37 lines
982 B
Nix
Executable File
37 lines
982 B
Nix
Executable File
{ ... }:
|
|
{
|
|
# Set up impernance configuration for things like bluetooth
|
|
# In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.
|
|
|
|
environment.persistence."/nix/persist/system" = {
|
|
hideMounts = true;
|
|
directories = [
|
|
"/var/lib/bluetooth"
|
|
"/var/lib/nixos"
|
|
"/var/lib/libvirt"
|
|
"/var/lib/systemd/coredump"
|
|
{
|
|
directory = "/var/lib/private";
|
|
mode = "u=rwx,g=,o=";
|
|
}
|
|
"/etc/NetworkManager/system-connections"
|
|
{
|
|
directory = "/etc/nix";
|
|
user = "root";
|
|
group = "root";
|
|
mode = "u=rwx,g=rx,o=rx";
|
|
}
|
|
];
|
|
# files = [
|
|
# "/etc/machine-id"
|
|
# { file = "/etc/nix/id_rsa"; parentDirectory = { mode = "u=rwx,g=,o="; }; }
|
|
# ];
|
|
};
|
|
|
|
security.sudo.extraConfig = ''
|
|
# rollback results in sudo lectures after each reboot
|
|
Defaults lecture = never
|
|
'';
|
|
|
|
}
|