View Page

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
infrastructure:nixos-boxes:dreamflasher [2026/01/12 06:35] diamondinfrastructure:nixos-boxes:dreamflasher [2026/01/12 06:46] (current) diamond
Line 17: Line 17:
 ``` ```
  
-- **hostname:** `dma-dreamflasher`+- **owner:** `@ellie` 
 +- **admin:** `@diamond`, `@infra-nixos`
 - **mac:** `00:30:64:76:4c:b3` - **mac:** `00:30:64:76:4c:b3`
-- **os:** nixos 
  
-## Entering Secure Boot Setup Mode+## Impermanence 
 + 
 +This machine runs [Impermanence](https://nixos.wiki/wiki/Impermanence)! Specifically, it runs a custom impermanence-inspired module written by `@ellie`. This means that on every boot, the entire filesystem except for those stated to be persisted in the machine's NixOS configuration will be wiped clean. For more information on the why, read [Erase Your Darlings](https://grahamc.com/blog/erase-your-darlings/). 
 + 
 +## Secure Boot Maintenance 
 + 
 +This machine uses Secure Boot to ensure that the booted kernel is signed properly. Then from this, TPM2 is used to decrypt the 2 root drives. 
 + 
 +> **Note:** We currently don't do mirrored boot properly because [Lanzaboote] doesn't support it properly. The server almost certainly only boots from one drive currently, despite mirroring root to both via ZFS. 
 + 
 +[Lanzaboote]: https://github.com/nix-community/lanzaboote 
 + 
 +### Entering Secure Boot Setup Mode
  
 > **Note:** Guide assumes an already running system. It does not cover resetting the system from scratch. > **Note:** Guide assumes an already running system. It does not cover resetting the system from scratch.