harald/nixcfg
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: harald:b6bc254c02ddc62f60ae23a63d9df4774d4fd258
Branches Tags
harald:main
harald:b24.05
..
compare: harald:707faa675187f5e092bce1df762155507430a07a
Branches Tags
harald:main
harald:b24.05

7 commits
b6bc254c02 ... 707faa6751

Author SHA1 Message Date
Harald Hoyer 707faa6751 sgx-azure 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:54:33 +01:00
Harald Hoyer c405c2af83 add README.md 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:54:17 +01:00
Harald Hoyer 2f3ccfbc5d libvirt program enable 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:38:51 +01:00
Harald Hoyer d3fb170fee btrfs scrub 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:38:39 +01:00
Harald Hoyer 34a8c1443a opengl intel 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:38:24 +01:00
Harald Hoyer af66a3f524 nix fmt 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:38:03 +01:00
Harald Hoyer be2a34bcc5 sgx: reorder 
Signed-off-by: Harald Hoyer <harald@hoyer.xyz>
 2024-03-06 19:37:12 +01:00
7 changed files with 22 additions and 14 deletions
Show stats Expand all files Collapse all files

11
README.md Normal file
View file

@ -0,0 +1,11 @@
```bash
nix run github:numtide/nixos-anywhere -- --flake .#hostname root@hostname --no-reboot --tty -i $HOME/.ssh/id_ed25519
... enter disk password
ssh -t root@hostname systemd-cryptenroll /dev/luksdev --wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=1,15
```
remote git flake
```bash
sudo nixos-rebuild boot --refresh --flake git+https://git.hoyer.xyz/harald/nixcfg
```

8
flake.nix
View file

@ -56,10 +56,6 @@
allowUnfree = true; allowUnfree = true;
}; };
homes.users."harald@nix.fedora.fritz.box".modules = with inputs; [
neovim-flake.homeManagerModules.default
];
homes.users."harald@sgx-nixos".modules = with inputs; [ homes.users."harald@sgx-nixos".modules = with inputs; [
neovim-flake.homeManagerModules.default neovim-flake.homeManagerModules.default
]; ];
@ -76,6 +72,10 @@
neovim-flake.homeManagerModules.default neovim-flake.homeManagerModules.default
]; ];
homes.users."harald@sgx-azure".modules = with inputs; [
neovim-flake.homeManagerModules.default
];
# homes.modules = with inputs; [ # homes.modules = with inputs; [
# neovim-flake.homeManagerModules.default # neovim-flake.homeManagerModules.default
# ]; # ];

5
homes/x86_64-linux/harald@nix.fedora.fritz.box/default.nix → homes/x86_64-linux/harald@sgx-azure/default.nix
View file

@ -2,8 +2,6 @@
, pkgs , pkgs
, config , config
, nixpkgs , nixpkgs
, osConfig ? { }
, format ? "unknown"
, ... , ...
}: }:
{ {
@ -28,10 +26,7 @@
git.enable = true; git.enable = true;
direnv.enable = true; direnv.enable = true;
ssh.enable = true; ssh.enable = true;
# jetbrains.enable = true;
}; };
}; };
fonts.fontconfig.enable = true;
} }

2
modules/home/tools/git/default.nix
View file

@ -48,7 +48,7 @@ in
pull.ff = "only"; pull.ff = "only";
core.pager = "${pkgs.delta}/bin/delta"; core.pager = "${pkgs.delta}/bin/delta";
delta = { delta = {
features = "decorations" ; features = "decorations";
syntax-theme = "Dracula"; syntax-theme = "Dracula";
light = "false"; light = "false";
navigate = "true"; navigate = "true";

4
modules/nixos/services/base/default.nix
View file

@ -58,6 +58,7 @@ in
}; };
enableRedistributableFirmware = lib.mkDefault true; enableRedistributableFirmware = lib.mkDefault true;
enableAllFirmware = true; enableAllFirmware = true;
opengl.extraPackages = with pkgs; [ intel-compute-runtime ];
}; };
programs = { programs = {
@ -78,6 +79,7 @@ in
# powerManagement.cpuFreqGovernor = "ondemand"; # powerManagement.cpuFreqGovernor = "ondemand";
services = { services = {
btrfs.autoScrub.enable = true;
dbus.implementation = "broker"; dbus.implementation = "broker";
dbus.packages = [ pkgs.gcr ]; dbus.packages = [ pkgs.gcr ];
fwupd.enable = true; fwupd.enable = true;
@ -127,5 +129,7 @@ in
flake = "git+https://git.hoyer.xyz/harald/nixcfg"; flake = "git+https://git.hoyer.xyz/harald/nixcfg";
}; };
virtualisation.libvirtd.enable = true;
}; };
} }

0
modules/nixos/gui/default.nix → modules/nixos/services/gui/default.nix
View file

6
systems/x86_64-linux/sgx/default.nix
View file

@ -4,6 +4,8 @@ with lib.plusultra;
{ {
imports = [ ./hardware-configuration.nix ]; imports = [ ./hardware-configuration.nix ];
sops.secrets.pccs.sopsFile = ../../../.secrets/sgx/pccs.yaml;
plusultra = { plusultra = {
base.enable = true; base.enable = true;
gui.enable = false; gui.enable = false;
@ -25,10 +27,6 @@ with lib.plusultra;
security.tpm2.enable = false; security.tpm2.enable = false;
security.tpm2.abrmd.enable = false; security.tpm2.abrmd.enable = false;
sops.secrets.pccs = {
sopsFile = ../../../.secrets/sgx/pccs.yaml; # bring your own password file
};
networking.wireless.enable = false; # Enables wireless support via wpa_supplicant. networking.wireless.enable = false; # Enables wireless support via wpa_supplicant.
services.aesmd.enable = true; services.aesmd.enable = true;