From 89457058f6aa324aaab07737def5ab3d3b6bb2ee Mon Sep 17 00:00:00 2001
From: Winter <winter@winter.cafe>
Date: Sat, 9 Aug 2025 20:22:53 -0400
Subject: [PATCH] nix/vm: isolate it a bit more
Change-Id: ynzsmmzxzqzyzklwvxqnqnszzmnqsnqt

I personally don't like that nixos-shell inherits a ton of stuff from the
host by default, even mounting my home directory as r/w! I imagine I'm not
the only one with this opinion, so let's put a stop to it by default.

Signed-off-by: Winter <winter@winter.cafe>
---
 nix/vm.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/nix/vm.nix b/nix/vm.nix
index e7c5d44..cfc50b7 100644
--- a/nix/vm.nix
+++ b/nix/vm.nix
@@ -20,6 +20,13 @@ in
         pkgs,
         ...
       }: {
+        nixos-shell = {
+          inheritPath = false;
+          mounts = {
+            mountHome = false;
+            mountNixProfile = false;
+          };
+        };
         virtualisation = {
           memorySize = 2048;
           diskSize = 10 * 1024;
-- 
2.43.0