refactor and simplify

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>

modules/nixos/sgx/pccs/default.nix

@@ -2,7 +2,9 @@
 
 with lib;
 with lib.plusultra;
-let cfg = config.plusultra.pccs;
+let
+  cfg = config.plusultra.pccs;
+  cfg_podman = config.plusultra.podman;
 in
 {
   options.plusultra.pccs = with types; {
@@ -16,20 +18,20 @@ in
   };
 
   config = mkIf cfg.enable {
-    assertions = [{
-      assertion = cfg.secret != null;
-      message = "path to the pccs secret file is required when pccs is enabled";
-    }];
+    assertions = [
+      {
+        assertion = cfg.secret != null;
+        message = "path to the pccs secret file is required when pccs is enabled";
+      }
+      {
+        assertion = cfg_podman.enable;
+        message = "podman must be enabled when pccs is enabled";
+      }
+    ];
 
-    virtualisation = {
-      podman = {
-        enable = true;
-
-        # Create a `docker` alias for podman, to use it as a drop-in replacement
-        dockerCompat = true;
-
-        # For Nixos version > 22.11
-        defaultNetwork.settings = { dns_enabled = true; };
+    plusultra = {
+      nix.extra-substituters = {
+        "https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
       };
     };