nix/vm: isolate it a bit more #437

merged

opened by

winter.bsky.social 4 months ago targeting master from winter.bsky.social/core: push-ynzsmmzxzqzy

I personally don't like that nixos-shell inherits a ton of stuff from the host by default, even mounting my home directory as r/w! I imagine I'm not the only one with this opinion, so let's put a stop to it by default.

Signed-off-by: Winter winter@winter.cafe

options

unified split

Changed files

nix

vm.nix

nix/vm.nix

···

       20
       20
        
               pkgs,

     

       21
       21
        
               ...

     

       22
       22
        
             }: {

     

       23
       23
       +
               nixos-shell = {

     

       24
       24
       +
                 inheritPath = false;

     

       25
       25
       +
                 mounts = {

     

       26
       26
       +
                   mountHome = false;

     

       27
       27
       +
                   mountNixProfile = false;

     

       28
       28
       +
                 };

     

       29
       29
       +
               };

     

       23
       30
        
               virtualisation = {

     

       24
       31
        
                 memorySize = 2048;

     

       25
       32
        
                 diskSize = 10 * 1024;