pyrox.dev
1# This profile sets up a sytem for image based appliance usage. An appliance is
2# installed as an image, cannot be re-built, has no Nix available, and is
3# generally not meant for interactive use. Updates to such an appliance are
4# handled by updating whole partition images via a tool like systemd-sysupdate.
5
6{ lib, modulesPath, ... }:
7
8{
9
10 # Appliances are always "minimal".
11 imports = [
12 "${modulesPath}/profiles/minimal.nix"
13 ];
14
15 # The system cannot be rebuilt.
16 nix.enable = false;
17 system.switch.enable = false;
18
19 # The system is static.
20 users.mutableUsers = false;
21
22 # The system avoids interpreters as much as possible to reduce its attack
23 # surface.
24 boot.initrd.systemd.enable = lib.mkDefault true;
25 networking.useNetworkd = lib.mkDefault true;
26}