Impermanence: Difference between revisions

imported>Klaymore
Better Home Manager explanation about mounting folders into your home. Fixed Firefox dotfile comment
Malix (talk | contribs)
m Example: comment placement
 
(18 intermediate revisions by 9 users not shown)
Line 1: Line 1:
Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.
{{Outdated|reason=Examples are not using best practices, nor mentioning and flakes|scope=article}}


Example <code>hardwareconfiguration.nix</code> settings:
Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /).
<syntaxhighlight lang="nix">
 
   fileSystems."/" =
Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}{{Info|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}
     { device = "none";
 
      fsType = "tmpfs";
== Example ==
      options = [ "size=3G" "mode=755" ]; # mode=755 so only root can write to those files
{{File|3={
     };
   fileSystems."/" = {
   fileSystems."/home/username" =
     device = "none";
     { device = "none";
    fsType = "tmpfs";
      fsType = "tmpfs"; # Can be stored on normal drive or on tmpfs as well
    options = [
      options = [ "size=4G" "mode=777" ];  
      "size=3G"
    };
      "mode=755" # only root can write to those files
   fileSystems."/nix" = # can be LUKS encrypted
     ];
     { device = "/dev/disk/by-uuid/UUID";
  };
   fileSystems."/home/username" = {
     device = "none";
    fsType = "tmpfs"; # can be stored on normal drive or on tmpfs as well
    options = [
      "size=4G"
      "mode=777"
    ];
  };
   fileSystems."/nix" = # can be LUKS encrypted
     {
      device = "/dev/disk/by-uuid/UUID";
       fsType = "ext4";
       fsType = "ext4";
     };
     };
   fileSystems."/boot" =
   fileSystems."/boot" = {
     { device = "/dev/disk/by-uuid/UUID";
     device = "/dev/disk/by-uuid/UUID";
      fsType = "vfat";
    fsType = "vfat";
    };
  };
   # Can mount any other partitions as well
   # Can mount any other partitions as well
</syntaxhighlight>
}|name=/etc/nixos/hardware-configuration.nix|lang=nix}}
 
 
=== Persisting ===


== Persistence ==
Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.
Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.


Put in <code>configuration.nix</code>:
=== Example ===
<syntaxhighlight lang="nix">
{{File|3={ config, pkgs, ... }:
{ config, pkgs, ... }:


let
let
Line 39: Line 47:
   imports = [ "${impermanence}/nixos.nix" ];
   imports = [ "${impermanence}/nixos.nix" ];


  # this folder is where the files will be stored (don't put it in tmpfs)
   environment.persistence."/nix/persist/system" = {
   environment.persistence."/nix/persist/system" = {  
    hideMounts = true;
     directories = [
     directories = [
      "/etc/nixos"    # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
      "/etc/NetworkManager"
       "/var/log"
       "/var/log"
       "/var/lib"
       "/var/lib/bluetooth"
      "/var/lib/nixos"
      "/var/lib/systemd/coredump"
      "/var/lib/systemd/timers"
      "/etc/NetworkManager/system-connections"
      {
        directory = "/var/lib/colord";
        user = "colord";
        group = "colord";
        mode = "u=rwx,g=rx,o=";
      }
     ];
     ];
     files = [
     files = [
#      "/etc/machine-id"
      "/etc/machine-id"
       "/etc/nix/id_rsa"
       {
        file = "/etc/nix/id_rsa";
        parentDirectory = {
          mode = "u=rwx,g=,o=";
        };
      }
     ];
     ];
   };
   };
}|name=/etc/nixos/configuration.nix|lang=nix}}


}
== Home Managing ==
</syntaxhighlight>
 
 
=== Home Managing ===
You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root.
You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root.


For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] like normal. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.
For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] as usual. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.
 
 
{{Note|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}


{{Warning|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}


Put in <code>configuration.nix</code>:
=== Example ===
<syntaxhighlight lang="nix">
{{File|3={ config, pkgs, ... }:
{ config, pkgs, ... }:
let
let
   home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-21.11.tar.gz";
   home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz";
   impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz";
   impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz";
in
in
Line 78: Line 93:
   ];
   ];


  # might not be needed
   programs.fuse.userAllowOther = true; # might not be needed
   programs.fuse.userAllowOther = true;


   # Home Manager config goes in here
   # Home Manager config goes in here
Line 89: Line 103:
       home-manager.enable = true;
       home-manager.enable = true;


       git = {  # can use home-manager normally as well as with persistence
       # can use home-manager normally as well as with persistence
      git = {
         enable = true;
         enable = true;
         userName = "Example";
         userName = "Example";
         userEmail = "Example@example.com";
         userEmail = "Example@example.com";
       };
       };
Line 97: Line 112:


     home.persistence."/nix/dotfiles" = {
     home.persistence."/nix/dotfiles" = {
       removePrefixDirectory = true;   # for GNU Stow styled dotfile folders
       removePrefixDirectory = true; # for GNU Stow styled dotfile folders
       allowOther = true;
       allowOther = true;
       directories = [
       directories = [
         "Atom/.atom/atom-discord"  
         "Atom/.atom/atom-discord"
         "Atom/.atom/packages"
         "Atom/.atom/packages"
        "Firefox/.mozilla"  # bind mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla
         "Clementine/.config/Clementine"
         "Clementine/.config/Clementine"
        "Firefox/.mozilla" # fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla
       ];
       ];
       files = [
       files = [
Line 111: Line 127:
     };
     };


 
     # KDE Plasma has a lot of config files which are all put directly in `~/.config` instead of dedicated directories; for this reason, each needs to be linked individually
     # fricking KDE Plasma has a bazillion files and each needs to be linked individually
     # We can separate KDE Plasma from the other dotfiles above to avoid having to prefix each entries with `"Plasma/"`
     # because they're all just shoved into ~/.config and not into a single folder.
    # It's separate from the other dotfiles so I can write ".config"
    # instead of "Plasma/.config"
     home.persistence."/nix/dotfiles/Plasma" = {
     home.persistence."/nix/dotfiles/Plasma" = {
       removePrefixDirectory = false;
       removePrefixDirectory = false;
       allowOther = true;
       allowOther = true;
       directories = [
       directories = [
         ".config/gtk-3.0"   # fuse mounted to /home/$USERNAME/.config/gtk-3.0
         ".config/gtk-3.0" # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0
         ".config/gtk-4.0"
         ".config/gtk-4.0" # to /home/$USERNAME/.config/gtk-3.0
         ".config/KDE"
         ".config/KDE"
         ".config/kde.org"
         ".config/kde.org"
Line 204: Line 218:
     home.stateVersion = "21.11";
     home.stateVersion = "21.11";
   };
   };
}
}|name=/etc/nixos/configuration.nix|lang=nix}}
</syntaxhighlight>
 
== Troubleshooting ==
 
=== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ===
This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11) - see {{Issue|95|repo=nix-community/impermanence}}


== See Also ==


=== See Also ===
* https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ - Examples of using the NixOS modules
[https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/] - Examples of using the NixOS modules
* https://grahamc.com/blog/erase-your-darlings - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.
* https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.


[https://grahamc.com/blog/erase-your-darlings https://grahamc.com/blog/erase-your-darlings] - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.
[[Category:Configuration]]
[[Category:NixOS]]