oysteikt/nix-dotfiles
oysteikt/nix-dotfiles
2
1
Fork 0
Code Issues Pull Requests Activity

common: more tpm2 stuff

Browse Source
This commit is contained in:
Oystein Kristoffer Tveit 2025-03-14 23:26:25 +01:00
parent 6200f89ef7
commit 21187f3fb8
Signed by: oysteikt
GPG Key ID: 9F2F7D8250F35146
1 changed files with 10 additions and 2 deletions

12
hosts/common/default.nix

@ -196,8 +196,16 @@ in {
# Realtime scheduling for pipewire and mpd
security.rtkit.enable = !config.machineVars.headless;
security.tpm2.enable = lib.mkDefault true;
security.tpm2.abrmd.enable = lib.mkDefault config.security.tpm2.enable;
security.tpm2 = {
enable = lib.mkDefault true;
abrmd.enable = lib.mkDefault config.security.tpm2.enable;
pkcs11.enable = lib.mkDefault config.security.tpm2.enable;
tctiEnvironment = {
enable = lib.mkDefault config.security.tpm2.enable;
interface = "tabrmd";
};
};
security.sudo.extraConfig = let
sudoLecture = pkgs.writeText "sudo-lecture.txt" (extendedLib.termColors.front.red "Be careful or something, idk...\n");
in ''