From 86ccf1964b5e30ead1b5f0d8ad376f9aa655d684 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Wed, 2 Nov 2022 00:15:19 +0100 Subject: tmpfs-root system-profile --- hosts/eostre/default.nix | 3 --- hosts/surtr/default.nix | 7 +------ hosts/vidhar/default.nix | 8 +------- system-profiles/nfsroot.nix | 11 +++++------ system-profiles/tmpfs-root.nix | 12 ++++++++++++ 5 files changed, 19 insertions(+), 22 deletions(-) create mode 100644 system-profiles/tmpfs-root.nix diff --git a/hosts/eostre/default.nix b/hosts/eostre/default.nix index 4aa6473e..e20929b4 100644 --- a/hosts/eostre/default.nix +++ b/hosts/eostre/default.nix @@ -67,9 +67,6 @@ with lib; zramSwap.enable = true; system.stateVersion = config.system.nixos.release; # No state - security.sudo.extraConfig = '' - Defaults lecture = never - ''; time.timeZone = "Europe/Berlin"; diff --git a/hosts/surtr/default.nix b/hosts/surtr/default.nix index e031c9b3..92d0088c 100644 --- a/hosts/surtr/default.nix +++ b/hosts/surtr/default.nix @@ -1,7 +1,7 @@ { flake, pkgs, lib, ... }: { imports = with flake.nixosModules.systemProfiles; [ - qemu-guest openssh rebuild-machines zfs + tmpfs-root qemu-guest openssh rebuild-machines zfs ./zfs.nix ./dns ./tls ./http ./bifrost ./matrix ./postgresql.nix ./prometheus ./email ./vpn ]; @@ -30,11 +30,6 @@ }; fileSystems = { - "/" = { - fsType = "tmpfs"; - options = [ "mode=0755" ]; - }; - "/boot" = { device = "/dev/disk/by-label/boot"; fsType = "vfat"; diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index fc77f03c..2f86c368 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix @@ -5,6 +5,7 @@ with lib; { imports = with flake.nixosModules.systemProfiles; [ ./zfs.nix ./network ./samba.nix ./dns ./prometheus ./borg + tmpfs-root initrd-all-crypto-modules default-locale openssh rebuild-machines build-server initrd-ssh @@ -55,13 +56,6 @@ with lib; }; }; - fileSystems = { - "/" = { - fsType = "tmpfs"; - options = [ "mode=0755" ]; - }; - }; - services.timesyncd.enable = false; services.chrony = { enable = true; diff --git a/system-profiles/nfsroot.nix b/system-profiles/nfsroot.nix index 92cf98de..ab028de3 100644 --- a/system-profiles/nfsroot.nix +++ b/system-profiles/nfsroot.nix @@ -1,10 +1,14 @@ -{ config, pkgs, lib, flakeInputs, ... }: +{ config, pkgs, lib, flake, flakeInputs, ... }: with lib; let cfg = config.nfsroot; in { + imports = with flake.nixosModules.systemProfiles; [ + tmpfs-root + ]; + options = { nfsroot = { storeDevice = mkOption { @@ -34,11 +38,6 @@ in { then [] else [ pkgs.grub2 pkgs.syslinux ]); - fileSystems."/" = mkImageMediaOverride - { fsType = "tmpfs"; - options = [ "mode=0755" ]; - }; - # In stage 1, mount a tmpfs on top of /nix/store (the squashfs # image) to make this a live CD. fileSystems."/nix/.ro-store" = mkImageMediaOverride diff --git a/system-profiles/tmpfs-root.nix b/system-profiles/tmpfs-root.nix new file mode 100644 index 00000000..d0b3be76 --- /dev/null +++ b/system-profiles/tmpfs-root.nix @@ -0,0 +1,12 @@ +{ ... }: { + config = { + fileSystems."/" = { + fsType = "tmpfs"; + options = [ "mode=0755" ]; + }; + + security.sudo.extraConfig = '' + Defaults lecture = never + ''; + }; +} -- cgit v1.2.3