diff --git a/flake.lock b/flake.lock index bdf1c3e..b5620ab 100644 --- a/flake.lock +++ b/flake.lock @@ -312,11 +312,11 @@ ] }, "locked": { - "lastModified": 1710717205, - "narHash": "sha256-Wf3gHh5uV6W1TV/A8X8QJf99a5ypDSugY4sNtdJDe0A=", + "lastModified": 1709771483, + "narHash": "sha256-Hjzu9nCknHLQvhdaRFfCEprH0o15KcaNu1QDr3J88DI=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "bcc8afd06e237df060c85bad6af7128e05fd61a3", + "rev": "550340062c16d7ef8c2cc20a3d2b97bcd3c6b6f6", "type": "github" }, "original": { @@ -381,11 +381,11 @@ ] }, "locked": { - "lastModified": 1710724748, - "narHash": "sha256-aXlifKr6Brg0SBUBgRNEBaZf3JLUeGhM9BX2gam+vvo=", + "lastModified": 1709439398, + "narHash": "sha256-MW0zp3ta7SvdpjvhVCbtP20ewRwQZX2vRFn14gTc4Kg=", "owner": "nix-community", "repo": "disko", - "rev": "c09c3a9639690f94ddff44c3dd25c85602e5aeb2", + "rev": "1f76b318aa11170c8ca8c225a9b4c458a5fcbb57", "type": "github" }, "original": { @@ -790,11 +790,11 @@ "gpg-base-conf": { "flake": false, "locked": { - "lastModified": 1710730803, - "narHash": "sha256-mZwEZxZJ3vLdgvKyFqGSkwg0JRgH1sshe5EvWXoU6JA=", + "lastModified": 1710110429, + "narHash": "sha256-sW7crQEhoGslXyO9djBuPYf1DFqTo5uYUEFkaSCw1xc=", "owner": "drduh", "repo": "config", - "rev": "6fc554136c5e179cacc9ba88a18ad61a9ea37979", + "rev": "702281406b1f491b805d8e380dc03d73ace517f3", "type": "github" }, "original": { @@ -1313,11 +1313,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1710628718, - "narHash": "sha256-y+l3eH53UlENaYa1lmnCBHusZb1kxBEFd2/c7lDsGpw=", + "lastModified": 1709428628, + "narHash": "sha256-//ZCCnpVai/ShtO2vPjh3AWgo8riXCaret6V9s7Hew4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "6dc11d9859d6a18ab0c5e5829a5b8e4810658de3", + "rev": "66d65cb00b82ffa04ee03347595aa20e41fe3555", "type": "github" }, "original": { @@ -1397,11 +1397,11 @@ "snowfall-lib": "snowfall-lib" }, "locked": { - "lastModified": 1710409997, - "narHash": "sha256-wJNbtX4pbPdkoS9oKRLqiZRCAwqT0JG6esCJtJEjSBw=", + "lastModified": 1709040449, + "narHash": "sha256-NDXSUI7GTCekniW52EBvi5PlzdQ37XkrIB1oH4GrUvM=", "owner": "matter-labs", "repo": "nixsgx", - "rev": "6aef709945875bae7cd4e62a1ef0b62766a507b7", + "rev": "2b11fbc725fbab3fbaef13490decd3f93c43ae07", "type": "github" }, "original": { @@ -2176,11 +2176,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1710644594, - "narHash": "sha256-RquCuzxfy4Nr8DPbdp3D/AsbYep21JgQzG8aMH9jJ4A=", + "lastModified": 1709711091, + "narHash": "sha256-L0rSIU9IguTG4YqSj4B/02SyTEz55ACq5t8gXpzteYc=", "owner": "Mic92", "repo": "sops-nix", - "rev": "83b68a0e8c94b72cdd0a6e547a14ca7eb1c03616", + "rev": "25dd60fdd08fcacee2567a26ba6b91fe098941dc", "type": "github" }, "original": { @@ -2436,11 +2436,11 @@ }, "unstable": { "locked": { - "lastModified": 1710806803, - "narHash": "sha256-qrxvLS888pNJFwJdK+hf1wpRCSQcqA6W5+Ox202NDa0=", + "lastModified": 1710631334, + "narHash": "sha256-rL5LSYd85kplL5othxK5lmAtjyMOBg390sGBTb3LRMM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "b06025f1533a1e07b6db3e75151caa155d1c7eb3", + "rev": "c75037bbf9093a2acb617804ee46320d6d1fea5a", "type": "github" }, "original": { @@ -2629,11 +2629,11 @@ "yubikey-guide": { "flake": false, "locked": { - "lastModified": 1710725874, - "narHash": "sha256-0COxYhs7VJGaO7mv23OEd7FjKRuTr+0zS9Ys9/exesI=", + "lastModified": 1710173432, + "narHash": "sha256-bzoO+sxhaC8P513XpxmYXhb/rRt3Qc6q65m8sn++5/s=", "owner": "drduh", "repo": "YubiKey-Guide", - "rev": "a7aa09bc80ccbcf13091e74fdf8e40701adee7f8", + "rev": "12b232d28fbb6ea61ccff2075751105c77ca84ee", "type": "github" }, "original": { diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index 1211345..76c4299 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -48,9 +48,6 @@ in let users = [ "root" config.plusultra.user.name ] ++ optional config.services.hydra.enable "hydra"; - extra-substituters = cfg.extra-substituters // { - "https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; - }; in { package = cfg.package; @@ -68,11 +65,11 @@ in substituters = [ cfg.default-substituter.url ] ++ - (mapAttrsToList (name: value: name) extra-substituters); + (mapAttrsToList (name: value: name) cfg.extra-substituters); trusted-public-keys = [ cfg.default-substituter.key ] ++ - (mapAttrsToList (name: value: value.key) extra-substituters); + (mapAttrsToList (name: value: value.key) cfg.extra-substituters); } // (lib.optionalAttrs config.plusultra.tools.direnv.enable { keep-outputs = true; diff --git a/systems/x86_64-linux/sgx-nixos/default.nix b/systems/x86_64-linux/sgx-nixos/default.nix index 64ce7d5..8de991d 100644 --- a/systems/x86_64-linux/sgx-nixos/default.nix +++ b/systems/x86_64-linux/sgx-nixos/default.nix @@ -8,6 +8,7 @@ with lib.plusultra; base.enable = true; nix-ld.enable = true; nix.enable = true; + nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; user.extraGroups = [ "docker" "sgx" ]; }; diff --git a/systems/x86_64-linux/sgx/default.nix b/systems/x86_64-linux/sgx/default.nix index 17b00b6..6357a5d 100644 --- a/systems/x86_64-linux/sgx/default.nix +++ b/systems/x86_64-linux/sgx/default.nix @@ -14,6 +14,7 @@ in gui.enable = false; nix-ld.enable = true; nix.enable = true; + nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; pccs.enable = true; pccs.secret = config.sops.secrets.pccs.path; podman.enable = true; diff --git a/systems/x86_64-linux/t15/default.nix b/systems/x86_64-linux/t15/default.nix index 6046a61..82f46ae 100644 --- a/systems/x86_64-linux/t15/default.nix +++ b/systems/x86_64-linux/t15/default.nix @@ -7,6 +7,7 @@ gui.enable = true; nix-ld.enable = true; nix.enable = true; + nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; podman.enable = true; secureboot.enable = true; }; diff --git a/systems/x86_64-linux/x1/default.nix b/systems/x86_64-linux/x1/default.nix index f9a19d8..4c2616c 100644 --- a/systems/x86_64-linux/x1/default.nix +++ b/systems/x86_64-linux/x1/default.nix @@ -9,6 +9,7 @@ with lib.plusultra; gui.enable = true; nix-ld.enable = true; nix.enable = true; + nix.extra-substituters."https://nixsgx.cachix.org".key = "nixsgx.cachix.org-1:tGi36DlY2joNsIXOlGnSgWW0+E094V6hW0umQRo/KoE="; podman.enable = true; secureboot.enable = true; };