Changes for livedisk

config/hardware/lambda.nix

@@ -23,8 +23,7 @@ in {
       kernelModules = [ ];
     };
 
-    kernelModules = [ "kvm-amd" ];
-    kernelPackages = pkgs.linuxPackages.zfs;
+    kernelModules = [ "kvm-intel" ];
     supportedFilesystems = [ "zfs" ];
 
     loader.grub = {
@@ -38,11 +37,13 @@ in {
     "/boot" = {
       device = "/dev/disk/by-label/lambda-boot";
       fsType = "ext4";
+      options = [ "noexec" ];
     };
 
     "/" = {
-      device = "lambda/transient/root";
-      fsType = "zfs";
+      device = "none";
+      fsType = "tmpfs";
+      options = [ "noexec" ];
     };
 
     "/nix" = {
@@ -54,29 +55,20 @@ in {
       device = "lambda/transient/logs";
       fsType = "zfs";
       neededForBoot = true;
-    };
-
-    "/home" = {
-      device = "lambda/persistent/home";
-      fsType = "zfs";
+      options = [ "noexec" ];
     };
 
     "/state" = {
       device = "lambda/persistent/state";
       fsType = "zfs";
+      options = [ "noexec" ];
     };
   };
 
-  boot.initrd.postDeviceCommands = lib.mkAfter ''
-    ${pkgs.zfs}/bin/zfs rollback -r lambda/transient/root@blank
-  '';
-
   swapDevices = [{ device = "/dev/disk/by-label/lambda-swap"; }];
 
   nix.maxJobs = lib.mkDefault 12;
 
-  hardware.bluetooth.enable = false;
-
   networking = {
     hostId = substring 0 8 (fileContents /etc/machine-id);
 

config/host-config/lambda.nix

@@ -12,7 +12,7 @@ in {
       enp4s0f0.useDHCP = false;
       enp4s0f1.useDHCP = false;
 
-      intif0 = { useDHCP = true; };
+      intif0.useDHCP = true;
     };
   };
 
@@ -36,10 +36,17 @@ in {
     "L /root/.ssh/id_rsa - - - - /state/root/ssh/id_rsa"
     "L /root/.ssh/id_rsa.pub - - - - /state/root/ssh/id_rsa.pub"
     "L /root/.ssh/known_hosts - - - - /state/root/ssh/known_hosts"
-    "L /etc/ssh/ssh_host_ed25519_key - - - - /state/ssh/ssh_host_ed25519_key"
-    "L /etc/ssh/ssh_host_rsa_key - - - - /state/ssh/ssh_host_rsa_key"
   ];
 
+  environment.etc = {
+    "ssh/ssh_host_rsa_key".source = "/state/ssh/ssh_host_rsa_key";
+    "ssh/ssh_host_rsa_key.pub".source = "/state/ssh/ssh_host_rsa_key.pub";
+    "ssh/ssh_host_ed25519_key".source = "/state/ssh/ssh_host_ed25519_key";
+    "ssh/ssh_host_ed25519_key.pub".source =
+      "/state/ssh/ssh_host_ed25519_key.pub";
+    "machine-id".source = "/state/host/machine-id";
+  };
+
   security.sudo.extraConfig = ''
     # Due to rollback, sudo will lecture after every reboot
     Defaults lecture = never

config/profile-config/common.nix

@@ -15,7 +15,7 @@ let
 
 in {
   environment = {
-    etc.current-nixos-config.source = ../../.;
+    etc.nixos-live.source = ../../.;
 
     systemPackages = global-packages;
 

home-manager/niten.nix

@@ -56,6 +56,7 @@ let
     lshw
     minecraft
     mkpasswd
+    mplayer
     mtr
     nixfmt
     nix-index

live-disk.nix

@@ -45,6 +45,12 @@ in {
           "$6$a1q2Duoe35hd5$IaZGXPfqyGv9uq5DQm7DZq0vIHsUs39sLktBiBBqMiwl/f/Z4jSvNZLJp9DZJYe5u2qGBYh1ca.jsXvQA8FPZ/";
         extraGroups = [ "wheel" ];
       };
+
+      root = {
+        authorizedKeys.keys = [
+          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPwh522lvafTJYA0X2uFdP7Ws+Um1f8gZsARK1Y5nMzf6ZcWBF1jplTOKUVSOl4isMWni0Tu0TnX4zqCcgocWUVbwIwXSIRYqdiCPvVOH+/Ibc97n1/dYxk5JPMtbrsEw6/gWZxVg0qwe0J3dQWldEMiDY7iWhlrmIr7YL+Y3PUd7DOwp3PbfWfNyzTfE1kXcz5YvTeN+txFhbbXT0oS2R2wtc1vYXFZ/KbNstjqd+i8jszAq3ZkbbwL3aNR0RO4n8+GoIILGw8Ya4eP7D6+mYk608IhAoxpGyMrUch2TC2uvOK3rd/rw1hsTxf4AKjAZbrfd/FJaYru9ZeoLjD4bRGMdVp56F1m7pLvRiWRK62pV2Q/fjx+4KjHUrgyPd601eUIP0ayS/Rfuq8ijLpBJgO5/Y/6mFus/kjZIfRR9dXfLM67IMpyEzEITYrc/R2sedWf+YHxSh6eguAZ/kLzioar1nHLR7Wzgeu0tgWkD78WQGjpXGoefAz3xHeBg3Et0="
+        ];
+      };
     };
 
     # groups = { wheel = { members = [ "niten" ]; }; };