JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
538312709e
nixpkgs/nixos/modules/services
History
rnhmjoj 538312709e
nixos/tcsd: several improvements and fixes 
- Actually run tcsd as tss/tss
- Install a udev rule to set /dev/tpm* permissions
- Remove systemd-udev-settle dependency, use dev-tpm0.device instead
- Use systemd-tmpfiles to set up the state directory
- Add documentation URI to tcsd.service

This module cannot be easily tested with a NixOS test due to the TPM
dependency. Technically, one could be emulated using swtpm[1], but this
is not packaged in Nixpkgs. If you computer has a real TPM you can do a
passthrough in Qemu, but this requires running the VM as root and of
course it's not determinstic:

    $ nix build -f nixos vm --arg configuration '
      {
        virtualisation.qemu.options = [
          "-tpmdev passthrough,id=tpm0,path=/dev/tpm0,cancel-path=/sys/class/tpm/tpm0/cancel"
          "-device tpm-tis,tpmdev=tpm0"
        ];
        users.users.root.hashedPassword = "";
        services.tcsd.enable = true;
      }'

After starting the VM, log in as root, you can check the service has
started with `systemctl status tcsd`.

[1]: https://github.com/stefanberger/swtpm
2021-02-28 19:54:19 +01:00
..
admin utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
amqp activemq: add type to configurationDir (#110450) 2021-01-22 11:11:05 +01:00
audio Merge pull request #112295 from thelegy/snapserver-fix-buffer-options 2021-02-07 17:10:34 +01:00
backup nixos/zrepl: init 2021-02-24 11:56:02 -08:00
blockchain/ethereum nixos/geth: initial service 2021-02-23 19:28:51 +01:00
cluster Merge pull request #111153 from helsinki-systems/hadoop 2021-02-02 14:14:41 +01:00
computing treewide: fix double quoted strings in meta.description 2021-01-24 19:56:59 +07:00
continuous-integration Improve todo 2021-02-10 10:36:00 +01:00
databases nixos/mysql: properly configure mariadb for galera recovery 2021-02-17 15:50:20 -05:00
desktops nixos/pipewire: only enable media-session if pipewire is enabled 2021-02-20 13:42:18 +01:00
development Revert "nixos/hoogle: add type" 2021-02-01 17:39:08 +01:00
editors treewide: fix double quoted strings in meta.description 2021-01-24 19:56:59 +07:00
games nixos/freeciv: init 2021-01-26 12:33:59 +01:00
hardware nixos/tcsd: several improvements and fixes 2021-02-28 19:54:19 +01:00
logging treewide: fix double quoted strings in meta.description 2021-01-24 19:56:59 +07:00
mail nixos/mlmmj: use appropriate postfix options 2021-02-17 16:00:59 +00:00
misc nixos/etesync-dav: init module 2021-02-17 10:43:08 +01:00
monitoring Merge pull request #86239 from tathougies/patch-2 2021-02-26 19:28:18 -06:00
network-filesystems Merge pull request #111455 from helsinki-systems/yandex 2021-01-31 15:25:10 +01:00
networking nixos/dnscrypt-proxy2: reallow @sync syscalls 2021-02-21 14:53:54 +01:00
printing nixos/printing: remove google cloud print 2021-02-18 02:21:38 +01:00
scheduling nixos/marathon: remove module 2020-08-15 16:59:58 +02:00
search nixos/elasticsearch-curator: add type 2021-01-27 11:50:19 -08:00
security Merge pull request #106698 from aanderse/nixos/clamav 2021-02-24 22:57:41 -05:00
system treewide: fix double quoted strings in meta.description 2021-01-24 19:56:59 +07:00
torrent nixos/deluge: add type 2021-01-28 14:30:23 -08:00
ttys nixos/services/kmscon: fix systemd configuration 2021-02-15 16:58:54 -05:00
video epgstation: 1.7.4 -> 1.7.5 2020-10-21 00:05:48 +09:00
wayland nixos/cage: supply pamEnvironment 2020-08-27 10:11:45 -05:00
web-apps miniflux: fix link to docs 2021-02-19 20:14:14 +01:00
web-servers nixos/httpd: fix lua paths 2021-02-11 11:56:06 +01:00
x11 Merge pull request #100569 from andersk/gdm-plymouth 2021-02-21 11:03:18 -05:00