mirror of
https://github.com/aviallon/nixos-lib.git
synced 2026-04-05 17:27:50 +00:00
39 lines
680 B
Nix
39 lines
680 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
with lib;
|
|
let
|
|
cfg = config.aviallon.security.tpm;
|
|
in
|
|
{
|
|
options.aviallon.security.tpm = {
|
|
enable = (mkEnableOption "TPM") // {
|
|
default = true;
|
|
};
|
|
tpm1_2.enable = mkEnableOption "TPM 1.2 support";
|
|
};
|
|
config = mkIf cfg.enable {
|
|
security.tpm2 = {
|
|
enable = true;
|
|
tctiEnvironment.enable = true;
|
|
pkcs11.enable = true;
|
|
};
|
|
|
|
environment.systemPackages = [
|
|
pkgs.tpm2-tools
|
|
]
|
|
++ optional cfg.tpm1_2.enable pkgs.tpm-tools;
|
|
|
|
services.tcsd = mkIf cfg.tpm1_2.enable {
|
|
enable = true;
|
|
};
|
|
|
|
boot.initrd.availableKernelModules = [
|
|
"tpm_tis"
|
|
"tpm_crb"
|
|
];
|
|
};
|
|
}
|