7.7 KiB
7.7 KiB
Madeleine's dots for the literate (sydnix)
Top-level flake
{
description = "Madeleine's dots for the literate (sydnix)";
inputs = {
<<flake-inputs>>
disko.url = "github:nix-community/disko";
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { nixpkgs, ... }@inputs: {
nixosConfigurations = (
<<flake-outputs-nixos>>
);
};
}Features
What are referred to as features here largely correspond to Nix modules, but are not limited to Nix modules.
Impermanence
Flake input
impermanence.url = "github:nix-community/impermanence";Top-level module
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.sydnix.impermanence;
in {
options = {
sydnix.impermanence = {
<<sydnix-impermanence-options>>
};
};
config = mkIf cfg.enable (mkMerge [
]);
}Options
enable
enable = mkOption {
type = types.bool;
default = false;
};Machines
For every ./hosts/NAME/configuration.nix, define the system under the name NAME.
let mkHost = k: v: nixpkgs.lib.nixosSystem {
specialArgs = inputs;
system = import ./hosts/${k}/system.nix;
modules = [
./hosts/${k}/configuration.nix
# Directory name should always match host name.
({ ... }: { networking.hostName = k; })
];
};
in
builtins.mapAttrs mkHost (builtins.readDir ./hosts)
nixos-testbed
{ config, pkgs, lib, disko, ... }:
{
imports = [
./hardware-configuration.nix
./disko-config.nix
disko.nixosModules.disko
];
# boot.initrd.postDeviceCommands = ''
# if zfs list -t snapshot -H -o name \
# | grep -qE '^rpool/local/root@previous$'; then
# zfs destroy -r rpool/local/root@previous \
# && echo ">> >> previous previous snapshot destroyed << <<"
# else
# echo ">> >> no previous previous snapshot found << <<"
# fi
# zfs snapshot -r rpool/local/root@previous \
# && echo ">> >> pre-rollback snapshot taken << <<"
# zfs rollback -r rpool/local/root@blank \
# && echo ">> >> rollback complete << <<"
# '';
# boot.initrd.supportedFilesystems = [ "zfs" ];
# boot.supportedFilesystems = [ "zfs" ];
boot.initrd.enable = true;
boot.initrd.systemd.enable = true;
boot.initrd.systemd.initrdBin = with pkgs; [
zfs
coreutils
gnugrep
gawk
];
boot.initrd.systemd.services.erase-darlings = {
description = "Rollback filesystem to a blank state on boot";
wantedBy = [
"initrd.target"
];
after = [
# "zfs-import.service"
"zfs-import-rpool.service"
];
before = [
"sysroot.mount"
];
path = [ pkgs.zfs ];
unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = /* bash */ ''
zfs rollback -r rpool/local/root@blank \
&& echo ">> >> rollback complete << <<"
'';
};
systemd.services.erase-home-darlings = {
description = "Rollback home to a blank state on boot";
wantedBy = [
"multi-user.target"
];
before = [
# "basic.target"
];
after = [
"home.mount"
];
path = [ pkgs.zfs pkgs.coreutils pkgs.gnugrep pkgs.gawk pkgs.util-linux ];
# unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
stopIfChanged = false;
restartIfChanged = false;
script = /* bash */ ''
set -xe
set -o pipefail
command -v findmnt || echo "can't find findmnt on PATH"
command -v awk || echo "can't find awk on PATH"
# findmnt -no TARGET rpool/darlings/persist
PREVDIR=$(findmnt -no TARGET rpool/darlings/persist)/previous
# PREVDIR=/sysroot/persist/previous
echo "PREVDIR=$PREVDIR"
mkdir -p $PREVDIR/home
[ -e $PREVDIR/home/3 ] && rm -rf $PREVDIR/home/3
[ -e $PREVDIR/home/2 ] && mv $PREVDIR/home/2 $PREVDIR/home/3
[ -e $PREVDIR/home/1 ] && mv $PREVDIR/home/1 $PREVDIR/home/2
DIFFFILE="$(mktemp "erase-home-darlings-zfs-diff-XXXXXX")"
zfs diff -HF rpool/local/home@blank rpool/local/home \
> "$DIFFFILE"
awk '{if ($2 == "F" || $2 == "/") print $3}' < "$DIFFFILE" \
| while read -r line; do
DEST="$PREVDIR/home/1/$(dirname "$line")/$(basename "$line")"
mkdir -p "$(dirname "$DEST")"
mv "$line" "$DEST" && \
echo "$line -> $DEST"
done \
&& echo ">> previous home backed up to $PREVDIR/home/1 <<"
zfs rollback -r rpool/local/home@blank \
&& echo ">> home rolled back <<"
'';
};
# boot.loader.grub = {
# enable = true;
# device = "nodev";
# # device = "/dev/vda";
# efiSupport = true;
# efiInstallAsRemovable = true;
# };
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
# networking.hostName = "nixos-testbed";
networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id
time.timeZone = "America/Denver";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
# keyMap = "us";
useXkbConfig = true; # use xkb.options in tty.
};
services.xserver.enable = true;
# services.displayManager.sddm.enable = true;
# services.desktopManager.plasma6.enable = true;
services.xserver.xkb.layout = "us";
services.xserver.xkb.options = "caps:escape";
users.users.crumb = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
# Change this immediately after installation!
initialPassword = "password123";
};
environment.systemPackages = with pkgs; [
neovim
];
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
# This option defines the first version of NixOS you have installed on this
# particular machine, and is used to maintain compatibility with application
# data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any
# reason, even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are
# pulled from, so changing it will NOT upgrade your system - see
# https://nixos.org/manual/nixos/stable/#sec-upgrading for how to actually do
# that.
#
# This value being lower than the current NixOS release does NOT mean your
# system is out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes
# it would make to your configuration, and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or
# https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
}
guix-rebound
The primary desktop of a girl done with her plebian phase, and done with Guix's bullshit.
References
- My darling dearest Faye's
wishsys}:D - rasendubi/dotfiles
- hlissner/dotfiles
- Shawn8901/nix-configuration