1
0
mirror of https://github.com/drduh/YubiKey-Guide.git synced 2024-11-26 01:08:13 +00:00
Commit Graph

3 Commits

Author SHA1 Message Date
Motiejus Jakštys
d5ef6565ed flake.lock: Update
Flake lock file updates:

• Updated input 'drduhConfig':
    'github:drduh/config/8c21617100795fea2313656abdf25f93b98fdc30' (2023-10-16)
  → 'github:drduh/config/4eca229664d056737f1a097cdbdb10e5f247b0bc' (2024-06-30)
2024-07-07 11:25:10 +03:00
Motiejus Jakštys
d7b2a034aa NixOS: bump to 24.05
- remove hopenpgp-tools (as per README)
- add dirmgr
- add rng-tools
2024-07-07 11:19:21 +03:00
Motiejus Jakštys
84c9d9654d NixOS Live Image: convert to a flake
Now `nixpkgs` will be pointing to a specific release, which has a much
smaller chance to unexpectedly break. Currently 23.11. The next one will
be 24.05, 24.11, etc.

NixOS *releases* receive security updates, but packages are upgraded
conservatively, thus don't generally break. As a result, we should need
to worry about NixOS upgrades every 6-12 months. The upgrade means "bump
the version number and try to build it". If it breaks, it will generally
break only then. Less reactive, more proactive surprises.

`flake.nix` was written by @thomaseizinger in
https://github.com/drduh/YubiKey-Guide/issues/406. Changes from the
original:
- change Gnome to xfce. Now it loads with 384MB of RAM and works well
  with the simplest graphics (hello qemu).
- less nasty workaround for hopenpgp-tools. Fixed upstream
  (https://github.com/NixOS/nixpkgs/pull/279117).
- do not default `copytoram`, user can select this option in the
  bootloader.

Here is how to test it:

```
$ nix run .#nixosConfigurations.yubikeyLive.x86_64-linux.config.system.build.vm
```

*Note for the maintainer*: it would be great if you could occasionally
run `nix flake update --commit-lock-file`, *especially* after updating
github.com/drduh/config.git.

Fixes #406

Co-authored-by: Thomas Eizinger <thomas@eizinger.io>
2024-02-04 14:03:54 +02:00