chore!: 2024-02-10 19:05:37 +0100

trueNAHO · Feb 10, 2024 · 60461c7 · 60461c7
1 parent c40b42f
commit 60461c7
Showing 1 changed file with 35 additions and 59 deletions.
diff --git a/modules/impermanence/nixos/default.nix b/modules/impermanence/nixos/default.nix
@@ -49,67 +49,43 @@
     lib.mkIf cfg.enable {
       modules.agenix.nixosModules.default.enable = true;
 
-      # References:
+      # Reference:
       #
-      #
-      # - https://guekka.github.io/nixos-server-1 # TODO: required?
-      # - https://mt-caret.github.io/blog/posts/2020-06-29-optin-state.html
-      boot.initrd =
+      # - https://github.com/nix-community/impermanence/blob/cd13c2917eaa68e4c49fea0ff9cada45440d7045/README.org?plain=1#L91-L157
+      boot.initrd.postDeviceCommands =
         lib.mkIf
-        cfg.btrfsSnapshots.enable {
-          # supportedFilesystems = ["btrfs"]; # TODO: required?
-
-          systemd.enable = true;
-
-          systemd.services.impermanence = {
-            after = ["systemd-cryptsetup@enc.service"];
-            before = ["sysroot.mount"];
-            description = "Erase your Btrfs darlings";
-            # path = [pkgs.btrfs]; TODO: access command names via 'pkgs.pname'.
-
-            script = ''
-              set -e
-
-              # TODO: remove
-              set +x
-              ls "${cfg.btrfsSnapshots.filesystemRoot}" >&2
-
-              mount_point="/btrfs_tmp"
-
-              mount \
-                --options subvol=/ \
-                --types btrfs \
-                "${cfg.btrfsSnapshots.filesystemRoot}" \
-                "$mount_point"
-
-              trap 'umount "$mount_point" && rmdir "$mount_point"' EXIT
-
-              btrfs \
-                subvolume \
-                list \
-                -o "$mount_point/${cfg.btrfsSnapshots.snapshot.root}" |
-                awk '{ print $NF }' |
-                while read -r subvolume; do
-                  btrfs subvolume delete "$mount_point/$subvolume"
-                done
-
-              btrfs \
-                subvolume \
-                delete \
-                "$mount_point/${cfg.btrfsSnapshots.snapshot.root}"
-
-              btrfs \
-                subvolume \
-                snapshot \
-                "$mount_point/${cfg.btrfsSnapshots.snapshot.blankRoot}" \
-                "$mount_point/${cfg.btrfsSnapshots.snapshot.root}"
-            '';
-
-            serviceConfig.Type = "oneshot";
-            unitConfig.DefaultDependencies = "no";
-            wantedBy = ["initrd.target"];
-          };
-        };
+        cfg.btrfsSnapshots.enable
+        (lib.mkAfter ''
+          set -e
+
+          # TODO: remove
+          set +x
+
+          btrfs_subvolume_delete_recursive() {
+            btrfs subvolume list -o "$1" |
+              awk '{ print $NF }' |
+              while read -r subvolume; do
+                delete_subvolume_recursively "$mount_point/$subvolume"
+              done
+
+            btrfs subvolume delete "$1"
+          }
+
+          mount_point=/.erase_your_darlings
+
+          mkdir --parent "$mount_point"
+          mount "${cfg.btrfsSnapshots.filesystemRoot}" "$mount_point"
+
+          trap 'umount "$mount_point"; rmdir "$mount_point"' EXIT
+
+          btrfs_subvolume_delete_recursive \
+            "$mount_point/${cfg.btrfsSnapshots.snapshot.root}"
+
+          btrfs \
+            subvolume \
+            create \
+            "$mount_point/${cfg.btrfsSnapshots.snapshot.root}"
+        '');
 
       environment.persistence.${cfg.path}.directories = [
         "/etc/ssh"