From 4160c3408f80eb1aae96a64e004a78b8eb00d747 Mon Sep 17 00:00:00 2001
From: Alexander Szczepanski <alexander@szczepan.ski>
Date: Sun, 3 Nov 2024 08:12:21 +0100
Subject: [PATCH] nixos-virtualbox-2024-11-03-08-12-21

---
 flake.nix                                  |  1 +
 machine/nixos-virtualbox/configuration.nix | 72 ++++++++++++++++++++--
 2 files changed, 68 insertions(+), 5 deletions(-)

diff --git a/flake.nix b/flake.nix
index 19fabcb..76a72ff 100644
--- a/flake.nix
+++ b/flake.nix
@@ -125,6 +125,7 @@
           system = "x86_64-linux";
           specialArgs = { inherit inputs outputs; };
           modules = [
+            impermanence.nixosModules.impermanence
             sops-nix.nixosModules.sops
             ./machine/nixos-virtualbox/configuration.nix
           ];
diff --git a/machine/nixos-virtualbox/configuration.nix b/machine/nixos-virtualbox/configuration.nix
index b5abfa6..4b66c34 100755
--- a/machine/nixos-virtualbox/configuration.nix
+++ b/machine/nixos-virtualbox/configuration.nix
@@ -10,8 +10,6 @@
     ./hardware-configuration.nix
     ../../configs/common.nix
     ../../configs/docker.nix
-#    ../../configs/plasma-wayland.nix
-#    ../../configs/user-gui.nix
     ../../configs/user.nix
   ];
 
@@ -19,7 +17,7 @@
     defaultSopsFile = ../../secrets.yaml;
     validateSopsFiles = true;
     age = {
-      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+      sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
       keyFile = "/var/lib/sops-nix/key.txt";
       generateKey = true;
     };
@@ -31,7 +29,6 @@
     };
   };
 
-  networking.hostName = "nixos-virtualbox"; # Define your hostname.
   time.timeZone = "Europe/Berlin";
 
   boot = {
@@ -44,8 +41,73 @@
       };
     };
     supportedFilesystems = [ "btrfs" ];
+
+    initrd = {
+      enable = true;
+      supportedFilesystems = [ "btrfs" ];
+
+      postResumeCommands = lib.mkAfter ''
+        mkdir -p /mnt
+        # We first mount the btrfs root to /mnt
+        # so we can manipulate btrfs subvolumes.
+        mount -o subvol=/ /dev/vda3 /mnt
+  
+        # While we're tempted to just delete /root and create
+        # a new snapshot from /root-blank, /root is already
+        # populated at this point with a number of subvolumes,
+        # which makes `btrfs subvolume delete` fail.
+        # So, we remove them first.
+        #
+        # /root contains subvolumes:
+        # - /root/var/lib/portables
+        # - /root/var/lib/machines
+        #
+        # I suspect these are related to systemd-nspawn, but
+        # since I don't use it I'm not 100% sure.
+        # Anyhow, deleting these subvolumes hasn't resulted
+        # in any issues so far, except for fairly
+        # benign-looking errors from systemd-tmpfiles.
+        btrfs subvolume list -o /mnt/root |
+        cut -f9 -d' ' |
+        while read subvolume; do
+          echo "deleting /$subvolume subvolume..."
+          btrfs subvolume delete "/mnt/$subvolume"
+        done &&
+        echo "deleting /root subvolume..." &&
+        btrfs subvolume delete /mnt/root
+
+        echo "restoring blank /root subvolume..."
+        btrfs subvolume snapshot /mnt/root-blank /mnt/root
+  
+        # Once we're done rolling back to a blank snapshot,
+        # we can unmount /mnt and continue on the boot process.
+        umount /mnt
+      '';
+    };
   };
-  networking.networkmanager.enable = true;
+
+  networking = {
+    networkmanager.enable = true;
+    hostName = "nixos-virtualbox"; # Define your hostname.
+  };
+
+  environment = {
+    persistence."/persist" = {
+      directories = [
+        "/var/lib/docker"
+        "/var/lib/nixos"
+        "/var/lib/tuptime"
+        "/var/lib/vnstat"
+      ];
+      files = [
+        "/etc/ssh/ssh_host_ed25519_key"
+        "/etc/ssh/ssh_host_ed25519_key.pub"
+        "/etc/ssh/ssh_host_rsa_key"
+        "/etc/ssh/ssh_host_rsa_key.pub"
+      ];
+    };
+  };
+
   programs.nix-ld.enable = true;
 
   # services = {