refactor: moved modules to legacy-modules

2026-04-06 19:32:37 -05:00 · 2026-04-06 19:32:37 -05:00 · db7ac35613
commit db7ac35613
parent d646b954ac
233 changed files with 5 additions and 5 deletions
--- a/legacy-modules/nixos-modules/storage/impermanence.nix
+++ b/legacy-modules/nixos-modules/storage/impermanence.nix
@ -0,0 +1,142 @@
+args @ {
+  lib,
+  config,
+  ...
+}: let
+  datasetSubmodules = (import ./submodules/dataset.nix) args;
+  impermanenceDatasetSubmodule = (import ./submodules/impermanenceDataset.nix) args;
+
+  permissionsToMode = permissions: let
+    permSetToDigit = permSet:
+      (
+        if permSet.read
+        then 4
+        else 0
+      )
+      + (
+        if permSet.write
+        then 2
+        else 0
+      )
+      + (
+        if permSet.execute
+        then 1
+        else 0
+      );
+
+    ownerDigit = permSetToDigit permissions.owner.permissions;
+    groupDigit = permSetToDigit permissions.group.permissions;
+    otherDigit = permSetToDigit permissions.other.permissions;
+  in
+    toString ownerDigit + toString groupDigit + toString otherDigit;
+
+  # Get the option names from both submodules to automatically determine which are impermanence-specific
+  regularDatasetEval = lib.evalModules {
+    modules = [datasetSubmodules];
+    specialArgs = args;
+  };
+  impermanenceDatasetEval = lib.evalModules {
+    modules = [impermanenceDatasetSubmodule];
+    specialArgs = args;
+  };
+
+  regularDatasetOptions = builtins.attrNames regularDatasetEval.options;
+  impermanenceDatasetOptions = builtins.attrNames impermanenceDatasetEval.options;
+
+  # Find options that are only in impermanence datasets (not in regular ZFS datasets)
+  impermanenceOnlyOptions = lib.lists.subtractLists regularDatasetOptions impermanenceDatasetOptions;
+in {
+  options.storage = {
+    impermanence = {
+      enable = lib.mkEnableOption "should impermanence be enabled for this system";
+
+      datasets = lib.mkOption {
+        type = lib.types.attrsOf (lib.types.submodule impermanenceDatasetSubmodule);
+        default = {};
+      };
+    };
+  };
+
+  config = lib.mkIf config.storage.impermanence.enable (lib.mkMerge [
+    {
+      assertions = [
+        {
+          assertion = config.storage.zfs.enable;
+          message = "storage.impermanence can not be used without storage.zfs.";
+        }
+      ];
+
+      system.activationScripts = {
+        # fixes issues with /var/lib/private not having the correct permissions https://github.com/nix-community/impermanence/issues/254
+        "createPersistentStorageDirs".deps = ["var-lib-private-permissions" "users" "groups"];
+
+        "var-lib-private-permissions" = lib.mkIf config.storage.generateBase {
+          deps = ["specialfs"];
+          text = ''
+            mkdir -p /persist/replicate/system/root/var/lib/private
+            chmod 0700 /persist/replicate/system/root/var/lib/private
+          '';
+        };
+      };
+
+      programs.fuse.userAllowOther = true;
+
+      # Suppress sudo lecture on every boot since impermanence wipes the lecture status file
+      security.sudo.extraConfig = "Defaults lecture=never";
+
+      fileSystems =
+        lib.mapAttrs' (
+          datasetName: dataset:
+            lib.nameValuePair "/${datasetName}" {
+              device = "rpool/${datasetName}";
+              fsType = "zfs";
+              neededForBoot = true;
+            }
+        )
+        (lib.filterAttrs (
+            datasetName: dataset: dataset.impermanence.enable
+          )
+          config.storage.impermanence.datasets);
+
+      environment.persistence =
+        lib.mapAttrs (datasetName: dataset: {
+          enable = true;
+          hideMounts = true;
+          persistentStoragePath = "/${datasetName}";
+          directories = lib.mapAttrsToList (path: dirConfig: {
+            directory = path;
+            user = dirConfig.owner.name;
+            group = dirConfig.group.name;
+            mode = permissionsToMode dirConfig;
+          }) (lib.filterAttrs (_: dirConfig: dirConfig.enable) dataset.directories);
+          files = lib.mapAttrsToList (path: fileConfig: {
+            file = path;
+            parentDirectory = {
+              user = fileConfig.owner.name;
+              group = fileConfig.group.name;
+              mode = permissionsToMode fileConfig;
+            };
+          }) (lib.filterAttrs (_: fileConfig: fileConfig.enable) dataset.files);
+        })
+        (lib.filterAttrs (
+            datasetName: dataset: let
+              enabledDirectories = lib.filterAttrs (_: dirConfig: dirConfig.enable) dataset.directories;
+              enabledFiles = lib.filterAttrs (_: fileConfig: fileConfig.enable) dataset.files;
+            in
+              (enabledDirectories != {}) || (enabledFiles != {})
+          )
+          (lib.filterAttrs (
+              datasetName: dataset: dataset.impermanence.enable
+            )
+            config.storage.impermanence.datasets));
+    }
+    (lib.mkIf config.storage.zfs.enable {
+      storage.zfs.datasets =
+        lib.mapAttrs (
+          datasetName: dataset:
+            builtins.removeAttrs dataset impermanenceOnlyOptions
+        )
+        config.storage.impermanence.datasets;
+    })
+  ]);
+}