sops-install-secrets: allow using tmpfs instead of ramfs

[caguiclajmg]

Deploying sops-nix to an OpenVZ host running kernel 4.19.0 fails due to lack of support for ramfs, would be nice to allow using tmpfs instead of ramfs by specifying it in the manifest.

Or perhaps, a dontcare flag for sops-install-secrets in which it doesn't check and mount the secrets mount point.

sops-nix/pkgs/sops-install-secrets/main.go

Line 322 in 912f9ff

if err := unix.Mount("none", mountpoint, "ramfs", unix.MS_NODEV|unix.MS_NOSUID, "mode=0751"); err != nil {

Waiver: I do understand the security implications with tmpfs as you risk getting the contents swapped to disk.

I'm writing the patch myself as I have no way around this one but still want to keep using sops-nix for secret management, would just like to know if there is interest in upstream accepting a patch.

[Mic92]

I would accept a patch that add an option with a proper description about the security implication.

[KiaraGrouwstra]

should be fixed by #355