about summary refs log tree commit diff
path: root/nixos/alpha
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2024-08-04 12:44:12 +0900
committersefidel <contact@sefidel.net>2024-08-04 13:04:49 +0900
commit663e8a62c1a13d49d8d64de94563943a31860938 (patch)
treeb913efb2d85b2dd1108687f4a052a9943bf1092c /nixos/alpha
parentcf3a0e6bca52f81969cc08f8538a41e2bbc5e494 (diff)
downloadnixrc-663e8a62c1a13d49d8d64de94563943a31860938.tar.gz
nixrc-663e8a62c1a13d49d8d64de94563943a31860938.zip
feat(nixos/alpha): use persistence module
Diffstat (limited to 'nixos/alpha')
-rw-r--r--nixos/alpha/configuration.nix37
1 files changed, 16 insertions, 21 deletions
diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix
index fbaefc2..b3ceccc 100644
--- a/nixos/alpha/configuration.nix
+++ b/nixos/alpha/configuration.nix
@@ -115,17 +115,22 @@
 
   services.openssh.enable = true;
   services.openssh.settings.PasswordAuthentication = false;
-  services.openssh.hostKeys = [
-    {
-      path = "/persist/ssh/ssh_host_ed25519_key";
-      type = "ed25519";
-    }
-    {
-      path = "/persist/ssh/ssh_host_rsa_key";
-      type = "rsa";
-      bits = 4096;
-    }
-  ];
+
+  modules = {
+    persistence = {
+      enable = true;
+      storagePath = "/persist";
+      setupSshHostKeys = true;
+
+      directories = [
+        "/etc/NetworkManager/system-connections"
+        "/var/lib/bluetooth"
+        "/var/lib/tailscale"
+        "/var/lib/libvirt"
+        "/etc/cups"
+      ];
+    };
+  };
 
   sops.secrets.borg-alpha-rolling-pass = { };
   services.borgbackup.jobs.alpha-rolling = {
@@ -206,14 +211,6 @@
   services.avahi.enable = true;
   services.avahi.nssmdns4 = true;
 
-  environment.persistence."/persist".directories = [
-    "/etc/NetworkManager/system-connections"
-    "/var/lib/bluetooth"
-    "/var/lib/tailscale"
-    "/var/lib/libvirt"
-    "/etc/cups"
-  ];
-
   services.pcscd.enable = true;
 
   programs.dconf.enable = true;
@@ -363,8 +360,6 @@
 
   users.mutableUsers = false;
 
-  fileSystems."/persist".neededForBoot = true;
-
   users.users = {
     root.hashedPasswordFile = config.sops.secrets.root-password.path;
     sefidel = {