42 lines
807 B
Nix
42 lines
807 B
Nix
{ config, lib, modulesPath, ... }:
|
|
|
|
{
|
|
imports = [
|
|
(modulesPath + "/profiles/minimal.nix")
|
|
(modulesPath + "/virtualisation/lxc-container.nix")
|
|
];
|
|
|
|
boot = {
|
|
isContainer = true;
|
|
loader = {
|
|
initScript.enable = true;
|
|
};
|
|
};
|
|
|
|
environment.etc."machine-id".text =
|
|
builtins.substring 0 8 (
|
|
builtins.hashString "sha256" config.networking.hostName
|
|
);
|
|
|
|
nix = {
|
|
useSandbox = false;
|
|
maxJobs = lib.mkDefault 1;
|
|
buildCores = lib.mkDefault 1;
|
|
};
|
|
|
|
systemd.services =
|
|
let
|
|
noNestOpts.serviceConfig = {
|
|
PrivateTmp = lib.mkOverride 0 false;
|
|
};
|
|
in {
|
|
nscd = noNestOpts;
|
|
systemdLogind = noNestOpts;
|
|
|
|
nix-daemon.enable = false;
|
|
};
|
|
systemd.sockets.nix-daemon.enable = false;
|
|
|
|
services.openssh.enable = false;
|
|
}
|