diff options
| author | Alejandro Soto <alejandro@34project.org> | 2026-04-03 19:31:34 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2026-04-03 19:37:30 -0600 |
| commit | 11bc7eb4378a8672861a5deec97826ba3294af59 (patch) | |
| tree | c5a1d71d2ca0fb6490a93252c26bcf0e86216f93 /sys/boot/impermanence.nix | |
| parent | 0b64cdb680f8f8418f1faf7258e1c5c497069e1a (diff) | |
sys/boot: impermanence: add support for an independent 'trust' persistent storage
Diffstat (limited to 'sys/boot/impermanence.nix')
| -rw-r--r-- | sys/boot/impermanence.nix | 56 |
1 files changed, 41 insertions, 15 deletions
diff --git a/sys/boot/impermanence.nix b/sys/boot/impermanence.nix index 5c7e46b..bdf6a90 100644 --- a/sys/boot/impermanence.nix +++ b/sys/boot/impermanence.nix @@ -5,20 +5,34 @@ }: with lib; let cfg = config.local.boot.impermanence; + + #TODO: type correcto de files, directories? + entryOption = mkOption { + type = with lib.types; listOf (either str attrs); + default = []; + }; + + persistPath = "/persist"; + + trustPath = + if cfg.trust.path != null + then cfg.trust.path + else persistPath; in { options.local.boot.impermanence = { enable = mkEnableOption "root fs impermanence"; - #TODO: type correcto de files, directories? + files = entryOption; + directories = entryOption; - directories = mkOption { - type = with lib.types; listOf (either str attrs); - default = []; - }; + trust = { + path = mkOption { + type = with lib.types; nullOr path; + default = null; + }; - files = mkOption { - type = with lib.types; listOf (either str attrs); - default = []; + files = entryOption; + directories = entryOption; }; }; @@ -50,17 +64,29 @@ in { (mkIf cfg.enable { assertions = [ { - assertion = (config.fileSystems ? "/persist") && config.fileSystems."/persist".neededForBoot; - message = "Impermanence requires /persist to be a neededForBoot mountpoint"; + assertion = (config.fileSystems ? ${persistPath}) && config.fileSystems.${persistPath}.neededForBoot; + message = "Impermanence requires ${persistPath} to be a neededForBoot mountpoint"; } ]; - environment.persistence."/persist" = { - hideMounts = true; + environment.persistence = mkMerge [ + { + ${persistPath} = { + hideMounts = true; - files = cfg.files; - directories = cfg.directories; - }; + files = cfg.files; + directories = cfg.directories; + }; + } + { + ${trustPath} = { + hideMounts = true; + + files = cfg.trust.files; + directories = cfg.trust.directories; + }; + } + ]; }) ]; } |