75 lines
3.0 KiB
Nix
75 lines
3.0 KiB
Nix
{ ... }:
|
|
{
|
|
# Don't make the nix store read-only, as this would prevent the overlay FS
|
|
# from being able to mount it.
|
|
boot.readOnlyNixStore = false;
|
|
|
|
# The nix-daemon.socket has an unnecessary dependency over the /nix/store
|
|
# mount point. But that mount point won't be provided until the network is
|
|
# ready. However, the network-address-eno1.service, has a dependency over
|
|
# sockets.target, causing a cycle.
|
|
# One solution is to make the nix-daemon.socket depend only on the socket
|
|
# patch (which is already covered by ConditionPathIsReadWrite =
|
|
# /nix/var/nix/daemon-socket), instead on the /nix/store.
|
|
#
|
|
# Using systemd.sockets.nix-daemon.unitConfig.RequiresMountsFor =
|
|
# "/nix/var/nix/daemon-socket" doesn't work, as the the mount options get
|
|
# added by systemd when the override config is merged with the one that Nix
|
|
# provides:
|
|
#
|
|
# owl2% sudo systemctl show nix-daemon.socket | grep RequiresMountsFor
|
|
# RequiresMountsFor=/nix/store /nix/var/nix/daemon-socket/socket /nix/var/nix/daemon-socket
|
|
#
|
|
# To fix this, the Nix package is patched to only depend on /nix/var instead.
|
|
# See ../../pkgs/overlay.nix for details.
|
|
|
|
# Mount the hut nix store via NFS in read-only mode.
|
|
fileSystems."/mnt/hut-nix-store" = {
|
|
device = "hut:/nix/store";
|
|
fsType = "nfs";
|
|
options = [ "ro" ];
|
|
};
|
|
|
|
# A workdir is also needed, so setup a permanent dir using tmpfiles.
|
|
systemd.tmpfiles.rules = [
|
|
"d /mnt/nix-work 0700 root root -"
|
|
];
|
|
|
|
# Mount an overlay in /nix/store using as lower layer the NFS store and upper
|
|
# layer the disk nix store. The destination is still the nix store in
|
|
# /nix/store (confusing). We need rw access, as the daemon need to write the
|
|
# lock files to build derivations locally.
|
|
# HACK: Use /nix//store to prevent the overlay to be mounted on boot, see:
|
|
# https://github.com/NixOS/nixpkgs/blob/17a46d09ac123d0da3a26855bf3af7db01f9c751/nixos/lib/utils.nix#L14
|
|
fileSystems."/nix//store" = {
|
|
device = "overlay";
|
|
fsType = "overlay";
|
|
options = [
|
|
# We need the local-fs.target to be ready, so the network interfaces can
|
|
# be configured to the network.target is reached. So make this a netdev
|
|
# mount.
|
|
"_netdev"
|
|
"lowerdir=/mnt/hut-nix-store,upperdir=/nix/store,workdir=/mnt/nix-work"
|
|
"x-systemd.requires-mounts-for=/nix/store"
|
|
# We need to wait for the NFS mount
|
|
"x-systemd.requires-mounts-for=/mnt/hut-nix-store"
|
|
];
|
|
depends = [ "/nix/store" "/mnt/hut-nix-store" "/mnt/nix-work" ];
|
|
};
|
|
|
|
# Maybe we should move it to a systemd mount, so we avoid the /nix//store
|
|
# hack. Example (not tested):
|
|
# systemd.mounts = [
|
|
# {
|
|
# what = "overlay";
|
|
# type = "overlay";
|
|
# where = "/nix/store";
|
|
# options = "lowerdir=/mnt/hut-nix-store,upperdir=/nix/store,workdir=/mnt/nix-work";
|
|
# description = "Overlay nix store mount";
|
|
# requires = [ "hut-nix-store.mount" ];
|
|
# after = [ "mnt-hut\\x2dnix\\x2dstore.mount" ];
|
|
# before = [ "nix-daemon.service" ];
|
|
# }
|
|
# ];
|
|
}
|