feat(nixos/haruka): use persistence module

1 files changed, 16 insertions, 21 deletions

diff --git a/nixos/haruka/configuration.nix b/nixos/haruka/configuration.nix
index c8a347e..534b781 100644
--- a/nixos/haruka/configuration.nix
+++ b/nixos/haruka/configuration.nix
@@ -126,17 +126,22 @@
 
   services.openssh.enable = true;
   services.openssh.settings.PasswordAuthentication = false;
-  services.openssh.hostKeys = [
-    {
-      path = "/persist/ssh/ssh_host_ed25519_key";
-      type = "ed25519";
-    }
-    {
-      path = "/persist/ssh/ssh_host_rsa_key";
-      type = "rsa";
-      bits = 4096;
-    }
-  ];
+
+  modules = {
+    persistence = {
+      enable = true;
+      storagePath = "/persist";
+      setupSshHostKeys = true;
+
+      directories = [
+        "/etc/NetworkManager/system-connections"
+        "/etc/cups"
+        "/var/lib/fprint"
+        "/var/lib/bluetooth"
+        "/var/lib/tailscale"
+      ];
+    };
+  };
 
   sops.secrets.borg-haruka-rolling-pass = { };
   services.borgbackup.jobs.haruka-rolling = {
@@ -221,14 +226,6 @@
   services.avahi.enable = true;
   services.avahi.nssmdns4 = true;
 
-  environment.persistence."/persist".directories = [
-    "/etc/NetworkManager/system-connections"
-    "/etc/cups"
-    "/var/lib/fprint"
-    "/var/lib/bluetooth"
-    "/var/lib/tailscale"
-  ];
-
   services.pcscd.enable = true;
 
   programs.dconf.enable = true;
@@ -364,8 +361,6 @@
 
   users.mutableUsers = false;
 
-  fileSystems."/persist".neededForBoot = true;
-
   users.users = {
     root.hashedPasswordFile = config.sops.secrets.root-password.path;
     sefidel = {