jakalx/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

nix: Load common security settings

Browse source
This commit is contained in:
Alexander Kobjolke 2021-07-17 18:24:47 +02:00
parent ad925391c9
commit 28955680c2
2 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -15,6 +15,7 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
inputs.snm.nixosModule inputs.snm.nixosModule
./modules/security.nix
./hosts/thrall ./hosts/thrall
]; ];
}; };

2
modules/security.nix
View file

@ -9,7 +9,7 @@
# tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy # tmpfs = /tmp is mounted in ram. Doing so makes temp file management speedy
# on ssd systems, and volatile! Because it's wiped on reboot. # on ssd systems, and volatile! Because it's wiped on reboot.
boot.tmpOnTmpfs = lib.mkDefault true; # boot.tmpOnTmpfs = lib.mkDefault true;
# If not using tmpfs, which is naturally purged on reboot, we must clean it # If not using tmpfs, which is naturally purged on reboot, we must clean it
# /tmp ourselves. /tmp should be volatile storage! # /tmp ourselves. /tmp should be volatile storage!
boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs); boot.cleanTmpDir = lib.mkDefault (!config.boot.tmpOnTmpfs);