s0me1newithhand7s/reNixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
reNixos/kyra/environment/persistence.nix
s0me1newithhand7s 78a98e891e kyra(hardening): Impermanence in "/persist" 
Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
2026-05-03 16:05:49 +03:00

64 lines
1.3 KiB
Nix
Raw Permalink Blame History

_: {
environment = {
persistence = {
"/persist" = {
enable = true;
hideMounts = true;
directories = [
"/var/log"
"/etc/ssh"
"/var/lib/nixos"
"/var/lib/netbird"
"/var/lib/netbird-wt0"
"/var/lib/firewalld"
{
directory = "/var/lib/traefik";
user = "traefik";
group = "traefik";
mode = "0700";
}
{
directory = "/var/lib/crowdsec";
user = "crowdsec";
group = "crowdsec";
mode = "0750";
}
{
directory = "/var/lib/sing-box";
user = "sing-box";
group = "sing-box";
mode = "0700";
}
{
directory = "/var/lib/step-ca";
user = "step-ca";
group = "step-ca";
mode = "0700";
}
{
directory = "/var/lib/acme";
user = "acme";
group = "acme";
mode = "0751";
}
{
directory = "/var/lib/otel-collector";
user = "otel-collector";
group = "otel-collector";
mode = "0700";
}
];
files = [
"/etc/machine-id"
];
};
};
};
}
Reference in a new issue View git blame Copy permalink