colin
d13bcc49ab
longer-term, i want hosts/by-name to define host-specific data that's accessible via the other hosts (things like pubkeys). also the secrets management needs some rethinking. there's really not much point in me specifiying where *exactly* a secret comes from at its use site. i should really be specifying secret store manifests; i.e. "servo.yaml contains secrets X Y and Z", and leaving the rest up to auto-computing.
32 lines
721 B
Nix
32 lines
721 B
Nix
{ ... }:
|
|
|
|
{
|
|
sane.persist.root-on-tmpfs = true;
|
|
# we need a /tmp for building large nix things.
|
|
# a cross-compiled kernel, particularly, will easily use 30+GB of tmp
|
|
fileSystems."/tmp" = {
|
|
device = "none";
|
|
fsType = "tmpfs";
|
|
options = [
|
|
"mode=777"
|
|
"size=64G"
|
|
"defaults"
|
|
];
|
|
};
|
|
fileSystems."/nix" = {
|
|
# device = "/dev/disk/by-uuid/985a0a32-da52-4043-9df7-615adec2e4ff";
|
|
device = "/dev/disk/by-uuid/0ab0770b-7734-4167-88d9-6e4e20bb2a56";
|
|
fsType = "btrfs";
|
|
options = [
|
|
"compress=zstd"
|
|
"defaults"
|
|
];
|
|
};
|
|
|
|
fileSystems."/boot" = {
|
|
# device = "/dev/disk/by-uuid/CAA7-E7D2";
|
|
device = "/dev/disk/by-uuid/41B6-BAEF";
|
|
fsType = "vfat";
|
|
};
|
|
}
|