-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
update TODOs, add note about machine-id
- Loading branch information
Showing
1 changed file
with
22 additions
and
31 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,33 +1,24 @@ | ||
| * migration from impermanence works fine, but needs some specific documentation | ||
|
|
||
| * add support for tmpfiles' modifiers? | ||
| * maybe add some recommended config that users can opt-in to use in addition | ||
| to preservation? | ||
| * with the recent upstream changes the handling of /etc/machine-id changed. | ||
| That requires another change upstream, i.e. the file needs to be created with content | ||
| `uninitialized\n` and on a setup with preservation something like the following needs | ||
| to be done to properly preserve the machine-id across reboots. | ||
| ```nix | ||
| { | ||
| preservation.preserveAt."/state".files = [ | ||
| { file = "/etc/machine-id"; inInitrd = true; how = "symlink"; } | ||
| ]; | ||
| * custom systemd-tmpfiles service in stage-2? | ||
|
|
||
| Currently the two upstream services are used, one in initrd to prepare | ||
| files before switch-root, and the second one in stage-2 after switch-root. | ||
|
|
||
| Right now there is no way to provision files with the same systemd-tmpfiles | ||
| configuration inside a directory structure that is also persisted by | ||
| Preservation, unless the preservation happens in stage-1 and the rest | ||
| in stage-2. This is because Preservation uses systemd-tmpfiles to create | ||
| files and directories before creating the corresponding bindmounts between them. | ||
|
|
||
| Another issue occurs with the systemd-journald-flush.service, which is ordered | ||
| to run before tmpfiles-setup, while having a dependency on var-log.mount. | ||
| Should /var/log be persisted with Preservation, the var-log.mount unit | ||
| will be generated by Preservation as a bindmount from the volatile to | ||
| the persistent volume and because the underlying directories need to | ||
| exist before the mount is created, var-log.mount will be ordered after | ||
| systemd-tmpfiles-setup, thus causing a dependency loop. | ||
|
|
||
| At this moment a simple solution to this problem is to configure the | ||
| preservation of /var/log with `inInitrd = true` so that everything is | ||
| already set up in stage-1, which avoids the dependency loop in stage-2 | ||
| altogether. | ||
|
|
||
| One alternative to this would be to create a custom systemd-tmpfiles | ||
| service specifically for Preservation, that is ordered before the | ||
| default systemd-tmpfiles-setup.service. To make this feasible, it | ||
| would be nice to have access to the upstream NixOS option definitions | ||
| for `systemd.tmpfiles.settings` via the systemd-lib. | ||
| systemd.services.systemd-machine-id-commit = { | ||
| unitConfig.ConditionPathIsMountPoint = [ | ||
| "" "/state/etc/machine-id" | ||
| ]; | ||
| serviceConfig.ExecStart = [ | ||
| "" "systemd-machine-id-setup --commit --root /state" | ||
| ]; | ||
| }; | ||
| } | ||
| ``` | ||
| see https://github.com/NixOS/nixpkgs/pull/351151#issuecomment-2440122776 |