|
|
122d3cd7e4
|
impermanence: fix home perms in ~/private dir
|
2023-01-04 13:24:23 +00:00 |
|
|
|
cd5f8054c0
|
fs: rename "mountpt" -> "origin" to reflect that it doesnt have to be a device
|
2023-01-04 12:19:32 +00:00 |
|
|
|
3db388b105
|
servo: relocate ext device to /mnt/impermanence/ext and fixup deps
|
2023-01-04 12:12:30 +00:00 |
|
|
|
2ba6116f10
|
fs/impermanence: more precisely control unit dependencies/ordering
|
2023-01-04 11:22:26 +00:00 |
|
|
|
592d17b725
|
impermanence: crypt: simplify setup (experimental)
|
2023-01-04 09:28:59 +00:00 |
|
|
|
2c48e61854
|
fs: fix mode of deployed files; simplify
|
2023-01-04 07:14:01 +00:00 |
|
|
|
68c2eb7363
|
impermanence: clean up the deps for the crypt store
|
2023-01-04 04:22:17 +00:00 |
|
|
|
a76471cb1f
|
fs: simplify the mount configuration
|
2023-01-04 03:57:24 +00:00 |
|
|
|
d7c8638fea
|
impermanence: add a storeDescription field per store
|
2023-01-04 01:54:13 +00:00 |
|
|
|
9d7d1acc80
|
sane.impermanence.dirs.home.<store> is now auto-generated and options can vary across deployments
|
2023-01-04 01:45:05 +00:00 |
|
|
|
9c248a8a31
|
impermanence: cleanup the dirs submodule
|
2023-01-04 01:34:19 +00:00 |
|
|
|
829680fb00
|
impermanence: simplify dir-acl handling by using a helper
|
2023-01-04 01:19:22 +00:00 |
|
|
|
2960b895b6
|
lib: lift acl type into sane-lib/types
|
2023-01-04 00:59:52 +00:00 |
|
|
|
afe684ca2c
|
modules: impermanence: use sane-lib.path
|
2023-01-03 14:55:27 +00:00 |
|
|
|
618e9bd2fa
|
gocryptfs: place package in system.fsPackages instead of environment.systemPackages (it propagates anyway)
|
2023-01-03 12:00:49 +00:00 |
|
|
|
2d7b3750cd
|
impermanence: split the /home/colin perms fix into more appropriate places
|
2023-01-03 08:25:43 +00:00 |
|
|
|
e6ccd2e4f7
|
impermanence: split plaintext store to own file (this will bypass some recursion in the next patch)
|
2023-01-03 08:02:03 +00:00 |
|
|
|
d4bf491e9c
|
impermanence: improve docs
|
2023-01-03 07:45:19 +00:00 |
|
|
|
327e6b536f
|
impermanence: large refactor, and experimental bind mounting of things from ~/private
|
2023-01-03 07:22:37 +00:00 |
|
|
|
9e32211c12
|
impermanence: cange "encryptedClearOnBoot" to a broader "store" argument
in the future it can support ~/private as a backing store
|
2023-01-03 03:04:19 +00:00 |
|
|
|
edf6bd4455
|
fs: add a "mount.bind" option & use it for impermanence bind-mounts
|
2023-01-03 02:45:23 +00:00 |
|
|
|
875e923197
|
declare ~/private in fileSystems and reuse for pamMount
|
2023-01-02 11:34:02 +00:00 |
|
|
|
89e519810d
|
impermanence: clean up the bind mounts
|
2022-12-31 12:31:49 +00:00 |
|
|
|
0e920230ba
|
impermanence: fix systemd service ordering for crypt mount
|
2022-12-31 12:18:27 +00:00 |
|
|
|
6ffae00e17
|
fs: rename "service" option to "unit" option
|
2022-12-31 11:31:16 +00:00 |
|
|
|
be19985440
|
impermanence: crypt: more robust perms and ordering of backing device
|
2022-12-31 10:45:43 +00:00 |
|
|
|
f7e3e7294a
|
impermanence: transform gocryptfs key generation from activation script to systemd unit
|
2022-12-31 10:15:08 +00:00 |
|
|
|
d745e3c1ee
|
impermanence: remove fuse module: we don't need it now that we're mounting after activation
|
2022-12-31 09:13:31 +00:00 |
|
|
|
c1890ce82b
|
impermanence: cleanup some previously verbose code
|
2022-12-31 09:09:51 +00:00 |
|
|
|
53a0b621d8
|
impermanence: use sane.fs to inherit permissions instead of specifying defaults here
|
2022-12-31 01:04:49 +00:00 |
|
|
|
aeb2f63d65
|
impermanence: defer to fs.nix module for permissions & dir creation
|
2022-12-31 00:38:15 +00:00 |
|
|
|
528ffdb58e
|
add a new 'fs.nix' file i'll use to factor the impermanence stuff better
|
2022-12-30 14:45:34 +00:00 |
|
|
|
b6887b305e
|
impermanence: split out the root-on-tmpfs stuff
|
2022-12-30 04:35:34 +00:00 |
|
|
|
08dfc80c98
|
impermanence: split out sops setup
|
2022-12-30 04:31:24 +00:00 |
|
|
|
0a6d88dfc1
|
impermanence: simplify /etc/ssh/host_keys setup
|
2022-12-30 03:34:59 +00:00 |
|
|
|
0819899102
|
remove dead commented-out code
|
2022-12-29 18:34:03 +00:00 |
|
|
|
d3ff68217e
|
impermanence: enable hyphenated folder names
|
2022-12-29 18:29:27 +00:00 |
|
|
|
af92a2250e
|
impermanence: fix up circular dependencies and permissions
this is now a proof of concept. still has some rough edges.
|
2022-12-29 18:03:41 +00:00 |
|
|
|
d00f9b15d7
|
impermanence: fix typo in permissions service
|
2022-12-29 17:16:27 +00:00 |
|
|
|
aa1c1f40cb
|
WIP: impermanence rework (gut 3rd-party lib)
|
2022-12-29 16:38:58 +00:00 |
|
