From a5be75577750bf64e16874e4b9b6a6bb092a4fa0 Mon Sep 17 00:00:00 2001
From: Freya Murphy <freya@freyacat.org>
Date: Thu, 11 Sep 2025 11:28:39 -0400
Subject: add tpm support

---
 system/tpm.nix | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 system/tpm.nix

(limited to 'system/tpm.nix')

diff --git a/system/tpm.nix b/system/tpm.nix
new file mode 100644
index 0000000..c7507da
--- /dev/null
+++ b/system/tpm.nix
@@ -0,0 +1,14 @@
+{
+  lib,
+  config,
+  ...
+}: let
+  inherit (lib) mkIf;
+in {
+  config = mkIf config.tpm {
+    security.tpm2.enable = true;
+    security.tpm2.pkcs11.enable = true;
+    security.tpm2.tctiEnvironment.enable = true;
+    users.groups.tss.members = [config.user];
+  };
+}
-- 
cgit v1.2.3-freya