From 99a6c7d547335fd5f7d4905e0954805e34aedd0e Mon Sep 17 00:00:00 2001 From: Bernardo Magri Date: Tue, 19 May 2026 17:50:27 +0100 Subject: [PATCH] fix(impermanence): user must match created account, not hardcoded "nomarchy" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The persistence block at core/system/impermanence.nix:75 read `users.nomarchy = { directories = [...]; }` — the username was a literal, not a reference. For any user not literally named "nomarchy" the block was silently inert and ~/.ssh, ~/.gnupg, ~/.local/share/keyrings, Documents, Downloads, Pictures, Videos, Projects were wiped on every boot. Adds `nomarchy.system.impermanence.user` (str, default "nomarchy") and uses it via `users.${cfg.user}`. The installer now writes the chosen username alongside `enable` and `mainLuksName` so impermanence installs with non-default usernames are correct out of the box. docs/OPTIONS.md: fixes the wrong path on the impermanence row (documented `impermanence.enable`, real option is `nomarchy.system.impermanence.enable`) and adds entries for `mainLuksName` and `user`. Found during Pillar 8 audit of core/system modules. --- core/system/impermanence.nix | 14 +++++++++++++- docs/OPTIONS.md | 10 +++++++++- installer/install.sh | 2 +- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/core/system/impermanence.nix b/core/system/impermanence.nix index 7bfa1c5..009d931 100644 --- a/core/system/impermanence.nix +++ b/core/system/impermanence.nix @@ -24,6 +24,18 @@ in "crypted_main" on multi-disk installs to match the disko layout. ''; }; + + user = lib.mkOption { + type = lib.types.str; + default = "nomarchy"; + description = '' + Primary user whose home subset (.ssh, .gnupg, keyrings, common + directories) survives the rootfs wipe. Must match the user + created via `users.users.` — otherwise the persistence + block is silently inert and the user's home directory is wiped + on every boot. The installer writes this for you. + ''; + }; }; config = lib.mkIf cfg.enable { @@ -72,7 +84,7 @@ in "/etc/machine-id" "/etc/supergfxd.conf" ]; - users.nomarchy = { + users.${cfg.user} = { directories = [ ".ssh" ".gnupg" diff --git a/docs/OPTIONS.md b/docs/OPTIONS.md index bdc803b..b151772 100644 --- a/docs/OPTIONS.md +++ b/docs/OPTIONS.md @@ -153,10 +153,18 @@ Without prime config, supergfxd still switches modes but render-offload via `nvi `bool`, default `false`. Intel IPU7 camera support (kernel modules + firmware). -### `impermanence.enable` +### `nomarchy.system.impermanence.enable` `bool`, default `false`. Erase Your Darlings root wipe on boot. Defined in `core/system/impermanence.nix`. The installer writes the flag based on the impermanence prompt. +### `nomarchy.system.impermanence.mainLuksName` + +`str`, default `"crypted"`. Name of the `/dev/mapper` entry holding the BTRFS root. The disko layout uses `"crypted"` on single-disk installs and `"crypted_main"` once multiple drives are selected — the installer writes the matching value automatically. + +### `nomarchy.system.impermanence.user` + +`str`, default `"nomarchy"`. Primary user whose home subset (`.ssh`, `.gnupg`, `.local/share/keyrings`, `Documents`, `Downloads`, `Pictures`, `Videos`, `Projects`) survives the rootfs wipe. Must match the user created via `users.users.` — otherwise the persistence block is silently inert and the user's home directory is wiped on every boot. The installer writes this for you. + --- ## Home Manager options (`home.nix`) diff --git a/installer/install.sh b/installer/install.sh index 094c1d1..d3e2454 100755 --- a/installer/install.sh +++ b/installer/install.sh @@ -1459,7 +1459,7 @@ generate_flake_config() { if (( ${#_drives[@]} > 1 )); then _main_luks_name="crypted_main" fi - impermanence_opt=$'nomarchy.system.impermanence.enable = true;\n nomarchy.system.impermanence.mainLuksName = "'"$_main_luks_name"$'";' + impermanence_opt=$'nomarchy.system.impermanence.enable = true;\n nomarchy.system.impermanence.mainLuksName = "'"$_main_luks_name"$'";\n nomarchy.system.impermanence.user = "'"$USERNAME"$'";' fi local PROFILE_SYSTEM_OPTS=""