17 lines
353 B
Nix
17 lines
353 B
Nix
{ user, lib, pkgs, ... }:
|
|
{
|
|
environment.variables = {
|
|
TPM2_PKCS11_TCTI = lib.mkDefault "tabrmd:";
|
|
};
|
|
security.tpm2 = {
|
|
enable = true;
|
|
pkcs11.enable = true;
|
|
tctiEnvironment.enable = true;
|
|
};
|
|
users.users.${user}.extraGroups = [ "tss" ];
|
|
|
|
# secure boot configuration
|
|
environment.systemPackages = with pkgs; [
|
|
sbctl
|
|
];
|
|
}
|