Infinidoge/universe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

global/security: only include microcode on x86_64

Browse source
This commit is contained in:
Infinidoge 2024-06-23 18:11:31 -04:00
parent 1d20bc82fd
commit 15b74e7fe0
Signed by: Infinidoge
SSH key fingerprint: SHA256:oAMyvotlNFraMmZmr+p6AxnNfW/GioTs1pOn3V4tQ7A
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
modules/global/security.nix
View file

@ -1,5 +1,8 @@
{ config, lib, ... }: { config, lib, ... }:
with lib; with lib;
let
inherit (config.nixpkgs.hostPlatform) system;
in
{ {
security = { security = {
sudo.wheelNeedsPassword = false; sudo.wheelNeedsPassword = false;
@ -18,8 +21,8 @@ with lib;
hardware = { hardware = {
enableRedistributableFirmware = mkDefault true; enableRedistributableFirmware = mkDefault true;
cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; cpu.intel.updateMicrocode = mkDefault (config.hardware.enableRedistributableFirmware && system == "x86_64-linux");
cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware; cpu.amd.updateMicrocode = mkDefault (config.hardware.enableRedistributableFirmware && system == "x86_64-linux");
}; };
users.mutableUsers = false; users.mutableUsers = false;