{ config, lib, ... }:
{
# A setup which would clean root subvolume between boots remove automatically removed roots that
# are older than one day:
#
# Source: https://github.com/nix-community/impermanence
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/mapper/luksroot /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +1); do
delete_subvolume_recursively "$i"
done
echo 1 | tee /btrfs_tmp/root/sys/class/leds/asus\:\:kbd_backlight/brightness
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
rm -r /btrfs_tmp
'';
age.identityPaths = map (v: "/persistent/system/etc/ssh/${v}") [
"ssh_host_rsa_key"
"ssh_host_ed25519_key"
];
environment.persistence = {
"/persistent/system" = {
hideMounts = true;
directories = [
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
};
"/persistent/docker" = lib.mkIf config.virtualisation.docker.enable {
hideMounts = true;
directories = map (v: "/var/lib/docker/${v}") [
"containers"
"volumes"
"image"
"overlay2"
"network"
];
files = [ "/var/lib/docker/engine-id" ];
};
"/presistent/ollama" = lib.mkIf config.services.ollama.enable {
hideMounts = true;
directories = [
"/var/lib/private/ollama"
];
};
};
}