diff --git a/README.md b/README.md index b3bee88..767e272 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ## Start a NixOS setup with Impermanence -1. Create the configuration with the template +```txt `nix-shell -p git` `nix flake new nixos --template git+https://git.krsnik.at/Kristian/impermanence-talk#default --extra-experimental-features "nix-command flakes"` `cd nixos` @@ -10,10 +10,22 @@ `[CHANGE SETTINGS]` `sudo disko --mode disko ./systems/disko.nix` `[ENTER PASSWORD FOR ENCRYPTION]` - `cd ..` - `sudo mv nixos /mnt/persist` - `cd nixos /mnt/persist/nixos` - `sudo nixos-generate-config --no-filesystems --force --root /mnt --dir ./system` `sudo nixos-install --no-root-password --root /mnt --flake .#default` + To save the configuration + `cd ..` + `sudo mv nixos /mnt/persist/etc` + `cd /mnt/persist/etc/nixos` +``` + +## Get cleared files back + +```txt +cd /tmp +mkdir mnt +sudo btrfs subvolume list / +[NOTE the ID] +sudo mount /dev/mapper/crypted -o subvolid=[ID] mnt/ +``` + diff --git a/slides/.~lock.slides.pptx# b/slides/.~lock.slides.pptx# new file mode 100644 index 0000000..917fd31 --- /dev/null +++ b/slides/.~lock.slides.pptx# @@ -0,0 +1 @@ +,kristian,nixos,09.04.2024 09:22,file:///home/kristian/.config/libreoffice/4; \ No newline at end of file diff --git a/slides/schema.md b/slides/schema.md new file mode 100644 index 0000000..ea25854 --- /dev/null +++ b/slides/schema.md @@ -0,0 +1,69 @@ +```txt +/nix / /persist + +------------------------+ + /store/x -|-> /var/x | + | /var/lib/bluetooth <-|- /var/lib/bluetooth + /store/y -|-> /bin/y | + | /home/admin/.local <-|- /home/admin/.local + /store/z -|-> /etc/z | + +------------------------+ +``` + +```nix +{...}: { + boot.initrd.postDeviceCommands = lib.mkAfter '' + mkdir /btrfs_tmp + mount /dev/mapper/crypted /btrfs_tmp + if [[ -e /btrfs_tmp/root ]]; then + mkdir -p /btrfs_tmp/old_roots + timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S") + mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp" + fi + + delete_subvolume_recursively() { + IFS=$'\n' + for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do + delete_subvolume_recursively "/btrfs_tmp/$i" + done + btrfs subvolume delete "$1" + } + + for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do + delete_subvolume_recursively "$i" + done + + btrfs subvolume create /btrfs_tmp/root + umount /btrfs_tmp + ''; +} +``` + +```nix +{ + inputs = { + impermanence = { + url = "github:nix-community/impermanence"; + }; + }; + + outputs = {self, ...} @ inputs: let + system = "x86_64-linux"; + pkgs = inputs.nixpkgs.legacyPackages.${system}; + in { + nixosConfigurations = { + default = inputs.nixpkgs.lib.nixosSystem { + inherit system; + + modules = [ + inputs.impermanence.nixosModules.impermanence + ... + ]; + }; + }; + } +} +``` + +```txt + +``` diff --git a/slides/slides.pptx b/slides/slides.pptx new file mode 100644 index 0000000..a1691a8 Binary files /dev/null and b/slides/slides.pptx differ diff --git a/template/system/custom/default.nix b/template/custom/basic.nix similarity index 85% rename from template/system/custom/default.nix rename to template/custom/basic.nix index bb2a37f..ed92fd0 100644 --- a/template/system/custom/default.nix +++ b/template/custom/basic.nix @@ -3,7 +3,7 @@ lib, ... }: { - networking.hostName = "example"; + networking.hostName = "nixos"; networking.firewall.enable = true; networking.firewall.allowPing = false; @@ -26,13 +26,16 @@ users = { mutableUsers = false; # Disallow creation of new users and groups - users."admin" = { - password = "changeme"; # TODO: Maybe put a throw here. + users."demo" = { + password = "demo"; # TODO: Maybe put a throw here. isNormalUser = true; extraGroups = ["wheel"]; }; }; + services.getty.autoLogin = "demo"; + console.keyMap = "de"; + time.timeZone = "Europe/Vienna"; i18n.defaultLocale = "en_US.UTF-8"; diff --git a/template/custom/default.nix b/template/custom/default.nix new file mode 100644 index 0000000..fb9dd06 --- /dev/null +++ b/template/custom/default.nix @@ -0,0 +1,5 @@ +{...}: { + imports = [ + ./basic.nix + ]; +} diff --git a/template/flake.nix b/template/flake.nix index 86d3213..90df957 100644 --- a/template/flake.nix +++ b/template/flake.nix @@ -21,20 +21,15 @@ pkgs = inputs.nixpkgs.legacyPackages.${system}; in { nixosConfigurations = { - default = inputs.nixpkgs.lib.nixosSystem { + nixos = inputs.nixpkgs.lib.nixosSystem { inherit system; modules = [ inputs.disko.nixosModules.default - # { - # imports = [ - # (import ./system/disko.nix {}) - # ]; - # } - inputs.impermanence.nixosModules.impermanence ./system + ./custom ]; }; }; diff --git a/template/system/default.nix b/template/system/default.nix index ef1ceb2..aea4758 100644 --- a/template/system/default.nix +++ b/template/system/default.nix @@ -4,8 +4,5 @@ (import ./disko.nix {}) ./impermanence.nix ./configuration.nix - - # Your custom configuration - ./custom ]; } diff --git a/template/system/impermanence.nix b/template/system/impermanence.nix index eb28acd..38a9184 100644 --- a/template/system/impermanence.nix +++ b/template/system/impermanence.nix @@ -30,7 +30,7 @@ directories = [ { directory = "/etc/nixos"; - user = "admin"; + user = "demo"; mode = "u=rwx,g=rx,o=rx"; } "/var/log" @@ -47,7 +47,7 @@ } ]; - users."admin" = { + users."demo" = { directories = [ "this-will-persist" ];