harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nixsgx for everyone

Browse source 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
This commit is contained in:
Harald Hoyer 2024-03-20 00:07:00 +01:00
parent eafb5c1455
commit 94d0ada223
5 changed files with 5 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
modules/nixos/nix/default.nix
View file

@ -48,6 +48,9 @@ in
let let
users = [ "root" config.plusultra.user.name ] ++ users = [ "root" config.plusultra.user.name ] ++
optional config.services.hydra.enable "hydra"; optional config.services.hydra.enable "hydra";
extra-substituters = cfg.extra-substituters // {
"https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
};
in in
{ {
package = cfg.package; package = cfg.package;
@ -65,11 +68,11 @@ in
substituters = substituters =
[ cfg.default-substituter.url ] [ cfg.default-substituter.url ]
++ ++
(mapAttrsToList (name: value: name) cfg.extra-substituters); (mapAttrsToList (name: value: name) extra-substituters);
trusted-public-keys = trusted-public-keys =
[ cfg.default-substituter.key ] [ cfg.default-substituter.key ]
++ ++
(mapAttrsToList (name: value: value.key) cfg.extra-substituters); (mapAttrsToList (name: value: value.key) extra-substituters);
} // (lib.optionalAttrs config.plusultra.tools.direnv.enable { } // (lib.optionalAttrs config.plusultra.tools.direnv.enable {
keep-outputs = true; keep-outputs = true;

1
systems/x86_64-linux/sgx-nixos/default.nix
View file

@ -8,7 +8,6 @@ with lib.plusultra;
base.enable = true; base.enable = true;
nix-ld.enable = true; nix-ld.enable = true;
nix.enable = true; nix.enable = true;
nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
user.extraGroups = [ "docker" "sgx" ]; user.extraGroups = [ "docker" "sgx" ];
}; };

1
systems/x86_64-linux/sgx/default.nix
View file

@ -14,7 +14,6 @@ in
gui.enable = false; gui.enable = false;
nix-ld.enable = true; nix-ld.enable = true;
nix.enable = true; nix.enable = true;
nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
pccs.enable = true; pccs.enable = true;
pccs.secret = config.sops.secrets.pccs.path; pccs.secret = config.sops.secrets.pccs.path;
podman.enable = true; podman.enable = true;

1
systems/x86_64-linux/t15/default.nix
View file

@ -7,7 +7,6 @@
gui.enable = true; gui.enable = true;
nix-ld.enable = true; nix-ld.enable = true;
nix.enable = true; nix.enable = true;
nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
podman.enable = true; podman.enable = true;
secureboot.enable = true; secureboot.enable = true;
}; };

1
systems/x86_64-linux/x1/default.nix
View file

@ -9,7 +9,6 @@ with lib.plusultra;
gui.enable = true; gui.enable = true;
nix-ld.enable = true; nix-ld.enable = true;
nix.enable = true; nix.enable = true;
nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
podman.enable = true; podman.enable = true;
secureboot.enable = true; secureboot.enable = true;
}; };