changes to dennis home.nix

.sops.yaml

@@ -9,6 +9,7 @@ keys:
   - &palatine-hill age1z8q02wdp0a2ep5uuffgfeqlfam4ztl95frhw5qhnn6knn0rrmcnqk5evej
   - &photon age1rjlc6vwnz2lcrpshtd9rldlxels6l2utwmnmf3prus8drfefeywq5ljrdg
 
+# update keys by executing: sops updatekeys secrets.yaml
 creation_rules:
   - path_regex: systems/photon/secrets\.yaml$
     key_groups:

modules/boot.nix

@@ -21,6 +21,7 @@ in
         description = "The filesystem installed.";
       };
       fullDiskEncryption = libS.mkOpinionatedOption "use luks full disk encrytion";
+      useSystemdBoot = libS.mkOpinionatedOption "use systemd boot";
     };
   };
 
@@ -33,9 +34,6 @@ in
         enable = true;
         ssh = {
           enable = true;
-          hostKeys = [
-            "/root/ssh_key"
-          ];
           port = 2222;
         };
       };
@@ -60,18 +58,16 @@ in
         canTouchEfiVariables = false;
       };
       generationsDir.copyKernels = true;
-      systemd-boot.enable = true;
-      /* disable grub support
-      grub = {
-      enable = true;
-      copyKernels = true;
-      zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
-      efiSupport = true;
-      efiInstallAsRemovable = true;
-      fsIdentifier = "uuid";
-      enableCryptodisk = lib.mkIf cfg.fullDiskEncryption true;
+      systemd-boot.enable = lib.mkIf cfg.useSystemdBoot true;
+      grub = lib.mkIf (!cfg.useSystemdBoot) {
+        enable = true;
+        copyKernels = true;
+        zfsSupport = lib.mkIf (cfg.filesystem == "zfs") true;
+        efiSupport = true;
+        efiInstallAsRemovable = true;
+        fsIdentifier = "uuid";
+        enableCryptodisk = lib.mkIf cfg.fullDiskEncryption true;
       };
-      */
     };
   };
 }

systems/configuration.nix

@@ -31,8 +31,6 @@
   nixpkgs.config.allowUnfree = true;
 
   programs = {
-    fzf.keybindings = true;
-
     git = {
       enable = true;
       config = {