Kristian/impermanence-talk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated

Browse Source
This commit is contained in:
Kristian Krsnik 2024-04-09 13:27:55 +02:00
parent 3656d672c4
commit f3cda941e4
Signed by: Kristian
GPG Key ID: FD1330AC9F909E85
9 changed files with 102 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@ -2,7 +2,7 @@
## Start a NixOS setup with Impermanence ## Start a NixOS setup with Impermanence
1. Create the configuration with the template ```txt
`nix-shell -p git` `nix-shell -p git`
`nix flake new nixos --template git+https://git.krsnik.at/Kristian/impermanence-talk#default --extra-experimental-features "nix-command flakes"` `nix flake new nixos --template git+https://git.krsnik.at/Kristian/impermanence-talk#default --extra-experimental-features "nix-command flakes"`
`cd nixos` `cd nixos`
@ -10,10 +10,22 @@
`[CHANGE SETTINGS]` `[CHANGE SETTINGS]`
`sudo disko --mode disko ./systems/disko.nix` `sudo disko --mode disko ./systems/disko.nix`
`[ENTER PASSWORD FOR ENCRYPTION]` `[ENTER PASSWORD FOR ENCRYPTION]`
`cd ..`
`sudo mv nixos /mnt/persist`
`cd nixos /mnt/persist/nixos`
`sudo nixos-generate-config --no-filesystems --force --root /mnt --dir ./system` `sudo nixos-generate-config --no-filesystems --force --root /mnt --dir ./system`
`sudo nixos-install --no-root-password --root /mnt --flake .#default` `sudo nixos-install --no-root-password --root /mnt --flake .#default`
To save the configuration
`cd ..`
`sudo mv nixos /mnt/persist/etc`
`cd /mnt/persist/etc/nixos`
```
## Get cleared files back
```txt
cd /tmp
mkdir mnt
sudo btrfs subvolume list /
[NOTE the ID]
sudo mount /dev/mapper/crypted -o subvolid=[ID] mnt/
```

1
slides/.~lock.slides.pptx# Normal file
View File

@ -0,0 +1 @@
,kristian,nixos,09.04.2024 09:22,file:///home/kristian/.config/libreoffice/4;

69
slides/schema.md Normal file
View File

@ -0,0 +1,69 @@
```txt
/nix / /persist
+------------------------+
/store/x -|-> /var/x |
| /var/lib/bluetooth <-|- /var/lib/bluetooth
/store/y -|-> /bin/y |
| /home/admin/.local <-|- /home/admin/.local
/store/z -|-> /etc/z |
+------------------------+
```
```nix
{...}: {
boot.initrd.postDeviceCommands = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/mapper/crypted /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
}
```
```nix
{
inputs = {
impermanence = {
url = "github:nix-community/impermanence";
};
};
outputs = {self, ...} @ inputs: let
system = "x86_64-linux";
pkgs = inputs.nixpkgs.legacyPackages.${system};
in {
nixosConfigurations = {
default = inputs.nixpkgs.lib.nixosSystem {
inherit system;
modules = [
inputs.impermanence.nixosModules.impermanence
...
];
};
};
}
}
```
```txt
```

BIN
slides/slides.pptx Normal file
View File

Binary file not shown.

9
template/system/custom/default.nix → template/custom/basic.nix
View File

@ -3,7 +3,7 @@
lib, lib,
... ...
}: { }: {
networking.hostName = "example"; networking.hostName = "nixos";
networking.firewall.enable = true; networking.firewall.enable = true;
networking.firewall.allowPing = false; networking.firewall.allowPing = false;
@ -26,13 +26,16 @@
users = { users = {
mutableUsers = false; # Disallow creation of new users and groups mutableUsers = false; # Disallow creation of new users and groups
users."admin" = { users."demo" = {
password = "changeme"; # TODO: Maybe put a throw here. password = "demo"; # TODO: Maybe put a throw here.
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel"]; extraGroups = ["wheel"];
}; };
}; };
services.getty.autoLogin = "demo";
console.keyMap = "de";
time.timeZone = "Europe/Vienna"; time.timeZone = "Europe/Vienna";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";

5
template/custom/default.nix Normal file
View File

@ -0,0 +1,5 @@
{...}: {
imports = [
./basic.nix
];
}

9
template/flake.nix
View File

@ -21,20 +21,15 @@
pkgs = inputs.nixpkgs.legacyPackages.${system}; pkgs = inputs.nixpkgs.legacyPackages.${system};
in { in {
nixosConfigurations = { nixosConfigurations = {
default = inputs.nixpkgs.lib.nixosSystem { nixos = inputs.nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
inputs.disko.nixosModules.default inputs.disko.nixosModules.default
# {
# imports = [
# (import ./system/disko.nix {})
# ];
# }
inputs.impermanence.nixosModules.impermanence inputs.impermanence.nixosModules.impermanence
./system ./system
./custom
]; ];
}; };
}; };

3
template/system/default.nix
View File

@ -4,8 +4,5 @@
(import ./disko.nix {}) (import ./disko.nix {})
./impermanence.nix ./impermanence.nix
./configuration.nix ./configuration.nix
# Your custom configuration
./custom
]; ];
} }

4
template/system/impermanence.nix
View File

@ -30,7 +30,7 @@
directories = [ directories = [
{ {
directory = "/etc/nixos"; directory = "/etc/nixos";
user = "admin"; user = "demo";
mode = "u=rwx,g=rx,o=rx"; mode = "u=rwx,g=rx,o=rx";
} }
"/var/log" "/var/log"
@ -47,7 +47,7 @@
} }
]; ];
users."admin" = { users."demo" = {
directories = [ directories = [
"this-will-persist" "this-will-persist"
]; ];