pluh 🗣
This commit is contained in:
parent
3ad9944baa
commit
668140531b
59 changed files with 985 additions and 219 deletions
28
modules/secure-boot.nix
Normal file
28
modules/secure-boot.nix
Normal file
|
|
@ -0,0 +1,28 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
inputs,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
cfg = config.setups.secureBoot;
|
||||
in {
|
||||
imports = [
|
||||
inputs.lanzaboote.nixosModules.lanzaboote
|
||||
];
|
||||
|
||||
options.setups.secureBoot.enable = lib.mkEnableOption "Secure Boot";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [
|
||||
pkgs.sbctl
|
||||
];
|
||||
|
||||
boot.loader.systemd-boot.enable = lib.mkForce false;
|
||||
|
||||
boot.lanzaboote = {
|
||||
enable = lib.mkForce true;
|
||||
pkiBundle = lib.mkDefault "/var/lib/sbctl";
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue