christoph/flake-nixinator
1
Fork 0
Code Activity

Modules/Impermanence: Update impermanence-btrfs-cleanup service

Browse Source 
- Run after "systemd-cryptsetup@crypted.service" instead of
"dev-mapper-crypted.device"
- Delete old backups after recreating home and root subvols in case of
failure
- Remove possible immutable attributes from backups, so the service
doesn't fail because it's not able to clear old backups
This commit is contained in:
Christoph Urlacher
2025-07-18 17:38:26 +02:00
parent 4d5a36e530
commit 98b9f2c57b
1 changed files with 26 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
system/modules/impermanence/default.nix
View File

@ -74,10 +74,10 @@ in {
users.${username} = { users.${username} = {
files = [ files = [
# NOTE: Don't put files generated/linked by HM here # NOTE: Don't put files generated/linked by HM here (they're already managed)
# as HM can't overwrite file mounts...
(mkUFile ".config/.tidal-dl.json" m755) (mkUFile ".config/.tidal-dl.json" m755)
(mkUFile ".config/.tidal-dl.token.json" m755) (mkUFile ".config/.tidal-dl.token.json" m755)
(mkUFile ".config/QtProject.conf" m755) # KeePassXC
]; ];
directories = [ directories = [
@ -202,34 +202,52 @@ in {
in { in {
description = "Clean impermanent btrfs subvolumes"; description = "Clean impermanent btrfs subvolumes";
wantedBy = ["initrd.target"]; wantedBy = ["initrd.target"];
after = ["dev-mapper-crypted.device"]; # after = ["dev-mapper-crypted.device"];
after = ["systemd-cryptsetup@crypted.service"];
before = ["sysroot.mount"]; before = ["sysroot.mount"];
unitConfig.DefaultDependencies = "no"; unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
# path = ["/bin" config.system.build.extraUtils pkgs.coreutils-full]; # path = ["/bin" config.system.build.extraUtils pkgs.coreutils-full];
# NOTE: If any single line of this script fails, the entire system might be bricked
# NixOS automatically sets "-e", so if unlucky, the subvolumes will be missing
script = '' script = ''
# This dir will be created in the initrd ramdisk
mkdir -p ${mountDir} mkdir -p ${mountDir}
# We mount the root subvolume. Because we're using a flat btrfs layout,
# "/" contains the subfolders (-volumes) home, log, nix, persist, root, swap, ...
mount -o subvol=/ /dev/mapper/crypted ${mountDir} mount -o subvol=/ /dev/mapper/crypted ${mountDir}
# Backup old root subvolume # Move root subvolume to backup location
if [[ -e ${mountDir}/root ]]; then if [[ -e ${mountDir}/root ]]; then
mkdir -p ${persistDir}/old_roots mkdir -p ${persistDir}/old_roots
timestamp=$(date --date="@$(stat -c %Y ${mountDir}/root)" "+%Y-%m-%-d_%H:%M:%S") timestamp=$(date --date="@$(stat -c %Y ${mountDir}/root)" "+%Y-%m-%-d_%H:%M:%S")
mv ${mountDir}/root "${persistDir}/old_roots/$timestamp" mv ${mountDir}/root "${persistDir}/old_roots/$timestamp"
# Make the backup mutable (in case it is not, e.g. /var/empty)
chattr -R -i -f "${persistDir}/old_roots/$timestamp"
echo "Backed up previous root subvolume to ${persistDir}/old_roots/$timestamp" echo "Backed up previous root subvolume to ${persistDir}/old_roots/$timestamp"
fi fi
# Backup old home subvolume # Move home subvolume to backup location
if [[ -e ${mountDir}/home ]]; then if [[ -e ${mountDir}/home ]]; then
mkdir -p ${persistDir}/old_homes mkdir -p ${persistDir}/old_homes
timestamp=$(date --date="@$(stat -c %Y ${mountDir}/home)" "+%Y-%m-%-d_%H:%M:%S") timestamp=$(date --date="@$(stat -c %Y ${mountDir}/home)" "+%Y-%m-%-d_%H:%M:%S")
mv ${mountDir}/home "${persistDir}/old_homes/$timestamp" mv ${mountDir}/home "${persistDir}/old_homes/$timestamp"
# Make the backup mutable (in case it is not)
chattr -R -i -f "${persistDir}/old_homes/$timestamp"
echo "Backed up previous home subvolume to ${persistDir}/old_homes/$timestamp" echo "Backed up previous home subvolume to ${persistDir}/old_homes/$timestamp"
fi fi
# Create new root + home subvolumes
btrfs subvolume create ${mountDir}/root
btrfs subvolume create ${mountDir}/home
echo "Created new subvolumes ${mountDir}/root and ${mountDir}/home"
# Delete a backed up subvolume # Delete a backed up subvolume
delete_subvolume_recursively() { delete_subvolume_recursively() {
IFS=$'\n' IFS=$'\n'
@ -242,38 +260,23 @@ in {
if [ $(stat -c %i "$1") -ne 256 ]; then return; fi if [ $(stat -c %i "$1") -ne 256 ]; then return; fi
for subvol in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do for subvol in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "${persistDir}/$subvol" delete_subvolume_recursively "${persistDir}/$subvol"
done done
btrfs subvolume delete "$1" btrfs subvolume delete "$1"
echo "Deleted old subvolume $1" echo "Deleted old subvolume $1"
} }
# Delete old roots # Delete old root backups
for old_root in $(find ${persistDir}/old_roots/ -maxdepth 1 -mtime +${backupDuration}); do for old_root in $(find ${persistDir}/old_roots/ -maxdepth 1 -mtime +${backupDuration}); do
delete_subvolume_recursively "$old_root" delete_subvolume_recursively "$old_root"
done done
# Delete old homes # Delete old home backups
for old_home in $(find ${persistDir}/old_homes/ -maxdepth 1 -mtime +${backupDuration}); do for old_home in $(find ${persistDir}/old_homes/ -maxdepth 1 -mtime +${backupDuration}); do
delete_subvolume_recursively "$old_home" delete_subvolume_recursively "$old_home"
done done
# Create new root + home subvolumes
btrfs subvolume create ${mountDir}/root
btrfs subvolume create ${mountDir}/home
echo "Created new subvolumes ${mountDir}/root and ${mountDir}/home"
if [[ -d ${mountDir}/home/${username} ]]; then
chown -R ${homeUser}:${homeGroup} ${mountDir}/home/${username}
echo "Set permissions for ${mountDir}/home/${username} to ${homeUser}:${homeGroup}"
fi
if [[ -d ${persistDir}/home/${username} ]]; then
chown -R ${homeUser}:${homeGroup} ${persistDir}/home/${username}
echo "Set permissions for ${persistDir}/home/${username} to ${homeUser}:${homeGroup}"
fi
umount ${mountDir} umount ${mountDir}
rmdir ${mountDir} rmdir ${mountDir}
''; '';