chore: replace impermanence with preservation (#201)

2026-03-22 00:49:00 +01:00 · 2025-06-29 15:08:12 +08:00
parent 0004bccc9d
commit ffee47a2de
14 changed files with 14 additions and 86 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+.Trash-1000/
 result
 result/
 .direnv/
--- a/flake.lock
+++ b/flake.lock
@@ -442,21 +442,6 @@
        "type": "github"
      }
    },
-    "impermanence": {
-      "locked": {
-        "lastModified": 1737831083,
-        "narHash": "sha256-LJggUHbpyeDvNagTUrdhe/pRVp4pnS6wVKALS782gRI=",
-        "owner": "nix-community",
-        "repo": "impermanence",
-        "rev": "4b3e914cdf97a5b536a889e939fb2fd2b043a170",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "impermanence",
-        "type": "github"
-      }
-    },
    "lanzaboote": {
      "inputs": {
        "crane": "crane",
@@ -910,7 +895,6 @@
        "ghostty": "ghostty",
        "haumea": "haumea",
        "home-manager": "home-manager_2",
-        "impermanence": "impermanence",
        "lanzaboote": "lanzaboote",
        "mysecrets": "mysecrets",
        "nix-darwin": "nix-darwin",
--- a/flake.nix
+++ b/flake.nix
@@ -66,7 +66,6 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

-    impermanence.url = "github:nix-community/impermanence";
    preservation.url = "github:nix-community/preservation";

    # community wayland nixpkgs
--- a/hosts/12kingdoms-shoukei/hardware-configuration.nix
+++ b/hosts/12kingdoms-shoukei/hardware-configuration.nix
@@ -90,7 +90,7 @@
    device = "/dev/disk/by-uuid/2f4db246-e65d-4808-8ab4-5365f9dea1ef";
    fsType = "btrfs";
    options = ["subvol=@persistent" "noatime" "compress-force=zstd:1"];
-    # impermanence's data is required for booting.
+    # preservation's data is required for booting.
    neededForBoot = true;
  };

--- a/hosts/idols-ai/hardware-configuration.nix
+++ b/hosts/idols-ai/hardware-configuration.nix
@@ -96,7 +96,7 @@
    device = "/dev/disk/by-uuid/1167076c-dee1-486c-83c1-4b1af37555cd";
    fsType = "btrfs";
    options = ["subvol=@persistent" "compress-force=zstd:1"];
-    # impermanence's data is required for booting.
+    # preservation's data is required for booting.
    neededForBoot = true;
  };

--- a/hosts/idols-ai/preservation.nix
+++ b/hosts/idols-ai/preservation.nix
@@ -31,7 +31,7 @@ in {
  #
  #  See also https://grahamc.com/blog/erase-your-darlings/

-  # NOTE: impermanence only mounts the directory/file list below to /persistent
+  # NOTE: preservation only mounts the directory/file list below to /persistent
  # If the directory/file already exists in the root filesystem you should
  # move those files/directories to /persistent first!
  preservation.preserveAt."/persistent" = {
--- a/hosts/k8s/disko-config/README.md
+++ b/hosts/k8s/disko-config/README.md
@@ -60,7 +60,7 @@ nixos-enter
 # NOTE: DO NOT skip this step!!!
 # copy the essential files into /persistent
 # otherwise the / will be cleared and data will lost
-## NOTE: impermanence just create links from / to /persistent
+## NOTE: preservation just create links from / to /persistent
 ##       We need to copy files into /persistent manually!!!
 mv /etc/machine-id /persistent/etc/
 mv /etc/ssh /persistent/etc/
--- a/hosts/k8s/disko-config/kubevirt-disko-fs.nix
+++ b/hosts/k8s/disko-config/kubevirt-disko-fs.nix
@@ -1,5 +1,5 @@
 {
-  # required by impermanence
+  # required by preservation
  fileSystems."/persistent".neededForBoot = true;

  # contains the k3s's token
--- a/nixos-installer/.gitignore
+++ b/nixos-installer/.gitignore
@@ -0,0 +1,2 @@
+# generate lock file every time
+flake.lock
--- a/nixos-installer/README.md
+++ b/nixos-installer/README.md
@@ -23,7 +23,7 @@ The configuration of the main flake, [/flake.nix](/flake.nix), is heavy, and it

 1. Adjust & verify my `hardware-configuration.nix` modification quickly before deploying the main
   flake.
-2. Test some new filesystem related features on a NixOS virtual machine, such as impermanence,
+2. Test some new filesystem related features on a NixOS virtual machine, such as preservation,
   Secure Boot, TPM2, Encryption, etc.

 ## Steps to Deploying this flake
@@ -221,7 +221,7 @@ nixos-enter
 # NOTE: DO NOT skip this step!!!
 # copy the essential files into /persistent
 # otherwise the / will be cleared and data will lost
-## NOTE: impermanence just create links from / to /persistent
+## NOTE: preservation just create links from / to /persistent
 ##       We need to copy files into /persistent manually!!!
 mv /etc/machine-id /persistent/etc/
 mv /etc/ssh /persistent/etc/
--- a/nixos-installer/README.shoukei.md
+++ b/nixos-installer/README.shoukei.md
@@ -200,7 +200,7 @@ nixos-enter
 # NOTE: DO NOT skip this step!!!
 # copy the essential files into /persistent
 # otherwise the / will be cleared and data will lost
-## NOTE: impermanence just create links from / to /persistent
+## NOTE: preservation just create links from / to /persistent
 ##       We need to copy files into /persistent manually!!!
 mv /etc/machine-id /persistent/etc/
 mv /etc/ssh /persistent/etc/
--- a/nixos-installer/flake.lock
+++ b/nixos-installer/flake.lock
@@ -1,58 +0,0 @@
-{
-  "nodes": {
-    "impermanence": {
-      "locked": {
-        "lastModified": 1702984171,
-        "narHash": "sha256-reIUBrUXibohXmvXRsgpvtlCE0QQSvWSA+qQCKohgR0=",
-        "owner": "nix-community",
-        "repo": "impermanence",
-        "rev": "123e94200f63952639492796b8878e588a4a2851",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "impermanence",
-        "type": "github"
-      }
-    },
-    "nixos-hardware": {
-      "locked": {
-        "lastModified": 1702453208,
-        "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
-        "owner": "NixOS",
-        "repo": "nixos-hardware",
-        "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixos-hardware",
-        "type": "indirect"
-      }
-    },
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1703068421,
-        "narHash": "sha256-WSw5Faqlw75McIflnl5v7qVD/B3S2sLh+968bpOGrWA=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "d65bceaee0fb1e64363f7871bc43dc1c6ecad99f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-25.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "root": {
-      "inputs": {
-        "impermanence": "impermanence",
-        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}
--- a/nixos-installer/flake.nix
+++ b/nixos-installer/flake.nix
@@ -3,7 +3,7 @@

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
-    impermanence.url = "github:nix-community/impermanence";
+    preservation.url = "github:nix-community/preservation";
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    nuenv.url = "github:DeterminateSystems/nuenv";
  };
--- a/secrets/nixos.nix
+++ b/secrets/nixos.nix
@@ -45,7 +45,7 @@ in {
    server.webserver.enable = mkEnableOption "NixOS Secrets for Web Servers(contains tls cert keys)";
    server.storage.enable = mkEnableOption "NixOS Secrets for HDD Data's LUKS Encryption";

-    preservation.enable = mkEnableOption "whether use impermanence and ephemeral root file system";
+    preservation.enable = mkEnableOption "whether use preservation and ephemeral root file system";
  };

  config = mkIf (cfg.desktop.enable || enabledServerSecrets) (mkMerge [
@@ -59,7 +59,7 @@ in {
        if cfg.preservation.enable
        then [
          # To decrypt secrets on boot, this key should exists when the system is booting,
-          # so we should use the real key file path(prefixed by `/persistent/`) here, instead of the path mounted by impermanence.
+          # so we should use the real key file path(prefixed by `/persistent/`) here, instead of the path mounted by preservation.
          "/persistent/etc/ssh/ssh_host_ed25519_key" # Linux
        ]
        else [