impermanence
impermanence copied to clipboard
Published
20 hours ago •
nix-community
nix-community
Impermanence does not work when `system.etc.overlay.mutable = false`
configuration:
system.etc.overlay.enable = true;
system.etc.overlay.mutable = false;
services.userborn.enable = true;
systemd:
$ systemctl --failed
UNIT LOAD ACTIVE SUB DESCRIPTION
● persist-\x27-persist-etc-ssh-ssh_host_ed25519_key.pub\x27.service loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_ed25519_key.pub' to '/etc/ssh/ssh_host_ed25519_key.pub'
● persist-\x27-persist-etc-ssh-ssh_host_ed25519_key\x27.service loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_ed25519_key' to '/etc/ssh/ssh_host_ed25519_key'
● persist-\x27-persist-etc-ssh-ssh_host_rsa_key.pub\x27.service loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_rsa_key.pub' to '/etc/ssh/ssh_host_rsa_key.pub'
● persist-\x27-persist-etc-ssh-ssh_host_rsa_key\x27.service loaded failed failed Bind mount or link '/persist/etc/ssh/ssh_host_rsa_key' to '/etc/ssh/ssh_host_rsa_key'
Legend: LOAD → Reflects whether the unit definition was properly loaded.
ACTIVE → The high-level unit activation state, i.e. generalization of SUB.
SUB → The low-level unit activation state, values depend on unit type.
4 loaded units listed.
log:
Aug 31 01:48:08 dust zhwr6q6s9q05c12015397d2jsw8zfd8r-impermanence-mount-file[1113]: touch: cannot touch '/etc/ssh/ssh_host_rsa_key': Read-only file system
Aug 31 01:48:08 dust zhwr6q6s9q05c12015397d2jsw8zfd8r-impermanence-mount-file[1096]: Error when executing touch "$mountPoint" at line 39!
Aug 31 01:48:08 dust systemd[1]: persist-\x27-persist-etc-ssh-ssh_host_rsa_key\x27.service: Main process exited, code=exited, status=1/FAILURE
A workaround:
environment.etc."secureboot".source = pkgs.emptyDirectory;
environment.etc."ssh/ssh_host_ed25519_key.pub".source = pkgs.emptyFile;
