From 58a9d391431de5fc96d8c989bc1e99e98d7c93b4 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Tue, 1 Aug 2023 21:24:10 +0900
Subject: feat(systems/cobalt): re-enable auto root rollback

---
 modules/services/akkoma/default.nix   | 3 +++
 modules/services/fail2ban.nix         | 3 +++
 modules/services/jitsi.nix            | 5 +++++
 modules/services/misskey/default.nix  | 1 +
 modules/services/nixos-mailserver.nix | 1 +
 systems/cobalt/default.nix            | 6 +++---
 6 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/modules/services/akkoma/default.nix b/modules/services/akkoma/default.nix
index c0925cf..b070d73 100644
--- a/modules/services/akkoma/default.nix
+++ b/modules/services/akkoma/default.nix
@@ -95,5 +95,8 @@ in
           '';
         };
       };
+      environment.persistence."/persist".directories = [
+        "/var/lib/akkoma"
+      ];
     };
   }
diff --git a/modules/services/fail2ban.nix b/modules/services/fail2ban.nix
index 99351b1..7d3c4bf 100644
--- a/modules/services/fail2ban.nix
+++ b/modules/services/fail2ban.nix
@@ -13,5 +13,8 @@ in
     services.fail2ban = {
       enable = true;
     };
+    environment.persistence."/persist".directories = [
+      "/var/lib/fail2ban"
+    ];
   };
 }
diff --git a/modules/services/jitsi.nix b/modules/services/jitsi.nix
index ab02bb4..d1ed5cc 100644
--- a/modules/services/jitsi.nix
+++ b/modules/services/jitsi.nix
@@ -34,5 +34,10 @@ in
     };
 
     networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+    environment.persistence."/persist".directories = [
+      "/var/lib/prosody"
+      "/var/lib/jitsi-meet"
+    ];
   };
 }
diff --git a/modules/services/misskey/default.nix b/modules/services/misskey/default.nix
index 355e91f..f411736 100644
--- a/modules/services/misskey/default.nix
+++ b/modules/services/misskey/default.nix
@@ -48,6 +48,7 @@ in
     environment.persistence."/persist".directories = [
       "/var/lib/containers"
       "/var/lib/misskey-files"
+      "/var/lib/redis-misskey"
     ];
 
     systemd.tmpfiles.rules = [
diff --git a/modules/services/nixos-mailserver.nix b/modules/services/nixos-mailserver.nix
index ed8792d..7a8c5a5 100644
--- a/modules/services/nixos-mailserver.nix
+++ b/modules/services/nixos-mailserver.nix
@@ -106,6 +106,7 @@ in
       "/var/vmail"
       "/var/dkim"
       "/var/sieve"
+      "/var/spool/mail"
     ];
 
     networking.firewall.allowedTCPPorts = [ 143 993 465 587 ];
diff --git a/systems/cobalt/default.nix b/systems/cobalt/default.nix
index 2210f25..5cb4eb5 100644
--- a/systems/cobalt/default.nix
+++ b/systems/cobalt/default.nix
@@ -53,9 +53,9 @@ in
   fileSystems."/boot-fallback".options = [ "nofail" ];
 
   # Erase your darlings
-  # boot.initrd.postDeviceCommands = lib.mkAfter ''nix systemd environ
-  # zfs rollback -r rpool/local/root@blank
-  # '';
+  boot.initrd.postDeviceCommands = lib.mkAfter ''
+    zfs rollback -r rpool/local/root@blank
+  '';
 
   # NOTE: replace these to boot.initrd.availableKernelModules?
   boot.kernelModules = [ "e1000e" ];
-- 
cgit 1.4.1