#+PROPERTY: header-args :noweb no-export :results silent :comments both :tangle no
#+STARTUP: overview
#+title: Madeleine's dots for the literate (=sydnix=)

* Top-level flake

#+begin_src nix :tangle flake.nix
{
  description = "Madeleine's dots for the literate (sydnix)";

  inputs = {
    <<flake-inputs>>

    disko.url = "github:nix-community/disko";

    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";

    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs = { nixpkgs, ... }@inputs: {
    nixosConfigurations = (
      <<flake-outputs-nixos>>
    );
  };
}
#+end_src

* Features

What are referred to as /features/ here largely correspond to Nix modules, but are
not limited to Nix modules.

** Impermanence

*** Flake input

#+begin_src nix :noweb-ref flake-inputs
impermanence.url = "github:nix-community/impermanence";
#+end_src

*** Top-level module

#+begin_src nix :tangle modules/system/impermanence.nix
{ config, lib, pkgs, ... }:

with lib;

let
  cfg = config.sydnix.impermanence;
in {
  options = {
    sydnix.impermanence = {
      <<sydnix-impermanence-options>>
    };
  };

  config = mkIf cfg.enable (mkMerge [

  ]);
}
#+end_src

*** Options

**** =enable=

#+begin_src nix :noweb-ref sydnix-impermanence-options
enable = mkOption {
  type = types.bool;
  default = false;
};
#+end_src

* Machines

For every ~./hosts/NAME/configuration.nix~, define the system under the name ~NAME~.

#+begin_src nix :noweb-ref flake-outputs-nixos
let mkHost = k: v: nixpkgs.lib.nixosSystem {
      specialArgs = inputs;
      system = import ./hosts/${k}/system.nix;
      modules = [
        ./hosts/${k}/configuration.nix
        # Directory name should always match host name.
        ({ ... }: { networking.hostName = k; })
      ];
    };
in
builtins.mapAttrs mkHost (builtins.readDir ./hosts)
#+end_src

** =nixos-testbed=

#+begin_src nix :tangle hosts/nixos-testbed/configuration.nix
{ config, pkgs, lib, disko, ... }:
{
  imports = [
    ./hardware-configuration.nix
    ./disko-config.nix
    disko.nixosModules.disko
  ];

  # boot.initrd.postDeviceCommands = ''
  #   if zfs list -t snapshot -H -o name \
  #       | grep -qE '^rpool/local/root@previous$'; then
  #     zfs destroy -r rpool/local/root@previous \
  #     && echo ">> >> previous previous snapshot destroyed << <<"
  #   else
  #     echo ">> >> no previous previous snapshot found << <<"
  #   fi

  #   zfs snapshot -r rpool/local/root@previous \
  #     && echo ">> >> pre-rollback snapshot taken << <<"

  #   zfs rollback -r rpool/local/root@blank \
  #     && echo ">> >> rollback complete << <<"
  # '';

  # boot.initrd.supportedFilesystems = [ "zfs" ];
  # boot.supportedFilesystems = [ "zfs" ];

  boot.initrd.enable = true;
  boot.initrd.systemd.enable = true;

  boot.initrd.systemd.initrdBin = with pkgs; [
    zfs
    coreutils
    gnugrep
    gawk
  ];

  boot.initrd.systemd.services.erase-darlings = {
    description = "Rollback filesystem to a blank state on boot";
    wantedBy = [
      "initrd.target"
    ];
    after = [
      # "zfs-import.service"
      "zfs-import-rpool.service"
    ];
    before = [
      "sysroot.mount"
    ];
    path = [ pkgs.zfs ];
    unitConfig.DefaultDependencies = "no";
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    script = /* bash */ ''
      zfs rollback -r rpool/local/root@blank \
        && echo ">> >> rollback complete << <<"
    '';
  };

  systemd.services.erase-home-darlings = {
    description = "Rollback home to a blank state on boot";
    wantedBy = [
      "multi-user.target"
    ];
    before = [
      # "basic.target"
    ];
    after = [
      "home.mount"
    ];
    path = [ pkgs.zfs pkgs.coreutils pkgs.gnugrep pkgs.gawk pkgs.util-linux ];
    # unitConfig.DefaultDependencies = "no";
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;
    };
    stopIfChanged = false;
    restartIfChanged = false;
    script = /* bash */ ''
      set -xe
      set -o pipefail

      command -v findmnt || echo "can't find findmnt on PATH"
      command -v awk || echo "can't find awk on PATH"

      # findmnt -no TARGET rpool/darlings/persist
      PREVDIR=$(findmnt -no TARGET rpool/darlings/persist)/previous
      # PREVDIR=/sysroot/persist/previous

      echo "PREVDIR=$PREVDIR"
      mkdir -p $PREVDIR/home

      [ -e $PREVDIR/home/3 ] && rm -rf $PREVDIR/home/3
      [ -e $PREVDIR/home/2 ] && mv $PREVDIR/home/2 $PREVDIR/home/3
      [ -e $PREVDIR/home/1 ] && mv $PREVDIR/home/1 $PREVDIR/home/2

      DIFFFILE="$(mktemp "erase-home-darlings-zfs-diff-XXXXXX")"

      zfs diff -HF rpool/local/home@blank rpool/local/home \
          > "$DIFFFILE"
      awk '{if ($2 == "F" || $2 == "/") print $3}' < "$DIFFFILE" \
        | while read -r line; do
            DEST="$PREVDIR/home/1/$(dirname "$line")/$(basename "$line")"
            mkdir -p "$(dirname "$DEST")"
            mv "$line" "$DEST" && \
              echo "$line -> $DEST"
          done \
          && echo ">> previous home backed up to $PREVDIR/home/1 <<"

      zfs rollback -r rpool/local/home@blank \
        && echo ">> home rolled back <<"
    '';
  };

  # boot.loader.grub = {
  #   enable = true;
  #   device = "nodev";
  #   # device = "/dev/vda";
  #   efiSupport = true;
  #   efiInstallAsRemovable = true;
  # };
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = false;

  # networking.hostName = "nixos-testbed";
  networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id

  time.timeZone = "America/Denver";

  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    # keyMap = "us";
    useXkbConfig = true; # use xkb.options in tty.
  };

  services.xserver.enable = true;
  # services.displayManager.sddm.enable = true;
  # services.desktopManager.plasma6.enable = true;

  services.xserver.xkb.layout = "us";
  services.xserver.xkb.options = "caps:escape";

  users.users.crumb = {
    isNormalUser = true;
    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
    # Change this immediately after installation!
    initialPassword = "password123";
  };

  environment.systemPackages = with pkgs; [
    neovim
  ];

  services.openssh.enable = true;
  services.openssh.settings.PermitRootLogin = "yes";

  # This option defines the first version of NixOS you have installed on this
  # particular machine, and is used to maintain compatibility with application
  # data (e.g. databases) created on older NixOS versions.
  #
  # Most users should NEVER change this value after the initial install, for any
  # reason, even if you've upgraded your system to a new NixOS release.
  #
  # This value does NOT affect the Nixpkgs version your packages and OS are
  # pulled from, so changing it will NOT upgrade your system - see
  # https://nixos.org/manual/nixos/stable/#sec-upgrading for how to actually do
  # that.
  #
  # This value being lower than the current NixOS release does NOT mean your
  # system is out of date, out of support, or vulnerable.
  #
  # Do NOT change this value unless you have manually inspected all the changes
  # it would make to your configuration, and migrated your data accordingly.
  #
  # For more information, see `man configuration.nix` or
  # https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
  system.stateVersion = "24.05"; # Did you read the comment?
}
#+end_src

** =guix-rebound=

The primary desktop of a girl done with her plebian phase, and done with Guix's
bullshit.

* References

- My darling dearest Faye's =wishsys= }:D
- [[https://github.com/rasendubi/dotfiles][rasendubi/dotfiles]]
- [[https://github.com/hlissner/dotfiles/][hlissner/dotfiles]]
- [[https://github.com/Shawn8901/nix-configuration/tree/af71d51998a6772a300f842795b947e27202fa73][Shawn8901/nix-configuration]]