Jan/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Moved to systemd for initrd, added integration for vmWithDisko

Browse Source
This commit is contained in:
Jan-Bulthuis 2025-06-11 11:58:54 +02:00
parent 3c20190709
commit affa333969
7 changed files with 26 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/vm-oddjob/configuration.nix
View File

@ -40,7 +40,7 @@
requiredBy = [ "mnt-nas.mount" ]; requiredBy = [ "mnt-nas.mount" ];
after = [ "network-online.target" ]; after = [ "network-online.target" ];
requires = [ "network-online.target" ]; requires = [ "network-online.target" ];
serviceConfig.type = "oneshot"; serviceConfig.Type = "oneshot";
script = '' script = ''
. ${config.sops.secrets."smb-credentials".path} . ${config.sops.secrets."smb-credentials".path}
echo $password | ${pkgs.krb5}/bin/kinit $username echo $password | ${pkgs.krb5}/bin/kinit $username

3
modules/nixos/bootloader.nix
View File

@ -16,5 +16,8 @@ in
systemd-boot.editor = false; systemd-boot.editor = false;
efi.canTouchEfiVariables = true; efi.canTouchEfiVariables = true;
}; };
# Initrd
boot.initrd.systemd.enable = true;
}; };
} }

4
modules/nixos/disko.nix
View File

@ -20,5 +20,7 @@ in
}; };
}; };
config = mkIf cfg.enable { disko.devices = profile.disko.devices; }; config = mkIf cfg.enable {
disko.devices = profile.disko.devices;
};
} }

2
modules/nixos/domain.nix
View File

@ -47,7 +47,7 @@ in
"network-online.target" "network-online.target"
]; ];
serviceConfig = { serviceConfig = {
type = "oneshot"; Type = "oneshot";
}; };
script = '' script = ''
ADCLI_JOIN_USER=$(cat ${cfg.join.userFile}) ADCLI_JOIN_USER=$(cat ${cfg.join.userFile})

18
modules/nixos/impermanence.nix
View File

@ -24,18 +24,32 @@ in
resetScript = mkOption { resetScript = mkOption {
type = types.lines; type = types.lines;
description = '' description = ''
Script to run on boot that resets the root partition. Script to run in order to reset the system to a clean state.
''; '';
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Filesystem setup
fileSystems."/persist".neededForBoot = true; fileSystems."/persist".neededForBoot = true;
boot.initrd.postResumeCommands = mkAfter cfg.resetScript; # boot.initrd.postResumeCommands = mkAfter cfg.resetScript;
# TODO: Reduce dependency on the root filesystem being ZFS?
boot.initrd.systemd.services.impermanence-rollback = {
description = "Rollback filesystem to clean state.";
wantedBy = [ "initrd.target" ];
after = [ "zfs-import.target" ];
before = [ "sysroot.mount" ];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = cfg.resetScript;
};
# For home-manager persistence # For home-manager persistence
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
# For testing purposes with VM
virtualisation.vmVariantWithDisko.virtualisation.fileSystems."/persist".neededForBoot = true;
environment.persistence."/persist/system" = { environment.persistence."/persist/system" = {
enable = true; enable = true;
hideMounts = true; hideMounts = true;

1
modules/nixos/secrets.nix
View File

@ -39,5 +39,6 @@ in
]; ];
sops.secrets = cfg.secrets; sops.secrets = cfg.secrets;
modules.impermanence.directories = [ "/etc/sops" ]; modules.impermanence.directories = [ "/etc/sops" ];
virtualisation.vmVariantWithDisko.sops.age.sshKeyPaths = [ "/tmp/shared/sops_ed25519_key" ];
}; };
} }

1
profiles/disko/vm.nix
View File

@ -4,6 +4,7 @@
main = { main = {
type = "disk"; type = "disk";
device = "/dev/sda"; device = "/dev/sda";
imageSize = "32G"; # For test VMs
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {