commit c0affcbade1be3069a485fc328128b6cde4386c3 parent 084afa1d9d52e069700742bd4dd1de2714468cad Author: Vincent Demeester <vincent@sbr.pm> Date: Mon, 27 Nov 2023 17:59:28 +0100 Automatically clean /tmp and ~/tmp Signed-off-by: Vincent Demeester <vincent@sbr.pm> Diffstat:
M | systems/modules/core/default.nix | | | 8 | ++++++++ |
1 file changed, 8 insertions(+), 0 deletions(-)
diff --git a/systems/modules/core/default.nix b/systems/modules/core/default.nix @@ -23,6 +23,14 @@ # Only keep the last 500MiB of systemd journal. services.journald.extraConfig = "SystemMaxUse=500M"; + # Clear out /tmp after a fortnight and give all normal users a ~/tmp + # cleaned out weekly. + systemd.tmpfiles.rules = [ "d /tmp 1777 root root 14d" ] ++ + ( + let mkTmpDir = n: u: "d ${u.home}/tmp 0700 ${n} ${u.group} 7d"; + in mapAttrsToList mkTmpDir (filterAttrs (_: u: u.isNormalUser) config.users.extraUsers) + ); + systemd.services."status-email-root@" = { description = "status email for %i to vincent"; serviceConfig = {