moved impermanence config for var lib private into impermanence module

2025-07-05 00:01:28 -05:00 · 2025-07-05 00:01:28 -05:00 · 43ce007033
commit 43ce007033
parent 4db136d527
2 changed files with 12 additions and 4 deletions
--- a/modules/nixos-modules/impermanence.nix
+++ b/modules/nixos-modules/impermanence.nix
@ -25,6 +25,18 @@
          }
        ];

+        # fixes issues with /var/lib/private not having the correct permissions https://github.com/nix-community/impermanence/issues/254
+        system.activationScripts."createPersistentStorageDirs".deps = ["var-lib-private-permissions" "users" "groups"];
+        system.activationScripts = {
+          "var-lib-private-permissions" = {
+            deps = ["specialfs"];
+            text = ''
+              mkdir -p /persist/system/root/var/lib/private
+              chmod 0700 /persist/system/root/var/lib/private
+            '';
+          };
+        };
+
        programs.fuse.userAllowOther = true;

        boot.initrd.postResumeCommands = lib.mkAfter ''
--- a/modules/nixos-modules/ollama.nix
+++ b/modules/nixos-modules/ollama.nix
@ -28,10 +28,6 @@
        };
      }))
      (lib.mkIf config.host.impermanence.enable {
-        # TODO: move this somewhere common
-        systemd.tmpfiles.rules = [
-          "d /var/lib/private 0700 root root"
-        ];
        environment.persistence."/persist/system/root" = {
          enable = true;
          hideMounts = true;