summary refs log tree commit diff
path: root/profiles/impermanence.nix
blob: f03ff97082e0e8a1bcdf48c1a3b7b57fb8066289 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
{
  inputs,
  config,
  lib,
  options,
  ...
}: let
  sshHostKeys = ["/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_rsa_key"];
in {
  imports = [inputs.impermanence.nixosModules.impermanence];

  config = {
    environment.persistence."/nix/persist" = {
      hideMounts = true;
      directories = [
        "/var/log"
        "/var/lib/systemd/coredump"
        "/var/tmp" # for building oci containers
        "/tmp" # Make builds not crash by running them on disk instead of RAM (We still clean /tmp on boot)
      ];
      files =
        [
        ]
        ++ sshHostKeys
        ++ (map (x: x + ".pub") sshHostKeys);
    };
    age.identityPaths = map (x: "/nix/persist" + x) sshHostKeys;
  };
}