TheCrazyInsanity/nixos-configv3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hashtag erasing my darlings

Browse Source
This commit is contained in:
TheCrazyInsanity
2025-12-16 12:30:30 -05:00
parent edfc6cffdd
commit fd2389fed1
2 changed files with 118 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
flake.nix
View File

@@ -11,18 +11,23 @@
# to avoid problems caused by different versions of nixpkgs. # to avoid problems caused by different versions of nixpkgs.
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
impermanence.url = "github:nix-community/impermanence";
}; };
outputs = { outputs =
{
self, self,
nixpkgs, nixpkgs,
home-manager, home-manager,
}@inputs: let impermanence,
}@inputs:
let
inherit (self) outputs; inherit (self) outputs;
nix.registry.nixos.flake = inputs.self; nix.registry.nixos.flake = inputs.self;
environment.etc."nix/inputs/nixpkgs".source = nixpkgs.outPath; environment.etc."nix/inputs/nixpkgs".source = nixpkgs.outPath;
nix.nixPath = [ "nixpkgs=${nixpkgs.outPath}" ]; nix.nixPath = [ "nixpkgs=${nixpkgs.outPath}" ];
in{ in
{
nixosConfigurations = { nixosConfigurations = {
homepc = nixpkgs.lib.nixosSystem { homepc = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; }; specialArgs = { inherit inputs outputs; };
@@ -44,6 +49,7 @@
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ modules = [
./machines/workstation/configuration.nix ./machines/workstation/configuration.nix
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.extraSpecialArgs = { inherit inputs outputs; }; home-manager.extraSpecialArgs = { inherit inputs outputs; };

73
global/eraseyourdarlings.nix Normal file
View File

@@ -0,0 +1,73 @@
{lib, ...}:
{
boot.initrd.postResumeCommands = lib.mkAfter ''
rm -rf /bin /etc /lib64 /srv /sys /tmp /usr /var
''
{
environment.persistence."/persistent" = {
enable = true; # NB: Defaults to true, not needed
hideMounts = true;
directories = [
"/var/log"
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
{
directory = "/var/lib/colord";
user = "colord";
group = "colord";
mode = "u=rwx,g=rx,o=";
}
];
files = [
"/etc/machine-id"
{
file = "/var/keys/secret_file";
parentDirectory = {
mode = "u=rwx,g=,o=";
};
}
];
users.laythe = {
directories = [
"Downloads"
"Music"
"Pictures"
"Documents"
"Videos"
"VirtualBox VMs"
{
directory = ".local/share/Steam";
mode = "0777"
}
{
directory = ".local/share/flatpak";
mode = "0700"
}
{
directory = ".gnupg";
mode = "0700";
}
{
directory = ".ssh";
mode = "0700";
}
{
directory = ".nixops";
mode = "0700";
}
{
directory = ".local/share/keyrings";
mode = "0700";
}
".local/share/direnv"
];
files = [
".screenrc"
];
};
};
}
}