back round 0 view raw

nix/vm: isolate it a bit more #437

merged
opened by winter.bsky.social targeting master from winter.bsky.social/core: push-ynzsmmzxzqzy

I personally don't like that nixos-shell inherits a ton of stuff from the host by default, even mounting my home directory as r/w! I imagine I'm not the only one with this opinion, so let's put a stop to it by default.

Signed-off-by: Winter winter@winter.cafe

options
unified split
Changed files
+7
nix
vm.nix
+7
nix/vm.nix
··· 20 20 pkgs, 21 21 ... 22 22 }: { 23 + nixos-shell = { 24 + inheritPath = false; 25 + mounts = { 26 + mountHome = false; 27 + mountNixProfile = false; 28 + }; 29 + }; 23 30 virtualisation = { 24 31 memorySize = 2048; 25 32 diskSize = 10 * 1024;