46 lines
1.1 KiB
Nix
46 lines
1.1 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: {
|
|
imports = [./users.nix];
|
|
# to allow all users to access hm managed persistent folders
|
|
programs.fuse.userAllowOther = true;
|
|
fileSystems."/state".neededForBoot = true;
|
|
environment.persistence."/state" = {
|
|
hideMounts = true;
|
|
|
|
files = [
|
|
"/etc/machine-id"
|
|
"/etc/ssh/ssh_host_ed25519_key"
|
|
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
];
|
|
directories =
|
|
[
|
|
"/var/log"
|
|
"/var/lib/systemd"
|
|
"/var/lib/nixos"
|
|
{
|
|
directory = "/var/tmp/agenix-rekey";
|
|
mode = "0777";
|
|
}
|
|
]
|
|
++ lib.lists.optionals config.hardware.bluetooth.enable [
|
|
"/var/lib/bluetooth"
|
|
];
|
|
};
|
|
|
|
# After importing the rpool, rollback the root system to be empty.
|
|
boot.initrd.systemd.services.impermanence-root = {
|
|
wantedBy = ["initrd.target"];
|
|
after = ["zfs-import-rpool.service"];
|
|
before = ["sysroot.mount"];
|
|
unitConfig.DefaultDependencies = "no";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
ExecStart = "${pkgs.zfs}/bin/zfs rollback -r rpool/local/root@blank";
|
|
};
|
|
};
|
|
}
|