From 0d849ddb6a666748c873e0a596fbd4f276f1a939 Mon Sep 17 00:00:00 2001 From: Alejandro Soto Date: Thu, 29 Dec 2022 04:57:16 -0600 Subject: dmz: add dummy config --- sys/nspawn.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 sys/nspawn.nix (limited to 'sys/nspawn.nix') diff --git a/sys/nspawn.nix b/sys/nspawn.nix new file mode 100644 index 0000000..528223a --- /dev/null +++ b/sys/nspawn.nix @@ -0,0 +1,11 @@ +{ lib, config, ... }: +with lib; let + cfg = config.local.nspawn; +in +{ + options.local.nspawn.dmz.enable = mkEnableOption "DMZ services in a container"; + + config.systemd.nspawn.dmz = mkIf cfg.dmz.enable { + execConfig.PrivateUsers = true; + }; +} -- cgit v1.2.3