From ab3402a274bf6934d743e8187d2eee89e30a87b4 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Fri, 8 Mar 2024 12:35:42 +0100
Subject: [PATCH] sgx extragroups

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
---
 systems/x86_64-linux/sgx-nixos/default.nix | 2 +-
 systems/x86_64-linux/sgx/default.nix       | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/systems/x86_64-linux/sgx-nixos/default.nix b/systems/x86_64-linux/sgx-nixos/default.nix
index c06af96..8de991d 100644
--- a/systems/x86_64-linux/sgx-nixos/default.nix
+++ b/systems/x86_64-linux/sgx-nixos/default.nix
@@ -9,7 +9,7 @@ with lib.plusultra;
     nix-ld.enable = true;
     nix.enable = true;
     nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE=";
-    user.extraGroups = [ "docker" ];
+    user.extraGroups = [ "docker" "sgx" ];
   };
 
   virtualisation.docker.enable = true;
diff --git a/systems/x86_64-linux/sgx/default.nix b/systems/x86_64-linux/sgx/default.nix
index 6c15c83..2536c23 100644
--- a/systems/x86_64-linux/sgx/default.nix
+++ b/systems/x86_64-linux/sgx/default.nix
@@ -16,6 +16,7 @@ with lib.plusultra;
     pccs.secret = config.sops.secrets.pccs.path;
     podman.enable = true;
     secureboot.enable = true;
+    user.extraGroups = [ "docker" "sgx" ];
   };
 
   system.autoUpgrade = {