diff --git a/README.org b/README.org index 9f81b2c..4199daa 100644 --- a/README.org +++ b/README.org @@ -21,60 +21,41 @@ }; }; - outputs = { nixpkgs, ... }@inputs: { - nixosConfigurations = ( - <> - ); - }; -} -#+end_src + outputs = { nixpkgs, ... }@inputs: + let list-nix-directory = dir: + builtins.attrNames + (nixpkgs.lib.filterAttrs + (k: _v: nixpkgs.lib.hasSuffix ".nix" k) + (builtins.readDir dir)); + in { + # REVIEW: Why don't we put each module under nixosModules.? + nixosModules.default = + let modules = list-nix-directory ./modules/nixos; + in { ... }: { + imports = + let x = builtins.map (m: ./modules/nixos/${m}) modules; + in x; + }; -* Features + homeManagerModules.default = + let modules = list-nix-directory ./modules/home; + in { ... }: { + imports = builtins.map (m: ./modules/home/${m}) modules; + }; -What are referred to as /features/ here largely correspond to Nix modules, but are -not limited to Nix modules. + nixosConfigurations = ( + <> + ); -** Impermanence - -*** Flake input - -#+begin_src nix :noweb-ref flake-inputs -impermanence.url = "github:nix-community/impermanence"; -#+end_src - -*** Top-level module - -#+begin_src nix :tangle modules/system/impermanence.nix -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.sydnix.impermanence; -in { - options = { - sydnix.impermanence = { - <> + homeConfigurations = + let users = builtins.readDir ./users; + mkUser = username: _v: import ./users/${username}/default.nix; + in + builtins.mapAttrs mkUser users; }; - }; - - config = mkIf cfg.enable (mkMerge [ - - ]); } #+end_src -*** Options - -**** =enable= - -#+begin_src nix :noweb-ref sydnix-impermanence-options -enable = mkOption { - type = types.bool; - default = false; -}; -#+end_src - * Machines For every ~./hosts/NAME/configuration.nix~, define the system under the name ~NAME~. @@ -85,8 +66,25 @@ let mkHost = k: v: nixpkgs.lib.nixosSystem { system = import ./hosts/${k}/system.nix; modules = [ ./hosts/${k}/configuration.nix + + inputs.self.nixosModules.default + + inputs.disko.nixosModules.disko + # Directory name should always match host name. ({ ... }: { networking.hostName = k; }) + + # home-manager configuration. + inputs.home-manager.nixosModules.home-manager + ({ config, lib, self, ... }: { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + + home-manager.users = + lib.filterAttrs + (k: _v: builtins.elem k config.sydnix.users.users) + self.homeConfigurations; + }) ]; }; in @@ -101,94 +99,31 @@ builtins.mapAttrs mkHost (builtins.readDir ./hosts) imports = [ ./hardware-configuration.nix ./disko-config.nix - disko.nixosModules.disko ]; - # boot.initrd.postDeviceCommands = '' - # if zfs list -t snapshot -H -o name \ - # | grep -qE '^rpool/local/root@previous$'; then - # zfs destroy -r rpool/local/root@previous \ - # && echo ">> >> previous previous snapshot destroyed << <<" - # else - # echo ">> >> no previous previous snapshot found << <<" - # fi - - # zfs snapshot -r rpool/local/root@previous \ - # && echo ">> >> pre-rollback snapshot taken << <<" - - # zfs rollback -r rpool/local/root@blank \ - # && echo ">> >> rollback complete << <<" - # ''; - - # boot.initrd.supportedFilesystems = [ "zfs" ]; - # boot.supportedFilesystems = [ "zfs" ]; - - boot.initrd.enable = true; - boot.initrd.systemd.enable = true; - - boot.initrd.systemd.initrdBin = with pkgs; [ - zfs - coreutils - babashka - ]; - - boot.initrd.systemd.services.erase-darlings = { - description = "Rollback filesystem to a blank state on boot"; - wantedBy = [ - "initrd.target" + sydnix = { + users.users = [ + "crumb" ]; - after = [ - # "zfs-import.service" - "zfs-import-rpool.service" - ]; - before = [ - "sysroot.mount" - ]; - path = [ pkgs.zfs ]; - unitConfig.DefaultDependencies = "no"; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - }; - script = /* bash */ '' - zfs rollback -r rpool/local/root@blank \ - && echo ">> >> rollback complete << <<" - ''; }; - systemd.services.erase-home-darlings = { - description = "Rollback home to a blank state on boot"; - wantedBy = [ - "multi-user.target" - ]; - before = [ - # "basic.target" - ]; - after = [ - "home.mount" - ]; - path = [ pkgs.zfs pkgs.babashka ]; - # unitConfig.DefaultDependencies = "no"; - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = true; - ExecStart = - let script = ./erase-home-darlings.clj; - in ''${pkgs.babashka}/bin/bb "${script}" 3''; - }; - stopIfChanged = false; - restartIfChanged = false; - }; + boot = { + initrd = { + enable = true; + systemd.enable = true; - # boot.loader.grub = { - # enable = true; - # device = "nodev"; - # # device = "/dev/vda"; - # efiSupport = true; - # efiInstallAsRemovable = true; - # }; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = false; + systemd.initrdBin = with pkgs; [ + zfs + coreutils + babashka + ]; + }; + + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = false; + }; + }; # networking.hostName = "nixos-testbed"; networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id @@ -196,6 +131,7 @@ builtins.mapAttrs mkHost (builtins.readDir ./hosts) time.timeZone = "America/Denver"; i18n.defaultLocale = "en_US.UTF-8"; + console = { font = "Lat2-Terminus16"; # keyMap = "us"; diff --git a/hosts/nixos-testbed/disko-config.nix b/hosts/nixos-testbed/disko-config.nix index f6cb82c..aea3a38 100644 --- a/hosts/nixos-testbed/disko-config.nix +++ b/hosts/nixos-testbed/disko-config.nix @@ -2,7 +2,7 @@ # time sudo nixos-install --flake /nixos#nixos-testbed { lib, ... }: { - # imports = [ inputs.disko.nixosModules.disko ]; + # imports = [ disko.nixosModules.disko ]; boot.zfs.extraPools = [ "rpool" ]; boot.zfs.devNodes = "/dev/disk/by-path"; boot.initrd.supportedFilesystems = [ "zfs" ]; @@ -18,8 +18,6 @@ partitions = { ESP = { size = "512M"; - # start = "1MiB"; - # end = "512M"; type = "EF00"; content = { type = "filesystem"; @@ -29,8 +27,6 @@ }; }; root = { - # start = "512M"; - # end = "100%"; size = "100%"; content = { type = "zfs"; @@ -44,23 +40,6 @@ zpool = { rpool = { type = "zpool"; - - # Workaround: cannot import 'rpool': I/O error in disko tests - # options.cachefile = "none"; - - # rootFsOptions = { - # # I don't know. - # # https://wiki.archlinux.org/title/Systemd#systemd-tmpfiles-setup.service_fails_to_start_at_boot - # acltype = "posixacl"; - # # atime = "off"; - # # compression = "zstd"; - # mountpoint = "none"; - # # xattr = "sa"; - # "com.sun:auto-snapshot" = "false"; - # }; - - # mountpoint = "/"; - datasets = let dataset = options: let default = { @@ -97,59 +76,16 @@ mountpoint = "/persist/home"; }; "reserved" = dataset { - mountpoint = null; options = { canmount = "off"; mountpoint = "none"; reservation = "5GiB"; }; }; - # "local" = { - # type = "zfs_fs"; - # options.mountpoint = "none"; - # }; - # "safe" = { - # type = "zfs_fs"; - # options.mountpoint = "none"; - # }; - # "local/root" = { - # type = "zfs_fs"; - # options.mountpoint = "legacy"; - # mountpoint = "/"; - # options."com.sun:auto-snapshot" = "false"; - # postCreateHook = '' - # zfs list -t snapshot -H -o name \ - # | grep -E '^rpool/local/root@blank$' \ - # || zfs snapshot rpool/local/root@blank - # ''; - # }; - # "local/home" = { - - # }; - # "local/nix" = { - # type = "zfs_fs"; - # options.mountpoint = "legacy"; - # mountpoint = "/nix"; - # options."com.sun:auto-snapshot" = "false"; - # }; - # "safe/persist" = { - # type = "zfs_fs"; - # options.mountpoint = "legacy"; - # mountpoint = "/persist"; - # options."com.sun:auto-snapshot" = "false"; - # }; - # # zfs uses copy on write and requires some free space to delete files when the disk is completely filled - # "reserved" = lib.recursiveUpdate (dataset "reserved") { - # mountpoint = null; - # options = { - # canmount = "off"; - # mountpoint = "none"; - # reservation = "5GiB"; - # }; - # type = "zfs_fs"; - # }; }; }; }; }; + + fileSystems."/persist".neededForBoot = true; } diff --git a/modules/home/erase-home-darlings.clj b/modules/home/erase-home-darlings.clj new file mode 100644 index 0000000..a146963 --- /dev/null +++ b/modules/home/erase-home-darlings.clj @@ -0,0 +1,84 @@ +#!/usr/bin/env bb + +;;; TODO: option to either move OR copy + +(require '[clojure.core.match :refer [match]] + '[babashka.cli :as cli] + '[babashka.process :refer [$ check] :as p]) + +(defn get-archive-path [] + (fs/path + "/persist/previous")) + +(defn get-files [] + (let [diff (:out (check ($ {:out :string} + "zfs" "diff" "-HF" + "rpool/local/home@blank" + "rpool/local/home")))] + ;; See zfs-diff(8) to understand what we're parsing here. + (->> diff + str/split-lines + (map #(str/split % #"\s")) + (filter #(and + ;; We only care to preserve /new/ content. + (contains? #{"+" "M"} (first %)) + ;; We only bother with plain old files. No directories, + ;; symlinks, etc. + (= (second %) "F"))) + (map #(nth % 2))))) + +(defn move-out-of-my-way [file] + ;; No TCO. }:< + (loop [n 0] + (let [file' (format "%s-%d" file n)] + (if (fs/exists? file') + (recur (inc n)) + (do (fs/move file file') + file'))))) + +(defn archive-files [archive-path files] + (let [new-archive (fs/path archive-path "home/new-archive")] + (when (fs/exists? new-archive) + (println "Warning: `new-archive' already exists... we'll rename it for you?") + (move-out-of-my-way new-archive)) + (doseq [file files] + (let [destination (fs/path + new-archive + (fs/relativize "/home" (fs/parent file)))] + (fs/create-dirs destination) + (fs/move file destination))))) + +(defn cycle-archives [archive-path n] + "Delete the oldest archive path, and increment each previous path by one. +More precisely, + - Delete the archive path labeled `n` (the oldest allowed). + - For each remaining path labeled 'i', relabel to 'i + 1'. + - Lastly, we delete the path labeled `new-archive`, if it exists." + (let [gp #(fs/path archive-path "home" (str %))] + (fs/delete-if-exists (gp n)) + (doseq [i (range (dec n) 1 -1)] + (when (fs/exists? (gp (dec i))) + (fs/move (gp (dec i)) (gp i)))) + (when (fs/exists? (gp "new-archive")) + (fs/move (gp "new-archive") (gp 1))))) + +(defn do-rollback [] + (let [proc (deref ($ "zfs" "rollback" "-r" "rpool/local/home@blank"))] + (if (= (:exit proc) 0) + (println (str "Successfully rolled back /home. " + "Enjoy the fresh filesystem smell! }:D")) + (println "Something went wrong rolling back /home... D:{")))) + +(defn -main [] + (let [n (if (< 0 (count *command-line-args*)) + (parse-long (first *command-line-args*)) + 3)] + (binding [p/*defaults* + {:pre-start-fn #(println (str "+ " (str/join (:cmd %))))}] + (let [archive-path (get-archive-path) + files (get-files)] + (archive-files archive-path files) + (cycle-archives archive-path n) + (do-rollback))))) + +(-main) diff --git a/modules/nixos/users.nix b/modules/nixos/users.nix new file mode 100644 index 0000000..466a0ef --- /dev/null +++ b/modules/nixos/users.nix @@ -0,0 +1,18 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.sydnix.users; +in { + options = { + sydnix.users = { + users = mkOption { + description = + "List of usernames whose home profiles should be imported."; + type = with types; listOf str; + default = []; + }; + }; + }; +} diff --git a/users/crumb/default.nix b/users/crumb/default.nix new file mode 100644 index 0000000..252904b --- /dev/null +++ b/users/crumb/default.nix @@ -0,0 +1,6 @@ +{ config, lib, pkgs, ... }: + +{ + home.stateVersion = "18.09"; + home.packages = [ pkgs.hello ]; +}