diff options
| author | Preston Pan <ret2pop@gmail.com> | 2025-09-19 00:51:40 -0700 |
|---|---|---|
| committer | Preston Pan <ret2pop@gmail.com> | 2025-09-19 00:51:40 -0700 |
| commit | 56337bd35424b6e9fd131b542b2b5f0c3fb8a1d4 (patch) | |
| tree | 9df4a2c8fda4aff4ed6f18cf992617bba535e3fa /nix/modules | |
| parent | ce0c54eb953bd2c649359da547c009598acd3d54 (diff) | |
fix disko to actually install
Diffstat (limited to 'nix/modules')
| -rw-r--r-- | nix/modules/configuration.nix | 6 | ||||
| -rw-r--r-- | nix/modules/impermanence.nix | 4 |
2 files changed, 10 insertions, 0 deletions
diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix index a2912ea..5b44fc4 100644 --- a/nix/modules/configuration.nix +++ b/nix/modules/configuration.nix @@ -259,6 +259,12 @@ apparmor = { enable = true; killUnconfinedConfinables = true; + packages = with pkgs; [ + apparmor-profiles + ]; + policies = { + firefox.path = "${pkgs.apparmor-profiles}/share/apparmor/extra-profiles/firefox"; + }; }; pam.loginLimits = [ diff --git a/nix/modules/impermanence.nix b/nix/modules/impermanence.nix index 3bb8f18..e8b4b6f 100644 --- a/nix/modules/impermanence.nix +++ b/nix/modules/impermanence.nix @@ -32,6 +32,10 @@ umount /btrfs_tmp '' else ""); + boot.initrd.luks.devices = (if config.monorepo.profiles.impermanence.enable then [ + { name = "crypted"; device = "/dev/disk/by-partlabel/disk-main-luks"; } + ] else []); + fileSystems = if (config.monorepo.profiles.impermanence.enable) then { "/persistent" = { neededForBoot = true; |