This repository has been archived by the owner on Mar 20, 2023. It is now read-only.
/ on tmpfs, wipe root on reboot
#89
Assignees
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The proposal is to completely wipe the machines on reboot except for the things that have to persist (e.g. the services, secrets and host SSH keys)
We can use https://github.com/nix-community/impermanence to specify paths should should persist on reboot, everything else will be wiped out.
Good reading material https://grahamc.com/blog/erase-your-darlings
Some guidance https://elis.nu/blog/2020/05/nixos-tmpfs-as-root/
See also https://xeiaso.net/blog/paranoid-nixos-2021-07-18
The text was updated successfully, but these errors were encountered: