Impermanence: Difference between revisions

Line 1:

{{~~warning~~|~~When setting up impermanence~~, ~~make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}~~

{{Outdated|reason=Examples are not using best practices, nor mentioning and flakes|scope=article}}

~~{{warning~~|~~The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.~~}}

Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.

Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /).

~~Example~~ <code>~~hardware~~-~~configuration~~.~~nix~~</code> ~~settings:~~

Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}{{Info|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}

~~<syntaxhighlight lang~~=~~"nix">~~

fileSystems."/" =

== Example ==

{ device = "none";

{{File|3={

fsType = "tmpfs";

fileSystems."/" = {

options = [ "size=3G" "mode=755" ]; # ~~mode=755 so~~ only root can write to those files

device = "none";

};

fsType = "tmpfs";

fileSystems."/home/username" =

options = [

{ device = "none";

"size=3G"

fsType = "tmpfs"; # ~~Can~~ be stored on normal drive or on tmpfs as well

"mode=755" # only root can write to those files

options = [ "size=4G" "mode=777" ];

];

};

fileSystems."/nix" = # can be LUKS encrypted

fileSystems."/home/username" = {

{ device = "/dev/disk/by-uuid/UUID";

device = "none";

fsType = "tmpfs"; # can be stored on normal drive or on tmpfs as well

options = [

"size=4G"

"mode=777"

];

};

fileSystems."/nix" = # can be LUKS encrypted

{

device = "/dev/disk/by-uuid/UUID";

fsType = "ext4";

};

fileSystems."/boot" =

fileSystems."/boot" = {

{ device = "/dev/disk/by-uuid/UUID";

device = "/dev/disk/by-uuid/UUID";

fsType = "vfat";

};

# Can mount any other partitions as well

</~~syntaxhighlight>~~

}|name=/etc/nixos/hardware-configuration.nix|lang=nix}}

~~=== Persisting ==~~=

== Persistence ==

Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.

=== Example ===

~~Put in <code>configuration.nix</code>:~~

{{File|3={ config, pkgs, ... }:

~~<syntaxhighlight lang~~=~~"nix">~~

{ config, pkgs, ... }:

let

Line 52:

Line 56:

"/var/lib/systemd/timers"

"/etc/NetworkManager/system-connections"

{ directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }

{

directory = "/var/lib/colord";

user = "colord";

group = "colord";

mode = "u=rwx,g=rx,o=";

}

];

files = [

"/etc/machine-id"

{ file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }

{

file = "/etc/nix/id_rsa";

parentDirectory = {

mode = "u=rwx,g=,o=";

};

}

];

};

}

}|name=/etc/nixos/configuration.nix|lang=nix}}

</~~syntaxhighlight>~~

=== Home Managing ===

== Home Managing ==

You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root.

For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] ~~like normal~~. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.

For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] as usual. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.

{{Warning|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}

{{~~Note~~|~~<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}~~

=== Example ===

{{File|3={ config, pkgs, ... }:

~~Put in <code>configuration.nix</code>:~~

~~<syntaxhighlight lang~~=~~"nix">~~

{ config, pkgs, ... }:

let

home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz";

Line 83:

Line 93:

];

~~# might not be needed~~

programs.fuse.userAllowOther = true; # might not be needed

programs.fuse.userAllowOther = true;

# Home Manager config goes in here

Line 93:

Line 102:

programs = {

home-manager.enable = true;

~~git = {~~ # can use home-manager normally as well as with persistence

# can use home-manager normally as well as with persistence

git = {

enable = true;

userName = "Example";

userEmail = "Example@example.com";

};

Line 101:

Line 112:

home.persistence."/nix/dotfiles" = {

removePrefixDirectory = true; # for GNU Stow styled dotfile folders

allowOther = true;

directories = [

"Atom/.atom/atom-discord"

"Atom/.atom/packages"

"Clementine/.config/Clementine"

# fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla

"Firefox/.mozilla" # fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla

~~"Firefox/.mozilla"~~

];

files = [

Line 117:

Line 127:

};

# We can separate KDE Plasma from the other dotfiles above to avoid having to prefix each entries with `"Plasma/"`

# ~~fricking~~ KDE Plasma ~~has a bazillion files and each needs to be linked individually~~

~~# because they're all just shoved into ~/.config and not into a single folder.~~

~~# It's separate~~ from the other dotfiles ~~so I can write ".config"~~

~~# instead of~~ "Plasma/~~.config~~"

home.persistence."/nix/dotfiles/Plasma" = {

removePrefixDirectory = false;

allowOther = true;

# KDE Plasma has a lot of config files which are all put directly in `~/.config` instead of dedicated directories; for this reason, each needs to be linked individually

directories = [

".config/gtk-3.0" # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0

".config/gtk-4.0" # to /home/$USERNAME/.config/gtk-3.0

".config/KDE"

".config/kde.org"

Line 210:

Line 218:

home.stateVersion = "21.11";

};

}

}|name=/etc/nixos/configuration.nix|lang=nix}}

~~</syntaxhighlight>~~

=~~== Troubleshooting ===~~

~~==== builder for '~~/~~nix~~/~~store~~/~~file-name.service~~.~~drv' failed to produce output path for output 'out' at '/~~nix~~/store/file-name.service'~~ =~~===~~

~~This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11). See https://github.com/~~nix~~-community/impermanence/issues/95.~~

== Troubleshooting ==

=== ~~See Also ===~~

=== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ===

~~[https:~~//~~elis~~.~~nu/blog~~/~~2020~~/06/~~nixos~~-~~tmpfs~~-as-~~home/ https://elis~~.~~nu/blog/2020/06/nixos~~-~~tmpfs~~-~~as-home~~/~~] - Examples of using the NixOS modules~~

This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11) - see {{Issue|95|repo=nix-community/impermanence}}

~~[https://grahamc.com/blog/erase-your-darlings https://grahamc.com/blog/erase-your-darlings] - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.~~

== See Also ==

https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.

* https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ - Examples of using the NixOS modules

* https://grahamc.com/blog/erase-your-darlings - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.

* https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.

[[Category:Configuration]]

[[Category:NixOS]]

@@ Line 1: / Line 1: @@
-{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}
+{{Outdated|reason=Examples are not using best practices, nor mentioning and flakes|scope=article}}
-{{warning|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}
-Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /). Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.
+Impermanence in NixOS is where your root directory gets wiped every reboot (such as by mounting a tmpfs to /).
-Example <code>hardware-configuration.nix</code> settings:
+Such a setup is possible because NixOS only needs <code>/boot</code> and <code>/nix</code> in order to boot, all other system files are simply links to files in <code>/nix</code>. <code>/boot</code> and <code>/nix</code> still need to be stored on a hard drive or SSD.{{warning|When setting up impermanence, make sure that you have declared password for your user to be able to log-in after the deployment as for example the nixos installer declares passwords imperatively.}}{{Info|The permissions and user/group ownership of your persisted directories overrides values configured in <code>config.users.*</code>, potentially including your home directories.}}
-<syntaxhighlight lang="nix">
-   fileSystems."/" =
+== Example ==
-     { device = "none";
+{{File|3={
-      fsType = "tmpfs";
+   fileSystems."/" = {
-      options = [ "size=3G" "mode=755" ]; # mode=755 so only root can write to those files
+     device = "none";
-     };
+    fsType = "tmpfs";
-   fileSystems."/home/username" =
+    options = [
-     { device = "none";
+      "size=3G"
-      fsType = "tmpfs";  # Can be stored on normal drive or on tmpfs as well
+      "mode=755" # only root can write to those files
-      options = [ "size=4G" "mode=777" ];
+     ];
-    };
+  };
-   fileSystems."/nix" =  # can be LUKS encrypted
+   fileSystems."/home/username" = {
-     { device = "/dev/disk/by-uuid/UUID";
+     device = "none";
+    fsType = "tmpfs"; # can be stored on normal drive or on tmpfs as well
+    options = [
+      "size=4G"
+      "mode=777"
+    ];
+  };
+   fileSystems."/nix" = # can be LUKS encrypted
+     {
+      device = "/dev/disk/by-uuid/UUID";
        fsType = "ext4";
      };
-   fileSystems."/boot" =
+   fileSystems."/boot" = {
-     { device = "/dev/disk/by-uuid/UUID";
+     device = "/dev/disk/by-uuid/UUID";
-      fsType = "vfat";
+    fsType = "vfat";
-    };
+  };
    # Can mount any other partitions as well
-</syntaxhighlight>
+}|name=/etc/nixos/hardware-configuration.nix|lang=nix}}
-=== Persisting ===
+== Persistence ==
 Some files and folders should be persisted between reboots though (such as <code>/etc/nixos/</code>). This can be accomplished through bind mounts or by using the [https://github.com/nix-community/impermanence NixOS Impermanence module,] which will set up bind mounts and links as needed.
+=== Example ===
-Put in <code>configuration.nix</code>:
+{{File|3={ config, pkgs, ... }:
-<syntaxhighlight lang="nix">
-{ config, pkgs, ... }:
 let
@@ Line 52: / Line 56: @@
        "/var/lib/systemd/timers"
        "/etc/NetworkManager/system-connections"
-       { directory = "/var/lib/colord"; user = "colord"; group = "colord"; mode = "u=rwx,g=rx,o="; }
+       {
+        directory = "/var/lib/colord";
+        user = "colord";
+        group = "colord";
+        mode = "u=rwx,g=rx,o=";
+      }
      ];
      files = [
        "/etc/machine-id"
-       { file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
+       {
+        file = "/etc/nix/id_rsa";
+        parentDirectory = {
+          mode = "u=rwx,g=,o=";
+        };
+      }
      ];
    };
-}
+}|name=/etc/nixos/configuration.nix|lang=nix}}
-</syntaxhighlight>
-=== Home Managing ===
+== Home Managing ==
 You can just make a home partition on a drive and mount it as normal, so everything in <code>/home</code> or <code>/home/username</code> will be persisted. If you want your home to be impermanent as well, then mount it on tmpfs the same way as root.
-For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] like normal. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.
+For persisting files in your home, you could simply use [https://github.com/nix-community/home-manager Home Manager] as usual. However, then files are stored read-only in the Nix store. In order to persist files while still being writable, you can use the [https://github.com/nix-community/impermanence Home Manager Impermanence module]. It will fuse mount folders and link files from persistent storage into your home directory.
+{{Warning|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}
-{{Note|<code>/home/user</code> should be on a separate tmpfs, otherwise you'll get the error <code>fuse: mountpoint not empty</code>.}}
+=== Example ===
+{{File|3={ config, pkgs, ... }:
-Put in <code>configuration.nix</code>:
-<syntaxhighlight lang="nix">
-{ config, pkgs, ... }:
 let
    home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-22.05.tar.gz";
@@ Line 83: / Line 93: @@
    ];
-  # might not be needed
+   programs.fuse.userAllowOther = true; # might not be needed
-   programs.fuse.userAllowOther = true;
    # Home Manager config goes in here
@@ Line 93: / Line 102: @@
      programs = {
        home-manager.enable = true;
-       git = {   # can use home-manager normally as well as with persistence
+       # can use home-manager normally as well as with persistence
+      git = {
          enable = true;
-         userName  = "Example";
+         userName = "Example";
          userEmail = "Example@example.com";
        };
@@ Line 101: / Line 112: @@
      home.persistence."/nix/dotfiles" = {
-       removePrefixDirectory = true;   # for GNU Stow styled dotfile folders
+       removePrefixDirectory = true; # for GNU Stow styled dotfile folders
        allowOther = true;
        directories = [
          "Atom/.atom/atom-discord"
          "Atom/.atom/packages"
          "Clementine/.config/Clementine"
-         # fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla
+         "Firefox/.mozilla" # fuse mounted from /nix/dotfiles/Firefox/.mozilla to /home/$USERNAME/.mozilla
-        "Firefox/.mozilla"
        ];
        files = [
@@ Line 117: / Line 127: @@
      };
+     # We can separate KDE Plasma from the other dotfiles above to avoid having to prefix each entries with `"Plasma/"`
-     # fricking KDE Plasma has a bazillion files and each needs to be linked individually
-    # because they're all just shoved into ~/.config and not into a single folder.
-    # It's separate from the other dotfiles so I can write ".config"
-    # instead of "Plasma/.config"
      home.persistence."/nix/dotfiles/Plasma" = {
        removePrefixDirectory = false;
        allowOther = true;
+      # KDE Plasma has a lot of config files which are all put directly in `~/.config` instead of dedicated directories; for this reason, each needs to be linked individually
        directories = [
-         ".config/gtk-3.0"   # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0
+         ".config/gtk-3.0" # fuse mounted from /nix/dotfiles/Plasma/.config/gtk-3.0
-         ".config/gtk-4.0"     # to /home/$USERNAME/.config/gtk-3.0
+         ".config/gtk-4.0" # to /home/$USERNAME/.config/gtk-3.0
          ".config/KDE"
          ".config/kde.org"
@@ Line 210: / Line 218: @@
      home.stateVersion = "21.11";
    };
-}
+}|name=/etc/nixos/configuration.nix|lang=nix}}
-</syntaxhighlight>
-=== Troubleshooting ===
-==== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ====
-This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11). See https://github.com/nix-community/impermanence/issues/95.
+== Troubleshooting ==
-=== See Also ===
+=== builder for '/nix/store/file-name.service.drv' failed to produce output path for output 'out' at '/nix/store/file-name.service' ===
-[https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/] - Examples of using the NixOS modules
+This can happen if your NixOS version is later than your Home-Manager version (ex. NixOS 22.05 with Home-Manager 21.11) - see {{Issue|95|repo=nix-community/impermanence}}
-[https://grahamc.com/blog/erase-your-darlings https://grahamc.com/blog/erase-your-darlings] - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.
+== See Also ==
-https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.
+* https://elis.nu/blog/2020/06/nixos-tmpfs-as-home/ - Examples of using the NixOS modules
+* https://grahamc.com/blog/erase-your-darlings - Explaining why you might want to do this. Uses ZFS snapshots instead of tmpfs.
+* https://web.archive.org/web/20241007130142/https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html - Encypted Btrfs Root with Opt-in State on NixOS. Uses Btrfs instead of tmpfs or ZFS.
 [[Category:Configuration]]
 [[Category:NixOS]]