cc-sandbox: add persistent .claude overlay

2026-03-12 12:15:22 +05:30
parent 0b3b5c5063
commit 9ab0eb3fb2
1 changed files with 29 additions and 3 deletions
--- a/flake.nix
+++ b/flake.nix
@@ -147,6 +147,29 @@
 						};
 					};
 					# Create and loop-mount an ext4 image on the 9p data volume
 					# for the overlay upper/work (9p can't serve as overlayfs upper)
 					systemd.services.claude-overlay-img = {
 						description = "Create ext4 image for Claude overlay";
 						wantedBy = [ "var-lib-claude\\x2drw.mount" ];
 						before = [ "var-lib-claude\\x2drw.mount" ];
 						after = [ "var-lib-cc\\x2dsandbox.mount" ];
 						requires = [ "var-lib-cc\\x2dsandbox.mount" ];
 						unitConfig.DefaultDependencies = false;
 						serviceConfig = {
 							Type = "oneshot";
 							RemainAfterExit = true;
 							ExecStart = pkgs.writeShellScript "claude-overlay-img" ''
 								img=/var/lib/cc-sandbox/claude-overlay.img
 								if [ ! -f "$img" ]; then
 									${pkgs.coreutils}/bin/truncate -s 128M "$img"
 									${pkgs.e2fsprogs}/bin/mkfs.ext4 -q "$img"
 								fi
 							'';
 						};
 					};
 					fileSystems = {
 						# tmpfs backing for the writable nix store overlay
 						"/nix/.rw-store" = {
@@ -155,11 +178,14 @@
 							neededForBoot = true;
 						};
-						# Claude config: ephemeral overlay on top of host's ~/.claude
+						# Loop-mounted ext4 image for overlay upper/work
 						"/var/lib/claude-rw" = {
-							fsType = "tmpfs";
+							device = "/var/lib/cc-sandbox/claude-overlay.img";
-							options = [ "size=128M" "mode=0700" ];
+							fsType = "ext4";
 							options = [ "loop" ];
 						};
 						# Claude config: persistent overlay on top of host's ~/.claude
 						"/root/.claude".overlay = {
 							lowerdir = [ "/var/lib/claude-lower" ];
 							upperdir = "/var/lib/claude-rw/upper";