about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2024-08-04 12:44:31 +0900
committersefidel <contact@sefidel.net>2024-08-04 13:04:49 +0900
commit8119a7df09d35760389cdb631347548511d7f72c (patch)
tree1e4133e0586e85e55a7da1aa3361a3d374d68f0b /nixos
parent663e8a62c1a13d49d8d64de94563943a31860938 (diff)
downloadnixrc-8119a7df09d35760389cdb631347548511d7f72c.tar.gz
nixrc-8119a7df09d35760389cdb631347548511d7f72c.zip
feat(nixos/haruka): use persistence module
Diffstat (limited to 'nixos')
-rw-r--r--nixos/haruka/configuration.nix37
1 files changed, 16 insertions, 21 deletions
diff --git a/nixos/haruka/configuration.nix b/nixos/haruka/configuration.nix
index c8a347e..534b781 100644
--- a/nixos/haruka/configuration.nix
+++ b/nixos/haruka/configuration.nix
@@ -126,17 +126,22 @@
 
   services.openssh.enable = true;
   services.openssh.settings.PasswordAuthentication = false;
-  services.openssh.hostKeys = [
-    {
-      path = "/persist/ssh/ssh_host_ed25519_key";
-      type = "ed25519";
-    }
-    {
-      path = "/persist/ssh/ssh_host_rsa_key";
-      type = "rsa";
-      bits = 4096;
-    }
-  ];
+
+  modules = {
+    persistence = {
+      enable = true;
+      storagePath = "/persist";
+      setupSshHostKeys = true;
+
+      directories = [
+        "/etc/NetworkManager/system-connections"
+        "/etc/cups"
+        "/var/lib/fprint"
+        "/var/lib/bluetooth"
+        "/var/lib/tailscale"
+      ];
+    };
+  };
 
   sops.secrets.borg-haruka-rolling-pass = { };
   services.borgbackup.jobs.haruka-rolling = {
@@ -221,14 +226,6 @@
   services.avahi.enable = true;
   services.avahi.nssmdns4 = true;
 
-  environment.persistence."/persist".directories = [
-    "/etc/NetworkManager/system-connections"
-    "/etc/cups"
-    "/var/lib/fprint"
-    "/var/lib/bluetooth"
-    "/var/lib/tailscale"
-  ];
-
   services.pcscd.enable = true;
 
   programs.dconf.enable = true;
@@ -364,8 +361,6 @@
 
   users.mutableUsers = false;
 
-  fileSystems."/persist".neededForBoot = true;
-
   users.users = {
     root.hashedPasswordFile = config.sops.secrets.root-password.path;
     sefidel = {