From c1a5ed1d4faac7dcf003bac2fd475de41211908d Mon Sep 17 00:00:00 2001 From: jasmine Date: Sat, 7 Sep 2024 15:48:27 +0800 Subject: [PATCH 1/3] migrate impermanent home to subvolumes --- .../features/desktop/discord/default.nix | 5 ---- .../sajenim/features/desktop/email.nix | 11 --------- home-manager/sajenim/features/desktop/irc.nix | 11 --------- .../sajenim/features/printing/default.nix | 5 ---- home-manager/sajenim/fuchsia.nix | 23 ------------------- home-manager/sajenim/global/default.nix | 23 +------------------ nixos/common/users/sajenim/default.nix | 7 ++++++ nixos/common/users/spectre/default.nix | 7 ++++++ 8 files changed, 15 insertions(+), 77 deletions(-) diff --git a/home-manager/sajenim/features/desktop/discord/default.nix b/home-manager/sajenim/features/desktop/discord/default.nix index 838f8fe..4fb77a4 100644 --- a/home-manager/sajenim/features/desktop/discord/default.nix +++ b/home-manager/sajenim/features/desktop/discord/default.nix @@ -14,9 +14,4 @@ enable = true; source = ./config/custom.css; }; - - home.persistence."/persist/home/sajenim".directories = [ - ".config/discord" - ".config/BetterDiscord" - ]; } diff --git a/home-manager/sajenim/features/desktop/email.nix b/home-manager/sajenim/features/desktop/email.nix index 346a889..3461301 100644 --- a/home-manager/sajenim/features/desktop/email.nix +++ b/home-manager/sajenim/features/desktop/email.nix @@ -101,15 +101,4 @@ proton.isDefault = true; }; }; - - home.persistence."/persist/home/sajenim" = { - directories = [ - # email configuration - ".config/protonmail" - # email cache of messages - ".local/share/protonmail" - # gpg encrypted passwords - ".password-store" - ]; - }; } diff --git a/home-manager/sajenim/features/desktop/irc.nix b/home-manager/sajenim/features/desktop/irc.nix index cc6b3f4..7bb487e 100644 --- a/home-manager/sajenim/features/desktop/irc.nix +++ b/home-manager/sajenim/features/desktop/irc.nix @@ -2,15 +2,4 @@ home.packages = with pkgs; [ weechat ]; - - home.persistence."/persist/home/sajenim" = { - directories = [ - # WeeChat configuration files: *.conf, certificates, etc. - ".config/weechat" - # WeeChat data files: logs, scripts, scripts data, xfer files, etc. - ".local/share/weechat" - # WeeChat cache files: scripts cache. - ".cache/weechat" - ]; - }; } diff --git a/home-manager/sajenim/features/printing/default.nix b/home-manager/sajenim/features/printing/default.nix index 8a0b051..3b11048 100644 --- a/home-manager/sajenim/features/printing/default.nix +++ b/home-manager/sajenim/features/printing/default.nix @@ -7,10 +7,5 @@ openscad unstable.prusa-slicer ]; - persistence."/persist/home/sajenim" = { - directories = [ - ".config/PrusaSlicer" - ]; - }; }; } diff --git a/home-manager/sajenim/fuchsia.nix b/home-manager/sajenim/fuchsia.nix index 629f38c..efc1796 100644 --- a/home-manager/sajenim/fuchsia.nix +++ b/home-manager/sajenim/fuchsia.nix @@ -24,28 +24,5 @@ # Misc firefox ]; - - persistence."/persist/home/sajenim" = { - directories = [ - ".mozilla" - # Hidden user data - ".repositories" - ".print" - # Mutable configurations - ".config/htop" - ".config/lazygit" - ".config/Yubico" - # Application specific data - ".local/share/PrismLauncher" - ".local/share/Jellyfin Media Player" - # Our user data - "Documents" - "Downloads" - "Games" - "Music" - "Pictures" - "Videos" - ]; - }; }; } diff --git a/home-manager/sajenim/global/default.nix b/home-manager/sajenim/global/default.nix index 20182f4..e37d20f 100644 --- a/home-manager/sajenim/global/default.nix +++ b/home-manager/sajenim/global/default.nix @@ -1,10 +1,5 @@ -{ - inputs, - outputs, - ... -}: { +{outputs, ...}: { imports = [ - inputs.impermanence.nixosModules.home-manager.impermanence ../features/cli ]; @@ -28,22 +23,6 @@ sessionVariables = { EDITOR = "nvim"; }; - - persistence."/persist/home/sajenim" = { - directories = [ - ".gnupg" - ".ssh" - ".var/app" - ".local/bin" - ".local/share/flatpak" - ".local/share/nix" - ".local/share/direnv" - ]; - files = [ - ".zsh_history" - ]; - allowOther = true; - }; }; systemd.user.startServices = "sd-switch"; diff --git a/nixos/common/users/sajenim/default.nix b/nixos/common/users/sajenim/default.nix index 7e1678f..2c04c83 100644 --- a/nixos/common/users/sajenim/default.nix +++ b/nixos/common/users/sajenim/default.nix @@ -8,6 +8,7 @@ imports = [ inputs.home-manager.nixosModules.home-manager ]; + users.users.sajenim = { isNormalUser = true; extraGroups = ["audio" "docker" "networkmanager" "wheel" "adbusers"]; @@ -26,4 +27,10 @@ }; backupFileExtension = "bak"; }; + + fileSystems."/home/sajenim" = { + device = "/dev/disk/by-label/data"; + fsType = "btrfs"; + options = ["subvol=sajenim" "compress=zstd"]; + }; } diff --git a/nixos/common/users/spectre/default.nix b/nixos/common/users/spectre/default.nix index 776c43e..e7535c5 100644 --- a/nixos/common/users/spectre/default.nix +++ b/nixos/common/users/spectre/default.nix @@ -6,10 +6,17 @@ imports = [ inputs.home-manager.nixosModules.home-manager ]; + users.users.spectre = { isNormalUser = true; shell = pkgs.zsh; hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/"; }; users.mutableUsers = false; + + fileSystems."/home/spectre" = { + device = "/dev/disk/by-label/data"; + fsType = "btrfs"; + options = ["subvol=spectre" "compress=zstd"]; + }; } From 77d82dd853dbe9dc47ba05def5419d72b2bce6ce Mon Sep 17 00:00:00 2001 From: jasmine Date: Sat, 7 Sep 2024 15:49:04 +0800 Subject: [PATCH 2/3] migrate containers and services to data drive --- nixos/viridian/hardware-configuration.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/viridian/hardware-configuration.nix b/nixos/viridian/hardware-configuration.nix index 66875fb..ca3d278 100644 --- a/nixos/viridian/hardware-configuration.nix +++ b/nixos/viridian/hardware-configuration.nix @@ -60,13 +60,13 @@ in { }; fileSystems."/srv/containers" = { - device = "/dev/disk/by-label/${hostname}"; + device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = ["subvol=containers" "compress=zstd"]; }; fileSystems."/srv/services" = { - device = "/dev/disk/by-label/${hostname}"; + device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = ["subvol=services" "compress=zstd"]; }; From 8c7fdf461267d694f5ac21e4cc5e3a05cc826659 Mon Sep 17 00:00:00 2001 From: jasmine Date: Sat, 7 Sep 2024 15:49:39 +0800 Subject: [PATCH 3/3] update ip and middlewares --- nixos/viridian/services/traefik/middlewares.nix | 2 +- nixos/viridian/services/traefik/routers.nix | 4 ++-- nixos/viridian/services/traefik/services.nix | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/nixos/viridian/services/traefik/middlewares.nix b/nixos/viridian/services/traefik/middlewares.nix index cc0becb..28f84f7 100644 --- a/nixos/viridian/services/traefik/middlewares.nix +++ b/nixos/viridian/services/traefik/middlewares.nix @@ -11,7 +11,7 @@ # Restrict access to internal networks internal.ipwhitelist.sourcerange = [ "127.0.0.1/32" # localhost - "192.168.20.1/24" # lan + "192.168.50.1/24" # lan ]; # Restrict access based on geo-location diff --git a/nixos/viridian/services/traefik/routers.nix b/nixos/viridian/services/traefik/routers.nix index 0fa790c..82e5cca 100644 --- a/nixos/viridian/services/traefik/routers.nix +++ b/nixos/viridian/services/traefik/routers.nix @@ -6,7 +6,7 @@ "websecure" ]; middlewares = [ - "admin" + "internal" ]; service = "api@internal"; }; @@ -17,7 +17,7 @@ "websecure" ]; middlewares = [ - "admin" + "internal" ]; service = "ender1"; }; diff --git a/nixos/viridian/services/traefik/services.nix b/nixos/viridian/services/traefik/services.nix index b03fc0c..bfdb5fa 100644 --- a/nixos/viridian/services/traefik/services.nix +++ b/nixos/viridian/services/traefik/services.nix @@ -1,7 +1,7 @@ {...}: { services.traefik.dynamicConfigOptions.http.services = { ender1.loadBalancer.servers = [ - {url = "http://192.168.1.103:80";} + {url = "http://192.168.50.201:80";} ]; }; }