steveej/infra
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

steveej-nuc7pjyh-work: sgx group for accessing /dev/sgx

Browse source
This commit is contained in:
steveej 2019-12-13 20:51:13 +01:00
parent 44acf1fe44
commit 99ed0a4e82
2 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nix/os/devices/steveej-nuc7pjyh-work/system.nix
View file

@ -2,6 +2,8 @@
let let
in { in {
services.udev.extraRules = ''SUBSYSTEM=="sgx", MODE="0660", GROUP="sgx"'';
users.groups.sgx = {};
networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname. networking.hostName = "steveej-nuc7pjyh-work"; # Define your hostname.
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest; boot.kernelPackages = lib.mkForce pkgs.linuxPackages_sgx_latest;
} }

1
nix/os/devices/steveej-nuc7pjyh-work/user.nix
View file

@ -12,6 +12,7 @@ in {
uid = 1001; uid = 1001;
openssh.authorizedKeys.keys = keys.users.steveej.openssh; openssh.authorizedKeys.keys = keys.users.steveej.openssh;
shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; }; shell = pkgs.posh { image = "quay.io/enarx/fedora"; run_args = "-v /dev/sgx:/dev/sgx"; };
extraGroups = [ "sgx" ];
subUidRanges = [{ startUid = 100000; count = 65536; }]; subUidRanges = [{ startUid = 100000; count = 65536; }];
subGidRanges = [{ startGid = 100000; count = 65536; }]; subGidRanges = [{ startGid = 100000; count = 65536; }];