home-manager/sajenim/features/desktop/discord/default.nix

@@ -14,4 +14,9 @@
     enable = true;
     source = ./config/custom.css;
   };
+
+  home.persistence."/persist/home/sajenim".directories = [
+    ".config/discord"
+    ".config/BetterDiscord"
+  ];
 }

home-manager/sajenim/features/desktop/email.nix

@@ -101,4 +101,15 @@
       proton.isDefault = true;
     };
   };
+
+  home.persistence."/persist/home/sajenim" = {
+    directories = [
+      # email configuration
+      ".config/protonmail"
+      # email cache of messages
+      ".local/share/protonmail"
+      # gpg encrypted passwords
+      ".password-store"
+    ];
+  };
 }

home-manager/sajenim/features/desktop/irc.nix

@@ -2,4 +2,15 @@
   home.packages = with pkgs; [
     weechat
   ];
+
+  home.persistence."/persist/home/sajenim" = {
+    directories = [
+      # WeeChat configuration files: *.conf, certificates, etc.
+      ".config/weechat"
+      # WeeChat data files: logs, scripts, scripts data, xfer files, etc.
+      ".local/share/weechat"
+      # WeeChat cache files: scripts cache.
+      ".cache/weechat"
+    ];
+  };
 }

home-manager/sajenim/features/printing/default.nix

@@ -7,5 +7,10 @@
       openscad
       unstable.prusa-slicer
     ];
+    persistence."/persist/home/sajenim" = {
+      directories = [
+        ".config/PrusaSlicer"
+      ];
+    };
   };
 }

home-manager/sajenim/fuchsia.nix

@@ -24,5 +24,28 @@
       # Misc
       firefox
     ];
+
+    persistence."/persist/home/sajenim" = {
+      directories = [
+        ".mozilla"
+        # Hidden user data
+        ".repositories"
+        ".print"
+        # Mutable configurations
+        ".config/htop"
+        ".config/lazygit"
+        ".config/Yubico"
+        # Application specific data
+        ".local/share/PrismLauncher"
+        ".local/share/Jellyfin Media Player"
+        # Our user data
+        "Documents"
+        "Downloads"
+        "Games"
+        "Music"
+        "Pictures"
+        "Videos"
+      ];
+    };
   };
 }

home-manager/sajenim/global/default.nix

@@ -1,5 +1,10 @@
-{outputs, ...}: {
+{
+  inputs,
+  outputs,
+  ...
+}: {
   imports = [
+    inputs.impermanence.nixosModules.home-manager.impermanence
     ../features/cli
   ];
 
@@ -23,6 +28,22 @@
     sessionVariables = {
       EDITOR = "nvim";
     };
+
+    persistence."/persist/home/sajenim" = {
+      directories = [
+        ".gnupg"
+        ".ssh"
+        ".var/app"
+        ".local/bin"
+        ".local/share/flatpak"
+        ".local/share/nix"
+        ".local/share/direnv"
+      ];
+      files = [
+        ".zsh_history"
+      ];
+      allowOther = true;
+    };
   };
 
   systemd.user.startServices = "sd-switch";

nixos/common/users/sajenim/default.nix

@@ -8,7 +8,6 @@
   imports = [
     inputs.home-manager.nixosModules.home-manager
   ];
-
   users.users.sajenim = {
     isNormalUser = true;
     extraGroups = ["audio" "docker" "networkmanager" "wheel" "adbusers"];
@@ -27,10 +26,4 @@
     };
     backupFileExtension = "bak";
   };
-
-  fileSystems."/home/sajenim" = {
-    device = "/dev/disk/by-label/data";
-    fsType = "btrfs";
-    options = ["subvol=sajenim" "compress=zstd"];
-  };
 }

nixos/common/users/spectre/default.nix

@@ -6,17 +6,10 @@
   imports = [
     inputs.home-manager.nixosModules.home-manager
   ];
-
   users.users.spectre = {
     isNormalUser = true;
     shell = pkgs.zsh;
     hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/";
   };
   users.mutableUsers = false;
-
-  fileSystems."/home/spectre" = {
-    device = "/dev/disk/by-label/data";
-    fsType = "btrfs";
-    options = ["subvol=spectre" "compress=zstd"];
-  };
 }

nixos/viridian/hardware-configuration.nix

@@ -60,13 +60,13 @@ in {
   };
 
   fileSystems."/srv/containers" = {
-    device = "/dev/disk/by-label/data";
+    device = "/dev/disk/by-label/${hostname}";
     fsType = "btrfs";
     options = ["subvol=containers" "compress=zstd"];
   };
 
   fileSystems."/srv/services" = {
-    device = "/dev/disk/by-label/data";
+    device = "/dev/disk/by-label/${hostname}";
     fsType = "btrfs";
     options = ["subvol=services" "compress=zstd"];
   };

nixos/viridian/services/traefik/middlewares.nix

@@ -11,7 +11,7 @@
     # Restrict access to internal networks
     internal.ipwhitelist.sourcerange = [
       "127.0.0.1/32" # localhost
-      "192.168.50.1/24" # lan
+      "192.168.20.1/24" # lan
     ];
 
     # Restrict access based on geo-location

nixos/viridian/services/traefik/routers.nix

@@ -6,7 +6,7 @@
         "websecure"
       ];
       middlewares = [
-        "internal"
+        "admin"
       ];
       service = "api@internal";
     };
@@ -17,7 +17,7 @@
         "websecure"
       ];
       middlewares = [
-        "internal"
+        "admin"
       ];
       service = "ender1";
     };

nixos/viridian/services/traefik/services.nix

@@ -1,7 +1,7 @@
 {...}: {
   services.traefik.dynamicConfigOptions.http.services = {
     ender1.loadBalancer.servers = [
-      {url = "http://192.168.50.201:80";}
+      {url = "http://192.168.1.103:80";}
     ];
   };
 }