Impermanence: Difference between revisions

(15 intermediate revisions by 7 users not shown)

Line 1:

{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}

{{warning|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}

Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.

Example <code>~~hardwareconfiguration~~.nix</code> settings:

Example <code>hardware-configuration.nix</code> settings:

fileSystems."/" =

Line 28:

Line 31:

Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.

Put in <code>configuration.nix</code>:

Line 39:

Line 43:

imports = [ "${impermanence}/nixos.nix" ];

~~# this folder is where the files will be stored (don't put it in tmpfs)~~

environment.persistence."/nix/persist/system" = {

hideMounts = true;

directories = [

~~"/etc/nixos" # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos~~

~~"/etc/NetworkManager"~~

"/var/log"

"/var/lib"

"/var/lib/bluetooth"

"/var/lib/nixos"

"/var/lib/systemd/coredump"

"/var/lib/systemd/timers"

"/etc/NetworkManager/system-connections"

{ directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }

];

files = [

# "/etc/machine-id"

"/etc/machine-id"

"/etc/nix/id_rsa"

{ file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }

];

};

}

</syntaxhighlight>

=== Home Managing ===

Line 70:

Line 75:

{ config, pkgs, ... }:

let

home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-21.11.tar.gz";

home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz";

impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz";

in

Line 121:

Line 126:

allowOther = true;

directories = [

".config/gtk-3.0" # fuse mounted to /~~home~~/~~$USERNAME~~/.config/gtk-3.0

".config/gtk-3.0" # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0

".config/gtk-4.0"

".config/gtk-4.0" # to /home/$USERNAME/.config/gtk-3.0

".config/KDE"

".config/kde.org"

Line 207:

Line 212:

}

</syntaxhighlight>

=== Troubleshooting ===

==== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ====

This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11). See https://github.com/nix-community/impermanence/issues/95.

Line 213:

Line 224:

[https://grahamc.com/blog/erase-your-darlings https://grahamc.com/blog/erase-your-darlings] - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.

https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.

[[Category:Configuration]]

[[Category:NixOS]]

@@ Line 1: / Line 1: @@
+{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}
+{{warning|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}
 Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.
-Example <code>hardwareconfiguration.nix</code> settings:
+Example <code>hardware-configuration.nix</code> settings:
 <syntaxhighlight lang="nix">
    fileSystems."/" =
@@ Line 28: / Line 31: @@
 Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.
 Put in <code>configuration.nix</code>:
@@ Line 39: / Line 43: @@
    imports = [ "${impermanence}/nixos.nix" ];
-  # this folder is where the files will be stored (don't put it in tmpfs)
+   environment.persistence."/nix/persist/system" = {
-   environment.persistence."/nix/persist/system" = {
+    hideMounts = true;
      directories = [
-      "/etc/nixos"    # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
-      "/etc/NetworkManager"
        "/var/log"
-       "/var/lib"
+       "/var/lib/bluetooth"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      "/var/lib/systemd/timers"
+      "/etc/NetworkManager/system-connections"
+      { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
      ];
      files = [
-#      "/etc/machine-id"
+      "/etc/machine-id"
-       "/etc/nix/id_rsa"
+       { file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
      ];
    };
 }
 </syntaxhighlight>
 === Home Managing ===
@@ Line 70: / Line 75: @@
 { config, pkgs, ... }:
 let
-   home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-21.11.tar.gz";
+   home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz";
    impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz";
 in
@@ Line 121: / Line 126: @@
        allowOther = true;
        directories = [
-         ".config/gtk-3.0"   # fuse mounted to /home/$USERNAME/.config/gtk-3.0
+         ".config/gtk-3.0"   # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0
-         ".config/gtk-4.0"
+         ".config/gtk-4.0"     # to /home/$USERNAME/.config/gtk-3.0
          ".config/KDE"
          ".config/kde.org"
@@ Line 207: / Line 212: @@
 }
 </syntaxhighlight>
+=== Troubleshooting ===
+==== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ====
+This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11). See https://github.com/nix-community/impermanence/issues/95.
@@ Line 213: / Line 224: @@
 [https://grahamc.com/blog/erase-your-darlings https://grahamc.com/blog/erase-your-darlings] - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.
+https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.
+[[Category:Configuration]]
+[[Category:NixOS]]