From a7484b3891d64d248d18b1a5bc39270fc4b578ed Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Mon, 3 Jun 2024 13:21:50 +0200
Subject: [PATCH] feat: Move kernel package override to specific system configs

This commit moves the kernel package version override from the base nixos service to specific system configurations. Now, the latest linux packages will be used only in the system configurations where the override has been explicitly added. This approach gives us more flexibility to handle different kernel package versions for different systems.
---
 modules/nixos/services/base/default.nix            | 1 -
 systems/x86_64-linux/sgx-nixos/default.nix         | 2 ++
 systems/x86_64-linux/x1/hardware-configuration.nix | 1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/modules/nixos/services/base/default.nix b/modules/nixos/services/base/default.nix
index cdbbdef..3d60423 100644
--- a/modules/nixos/services/base/default.nix
+++ b/modules/nixos/services/base/default.nix
@@ -134,7 +134,6 @@ in
         timeout = 2;
       };
       initrd.systemd.enable = true;
-      kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
     };
 
     system.autoUpgrade = {
diff --git a/systems/x86_64-linux/sgx-nixos/default.nix b/systems/x86_64-linux/sgx-nixos/default.nix
index a8aa6ed..9fb13cb 100644
--- a/systems/x86_64-linux/sgx-nixos/default.nix
+++ b/systems/x86_64-linux/sgx-nixos/default.nix
@@ -5,6 +5,8 @@ with lib.metacfg;
   imports = [ ./hardware-configuration.nix ];
 
   boot.kernel.sysctl."net.ipv4.conf.all.route_localnet" = 1;
+  boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
+
   networking.firewall.extraCommands = ''
     iptables -t nat -A OUTPUT -o lo -p tcp --dport 8081 -j DNAT --to-destination 192.168.122.1:8081
     iptables -t nat -A POSTROUTING -j MASQUERADE
diff --git a/systems/x86_64-linux/x1/hardware-configuration.nix b/systems/x86_64-linux/x1/hardware-configuration.nix
index ce95bfa..cad1c30 100644
--- a/systems/x86_64-linux/x1/hardware-configuration.nix
+++ b/systems/x86_64-linux/x1/hardware-configuration.nix
@@ -10,6 +10,7 @@
 
   boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "uas" "usbhid" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
+  boot.kernelPackages = lib.mkOverride 0 pkgs.linuxPackages_latest;
   boot.kernelModules = [ "kvm-intel" ];
   boot.kernelParams = [
     "lockdown=confidentiality"