README.md

@@ -1,11 +0,0 @@
-```bash
-❯ nix run  github:numtide/nixos-anywhere -- --flake .#hostname root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519
-... enter disk password
-❯ ssh -t  root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15
-```
-
-remote git flake
-```bash
-❯ sudo nixos-rebuild boot --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg
-```
-

flake.nix

@@ -56,6 +56,10 @@
         allowUnfree = true;
       };
 
+      homes.users."harald@nix.fedora.fritz.box".modules = with inputs; [
+        neovim-flake.homeManagerModules.default
+      ];
+
       homes.users."harald@sgx-nixos".modules = with inputs; [
         neovim-flake.homeManagerModules.default
       ];
@@ -72,10 +76,6 @@
         neovim-flake.homeManagerModules.default
       ];
 
-      homes.users."harald@sgx-azure".modules = with inputs; [
-        neovim-flake.homeManagerModules.default
-      ];
-
       #      homes.modules = with inputs; [
       #        neovim-flake.homeManagerModules.default
       #      ];

homes/x86_64-linux/harald@nix.fedora.fritz.box/default.nix

@@ -2,6 +2,8 @@
 , pkgs
 , config
 , nixpkgs
+, osConfig ? { }
+, format ? "unknown"
 , ...
 }:
 {
@@ -26,7 +28,10 @@
       git.enable = true;
       direnv.enable = true;
       ssh.enable = true;
+      # jetbrains.enable = true;
     };
   };
+
+  fonts.fontconfig.enable = true;
 }
 

modules/home/tools/git/default.nix

@@ -48,7 +48,7 @@ in
         pull.ff = "only";
         core.pager = "${pkgs.delta}/bin/delta";
         delta = {
-          features = "decorations";
+          features = "decorations" ;
           syntax-theme = "Dracula";
           light = "false";
           navigate = "true";

modules/nixos/services/base/default.nix

@@ -58,7 +58,6 @@ in
       };
       enableRedistributableFirmware = lib.mkDefault true;
       enableAllFirmware = true;
-      opengl.extraPackages = with pkgs; [ intel-compute-runtime ];
     };
 
     programs = {
@@ -79,7 +78,6 @@ in
     # powerManagement.cpuFreqGovernor = "ondemand";
 
     services = {
-      btrfs.autoScrub.enable = true;
       dbus.implementation = "broker";
       dbus.packages = [ pkgs.gcr ];
       fwupd.enable = true;
@@ -129,7 +127,5 @@ in
       flake = "git+https://git.hoyer.xyz/harald/nixcfg";
     };
 
-    virtualisation.libvirtd.enable = true;
-
   };
 }

systems/x86_64-linux/sgx/default.nix

@@ -4,8 +4,6 @@ with lib.plusultra;
 {
   imports = [ ./hardware-configuration.nix ];
 
-  sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml;
-
   plusultra = {
     base.enable = true;
     gui.enable = false;
@@ -27,6 +25,10 @@ with lib.plusultra;
   security.tpm2.enable = false;
   security.tpm2.abrmd.enable = false;
 
+  sops.secrets.pccs = {
+    sopsFile = ../../../.secrets/sgx/pccs.yaml; # bring your own password file
+  };
+
   networking.wireless.enable = false; # Enables wireless support via wpa_supplicant.
 
   services.aesmd.enable = true;