diff --git a/README.md b/README.md new file mode 100644 index 0000000..5ad3d0c --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +```bash +❯ nix run github:numtide/nixos-anywhere -- --flake .#hostname root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519 +... enter disk password +❯ ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15 +``` + +remote git flake +```bash +❯ sudo nixos-rebuild boot --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg +``` + diff --git a/flake.nix b/flake.nix index b2d1499..531fdd3 100644 --- a/flake.nix +++ b/flake.nix @@ -56,10 +56,6 @@ allowUnfree = true; }; - homes.users."harald@nix.fedora.fritz.box".modules = with inputs; [ - neovim-flake.homeManagerModules.default - ]; - homes.users."harald@sgx-nixos".modules = with inputs; [ neovim-flake.homeManagerModules.default ]; @@ -76,6 +72,10 @@ neovim-flake.homeManagerModules.default ]; + homes.users."harald@sgx-azure".modules = with inputs; [ + neovim-flake.homeManagerModules.default + ]; + # homes.modules = with inputs; [ # neovim-flake.homeManagerModules.default # ]; diff --git a/homes/x86_64-linux/harald@nix.fedora.fritz.box/default.nix b/homes/x86_64-linux/harald@sgx-azure/default.nix similarity index 84% rename from homes/x86_64-linux/harald@nix.fedora.fritz.box/default.nix rename to homes/x86_64-linux/harald@sgx-azure/default.nix index 170ad4b..1a22611 100644 --- a/homes/x86_64-linux/harald@nix.fedora.fritz.box/default.nix +++ b/homes/x86_64-linux/harald@sgx-azure/default.nix @@ -2,8 +2,6 @@ , pkgs , config , nixpkgs -, osConfig ? { } -, format ? "unknown" , ... }: { @@ -28,10 +26,7 @@ git.enable = true; direnv.enable = true; ssh.enable = true; - # jetbrains.enable = true; }; }; - - fonts.fontconfig.enable = true; } diff --git a/modules/home/tools/git/default.nix b/modules/home/tools/git/default.nix index 423f229..693487e 100644 --- a/modules/home/tools/git/default.nix +++ b/modules/home/tools/git/default.nix @@ -48,7 +48,7 @@ in pull.ff = "only"; core.pager = "${pkgs.delta}/bin/delta"; delta = { - features = "decorations" ; + features = "decorations"; syntax-theme = "Dracula"; light = "false"; navigate = "true"; diff --git a/modules/nixos/services/base/default.nix b/modules/nixos/services/base/default.nix index 10f1c14..d3d371c 100644 --- a/modules/nixos/services/base/default.nix +++ b/modules/nixos/services/base/default.nix @@ -58,6 +58,7 @@ in }; enableRedistributableFirmware = lib.mkDefault true; enableAllFirmware = true; + opengl.extraPackages = with pkgs; [ intel-compute-runtime ]; }; programs = { @@ -78,6 +79,7 @@ in # powerManagement.cpuFreqGovernor = "ondemand"; services = { + btrfs.autoScrub.enable = true; dbus.implementation = "broker"; dbus.packages = [ pkgs.gcr ]; fwupd.enable = true; @@ -127,5 +129,7 @@ in flake = "git+https://git.hoyer.xyz/harald/nixcfg"; }; + virtualisation.libvirtd.enable = true; + }; } diff --git a/modules/nixos/gui/default.nix b/modules/nixos/services/gui/default.nix similarity index 100% rename from modules/nixos/gui/default.nix rename to modules/nixos/services/gui/default.nix diff --git a/systems/x86_64-linux/sgx/default.nix b/systems/x86_64-linux/sgx/default.nix index 3b6fced..6c15c83 100644 --- a/systems/x86_64-linux/sgx/default.nix +++ b/systems/x86_64-linux/sgx/default.nix @@ -4,6 +4,8 @@ with lib.plusultra; { imports = [ ./hardware-configuration.nix ]; + sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml; + plusultra = { base.enable = true; gui.enable = false; @@ -25,10 +27,6 @@ with lib.plusultra; security.tpm2.enable = false; security.tpm2.abrmd.enable = false; - sops.secrets.pccs = { - sopsFile = ../../../.secrets/sgx/pccs.yaml; # bring your own password file - }; - networking.wireless.enable = false; # Enables wireless support via wpa_supplicant. services.aesmd.enable = true;