Impermanence: Difference between revisions
| imported>Klaymore  Better Home Manager explanation about mounting folders into your home. Fixed Firefox dotfile comment | m →Example:  comment placement | ||
| (18 intermediate revisions by 9 users not shown) | |||
| Line 1: | Line 1: | ||
| {{Outdated|reason=Examples are not using best practices, nor mentioning and flakes|scope=article}} | |||
| Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). | |||
|    fileSystems."/" = | Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}{{Info|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}} | ||
| == Example == | |||
| {{File|3={ | |||
|      }; |    fileSystems."/" = { | ||
|    fileSystems."/home/username" = |      device = "none"; | ||
|     fsType = "tmpfs"; | |||
|     options = [ | |||
|       "size=3G" | |||
|       "mode=755" # only root can write to those files | |||
|    fileSystems."/nix" =  |      ]; | ||
|      { device = "/dev/disk/by-uuid/UUID"; |   }; | ||
|    fileSystems."/home/username" = { | |||
|      device = "none"; | |||
|     fsType = "tmpfs"; # can be stored on normal drive or on tmpfs as well | |||
|     options = [ | |||
|       "size=4G" | |||
|       "mode=777" | |||
|     ]; | |||
|   }; | |||
|    fileSystems."/nix" = # can be LUKS encrypted | |||
|      { | |||
|       device = "/dev/disk/by-uuid/UUID"; | |||
|        fsType = "ext4"; |        fsType = "ext4"; | ||
|      }; |      }; | ||
|    fileSystems."/boot" = |    fileSystems."/boot" = { | ||
|      device = "/dev/disk/by-uuid/UUID"; | |||
|     fsType = "vfat"; | |||
|   }; | |||
|    # Can mount any other partitions as well |    # Can mount any other partitions as well | ||
| }|name=/etc/nixos/hardware-configuration.nix|lang=nix}} | |||
| == Persistence == | |||
| Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed. | Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed. | ||
| === Example === | |||
| {{File|3={ config, pkgs, ... }: | |||
| { config, pkgs, ... }: | |||
| let | let | ||
| Line 39: | Line 47: | ||
|    imports = [ "${impermanence}/nixos.nix" ]; |    imports = [ "${impermanence}/nixos.nix" ]; | ||
|    environment.persistence."/nix/persist/system" = { | |||
|    environment.persistence."/nix/persist/system" = {   |     hideMounts = true; | ||
|      directories = [ |      directories = [ | ||
|        "/var/log" |        "/var/log" | ||
|        "/var/lib" |        "/var/lib/bluetooth" | ||
|       "/var/lib/nixos" | |||
|       "/var/lib/systemd/coredump" | |||
|       "/var/lib/systemd/timers" | |||
|       "/etc/NetworkManager/system-connections" | |||
|       { | |||
|         directory = "/var/lib/colord"; | |||
|         user = "colord"; | |||
|         group = "colord"; | |||
|         mode = "u=rwx,g=rx,o="; | |||
|       } | |||
|      ]; |      ]; | ||
|      files = [ |      files = [ | ||
|       "/etc/machine-id" | |||
|        "/etc/nix/id_rsa" |        { | ||
|         file = "/etc/nix/id_rsa"; | |||
|         parentDirectory = { | |||
|           mode = "u=rwx,g=,o="; | |||
|         }; | |||
|       } | |||
|      ]; |      ]; | ||
|    }; |    }; | ||
| }|name=/etc/nixos/configuration.nix|lang=nix}} | |||
| == Home Managing == | |||
| You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root. | You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root. | ||
| For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager]  | For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] as usual. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory. | ||
| {{Warning|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}} | |||
| === Example === | |||
| {{File|3={ config, pkgs, ... }: | |||
| { config, pkgs, ... }: | |||
| let | let | ||
|    home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release- |    home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz"; | ||
|    impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz"; |    impermanence = builtins.fetchTarball "https://github.com/nix-community/impermanence/archive/master.tar.gz"; | ||
| in | in | ||
| Line 78: | Line 93: | ||
|    ]; |    ]; | ||
|    programs.fuse.userAllowOther = true; # might not be needed | |||
|    programs.fuse.userAllowOther = true; | |||
|    # Home Manager config goes in here |    # Home Manager config goes in here | ||
| Line 89: | Line 103: | ||
|        home-manager.enable = true; |        home-manager.enable = true; | ||
|        # can use home-manager normally as well as with persistence | |||
|       git = { | |||
|          enable = true; |          enable = true; | ||
|          userName  |          userName = "Example"; | ||
|          userEmail = "Example@example.com"; |          userEmail = "Example@example.com"; | ||
|        }; |        }; | ||
| Line 97: | Line 112: | ||
|      home.persistence."/nix/dotfiles" = { |      home.persistence."/nix/dotfiles" = { | ||
|        removePrefixDirectory = true;  |        removePrefixDirectory = true; # for GNU Stow styled dotfile folders | ||
|        allowOther = true; |        allowOther = true; | ||
|        directories = [ |        directories = [ | ||
|          "Atom/.atom/atom-discord"  |          "Atom/.atom/atom-discord" | ||
|          "Atom/.atom/packages" |          "Atom/.atom/packages" | ||
|          "Clementine/.config/Clementine" |          "Clementine/.config/Clementine" | ||
|         "Firefox/.mozilla" # fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla | |||
|        ]; |        ]; | ||
|        files = [ |        files = [ | ||
| Line 111: | Line 127: | ||
|      }; |      }; | ||
|      # KDE Plasma has a lot of config files which are all put directly in `~/.config` instead of dedicated directories; for this reason, each needs to be linked individually | |||
|      #  |      # We can separate KDE Plasma from the other dotfiles above to avoid having to prefix each entries with `"Plasma/"` | ||
|      #  | |||
|      home.persistence."/nix/dotfiles/Plasma" = { |      home.persistence."/nix/dotfiles/Plasma" = { | ||
|        removePrefixDirectory = false; |        removePrefixDirectory = false; | ||
|        allowOther = true; |        allowOther = true; | ||
|        directories = [ |        directories = [ | ||
|          ".config/gtk-3.0"  |          ".config/gtk-3.0" # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0 | ||
|          ".config/gtk-4.0" |          ".config/gtk-4.0" # to /home/$USERNAME/.config/gtk-3.0 | ||
|          ".config/KDE" |          ".config/KDE" | ||
|          ".config/kde.org" |          ".config/kde.org" | ||
| Line 204: | Line 218: | ||
|      home.stateVersion = "21.11"; |      home.stateVersion = "21.11"; | ||
|    }; |    }; | ||
| } | }|name=/etc/nixos/configuration.nix|lang=nix}} | ||
| == Troubleshooting == | |||
| === builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' === | |||
| This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11) - see {{Issue|95|repo=nix-community/impermanence}} | |||
| == See Also == | |||
| * https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ - Examples of using the NixOS modules | |||
| * https://grahamc.com/blog/erase-your-darlings - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs. | |||
| * https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS. | |||
| [ | [[Category:Configuration]] | ||
| [[Category:NixOS]] | |||