all: use boot.tmp.cleanOnBoot on unstable
This commit is contained in:
parent
e7e49a9b98
commit
6317c4e28b
@ -14,6 +14,11 @@ let
|
|||||||
command="/run/current-system/sw/bin/xin-status",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9PIhQ+yWfBM2tEG+W8W8HXJXqISXif8BcPZHakKvLM xin-status
|
command="/run/current-system/sw/bin/xin-status",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9PIhQ+yWfBM2tEG+W8W8HXJXqISXif8BcPZHakKvLM xin-status
|
||||||
'';
|
'';
|
||||||
gosignify = pkgs.callPackage ./pkgs/gosignify.nix { inherit isUnstable; };
|
gosignify = pkgs.callPackage ./pkgs/gosignify.nix { inherit isUnstable; };
|
||||||
|
inFluxBootOptions = if isUnstable then {
|
||||||
|
tmp = { cleanOnBoot = true; };
|
||||||
|
} else {
|
||||||
|
cleanTmpDir = true;
|
||||||
|
};
|
||||||
inFluxSSHOptions = if isUnstable then {
|
inFluxSSHOptions = if isUnstable then {
|
||||||
settings = {
|
settings = {
|
||||||
PermitRootLogin = "prohibit-password";
|
PermitRootLogin = "prohibit-password";
|
||||||
@ -142,13 +147,12 @@ in {
|
|||||||
'';
|
'';
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
cleanTmpDir = true;
|
|
||||||
kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened;
|
kernelPackages = lib.mkDefault pkgs.linuxPackages_hardened;
|
||||||
kernel.sysctl = {
|
kernel.sysctl = {
|
||||||
"net.ipv4.tcp_keepalive_time" = 60;
|
"net.ipv4.tcp_keepalive_time" = 60;
|
||||||
"net.ipv6.tcp_keepalive_time" = 60;
|
"net.ipv6.tcp_keepalive_time" = 60;
|
||||||
};
|
};
|
||||||
};
|
} // inFluxBootOptions;
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
settings = if config.networking.hostName != "pwntie" then {
|
settings = if config.networking.hostName != "pwntie" then {
|
||||||
|
Loading…
Reference in New Issue
Block a user