot.initrd.systemd.initrdBin = with pkgs; [
+      zfs
+    ];
+
+    boot.initrd.systemd.services.erase-darlings = {
+      description = "Rollback filesystem to a blank state on boot";
+      wantedBy = [
+        "initrd.target"
+      ];
+      after = [
+        # "zfs-import.service"
+        "zfs-import-rpool.service"
+      ];
+      before = [
+        "sysroot.mount"
+      ];
+      path = [ pkgs.zfs ];
+      unitConfig.DefaultDependencies = "no";
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = /* bash */ ''
+      zfs rollback -r rpool/local/root@blank \
+        && echo ">> >> rollback complete << <<"
+    '';
+    };
+
+    environment.persistence."/persist" = {
+        directories = cfg.directories;
+        files = cfg.files;
+    };
+  };
+}