colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
893 Commits 125 Branches 1 Tag 12 MiB
10541698a7
Commit Graph

45 Commits

Author SHA1 Message Date
colin
b658b93c64 lappy: store the hashed user passwd in git and decrypt it into /etc/passwd on boot 
this approach lets me persist the password. persisting /etc/shadow
directly wasn't so feasible. populating /etc/shadow at activation time
is something nix already does and is easy to plug into.
so we store the passwd hash in this repo, but encrypt it to the
destination machine's ssh pubkey to add enough entropy that it's not
brute-forceable through the public git repo.
 2022-10-23 06:53:06 -07:00
colin
f68bc342e8 fix activationScript ordering to remove sops double-decrypt hack 2022-10-23 06:53:05 -07:00
colin
2b14648587 servo: persist the maildir 
this way i don't lose my mail on every reboot...

wow i can't believe it took me this long to make the connection.
 2022-10-22 07:00:56 -07:00
colin
0753aa59e9 refactor: move default home impermanence dirs to modules/universal/users.nix 2022-10-22 06:09:53 -07:00
colin
55cbce17c2 refactor: impermanence: remove duplicate function map-service-dirs 2022-10-22 06:03:04 -07:00
colin
ebf3152ced refactor: purge impermanence.home-files option 
persisting individual files doesn't work super well. we can do without
it and things are simpler.
 2022-10-22 05:56:04 -07:00
colin
b43103a024 refactor: move .zsh_history impermanence definition into zsh.nix 2022-10-22 04:02:40 -07:00
colin
6e01c59d08 default-initialize gnome keyrings, and persist them to disk 2022-10-06 17:29:10 -07:00
colin
3184c6cfb6 net: switch to iwd for better experience 
iwd, v.s. wpa_supplicant, has smarter metrics for choosing which
wireless networks to connect to when multiple are in range.
 2022-09-29 06:08:33 -07:00
colin
370ae917b9 home: persist vlc state 2022-09-26 17:48:55 -07:00
colin
2316b4a3ce NetworkManager: store (and deploy) wifi connections to all devices 
i haven't saved the hard-wired connection on desko/servo, but i think
that's alright: they should be DHCP'd.
 2022-09-22 18:28:03 -07:00
colin
c0a41def22 impermanence: don't persist authorized_keys.d 2022-08-31 17:25:57 -07:00
colin
9976c82946 impermanence: don't persist _all_ of /etc/ssh -- just the important parts 2022-08-03 14:54:36 -07:00
colin
1a9dfe22ba image builder: integrate impermanence so that we create such things as /var/log 
untested
 2022-08-01 14:37:19 -07:00
colin
b53d2f945d impermanence: remove /srv 
this is for "service directories": public, protocol-based fs access.
e.g. /srv/ftp might be a share which is exposed over FTP.
/srv/www might be a share which is exposed over www (or webdav).
 2022-08-01 13:36:42 -07:00
colin
451816f623 rename config.{colinsane -> sane} 2022-08-01 00:23:49 -07:00
colin
ede10dd1c8 impermanence: don't persist /var/lib/nixos 2022-07-14 22:06:19 -07:00
colin
99d55167f6 impermanence: only persist service directories if those services are enabled. 2022-07-10 17:58:16 -07:00
colin
e2d7d63ebe impermanence: move application-level impermanence to their package definition 2022-07-10 17:43:57 -07:00
colin
9d71041530 impermanence: move the base persisted home-dirs into home-manager, alongside XDG dirs 2022-07-10 15:25:04 -07:00
colin
31e404b04f impermanence: abstract the creation of service directories 
better would be to not directly call out user/group, but force them to
be looked up.
 2022-07-10 15:15:34 -07:00
colin
01a47932f7 impermanence: abstract the creation of root-owned system directories 2022-07-10 15:07:56 -07:00
colin
5c6f616c97 impermanence: abstract the creation of ~/ sub-dirs 2022-07-10 14:42:33 -07:00
colin
b2bd8d5f89 persist: zcash directory 2022-07-09 01:00:17 -07:00
colin
461398143c add monero (as package and as persisted directory) 2022-07-08 21:56:49 -07:00
colin
db6dc8e08c persist Signal 2022-07-06 15:14:36 -07:00
colin
a100100e79 impermanence: move import into flake.nix 2022-07-06 14:17:29 -07:00
colin
25e3c8e2f6 persist the Element session keys 2022-07-01 01:05:46 -07:00
colin
d404f279de partial rustup support 2022-06-30 20:45:40 -07:00
colin
e0dda018ae impermanence: persist more dirs which were eating space on servo 2022-06-30 14:20:38 -07:00
colin
3cee86298e impermanence: persist the home/records folder 2022-06-30 13:49:54 -07:00
colin
9123c98595 sops: decrypt secrets AFTER /nix/ssh has been mounted 2022-06-30 01:32:03 -07:00
colin
313d698b97 impermanence: set perms for all these files 2022-06-29 03:58:27 -07:00
colin
92488dd890 complete servo image & port to impermanence 
there might still be some bugs to work out here.
this produces a workable image, but with some uncertainty
around that swapfile (the first attempt had /swapfile living on a
tmpfs).
 2022-06-29 01:17:53 -07:00
colin
42ddd90796 impermanence: persist ~/use 2022-06-26 04:22:57 -07:00
colin
ae55ddb5a7 impermanence: cache discord creds 2022-06-25 22:11:16 -07:00
colin
a011abc7ef add desko /var/lib entries to impermanence 2022-06-25 21:18:02 -07:00
colin
26a756f6a4 impermanence: don't preserve /mnt 
directories which are mentioned in `config.fileSystems` automatically
get directories created in /mnt
 2022-06-25 15:37:12 -07:00
colin
8c1149b21b impermanence: preserve spotify config 2022-06-24 21:15:58 -07:00
colin
436ade540f tune /var/lib impermanence (for lappy) 2022-06-24 21:10:49 -07:00
colin
187c2f2406 lappy: switch back to the existing fs uuids 2022-06-23 16:28:12 -07:00
colin
44f63c31da move nixos config from /etc/nixos to /home/colin/dev/nixos 2022-06-21 02:23:19 -07:00
colin
aefd31b1f6 impermanence: granualize the /home/colin mounts 2022-06-21 01:59:31 -07:00
colin
55f82260d5 impermanence: persist /etc/machine-id 2022-06-21 00:02:57 -07:00
colin
fa131fe39f lappy: enable impermanence 
it mostly went smooth, though i lost a .ssh key.
probably the best upgrade process is to do most of the heavy work in the
initrd:

write the new nix config, notably, configuring a tmpfs / mount
and moving the previous / to /nix.
then boot and in the initrd, move all the `/nix/nix/...` items
up a level.
 2022-06-20 03:28:01 -07:00