From 0788d1aa4da22b938960aba4936b5eaf4b36b07e Mon Sep 17 00:00:00 2001
From: Christoph Cullmann <christoph@cullmann.io>
Date: Fri, 12 Jul 2024 19:35:16 +0200
Subject: better tmp handling

---
 common.nix | 24 ++++++------------------
 home.nix   |  8 ++++----
 2 files changed, 10 insertions(+), 22 deletions(-)

diff --git a/common.nix b/common.nix
index fe8cca5..744177d 100644
--- a/common.nix
+++ b/common.nix
@@ -123,21 +123,24 @@ in
   environment.persistence."/nix/persistent" = {
     hideMounts = true;
     directories = [
+      # tmp dir, don't fill our tmpfs root with that
+      { directory = "/tmp"; user = "root"; group = "root"; mode = "1777"; }
+
       # systemd timers
       { directory = "/var/lib/systemd/timers"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
 
       # alsa state for persistent sound settings
       { directory = "/var/lib/alsa"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
 
-      # nix tmp dir for rebuilds, don't fill our tmpfs root with that
-      { directory = "/var/cache/nix"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
-
       # NetworkManager connections
       { directory = "/etc/NetworkManager"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
       { directory = "/var/lib/NetworkManager"; user = "root"; group = "root"; mode = "u=rwx,g=rx,o=rx"; }
     ];
   };
 
+  # kill the tmp content on reboots, we mount that to /nix/persistent to avoid memory fill-up
+  boot.tmp.cleanOnBoot = true;
+
   # ensure our data is not rotting
   services.zfs.autoScrub = {
     enable = true;
@@ -253,20 +256,6 @@ in
     '';
   };
 
-  # move nix tmp directory off the tmpfs for large updates
-  # for nixos-build we set that directory as tmp dir in the command
-  systemd.services.nix-daemon = {
-    environment = {
-      # Location for temporary files
-      TMPDIR = "/var/cache/nix";
-    };
-    serviceConfig = {
-      # Create /var/cache/nix automatically on Nix Daemon start
-      CacheDirectory = "nix";
-    };
-  };
-  environment.variables.NIX_REMOTE = "daemon";
-
   # auto update
   system.autoUpgrade = {
     enable = true;
@@ -300,7 +289,6 @@ in
     btop
     calibre
     chromium
-    clamav
     clinfo
     config.boot.kernelPackages.perf
     delta
diff --git a/home.nix b/home.nix
index 9403905..482d11a 100644
--- a/home.nix
+++ b/home.nix
@@ -31,10 +31,10 @@
     # aliases
     shellAliases = {
       # system build/update/cleanup
-      update = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot";
-      upgrade = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot --upgrade";
-      updatenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch";
-      upgradenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch --upgrade";
+      update = "sudo nixos-rebuild boot";
+      upgrade = "sudo nixos-rebuild boot --upgrade";
+      updatenow = "sudo nixos-rebuild switch";
+      upgradenow = "sudo nixos-rebuild switch --upgrade";
       gc = "sudo nix-collect-garbage --delete-older-than 7d";
       verify = "sudo nix --extra-experimental-features nix-command store verify --all";
       optimize = "sudo nix --extra-experimental-features nix-command store optimise";
-- 
cgit v1.2.3