updated

2024-04-09 13:27:55 +02:00 · 2024-04-09 13:27:55 +02:00 · f3cda941e4
commit f3cda941e4
parent 3656d672c4
9 changed files with 102 additions and 20 deletions
--- a/README.md
+++ b/README.md
@ -2,7 +2,7 @@

 ## Start a NixOS setup with Impermanence

-1. Create the configuration with the template
+```txt
    `nix-shell -p git`
    `nix flake new nixos --template git+https://git.krsnik.at/Kristian/impermanence-talk#default --extra-experimental-features "nix-command flakes"`
    `cd nixos`
@ -10,10 +10,22 @@
    `[CHANGE SETTINGS]`
    `sudo disko --mode disko ./systems/disko.nix`
    `[ENTER PASSWORD FOR ENCRYPTION]`
-    `cd ..`
-    `sudo mv nixos /mnt/persist`
-    `cd nixos /mnt/persist/nixos`
-
    `sudo nixos-generate-config --no-filesystems --force --root /mnt --dir ./system`
    `sudo nixos-install --no-root-password --root /mnt --flake .#default`

+    To save the configuration
+    `cd ..`
+    `sudo mv nixos /mnt/persist/etc`
+    `cd /mnt/persist/etc/nixos`
+```
+
+## Get cleared files back
+
+```txt
+cd /tmp
+mkdir mnt
+sudo btrfs subvolume list /
+[NOTE the ID]
+sudo mount /dev/mapper/crypted -o subvolid=[ID] mnt/
+```
+
--- a/slides/.~lock.slides.pptx#
+++ b/slides/.~lock.slides.pptx#
@ -0,0 +1 @@
+,kristian,nixos,09.04.2024 09:22,file:///home/kristian/.config/libreoffice/4;
--- a/slides/schema.md
+++ b/slides/schema.md
@ -0,0 +1,69 @@
+```txt
+/nix            /                       /persist
+            +------------------------+
+  /store/x -|-> /var/x               |
+            |   /var/lib/bluetooth <-|-   /var/lib/bluetooth
+  /store/y -|-> /bin/y               |
+            |   /home/admin/.local <-|-   /home/admin/.local
+  /store/z -|-> /etc/z               |
+            +------------------------+
+```
+
+```nix
+{...}: {
+  boot.initrd.postDeviceCommands = lib.mkAfter ''
+    mkdir /btrfs_tmp
+    mount /dev/mapper/crypted /btrfs_tmp
+    if [[ -e /btrfs_tmp/root ]]; then
+        mkdir -p /btrfs_tmp/old_roots
+        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
+        mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    fi
+
+    delete_subvolume_recursively() {
+        IFS=$'\n'
+        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+            delete_subvolume_recursively "/btrfs_tmp/$i"
+        done
+        btrfs subvolume delete "$1"
+    }
+
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+        delete_subvolume_recursively "$i"
+    done
+
+    btrfs subvolume create /btrfs_tmp/root
+    umount /btrfs_tmp
+  '';
+}
+```
+
+```nix
+{
+  inputs = {
+    impermanence = {
+      url = "github:nix-community/impermanence";
+    };
+  };
+
+  outputs = {self, ...} @ inputs: let
+    system = "x86_64-linux";
+    pkgs = inputs.nixpkgs.legacyPackages.${system};
+  in {
+    nixosConfigurations = {
+      default = inputs.nixpkgs.lib.nixosSystem {
+        inherit system;
+
+        modules = [
+          inputs.impermanence.nixosModules.impermanence
+          ...
+        ];
+      };
+    };
+  }
+}
+```
+
+```txt
+
+```
--- a/slides/slides.pptx
+++ b/slides/slides.pptx
--- a/template/system/custom/default.nix
+++ b/template/system/custom/default.nix
@ -3,7 +3,7 @@
  lib,
  ...
 }: {
-  networking.hostName = "example";
+  networking.hostName = "nixos";
  networking.firewall.enable = true;
  networking.firewall.allowPing = false;

@ -26,13 +26,16 @@
  users = {
    mutableUsers = false; # Disallow creation of new users and groups

-    users."admin" = {
-      password = "changeme"; # TODO: Maybe put a throw here.
+    users."demo" = {
+      password = "demo"; # TODO: Maybe put a throw here.
      isNormalUser = true;
      extraGroups = ["wheel"];
    };
  };

+  services.getty.autoLogin = "demo";
+  console.keyMap = "de";
+
  time.timeZone = "Europe/Vienna";

  i18n.defaultLocale = "en_US.UTF-8";
--- a/template/custom/default.nix
+++ b/template/custom/default.nix
@ -0,0 +1,5 @@
+{...}: {
+  imports = [
+    ./basic.nix
+  ];
+}
--- a/template/flake.nix
+++ b/template/flake.nix
@ -21,20 +21,15 @@
    pkgs = inputs.nixpkgs.legacyPackages.${system};
  in {
    nixosConfigurations = {
-      default = inputs.nixpkgs.lib.nixosSystem {
+      nixos = inputs.nixpkgs.lib.nixosSystem {
        inherit system;

        modules = [
          inputs.disko.nixosModules.default
-          # {
-          #   imports = [
-          #     (import ./system/disko.nix {})
-          #   ];
-          # }
-
          inputs.impermanence.nixosModules.impermanence

          ./system
+          ./custom
        ];
      };
    };
--- a/template/system/default.nix
+++ b/template/system/default.nix
@ -4,8 +4,5 @@
    (import ./disko.nix {})
    ./impermanence.nix
    ./configuration.nix
-
-    # Your custom configuration
-    ./custom
  ];
 }
--- a/template/system/impermanence.nix
+++ b/template/system/impermanence.nix
@ -30,7 +30,7 @@
    directories = [
      {
        directory = "/etc/nixos";
-        user = "admin";
+        user = "demo";
        mode = "u=rwx,g=rx,o=rx";
      }
      "/var/log"
@ -47,7 +47,7 @@
      }
    ];

-    users."admin" = {
+    users."demo" = {
      directories = [
        "this-will-persist"
      ];
				`@ -0,0 +1 @@`
				`,kristian,nixos,09.04.2024 09:22,file:///home/kristian/.config/libreoffice/4;`