From fb51ba828557827f137dfc0952c9093ca44dcb3c Mon Sep 17 00:00:00 2001
From: cy <hi@cything.io>
Date: Wed, 1 Jan 2025 20:56:11 -0500
Subject: [PATCH] init

---
 flake.lock                             | 16 ++++++++++++++++
 flake.nix                              |  2 ++
 hosts/chunk/hardware-configuration.nix |  3 ++-
 hosts/chunk/impermanence.nix           | 20 ++++++++++++++++++++
 4 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 hosts/chunk/impermanence.nix

diff --git a/flake.lock b/flake.lock
index 5758753..389695e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -139,6 +139,21 @@
         "type": "github"
       }
     },
+    "impermanence": {
+      "locked": {
+        "lastModified": 1734945620,
+        "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=",
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "rev": "d000479f4f41390ff7cf9204979660ad5dd16176",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "impermanence",
+        "type": "github"
+      }
+    },
     "lanzaboote": {
       "inputs": {
         "crane": "crane",
@@ -293,6 +308,7 @@
       "inputs": {
         "disko": "disko",
         "home-manager": "home-manager",
+        "impermanence": "impermanence",
         "lanzaboote": "lanzaboote",
         "nixpkgs": "nixpkgs",
         "nixpkgs-borg": "nixpkgs-borg",
diff --git a/flake.nix b/flake.nix
index 9a05e25..0f9d1ee 100644
--- a/flake.nix
+++ b/flake.nix
@@ -21,6 +21,7 @@
       url = "github:nix-community/lanzaboote/v0.4.1";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    impermanence.url = "github:nix-community/impermanence";
 
     nixpkgs-borg.url = "github:cything/nixpkgs/borg"; # unmerged PR
     nixpkgs-btrbk.url = "github:cything/nixpkgs/btrbk"; # unmerged PR
@@ -123,6 +124,7 @@
               ./hosts/chunk
               inputs.sops-nix.nixosModules.sops
               ./modules
+              inputs.impermanence.nixosModules.impermanence
             ];
           };
 
diff --git a/hosts/chunk/hardware-configuration.nix b/hosts/chunk/hardware-configuration.nix
index 0c21445..54c57bc 100644
--- a/hosts/chunk/hardware-configuration.nix
+++ b/hosts/chunk/hardware-configuration.nix
@@ -22,9 +22,10 @@
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" = {
+  fileSystems."/persistent" = {
     device = "/dev/disk/by-uuid/6fff5dd4-8d7a-43fa-85be-eec74ef2089e";
     fsType = "ext4";
+    neededForBoot = true;
   };
 
   swapDevices = [ ];
diff --git a/hosts/chunk/impermanence.nix b/hosts/chunk/impermanence.nix
new file mode 100644
index 0000000..d2b72f1
--- /dev/null
+++ b/hosts/chunk/impermanence.nix
@@ -0,0 +1,20 @@
+{...}: {
+  environment.persistence."/persistent" = {
+    enable = true;
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/opt"
+      "/var/lib"
+
+      "/root/.config/borg" # nonce
+      # used a hack to disable cache
+      # see https://borgbackup.readthedocs.io/en/stable/faq.html#the-borg-cache-eats-way-too-much-disk-space-what-can-i-do
+      "/root/.cache/borg"
+      "/root/.config/sops"
+    ];
+    files = [
+      "/etc/machine-id"
+    ];
+  };
+}