mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
a6167bf31c895bd265e3ad64dee3ca622cf2b024
nix-config/modules/nixos/impermanence/default.nix
mjallen18 a6167bf31c stuff
2025-09-02 19:23:08 -05:00

60 lines
1.3 KiB
Nix
Executable File
Raw Blame History

{
config,
lib,
namespace,
...
}:
with lib;
let
cfg = config.${namespace}.impermanence;
in
{
imports = [ ./options.nix ];
config = mkIf cfg.enable {
environment.persistence."/nix/persist/system" = {
hideMounts = true;
directories = [
"/var/lib/bluetooth"
"/var/lib/iwd"
"/var/lib/nixos"
"/var/lib/libvirt"
"/var/lib/waydroid"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
"/var/lib/tailscale"
{
directory = "/var/lib/colord";
user = "colord";
group = "colord";
mode = "u=rwx,g=rx,o=";
}
{
directory = "/etc/nix";
user = "root";
group = "root";
mode = "u=rwx,g=rx,o=rx";
}
{
directory = "/var/lib/private";
mode = "u=rwx,g=rx,o=";
}
{
directory = "/media/nas";
user = "nas-apps";
group = "jallen-nas";
mode = "u=rwx,g=rx,o=rx";
}
] ++ cfg.extraDirectories;
files = [
"/etc/machine-id"
] ++ cfg.extraFiles;
};
security.sudo.extraConfig = ''
# rollback results in sudo lectures after each reboot
Defaults lecture = never
'';
};
}
Reference in New Issue View Git Blame Copy Permalink