flake.lock

@@ -1361,11 +1361,11 @@
     },
     "nixpkgs_4": {
       "locked": {
-        "lastModified": 1710695816,
+        "lastModified": 1710021367,
-        "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
+        "narHash": "sha256-FuMVdWqXMT38u1lcySYyv93A7B8wU0EGzUr4t4jQu8g=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "614b4613980a522ba49f0d194531beddbb7220d3",
+        "rev": "b94a96839afcc56de3551aa7472b8d9a3e77e05d",
         "type": "github"
       },
       "original": {
@@ -2436,11 +2436,11 @@
     },
     "unstable": {
       "locked": {
-        "lastModified": 1710631334,
+        "lastModified": 1709961763,
-        "narHash": "sha256-rL5LSYd85kplL5othxK5lmAtjyMOBg390sGBTb3LRMM=",
+        "narHash": "sha256-6H95HGJHhEZtyYA3rIQpvamMKAGoa8Yh2rFV29QnuGw=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "c75037bbf9093a2acb617804ee46320d6d1fea5a",
+        "rev": "3030f185ba6a4bf4f18b87f345f104e6a6961f34",
         "type": "github"
       },
       "original": {

modules/nixos/services/gui/default.nix

@@ -15,7 +15,7 @@ in
 
       flatpak.enable = true;
 
-      pcscd.enable = lib.mkDefault false;
+      pcscd.enable = false;
 
       # Enable CUPS to print documents.
       printing.enable = true;

systems/x86_64-linux/sgx/default.nix

@@ -5,7 +5,6 @@ with lib.plusultra;
   imports = [ ./hardware-configuration.nix ];
 
   sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml;
-  sops.secrets.backup-pw.sopsFile = ../.secrets/sgx/backup-s3.yaml;
 
   plusultra = {
     base.enable = true;

systems/x86_64-linux/sgx/hardware-configuration.nix

@@ -34,60 +34,6 @@
   swapDevices =
     [{ device = "/dev/disk/by-uuid/72d061d7-ab18-47b9-beb1-1c465dda1be9"; }];
 
-  boot.initrd.luks.devices."a16" = {
-  gpgCard.publicKey = ./yubikey-public.asc;
-  gpgCard.encryptedPass = ./luks-passphrase.asc.gpg;
-  device = "/dev/disk/by-uuid/6f1c1b24-3c94-44be-8d1b-70db562079c1"; };
-  boot.initrd.luks.devices."b16" = { device = "/dev/disk/by-uuid/9540de6d-c907-43e4-b740-2d75dbf37135"; };
-  boot.initrd.luks.devices."a4" = { device = "/dev/disk/by-uuid/72924bd6-3d58-4437-aafd-ae6d2b995fbf"; };
-  boot.initrd.luks.devices."b4" = { device = "/dev/disk/by-uuid/459c8d9a-6e92-4dec-a998-701ab9e76a2e"; };
-  boot.initrd.luks.devices."c4" = { device = "/dev/disk/by-uuid/5c61cbf0-dbca-48e0-948e-71bea3806a6c"; };
-
-  fileSystems."/mnt/raid" = {
-    fsType = "btrfs";
-    device = "/dev/disk/by-uuid/11727be7-bf9b-4888-8b02-d7eb1f898712";
-    options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=5" ];
-  };
-
-  fileSystems."/mnt/backup" = {
-    fsType = "btrfs";
-    device = "/dev/disk/by-uuid/c29e7eac-26ba-41b1-ac3e-11123476b7c5";
-    options = [ "defaults" "compress=zstd" "subvol=root" "autodefrag" "noatime" "nofail" "x-systemd.device-timeout=5" ];
-  };
-
-
-  systemd.services.hd-idle = {
-    description = "Set to idle";
-    wantedBy = [ "multi-user.target" ];
-    after = [
-      "dev-sdb.device"
-      "dev-sdc.device"
-      "dev-sdd.device"
-      "dev-sde.device"
-      "dev-sdf.device"
-    ];
-    bindsTo = [
-      "dev-sdb.device"
-      "dev-sdc.device"
-      "dev-sdd.device"
-      "dev-sde.device"
-      "dev-sdf.device"
-    ];
-    serviceConfig = {
-      Type = "oneshot";
-      ExecStart = "${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sdb /dev/sdc /dev/sdd /dev/sde /dev/sdf";
-    };
-  };
-
-  powerManagement.powerUpCommands = ''
-    ${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sdb
-    ${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sdc
-    ${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sdd
-    ${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sde
-    ${pkgs.hdparm}/sbin/hdparm -S 60 /dev/sdf
-  '';
-
-
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
   # still possible to use this option, but it's recommended to use it in conjunction