diff --git a/modules/services/mariadb.nix b/modules/services/mariadb.nix index 890ddaa3..144e6281 100644 --- a/modules/services/mariadb.nix +++ b/modules/services/mariadb.nix @@ -49,11 +49,7 @@ inputs: sops.secrets = builtins.listToAttrs (builtins.map (db: { name = "mariadb/${db.value.user}"; value.owner = inputs.config.users.users.mysql.name; }) (builtins.filter (db: db.value.passwordFile == null) (inputs.localLib.attrsToList mariadb.instances))); - environment.persistence = - let inherit (inputs.config.nixos.system) impermanence; in inputs.lib.mkIf impermanence.enable - { - "${impermanence.nodatacow}".directories = let user = "mysql"; in - [{ directory = "/var/lib/mysql"; inherit user; group = user; mode = "0750"; }]; - }; + environment.persistence."/nix/nodatacow".directories = + [{ directory = "/var/lib/mysql"; user = "mysql"; group = "mysql"; mode = "0750"; }]; }; } diff --git a/modules/services/nixseperatedebuginfo.nix b/modules/services/nixseperatedebuginfo.nix index 15821c0a..7856492d 100644 --- a/modules/services/nixseperatedebuginfo.nix +++ b/modules/services/nixseperatedebuginfo.nix @@ -9,11 +9,12 @@ inputs: let inherit (inputs.config.nixos.services) nixseparatedebuginfo; in inputs.lib.mkIf (nixseparatedebuginfo != {}) { services.nixseparatedebuginfod.enable = true; - environment.persistence = - let inherit (inputs.config.nixos.system) impermanence; in inputs.lib.mkIf impermanence.enable - { - "${impermanence.nodatacow}".directories = let user = "nixseparatedebuginfod"; in - [{ directory = "/var/cache/nixseparatedebuginfod"; inherit user; group = user; mode = "0755"; }]; - }; + environment.persistence."/nix/nodatacow".directories = + [{ + directory = "/var/cache/nixseparatedebuginfod"; + user = "nixseparatedebuginfod"; + group = "nixseparatedebuginfod"; + mode = "0755"; + }]; }; } diff --git a/modules/services/postgresql.nix b/modules/services/postgresql.nix index 6700bb97..70bd89bb 100644 --- a/modules/services/postgresql.nix +++ b/modules/services/postgresql.nix @@ -86,11 +86,7 @@ inputs: sops.secrets = builtins.listToAttrs (builtins.map (db: { name = "postgresql/${db.value.user}"; value.owner = inputs.config.users.users.postgres.name; }) (builtins.filter (db: db.value.passwordFile == null) (inputs.localLib.attrsToList postgresql.instances))); - environment.persistence = - let inherit (inputs.config.nixos.system) impermanence; in inputs.lib.mkIf impermanence.enable - { - "${impermanence.nodatacow}".directories = let user = "postgres"; in - [{ directory = "/var/lib/postgresql"; inherit user; group = user; mode = "0750"; }]; - }; + environment.persistence."/nix/nodatacow".directories = + [{ directory = "/var/lib/postgresql"; user = "postgres"; group = "postgres"; mode = "0750"; }]; }; } diff --git a/modules/system/gui.nix b/modules/system/gui.nix index c81e73b7..265e1d85 100644 --- a/modules/system/gui.nix +++ b/modules/system/gui.nix @@ -18,7 +18,7 @@ inputs: environment = { sessionVariables.GTK_USE_PORTAL = "1"; - persistence."${inputs.config.nixos.system.impermanence.root}".directories = + persistence."/nix/rootfs/current".directories = [{ directory = "/var/lib/sddm"; user = "sddm"; group = "sddm"; mode = "0700"; }]; }; xdg.portal.extraPortals = builtins.map (p: inputs.pkgs."xdg-desktop-portal-${p}") [ "gtk" "wlr" ]; diff --git a/modules/system/impermanence.nix b/modules/system/impermanence.nix index 025d52ba..18655a14 100644 --- a/modules/system/impermanence.nix +++ b/modules/system/impermanence.nix @@ -1,17 +1,10 @@ inputs: { - options.nixos.system.impermanence = let inherit (inputs.lib) mkOption types; in - { - enable = mkOption { type = types.bool; default = true; }; - persistence = mkOption { type = types.nonEmptyStr; default = "/nix/persistent"; }; - root = mkOption { type = types.nonEmptyStr; default = "/nix/rootfs/current"; }; - nodatacow = mkOption { type = types.nullOr types.nonEmptyStr; default = "/nix/nodatacow"; }; - }; - config = let inherit (inputs.config.nixos.system) impermanence; in inputs.lib.mkIf impermanence.enable + config = { environment.persistence = { - "${impermanence.persistence}" = + "/nix/persistent" = { hideMounts = true; directories = @@ -33,7 +26,7 @@ inputs: "/etc/ssh/ssh_host_rsa_key" ]; }; - "${impermanence.root}" = + "/nix/rootfs/current" = { hideMounts = true; directories = @@ -45,7 +38,7 @@ inputs: "/var/lib/flatpak" ]; }; - "${impermanence.nodatacow}" = + "/nix/nodatacow" = { hideMounts = true; directories = diff --git a/modules/system/networking.nix b/modules/system/networking.nix index 93df3ac5..df8285e7 100644 --- a/modules/system/networking.nix +++ b/modules/system/networking.nix @@ -54,7 +54,7 @@ inputs: enable = true; settings.device.keep-configuration = "no"; }; - environment.persistence."${inputs.config.nixos.system.impermanence.persistence}".directories = + environment.persistence."/nix/persistent".directories = [{ directory = "/etc/NetworkManager/system-connections"; mode = "0700"; }]; } { diff --git a/modules/user/chn/default.nix b/modules/user/chn/default.nix index 6833ead0..c97dc306 100644 --- a/modules/user/chn/default.nix +++ b/modules/user/chn/default.nix @@ -86,135 +86,133 @@ inputs: pam.yubico.authorizedYubiKeys.ids = [ "cccccbgrhnub" ]; }; }; - environment.persistence = - let inherit (inputs.config.nixos.system) impermanence; - in inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker" && impermanence.enable) + environment.persistence = inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker") + { + # TODO: make copy or soft link of files + "/nix/persistent".users.chn = { - # TODO: make copy or soft link of files - "${impermanence.persistence}".users.chn = - { - directories = builtins.map - (dir: { directory = dir.dir or dir; user = "chn"; group = "chn"; mode = dir.mode or "0755"; }) - [ - # common things - "bin" "Desktop" "Documents" "Downloads" "Music" "Pictures" "repo" "share" "Public" "Videos" - ".config" ".local/share" - # # gnome - # { dir = ".config/dconf"; mode = "0700"; } ".config/gtk-2.0" ".config/gtk-3.0" ".config/gtk-4.0" - # ".config/libaccounts-glib" - # # android - # { dir = ".android"; mode = "0750";} - # xmuvpn - ".ecdata" - # firefox - { dir = ".mozilla/firefox/default"; mode = "0700"; } - # ssh - { dir = ".ssh"; mode = "0700"; } - # steam - ".steam" # ".local/share/Steam" - # vscode - ".vscode" # ".config/Code" ".config/grammarly-languageserver" - # zotero - ".zotero" "Zotero" - # 百度网盘 - # ".config/BaiduPCS-Go" - # # bitwarden - # ".config/Bitwarden" - # # blender - # ".config/blender" - # # chromium - # ".config/chromium" - # # crow-translate - # ".config/crow-translate" - # # discord - # ".config/discord" - # # element - # ".config/Element" - # # fcitx - # ".config/fcitx5" ".local/share/fcitx5" - # # github - # ".config/gh" - # # gimp - # ".config/GIMP" - # # chrome - # ".config/google-chrome" - # # inkscape - # ".config/inkscape" - # # jetbrain - # ".config/JetBrains" ".local/share/JetBrains" - # # kde - # ".config/akonadi" ".config/KDE" ".config/kde.org" ".config/kdeconnect" ".config/kdedefaults" - # ".config/Kvantum" - # ".local/share/akonadi" ".local/share/akonadi-davgroupware" - # ".local/share/kactivitymanagerd" ".local/share/kwalletd" ".local/share/plasma" - # ".local/share/plasma-systemmonitor" ".local/share/plasma_notes" - # # libreoffice - # ".config/libreoffice" - # # mathematica - # ".config/mathematica" - # # netease-cloud-music-gtk - # ".config/netease-cloud-music" ".local/share/netease-cloud-music-gtk4" - # # nheko - # ".config/nheko" ".local/share/nheko" - # # ovito - # ".config/Ovito" - # # qbittorrent - # ".config/qBittorrent" ".local/share/qBittorrent" - # # remmina - # ".config/remmina" ".local/share/remmina" - # # slack - # ".config/Slack" - # # spotify - # ".config/spotify" - # # systemd TODO: use declarative - # ".config/systemd/user" - # # typora - # ".config/Typora" - # # xsettingsd - # ".config/xsettingsd" - # # yesplaymusic - # ".config/yesplaymusic" - # # genshin - # ".local/share/anime-game-launcher" - # # applications - # ".local/share/applications" ".local/share/desktop-directories" - # # theme TODO: remove them - # ".local/share/color-schemes" ".local/share/icons" ".local/share/wallpapers" - # # dbeaver - # ".local/share/DbeaverData" - # # docker - # ".local/share/docker" - # # fonts TODO: use declarative - # ".local/share/fonts" - # # gpg - # ".local/share/gnupg" - # # TODO: what is this? - # ".local/share/mime" - # # telegram - # ".local/share/TelegramDesktop" - # # trash - # ".local/share/Trash" - # # waydroid - # ".local/share/waydroid" - # # zsh - # ".local/share/zsh" - ]; - # TODO: create file if not exist - # files = builtins.map - # (file: { inherit file; parentDirectory = { user = "chn"; group = "chn"; mode = "0755"; }; }) - # [ - # # kde - # ".config/kactivitymanagerdrc" ".config/plasma-org.kde.plasma.desktop-appletsrc" - # ".config/kactivitymanagerd-switcher" ".config/kactivitymanagerd-statsrc" - # ".config/kactivitymanagerd-pluginsrc" - # ".config/plasmarc" ".config/plasmashellrc" ".config/kwinrc" ".config/krunnerrc" - # ".config/kdeglobals" ".config/kglobalshortcutsrc" ".config/kio_fishrc" ".config/kiorc" - # ".config/kleopatrarc" ".config/kmail2rc" ".config/kmailsearchindexingrc" ".config/kscreenlockerrc" - # ".config/user-dirs.dirs" ".config/yakuakerc" - # # age TODO: use sops to storage - # ".config/sops/age/keys.txt" - # ]; - }; + directories = builtins.map + (dir: { directory = dir.dir or dir; user = "chn"; group = "chn"; mode = dir.mode or "0755"; }) + [ + # common things + "bin" "Desktop" "Documents" "Downloads" "Music" "Pictures" "repo" "share" "Public" "Videos" + ".config" ".local/share" + # # gnome + # { dir = ".config/dconf"; mode = "0700"; } ".config/gtk-2.0" ".config/gtk-3.0" ".config/gtk-4.0" + # ".config/libaccounts-glib" + # # android + # { dir = ".android"; mode = "0750";} + # xmuvpn + ".ecdata" + # firefox + { dir = ".mozilla/firefox/default"; mode = "0700"; } + # ssh + { dir = ".ssh"; mode = "0700"; } + # steam + ".steam" # ".local/share/Steam" + # vscode + ".vscode" # ".config/Code" ".config/grammarly-languageserver" + # zotero + ".zotero" "Zotero" + # 百度网盘 + # ".config/BaiduPCS-Go" + # # bitwarden + # ".config/Bitwarden" + # # blender + # ".config/blender" + # # chromium + # ".config/chromium" + # # crow-translate + # ".config/crow-translate" + # # discord + # ".config/discord" + # # element + # ".config/Element" + # # fcitx + # ".config/fcitx5" ".local/share/fcitx5" + # # github + # ".config/gh" + # # gimp + # ".config/GIMP" + # # chrome + # ".config/google-chrome" + # # inkscape + # ".config/inkscape" + # # jetbrain + # ".config/JetBrains" ".local/share/JetBrains" + # # kde + # ".config/akonadi" ".config/KDE" ".config/kde.org" ".config/kdeconnect" ".config/kdedefaults" + # ".config/Kvantum" + # ".local/share/akonadi" ".local/share/akonadi-davgroupware" + # ".local/share/kactivitymanagerd" ".local/share/kwalletd" ".local/share/plasma" + # ".local/share/plasma-systemmonitor" ".local/share/plasma_notes" + # # libreoffice + # ".config/libreoffice" + # # mathematica + # ".config/mathematica" + # # netease-cloud-music-gtk + # ".config/netease-cloud-music" ".local/share/netease-cloud-music-gtk4" + # # nheko + # ".config/nheko" ".local/share/nheko" + # # ovito + # ".config/Ovito" + # # qbittorrent + # ".config/qBittorrent" ".local/share/qBittorrent" + # # remmina + # ".config/remmina" ".local/share/remmina" + # # slack + # ".config/Slack" + # # spotify + # ".config/spotify" + # # systemd TODO: use declarative + # ".config/systemd/user" + # # typora + # ".config/Typora" + # # xsettingsd + # ".config/xsettingsd" + # # yesplaymusic + # ".config/yesplaymusic" + # # genshin + # ".local/share/anime-game-launcher" + # # applications + # ".local/share/applications" ".local/share/desktop-directories" + # # theme TODO: remove them + # ".local/share/color-schemes" ".local/share/icons" ".local/share/wallpapers" + # # dbeaver + # ".local/share/DbeaverData" + # # docker + # ".local/share/docker" + # # fonts TODO: use declarative + # ".local/share/fonts" + # # gpg + # ".local/share/gnupg" + # # TODO: what is this? + # ".local/share/mime" + # # telegram + # ".local/share/TelegramDesktop" + # # trash + # ".local/share/Trash" + # # waydroid + # ".local/share/waydroid" + # # zsh + # ".local/share/zsh" + ]; + # TODO: create file if not exist + # files = builtins.map + # (file: { inherit file; parentDirectory = { user = "chn"; group = "chn"; mode = "0755"; }; }) + # [ + # # kde + # ".config/kactivitymanagerdrc" ".config/plasma-org.kde.plasma.desktop-appletsrc" + # ".config/kactivitymanagerd-switcher" ".config/kactivitymanagerd-statsrc" + # ".config/kactivitymanagerd-pluginsrc" + # ".config/plasmarc" ".config/plasmashellrc" ".config/kwinrc" ".config/krunnerrc" + # ".config/kdeglobals" ".config/kglobalshortcutsrc" ".config/kio_fishrc" ".config/kiorc" + # ".config/kleopatrarc" ".config/kmail2rc" ".config/kmailsearchindexingrc" ".config/kscreenlockerrc" + # ".config/user-dirs.dirs" ".config/yakuakerc" + # # age TODO: use sops to storage + # ".config/sops/age/keys.txt" + # ]; }; + }; }; } diff --git a/modules/user/chn/plasma/autostart.nix b/modules/user/chn/plasma/autostart.nix index cb8ddb88..47628b48 100644 --- a/modules/user/chn/plasma/autostart.nix +++ b/modules/user/chn/plasma/autostart.nix @@ -65,11 +65,7 @@ inputs: value.source = programs.${file}.path; }) (devices.${inputs.config.nixos.model.hostname} or [])); - environment.persistence = - let impermanence = inputs.config.nixos.system.impermanence; - in inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker" && impermanence.enable) - { - "${impermanence.root}".users.chn.directories = [ ".config/autostart" ]; - }; + environment.persistence."/nix/rootfs/current".users.chn.directories = + inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker") [ ".config/autostart" ]; }; } diff --git a/modules/user/chn/plasma/konsole.nix b/modules/user/chn/plasma/konsole.nix index c99f519c..7a096f89 100644 --- a/modules/user/chn/plasma/konsole.nix +++ b/modules/user/chn/plasma/konsole.nix @@ -67,9 +67,8 @@ inputs: [ "Opacity=1" ] [ "Opacity=0.9\nBlur=true" ] (builtins.readFile "${inputs.pkgs.konsole}/share/konsole/Breeze.colorscheme"); }; - environment.persistence = - let impermanence = inputs.config.nixos.system.impermanence; - in inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker" && impermanence.enable) - { "${impermanence.root}".users.chn.directories = [ ".local/share/konsole" ".local/share/yakuake" ]; }; + environment.persistence."/nix/rootfs/current".users.chn.directories = + inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker") + [ ".local/share/konsole" ".local/share/yakuake" ]; }; } diff --git a/modules/user/default.nix b/modules/user/default.nix index 59343ad2..06db0676 100644 --- a/modules/user/default.nix +++ b/modules/user/default.nix @@ -88,7 +88,7 @@ inputs: home-manager.users = builtins.listToAttrs (builtins.map (name: { inherit name; value.imports = user.sharedModules; }) user.users); - environment.persistence."${inputs.config.nixos.system.impermanence.persistence}".directories = + environment.persistence."/nix/persistent".directories = inputs.lib.mkIf (inputs.config.nixos.model.cluster.nodeType or null != "worker") (builtins.map (user: { directory = "/home/${user}"; inherit user; group = user; mode = "0700"; }) (builtins.filter (user: user != "chn") user.users));