enforce new flake schema. formatting.

2026-05-31 18:50:41 +02:00 · 2026-05-31 18:50:41 +02:00 · ecf5132cbb
commit ecf5132cbb
parent 4b0a90e00d
121 changed files with 1606 additions and 1554 deletions
--- a/modules/nixos/common/boot.nix
+++ b/modules/nixos/common/boot.nix
@ -1,20 +1,20 @@
 { lib, pkgs, ... }:

 {
-  # fix CVE-2026-31431
-  boot.kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "6.18.22") (
-    lib.mkDefault pkgs.linuxPackages_6_18
-  );
+  boot = {
+    # fix CVE-2026-31431
+    kernelPackages = lib.mkIf (lib.versionOlder pkgs.linux.version "6.18.22") (lib.mkDefault pkgs.linuxPackages_6_18);

-  # fix CVE-2026-43500
-  boot.extraModprobeConfig = ''
-    install esp4 ${pkgs.coreutils}/bin/false
-    install esp6 ${pkgs.coreutils}/bin/false
-    install rxrpc ${pkgs.coreutils}/bin/false
-  '';
-  boot.blacklistedKernelModules = [
-    "esp4"
-    "esp6"
-    "rxrpc"
-  ];
+    # fix CVE-2026-43500
+    extraModprobeConfig = ''
+      install esp4 ${pkgs.coreutils}/bin/false
+      install esp6 ${pkgs.coreutils}/bin/false
+      install rxrpc ${pkgs.coreutils}/bin/false
+    '';
+    blacklistedKernelModules = [
+      "esp4"
+      "esp6"
+      "rxrpc"
+    ];
+  };
 }