caspervk/nixos
1
0
Fork 0
Code Activity Actions

boot: fix systemd-boot security warnings

Browse source 
See:
https://github.com/NixOS/nixpkgs/issues/279362
https://github.com/NixOS/nixpkgs/pull/300673
This commit is contained in:
Casper V. Kristensen 2024-12-11 14:54:48 +01:00
parent 0ddf91ae2a
commit 29f63ae6aa
7 changed files with 7 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
hosts/alpha/hardware.nix
View file

@ -1,7 +1,5 @@
{ {
config,
lib, lib,
pkgs,
modulesPath, modulesPath,
... ...
}: { }: {
@ -25,6 +23,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

3
hosts/delta/hardware.nix
View file

@ -1,7 +1,5 @@
{ {
config,
lib, lib,
pkgs,
modulesPath, modulesPath,
... ...
}: { }: {
@ -25,6 +23,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

3
hosts/mu/hardware.nix
View file

@ -1,7 +1,5 @@
{ {
config,
lib, lib,
pkgs,
modulesPath, modulesPath,
nixos-hardware, nixos-hardware,
... ...
@ -29,6 +27,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

1
hosts/omega/hardware.nix
View file

@ -28,6 +28,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

3
hosts/sigma/hardware.nix
View file

@ -1,7 +1,5 @@
{ {
config,
lib, lib,
pkgs,
modulesPath, modulesPath,
nixos-hardware, nixos-hardware,
... ...
@ -29,6 +27,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

2
hosts/tor/hardware.nix
View file

@ -1,5 +1,4 @@
{ {
config,
lib, lib,
pkgs, pkgs,
modulesPath, modulesPath,
@ -23,6 +22,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";

3
hosts/zeta/hardware.nix
View file

@ -1,7 +1,5 @@
{ {
config,
lib, lib,
pkgs,
modulesPath, modulesPath,
nixos-hardware, nixos-hardware,
... ...
@ -29,6 +27,7 @@
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-label/BOOT"; device = "/dev/disk/by-label/BOOT";
fsType = "vfat"; fsType = "vfat";
options = ["umask=077"];
}; };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/nix"; device = "/dev/disk/by-label/nix";