profiles/impermanence.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

{inputs,
  config,
  lib,
  options,
  ...
}: let
  sshHostKeys = ["/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_rsa_key"];
in {
  imports = [inputs.impermanence.nixosModules.impermanence];

  config = {
    environment.persistence."/nix/persistent" = {
      hideMounts = true;
      directories = [
        "/var/log"
        "/var/lib/systemd/coredump"
        "/tmp" # Make builds not crash by running them on disk instead of RAM (We still clean /tmp on boot)
      ];
      files =
        [
        ]
        ++ sshHostKeys
	++ (map (x: x + ".pub") sshHostKeys);
    };
    age.identityPaths = (map (x: "/nix/persistent" + x) sshHostKeys);
  };
}