From 15b74e7fe095bb5ae5e874d5de4fbcde4a379f7a Mon Sep 17 00:00:00 2001
From: Infinidoge <infinidoge@inx.moe>
Date: Sun, 23 Jun 2024 18:11:31 -0400
Subject: [PATCH] global/security: only include microcode on x86_64

---
 modules/global/security.nix | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/modules/global/security.nix b/modules/global/security.nix
index 57cdb3e..dd5059c 100644
--- a/modules/global/security.nix
+++ b/modules/global/security.nix
@@ -1,5 +1,8 @@
 { config, lib, ... }:
 with lib;
+let
+  inherit (config.nixpkgs.hostPlatform) system;
+in
 {
   security = {
     sudo.wheelNeedsPassword = false;
@@ -18,8 +21,8 @@ with lib;
 
   hardware = {
     enableRedistributableFirmware = mkDefault true;
-    cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
-    cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
+    cpu.intel.updateMicrocode = mkDefault (config.hardware.enableRedistributableFirmware && system == "x86_64-linux");
+    cpu.amd.updateMicrocode = mkDefault (config.hardware.enableRedistributableFirmware && system == "x86_64-linux");
   };
 
   users.mutableUsers = false;