stateless

2023-07-19 01:43:12 +00:00 · 2023-07-19 01:43:12 +00:00 · 20bf7aa5b3
commit 20bf7aa5b3
parent 41f329077b
5 changed files with 79 additions and 5 deletions
--- a/flake.lock
+++ b/flake.lock
@ -1,5 +1,20 @@
 {
  "nodes": {
+    "impermanence": {
+      "locked": {
+        "lastModified": 1684264534,
+        "narHash": "sha256-K0zr+ry3FwIo3rN2U/VWAkCJSgBslBisvfRIPwMbuCQ=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "89253fb1518063556edd5e54509c30ac3089d5e6",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
    "nixpkgs": {
      "locked": {
        "lastModified": 1689605451,
@ -17,6 +32,7 @@
    },
    "root": {
      "inputs": {
+        "impermanence": "impermanence",
        "nixpkgs": "nixpkgs"
      }
    }
--- a/flake.nix
+++ b/flake.nix
@ -23,9 +23,10 @@

  inputs = {
    nixpkgs.url = "nixpkgs/nixos-23.05";
+    impermanence.url = "github:nix-community/impermanence";
  };

-  outputs = { self, nixpkgs, ... }: {
+  outputs = { self, nixpkgs, impermanence, ... }: {
    nixosConfigurations.default = nixpkgs.lib.nixosSystem rec {
      system = "aarch64-linux";

@ -38,6 +39,7 @@

      modules = [
        ./configuration.nix
+        impermanence.nixosModules.impermanence
      ];
    };
  };
--- a/global/default.nix
+++ b/global/default.nix
@ -4,5 +4,6 @@
    ./software-configuration.nix
    ./user-configuration.nix
    ./containers.nix
+    ./stateless-configuration.nix
  ];
 }
--- a/global/stateless-configuration.nix
+++ b/global/stateless-configuration.nix
@ -0,0 +1,57 @@
+{
+  # /nix/persistent 是你实际保存文件的地方
+  environment.persistence."/nix/persistent" = {
+    # 不让这些映射的 mount 出现在文件管理器的侧边栏中
+    hideMounts = true;
+
+    # 你要映射的文件夹
+    directories = [
+      # "/etc/NetworkManager/system-connections"
+      "/root"
+      "/var"
+      "/home"
+      "/boot"
+    ];
+
+    files = [
+      "/etc/machine-id"
+      "/etc/ssh/ssh_host_ed25519_key.pub"
+      "/etc/ssh/ssh_host_ed25519_key"
+      "/etc/ssh/ssh_host_rsa_key.pub"
+      "/etc/ssh/ssh_host_rsa_key"
+      "/swapfile"
+    ];
+
+    users.pi = {
+      directories = [
+        # 配置文件夹
+        ".cache"
+        ".config"
+        ".gnupg"
+        ".local"
+        ".ssh"
+      ];
+      files = [ ];
+    };
+  };
+
+  environment.variables.NIX_REMOTE = "daemon";
+
+  systemd.services.nix-daemon = {
+    environment = {
+      # 指定临时文件的位置
+      TMPDIR = "/var/cache/nix";
+    };
+    serviceConfig = {
+      # 在 Nix Daemon 启动时自动创建 /var/cache/nix
+      CacheDirectory = "nix";
+    };
+  };
+
+  # Stateless rootfs
+  fileSystems."/" = {
+    device = "tmpfs";
+    fsType = "tmpfs";
+    options = [ "relatime" "mode=755" "nosuid" "nodev" ];
+  };
+}
--- a/hardware-configuration.nix
+++ b/hardware-configuration.nix
@ -12,11 +12,9 @@
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];
-  boot.loader.grub.devices = [
-    "nodev"
-  ];
+  boot.loader.grub.devices = [ "nodev" ];

-  fileSystems."/" = {
+  fileSystems."/nix" = {
    device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
    fsType = "ext4";
  };