talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:39997dc4d41e31f7b8bf8379a04554185a2c3b42
Branches Tags
talexander:main talexander:nix talexander:kubernetes talexander:mt7927 talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook
...
compare: talexander:8c223a066d71874d7cfd87ae9cd0461a605dcf97
Branches Tags
talexander:nix talexander:kubernetes talexander:main talexander:mt7927 talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook

3 Commits
39997dc4d4 ... 8c223a066d

Author SHA1 Message Date
Tom Alexander
8c223a066d Add jq to the base role. 2025-11-24 20:29:35 -05:00
Tom Alexander
606b952304 Make rollback datasets configurable. 2025-11-24 20:16:47 -05:00
Tom Alexander
c542dcdee9 Use a local ssh config for odowork. 2025-11-24 19:31:56 -05:00
6 changed files with 64 additions and 7 deletions
Expand all files Collapse all files

5
nix/configuration/hosts/odo/default.nix
View File

@@ -32,6 +32,11 @@
boot.loader.generic-extlinux-compatible.enable = true;
boot.loader.systemd-boot.enable = lib.mkForce false;
me.rollback.dataset = [
"zroot/linux/nix/root@blank"
"zroot/linux/nix/home@blank"
];
me.optimizations = {
enable = true;
arch = "znver4";

11
nix/configuration/hosts/odowork/default.nix
View File

@@ -13,6 +13,7 @@
./screen_brightness.nix
./wifi.nix
./framework_module.nix
./ssh_config.nix
];
config = {
@@ -32,6 +33,11 @@
boot.loader.generic-extlinux-compatible.enable = true;
boot.loader.systemd-boot.enable = lib.mkForce false;
me.rollback.dataset = [
"zroot/linux/nixwork/root@blank"
"zroot/linux/nixwork/home@blank"
];
me.optimizations = {
enable = true;
arch = "znver4";
@@ -120,7 +126,10 @@
me.wireguard.activated = [
"wgh"
];
me.wireguard.deactivated = [ "wgf" ];
me.wireguard.deactivated = [
"wgf"
"colo"
];
me.yubikey.enable = true;
me.zfs.enable = true;
me.zrepl.enable = true;

15
nix/configuration/hosts/odowork/ssh_config.nix Normal file
View File

@@ -0,0 +1,15 @@
{
lib,
...
}:
{
imports = [ ];
config = {
me.install.user.talexander.file = {
".ssh/config" = {
source = lib.mkForce "/persist/manual/ssh/talexander/config";
};
};
};
}

5
nix/configuration/hosts/quark/default.nix
View File

@@ -30,6 +30,11 @@
boot.loader.generic-extlinux-compatible.enable = true;
boot.loader.systemd-boot.enable = lib.mkForce false;
me.rollback.dataset = [
"zroot/linux/nix/root@blank"
"zroot/linux/nix/home@blank"
];
me.optimizations = {
enable = true;
arch = "znver4";

1
nix/configuration/roles/base/default.nix
View File

@@ -59,6 +59,7 @@ in
nix-output-monitor # For better view into nixos-rebuild
nix-serve-ng # Serve nix store over http
cleanup_temporary_files
jq
];
};
}

34
nix/configuration/roles/boot/default.nix
View File

@@ -23,6 +23,27 @@
example = true;
description = "Enable to use secure boot.";
};
rollback.enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = true;
description = "Whether we want to enable rolling back during boot.";
};
rollback.dataset = lib.mkOption {
default = { };
example = lib.literalExpression ''
{
"zroot/linux/nix/root@blank" = true;
"zroot/linux/nix/home@blank" = lib.mkForce false;
}
'';
type = lib.types.coercedTo (lib.types.listOf lib.types.str) (
enabled: lib.listToAttrs (map (fs: lib.nameValuePair fs true) enabled)
) (lib.types.attrsOf lib.types.bool);
description = "List of ZFS datasets to rollback to during boot.";
};
};
config = lib.mkIf config.me.boot.enable (
@@ -51,7 +72,7 @@
# Check what will be lost with `zfs diff zroot/linux/root@blank`
boot.initrd.systemd.enable = lib.mkDefault true;
boot.initrd.systemd.services.zfs-rollback = {
boot.initrd.systemd.services.zfs-rollback = lib.mkIf config.me.rollback.enable {
description = "Rollback ZFS root dataset to blank snapshot";
wantedBy = [
"initrd.target"
@@ -64,11 +85,12 @@
];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
${config.boot.zfs.package}/sbin/zfs rollback -r zroot/linux/nix/root@blank
${config.boot.zfs.package}/sbin/zfs rollback -r zroot/linux/nix/home@blank
echo "rollback complete"
'';
script = lib.concatStringsSep "\n" (
(builtins.map (ds: "${config.boot.zfs.package}/sbin/zfs rollback -r '${ds}'") (
builtins.attrNames config.me.rollback.dataset
))
++ [ ''echo "rollback complete"'' ]
);
};
# boot.loader.systemd-boot.extraEntries = {