From 889de1d88a12fc4f32a65eb88b69a91945eb1b46 Mon Sep 17 00:00:00 2001
From: Dennis Wuitz <dennish@wuitz.de>
Date: Tue, 26 Dec 2023 10:45:54 +0100
Subject: [PATCH] changes to dennis home.nix

---
 .sops.yaml                |  1 +
 modules/boot.nix          | 24 ++++++++++--------------
 systems/configuration.nix |  2 --
 3 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/.sops.yaml b/.sops.yaml
index 12a46ac..78c7757 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -9,6 +9,7 @@ keys:
   - &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
   - &photon age1rjlc6vwnz2lcrpshtd9rldlxels6l2utwmnmf3prus8drfefeywq5ljrdg
 
+# update keys by executing: sops updatekeys secrets.yaml
 creation_rules:
   - path_regex: systems/photon/secrets\.yaml$
     key_groups:
diff --git a/modules/boot.nix b/modules/boot.nix
index bf4f493..09f2284 100644
--- a/modules/boot.nix
+++ b/modules/boot.nix
@@ -21,6 +21,7 @@ in
         description = "The filesystem installed.";
       };
       fullDiskEncryption = libS.mkOpinionatedOption "use luks full disk encrytion";
+      useSystemdBoot = libS.mkOpinionatedOption "use systemd boot";
     };
   };
 
@@ -33,9 +34,6 @@ in
         enable = true;
         ssh = {
           enable = true;
-          hostKeys = [
-            "/root/ssh_key"
-          ];
           port = 2222;
         };
       };
@@ -60,18 +58,16 @@ in
         canTouchEfiVariables = false;
       };
       generationsDir.copyKernels = true;
-      systemd-boot.enable = true;
-      /* disable grub support
-      grub = {
-      enable = true;
-      copyKernels = true;
-      zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
-      efiSupport = true;
-      efiInstallAsRemovable = true;
-      fsIdentifier = "uuid";
-      enableCryptodisk = lib.mkIf cfg.fullDiskEncryption true;
+      systemd-boot.enable = lib.mkIf cfg.useSystemdBoot true;
+      grub = lib.mkIf (!cfg.useSystemdBoot) {
+        enable = true;
+        copyKernels = true;
+        zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
+        efiSupport = true;
+        efiInstallAsRemovable = true;
+        fsIdentifier = "uuid";
+        enableCryptodisk = lib.mkIf cfg.fullDiskEncryption true;
       };
-      */
     };
   };
 }
diff --git a/systems/configuration.nix b/systems/configuration.nix
index f8c9f5f..a801b32 100644
--- a/systems/configuration.nix
+++ b/systems/configuration.nix
@@ -31,8 +31,6 @@
   nixpkgs.config.allowUnfree = true;
 
   programs = {
-    fzf.keybindings = true;
-
     git = {
       enable = true;
       config = {