impermanence: add a storeDescription field per store

modules/impermanence/default.nix

@@ -12,6 +12,15 @@ let
 
   storeType = types.submodule {
     options = {
+      storeDescription = mkOption {
+        type = types.nullOr types.str;
+        default = null;
+        description = ''
+          an optional description of the store, which is rendered like
+            {store.name}: {store.storeDescription}
+          for example, a store named "private" could have description "ecnrypted to the user's password and decrypted on login".
+        '';
+      };
       mountpt = mkOption {
         type = types.str;
       };
@@ -69,7 +78,11 @@ let
     options = mapAttrs (store: store-cfg: mkOption {
       default = [];
       type = types.listOf contextualizedDirOrShorthand;
-      description = "directories to persist in ${store}";
+      description = let
+        suffix = if store-cfg.storeDescription != null then
+          ": ${store-cfg.storeDescription}"
+        else "";
+      in "directories to persist in ${store}${suffix}";
     }) cfg.stores;
   };
 

modules/impermanence/stores/crypt.nix

@@ -33,6 +33,10 @@ in
 lib.mkIf config.sane.impermanence.enable
 {
   sane.impermanence.stores."cryptClearOnBoot" = {
+    storeDescription = ''
+      stored to disk, but encrypted to an in-memory key and cleared on every boot
+      so that it's unreadable after power-off
+    '';
     mountpt = "/mnt/impermanence/crypt/clearedonboot";
   };
 

modules/impermanence/stores/private.nix

@@ -5,6 +5,9 @@ let
 in lib.mkIf config.sane.impermanence.enable
 {
   sane.impermanence.stores."private" = {
+    storeDescription = ''
+      encrypted to the user's password and auto-unlocked at login
+    '';
     mountpt = "/home/colin/private";
     # files stored under here *must* have the /home/colin prefix.
     # internally, this prefix is removed so that e.g.