From bcf049144c3148e19d8f0526a9f5c567cd28f30e Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Wed, 4 Sep 2024 13:23:01 +0200
Subject: [PATCH 1/3] feat(nixos/services): add qemu-system-x86_64-uefi script

Added a custom shell script for qemu-system-x86_64 enabling UEFI support using OVMF. This ensures that the command uses the specified OVMF firmware for UEFI boot.
---
 modules/nixos/services/base/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/modules/nixos/services/base/default.nix b/modules/nixos/services/base/default.nix
index 241b0c9..ba1d6a0 100644
--- a/modules/nixos/services/base/default.nix
+++ b/modules/nixos/services/base/default.nix
@@ -67,6 +67,11 @@ in
         vim
         virt-manager
         wget
+        (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" ''
+          qemu-system-x86_64 \
+            -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \
+            "$@"
+        '')
       ];
       shells = [ pkgs.fish pkgs.bash ];
     };

From 328078153612a733e850e2312a386acd535a36ae Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Wed, 4 Sep 2024 13:23:08 +0200
Subject: [PATCH 2/3] feat(git): configure custom SSL CA certificate for HTTP

Added an HTTP SSL CA certificate configuration to enhance security and ensure trusted connections. This change sets the CA certificate file path to '/etc/ssl/certs/ca-certificates.crt'.
---
 modules/nixos/tools/git/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/nixos/tools/git/default.nix b/modules/nixos/tools/git/default.nix
index 7bdafa4..72abf77 100644
--- a/modules/nixos/tools/git/default.nix
+++ b/modules/nixos/tools/git/default.nix
@@ -54,6 +54,7 @@ in
           interactive.diffFilter = "${pkgs.delta}/bin/delta --color-only";
           merge.conflictStyle = "diff3";
           diff.colorMoved = "default";
+          http.sslCAinfo = "/etc/ssl/certs/ca-certificates.crt";
         };
       };
     };

From d7a59931212c8d5fac04b19c90b5e951a1d64ec6 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@hoyer.xyz>
Date: Wed, 4 Sep 2024 13:37:01 +0200
Subject: [PATCH 3/3] feat(git): Add SSL CA info configuration

Configured Git to use the system's CA certificates for SSL verification. This ensures secure connections to remote repositories.
---
 modules/home/tools/git/default.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/home/tools/git/default.nix b/modules/home/tools/git/default.nix
index b48c5a5..9c0add5 100644
--- a/modules/home/tools/git/default.nix
+++ b/modules/home/tools/git/default.nix
@@ -60,6 +60,7 @@ in
           clean = "${pkgs.metacfg.rot8000}/bin/rot8000";
           smudge = "${pkgs.metacfg.rot8000}/bin/rot8000";
         };
+        http.sslCAinfo = "/etc/ssl/certs/ca-certificates.crt";
       };
     };
   };