msyds/sydnix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Large refactor

Browse Source
This commit is contained in:
Madeleine Sydney
2024-12-12 01:38:47 -07:00
parent 28b2aece65
commit 3f846d783a
5 changed files with 176 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

194
README.org
View File

@@ -21,60 +21,41 @@
}; };
}; };
outputs = { nixpkgs, ... }@inputs: { outputs = { nixpkgs, ... }@inputs:
nixosConfigurations = ( let list-nix-directory = dir:
<<flake-outputs-nixos>> builtins.attrNames
); (nixpkgs.lib.filterAttrs
}; (k: _v: nixpkgs.lib.hasSuffix ".nix" k)
} (builtins.readDir dir));
#+end_src in {
# REVIEW: Why don't we put each module under nixosModules.<name>?
nixosModules.default =
let modules = list-nix-directory ./modules/nixos;
in { ... }: {
imports =
let x = builtins.map (m: ./modules/nixos/${m}) modules;
in x;
};
* Features homeManagerModules.default =
let modules = list-nix-directory ./modules/home;
in { ... }: {
imports = builtins.map (m: ./modules/home/${m}) modules;
};
What are referred to as /features/ here largely correspond to Nix modules, but are nixosConfigurations = (
not limited to Nix modules. <<flake-outputs-nixos>>
);
** Impermanence homeConfigurations =
let users = builtins.readDir ./users;
*** Flake input mkUser = username: _v: import ./users/${username}/default.nix;
in
#+begin_src nix :noweb-ref flake-inputs builtins.mapAttrs mkUser users;
impermanence.url = "github:nix-community/impermanence";
#+end_src
*** Top-level module
#+begin_src nix :tangle modules/system/impermanence.nix
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.sydnix.impermanence;
in {
options = {
sydnix.impermanence = {
<<sydnix-impermanence-options>>
}; };
};
config = mkIf cfg.enable (mkMerge [
]);
} }
#+end_src #+end_src
*** Options
**** =enable=
#+begin_src nix :noweb-ref sydnix-impermanence-options
enable = mkOption {
type = types.bool;
default = false;
};
#+end_src
* Machines * Machines
For every ~./hosts/NAME/configuration.nix~, define the system under the name ~NAME~. For every ~./hosts/NAME/configuration.nix~, define the system under the name ~NAME~.
@@ -85,8 +66,25 @@ let mkHost = k: v: nixpkgs.lib.nixosSystem {
system = import ./hosts/${k}/system.nix; system = import ./hosts/${k}/system.nix;
modules = [ modules = [
./hosts/${k}/configuration.nix ./hosts/${k}/configuration.nix
inputs.self.nixosModules.default
inputs.disko.nixosModules.disko
# Directory name should always match host name. # Directory name should always match host name.
({ ... }: { networking.hostName = k; }) ({ ... }: { networking.hostName = k; })
# home-manager configuration.
inputs.home-manager.nixosModules.home-manager
({ config, lib, self, ... }: {
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users =
lib.filterAttrs
(k: _v: builtins.elem k config.sydnix.users.users)
self.homeConfigurations;
})
]; ];
}; };
in in
@@ -101,94 +99,31 @@ builtins.mapAttrs mkHost (builtins.readDir ./hosts)
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
./disko-config.nix ./disko-config.nix
disko.nixosModules.disko
]; ];
# boot.initrd.postDeviceCommands = '' sydnix = {
# if zfs list -t snapshot -H -o name \ users.users = [
# | grep -qE '^rpool/local/root@previous$'; then "crumb"
# zfs destroy -r rpool/local/root@previous \
# && echo ">> >> previous previous snapshot destroyed << <<"
# else
# echo ">> >> no previous previous snapshot found << <<"
# fi
# zfs snapshot -r rpool/local/root@previous \
# && echo ">> >> pre-rollback snapshot taken << <<"
# zfs rollback -r rpool/local/root@blank \
# && echo ">> >> rollback complete << <<"
# '';
# boot.initrd.supportedFilesystems = [ "zfs" ];
# boot.supportedFilesystems = [ "zfs" ];
boot.initrd.enable = true;
boot.initrd.systemd.enable = true;
boot.initrd.systemd.initrdBin = with pkgs; [
zfs
coreutils
babashka
];
boot.initrd.systemd.services.erase-darlings = {
description = "Rollback filesystem to a blank state on boot";
wantedBy = [
"initrd.target"
]; ];
after = [
# "zfs-import.service"
"zfs-import-rpool.service"
];
before = [
"sysroot.mount"
];
path = [ pkgs.zfs ];
unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = /* bash */ ''
zfs rollback -r rpool/local/root@blank \
&& echo ">> >> rollback complete << <<"
'';
}; };
systemd.services.erase-home-darlings = { boot = {
description = "Rollback home to a blank state on boot"; initrd = {
wantedBy = [ enable = true;
"multi-user.target" systemd.enable = true;
];
before = [
# "basic.target"
];
after = [
"home.mount"
];
path = [ pkgs.zfs pkgs.babashka ];
# unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart =
let script = ./erase-home-darlings.clj;
in ''${pkgs.babashka}/bin/bb "${script}" 3'';
};
stopIfChanged = false;
restartIfChanged = false;
};
# boot.loader.grub = { systemd.initrdBin = with pkgs; [
# enable = true; zfs
# device = "nodev"; coreutils
# # device = "/dev/vda"; babashka
# efiSupport = true; ];
# efiInstallAsRemovable = true; };
# };
boot.loader.systemd-boot.enable = true; loader = {
boot.loader.efi.canTouchEfiVariables = false; systemd-boot.enable = true;
efi.canTouchEfiVariables = false;
};
};
# networking.hostName = "nixos-testbed"; # networking.hostName = "nixos-testbed";
networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id
@@ -196,6 +131,7 @@ builtins.mapAttrs mkHost (builtins.readDir ./hosts)
time.timeZone = "America/Denver"; time.timeZone = "America/Denver";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
console = { console = {
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
# keyMap = "us"; # keyMap = "us";

70
hosts/nixos-testbed/disko-config.nix
View File

@@ -2,7 +2,7 @@
# time sudo nixos-install --flake /nixos#nixos-testbed # time sudo nixos-install --flake /nixos#nixos-testbed
{ lib, ... }: { lib, ... }:
{ {
# imports = [ inputs.disko.nixosModules.disko ]; # imports = [ disko.nixosModules.disko ];
boot.zfs.extraPools = [ "rpool" ]; boot.zfs.extraPools = [ "rpool" ];
boot.zfs.devNodes = "/dev/disk/by-path"; boot.zfs.devNodes = "/dev/disk/by-path";
boot.initrd.supportedFilesystems = [ "zfs" ]; boot.initrd.supportedFilesystems = [ "zfs" ];
@@ -18,8 +18,6 @@
partitions = { partitions = {
ESP = { ESP = {
size = "512M"; size = "512M";
# start = "1MiB";
# end = "512M";
type = "EF00"; type = "EF00";
content = { content = {
type = "filesystem"; type = "filesystem";
@@ -29,8 +27,6 @@
}; };
}; };
root = { root = {
# start = "512M";
# end = "100%";
size = "100%"; size = "100%";
content = { content = {
type = "zfs"; type = "zfs";
@@ -44,23 +40,6 @@
zpool = { zpool = {
rpool = { rpool = {
type = "zpool"; type = "zpool";
# Workaround: cannot import 'rpool': I/O error in disko tests
# options.cachefile = "none";
# rootFsOptions = {
# # I don't know.
# # https://wiki.archlinux.org/title/Systemd#systemd-tmpfiles-setup.service_fails_to_start_at_boot
# acltype = "posixacl";
# # atime = "off";
# # compression = "zstd";
# mountpoint = "none";
# # xattr = "sa";
# "com.sun:auto-snapshot" = "false";
# };
# mountpoint = "/";
datasets = datasets =
let dataset = options: let dataset = options:
let default = { let default = {
@@ -97,59 +76,16 @@
mountpoint = "/persist/home"; mountpoint = "/persist/home";
}; };
"reserved" = dataset { "reserved" = dataset {
mountpoint = null;
options = { options = {
canmount = "off"; canmount = "off";
mountpoint = "none"; mountpoint = "none";
reservation = "5GiB"; reservation = "5GiB";
}; };
}; };
# "local" = {
# type = "zfs_fs";
# options.mountpoint = "none";
# };
# "safe" = {
# type = "zfs_fs";
# options.mountpoint = "none";
# };
# "local/root" = {
# type = "zfs_fs";
# options.mountpoint = "legacy";
# mountpoint = "/";
# options."com.sun:auto-snapshot" = "false";
# postCreateHook = ''
# zfs list -t snapshot -H -o name \
# | grep -E '^rpool/local/root@blank$' \
# || zfs snapshot rpool/local/root@blank
# '';
# };
# "local/home" = {
# };
# "local/nix" = {
# type = "zfs_fs";
# options.mountpoint = "legacy";
# mountpoint = "/nix";
# options."com.sun:auto-snapshot" = "false";
# };
# "safe/persist" = {
# type = "zfs_fs";
# options.mountpoint = "legacy";
# mountpoint = "/persist";
# options."com.sun:auto-snapshot" = "false";
# };
# # zfs uses copy on write and requires some free space to delete files when the disk is completely filled
# "reserved" = lib.recursiveUpdate (dataset "reserved") {
# mountpoint = null;
# options = {
# canmount = "off";
# mountpoint = "none";
# reservation = "5GiB";
# };
# type = "zfs_fs";
# };
}; };
}; };
}; };
}; };
fileSystems."/persist".neededForBoot = true;
} }

84
modules/home/erase-home-darlings.clj Normal file
View File

@@ -0,0 +1,84 @@
#!/usr/bin/env bb
;;; TODO: option to either move OR copy
(require '[clojure.core.match :refer [match]]
'[babashka.cli :as cli]
'[babashka.process :refer [$ check] :as p])
(defn get-archive-path []
(fs/path
"/persist/previous"))
(defn get-files []
(let [diff (:out (check ($ {:out :string}
"zfs" "diff" "-HF"
"rpool/local/home@blank"
"rpool/local/home")))]
;; See zfs-diff(8) to understand what we're parsing here.
(->> diff
str/split-lines
(map #(str/split % #"\s"))
(filter #(and
;; We only care to preserve /new/ content.
(contains? #{"+" "M"} (first %))
;; We only bother with plain old files. No directories,
;; symlinks, etc.
(= (second %) "F")))
(map #(nth % 2)))))
(defn move-out-of-my-way [file]
;; No TCO. }:<
(loop [n 0]
(let [file' (format "%s-%d" file n)]
(if (fs/exists? file')
(recur (inc n))
(do (fs/move file file')
file')))))
(defn archive-files [archive-path files]
(let [new-archive (fs/path archive-path "home/new-archive")]
(when (fs/exists? new-archive)
(println "Warning: `new-archive' already exists... we'll rename it for you?")
(move-out-of-my-way new-archive))
(doseq [file files]
(let [destination (fs/path
new-archive
(fs/relativize "/home" (fs/parent file)))]
(fs/create-dirs destination)
(fs/move file destination)))))
(defn cycle-archives [archive-path n]
"Delete the oldest archive path, and increment each previous path by one.
More precisely,
- Delete the archive path labeled `n` (the oldest allowed).
- For each remaining path labeled 'i', relabel to 'i + 1'.
- Lastly, we delete the path labeled `new-archive`, if it exists."
(let [gp #(fs/path archive-path "home" (str %))]
(fs/delete-if-exists (gp n))
(doseq [i (range (dec n) 1 -1)]
(when (fs/exists? (gp (dec i)))
(fs/move (gp (dec i)) (gp i))))
(when (fs/exists? (gp "new-archive"))
(fs/move (gp "new-archive") (gp 1)))))
(defn do-rollback []
(let [proc (deref ($ "zfs" "rollback" "-r" "rpool/local/home@blank"))]
(if (= (:exit proc) 0)
(println (str "Successfully rolled back /home. "
"Enjoy the fresh filesystem smell! }:D"))
(println "Something went wrong rolling back /home... D:{"))))
(defn -main []
(let [n (if (< 0 (count *command-line-args*))
(parse-long (first *command-line-args*))
3)]
(binding [p/*defaults*
{:pre-start-fn #(println (str "+ " (str/join (:cmd %))))}]
(let [archive-path (get-archive-path)
files (get-files)]
(archive-files archive-path files)
(cycle-archives archive-path n)
(do-rollback)))))
(-main)

18
modules/nixos/users.nix Normal file
View File

@@ -0,0 +1,18 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.sydnix.users;
in {
options = {
sydnix.users = {
users = mkOption {
description =
"List of usernames whose home profiles should be imported.";
type = with types; listOf str;
default = [];
};
};
};
}

6
users/crumb/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{ config, lib, pkgs, ... }:
{
home.stateVersion = "18.09";
home.packages = [ pkgs.hello ];
}