From 28955680c27837fcaa230e9c255bc0c99887dac9 Mon Sep 17 00:00:00 2001
From: Alexander Kobjolke <me@jakalx.net>
Date: Sat, 17 Jul 2021 18:24:47 +0200
Subject: [PATCH] nix: Load common security settings

---
 flake.nix            | 1 +
 modules/security.nix | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/flake.nix b/flake.nix
index e1baf9a..f81c0f9 100644
--- a/flake.nix
+++ b/flake.nix
@@ -15,6 +15,7 @@
       system = "x86_64-linux";
       modules = [
         inputs.snm.nixosModule
+	./modules/security.nix
 	./hosts/thrall
       ];
     };
diff --git a/modules/security.nix b/modules/security.nix
index cdcc85d..3482c16 100644
--- a/modules/security.nix
+++ b/modules/security.nix
@@ -9,7 +9,7 @@
 
   # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy
   # on ssd systems, and volatile! Because it's wiped on reboot.
-  boot.tmpOnTmpfs = lib.mkDefault true;
+#  boot.tmpOnTmpfs = lib.mkDefault true;
   # If not using tmpfs, which is naturally purged on reboot, we must clean it
   # /tmp ourselves. /tmp should be volatile storage!
   boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs);