From c4cfa6e398f44bf965e5d452036ae37e8ec5f471 Mon Sep 17 00:00:00 2001 From: Edgar <39066502+Guekka@users.noreply.github.com> Date: Mon, 29 Jul 2024 09:09:39 +0200 Subject: [PATCH] Update nixos-server-1.md #5 --- content/nixos-server-1.md | 96 +++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 55 deletions(-) diff --git a/content/nixos-server-1.md b/content/nixos-server-1.md index 301a670..779aae2 100644 --- a/content/nixos-server-1.md +++ b/content/nixos-server-1.md @@ -161,66 +161,52 @@ We've created our volumes, we've configured the system... But I promised we woul We're going to use the following script, credit of mt-caret. Do not forget to replace `vda3` with your data partition. **16/07/23 update**: it was brought to my attention that [postDeviceCommands can cause data loss](https://discourse.nixos.org/t/what-does-impermanence-add-over-built-in-functionality/27939/16). -While I did not experience any issue, I have updated the script to use a safer alternative. +While I did not experience any issue, I have updated the script to use a safer alternative. + +**29/07/24 update**: according to Nire Bryce, the updated script did not work. I'm surprised as it seemed to work locally, but I made the change anyway. I appreciate [their help](https://github.com/Guekka/guekka.github.io/issues/5). ```nix boot.initrd = { enable = true; supportedFilesystems = [ "btrfs" ]; - systemd.services.restore-root = { - description = "Rollback btrfs rootfs"; - wantedBy = [ "initrd.target" ]; - requires = [ - "dev-vda3" - ]; - after = [ - "dev-vda3" - # for luks - "systemd-cryptsetup@${config.networking.hostName}.service" - ]; - before = [ "sysroot.mount" ]; - unitConfig.DefaultDependencies = "no"; - serviceConfig.Type = "oneshot"; - script = '' - mkdir -p /mnt - - # We first mount the btrfs root to /mnt - # so we can manipulate btrfs subvolumes. - mount -o subvol=/ /dev/vda3 /mnt - - # While we're tempted to just delete /root and create - # a new snapshot from /root-blank, /root is already - # populated at this point with a number of subvolumes, - # which makes `btrfs subvolume delete` fail. - # So, we remove them first. - # - # /root contains subvolumes: - # - /root/var/lib/portables - # - /root/var/lib/machines - # - # I suspect these are related to systemd-nspawn, but - # since I don't use it I'm not 100% sure. - # Anyhow, deleting these subvolumes hasn't resulted - # in any issues so far, except for fairly - # benign-looking errors from systemd-tmpfiles. - btrfs subvolume list -o /mnt/root | - cut -f9 -d' ' | - while read subvolume; do - echo "deleting /$subvolume subvolume..." - btrfs subvolume delete "/mnt/$subvolume" - done && - echo "deleting /root subvolume..." && - btrfs subvolume delete /mnt/root - - echo "restoring blank /root subvolume..." - btrfs subvolume snapshot /mnt/root-blank /mnt/root - - # Once we're done rolling back to a blank snapshot, - # we can unmount /mnt and continue on the boot process. - umount /mnt - ''; - }; - }; + postResumeCommands = lib.mkAfter '' + mkdir -p /mnt + # We first mount the btrfs root to /mnt + # so we can manipulate btrfs subvolumes. + mount -o subvol=/ /dev/vda3 /mnt + + # While we're tempted to just delete /root and create + # a new snapshot from /root-blank, /root is already + # populated at this point with a number of subvolumes, + # which makes `btrfs subvolume delete` fail. + # So, we remove them first. + # + # /root contains subvolumes: + # - /root/var/lib/portables + # - /root/var/lib/machines + # + # I suspect these are related to systemd-nspawn, but + # since I don't use it I'm not 100% sure. + # Anyhow, deleting these subvolumes hasn't resulted + # in any issues so far, except for fairly + # benign-looking errors from systemd-tmpfiles. + btrfs subvolume list -o /mnt/root | + cut -f9 -d' ' | + while read subvolume; do + echo "deleting /$subvolume subvolume..." + btrfs subvolume delete "/mnt/$subvolume" + done && + echo "deleting /root subvolume..." && + btrfs subvolume delete /mnt/root + + echo "restoring blank /root subvolume..." + btrfs subvolume snapshot /mnt/root-blank /mnt/root + + # Once we're done rolling back to a blank snapshot, + # we can unmount /mnt and continue on the boot process. + umount /mnt + ''; + }; ``` We can then specify the files we want to keep.