diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-11 17:40:19 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2024-05-11 17:40:19 +0200 |
| commit | e67d268f8b478199f3537cdb97eb428ede964a3c (patch) | |
| tree | 8af9c0e4a372a088d931a12f285cc4751efb0b93 /sys/boot/signing_key.nix | |
| parent | feat(hm/conf/firefox/conf/search): Add a direct nixos github pr search (diff) | |
| download | nixos-config-e67d268f8b478199f3537cdb97eb428ede964a3c.tar.gz nixos-config-e67d268f8b478199f3537cdb97eb428ede964a3c.zip | |
feat(sys/boot): Provide the latest arch-iso as boot target
Diffstat (limited to 'sys/boot/signing_key.nix')
| -rw-r--r-- | sys/boot/signing_key.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/sys/boot/signing_key.nix b/sys/boot/signing_key.nix new file mode 100644 index 00000000..788447be --- /dev/null +++ b/sys/boot/signing_key.nix @@ -0,0 +1,18 @@ +{pkgs ? (builtins.getFlake "nixpkgs").legacyPackages."x86_64-linux"}: +pkgs.stdenv.mkDerivation { + name = "archlinux_signing_keys"; + + outputHash = "sha256-evGWzkxMaZw3rlixKsyWCS/ZvNuZ+OfXQb6sgiHz9XY="; + outputHashAlgo = "sha256"; + NIX_SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; + + nativeBuildInputs = with pkgs; [ + sequoia-sq + ]; + + dontUnpack = true; + + buildPhase = '' + sq --verbose --no-cert-store --no-key-store network wkd fetch pierre@archlinux.org --output "$out" + ''; +} |