fabianhauser/dotfiles
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Add lanzaboote secure boot support

Browse source
This commit is contained in:
Fabian Hauser 2024-08-28 17:18:06 +03:00
parent f98abcd5fc
commit 099aeaae99
5 changed files with 230 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

7
host/ochsenchopf/filesystems.nix
View file

@ -34,6 +34,11 @@
swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.loader.efi.canTouchEfiVariables = true;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
}