diff options
| author | Gregor Kleen <gkleen@yggdrasil.li> | 2025-07-18 19:20:28 +0200 |
|---|---|---|
| committer | Gregor Kleen <gkleen@yggdrasil.li> | 2025-07-18 19:20:28 +0200 |
| commit | 5212255fa1d10cbd17cb9841ca0611b0ecc91922 (patch) | |
| tree | 833dfb0fc54821ebb8b533d5ecb3c6da42da8827 /hosts/sif | |
| parent | c2398564a6173e2aaf77f5fab6d559b90dc026ad (diff) | |
| download | nixos-5212255fa1d10cbd17cb9841ca0611b0ecc91922.tar nixos-5212255fa1d10cbd17cb9841ca0611b0ecc91922.tar.gz nixos-5212255fa1d10cbd17cb9841ca0611b0ecc91922.tar.bz2 nixos-5212255fa1d10cbd17cb9841ca0611b0ecc91922.tar.xz nixos-5212255fa1d10cbd17cb9841ca0611b0ecc91922.zip | |
lanzaboote
Diffstat (limited to 'hosts/sif')
| -rw-r--r-- | hosts/sif/default.nix | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/hosts/sif/default.nix b/hosts/sif/default.nix index 4cb6162e..4cdd4aa7 100644 --- a/hosts/sif/default.nix +++ b/hosts/sif/default.nix | |||
| @@ -13,7 +13,7 @@ in { | |||
| 13 | imports = with flake.nixosModules.systemProfiles; [ | 13 | imports = with flake.nixosModules.systemProfiles; [ |
| 14 | ./hw.nix | 14 | ./hw.nix |
| 15 | ./email ./libvirt ./greetd | 15 | ./email ./libvirt ./greetd |
| 16 | tmpfs-root bcachefs initrd-all-crypto-modules default-locale openssh rebuild-machines niri-unstable networkmanager | 16 | tmpfs-root bcachefs initrd-all-crypto-modules default-locale openssh rebuild-machines niri-unstable networkmanager lanzaboote |
| 17 | flakeInputs.nixos-hardware.nixosModules.lenovo-thinkpad-p1 | 17 | flakeInputs.nixos-hardware.nixosModules.lenovo-thinkpad-p1 |
| 18 | flakeInputs.impermanence.nixosModules.impermanence | 18 | flakeInputs.impermanence.nixosModules.impermanence |
| 19 | flakeInputs.nixVirt.nixosModules.default | 19 | flakeInputs.nixVirt.nixosModules.default |
| @@ -51,13 +51,8 @@ in { | |||
| 51 | 51 | ||
| 52 | blacklistedKernelModules = [ "nouveau" ]; | 52 | blacklistedKernelModules = [ "nouveau" ]; |
| 53 | 53 | ||
| 54 | # Use the systemd-boot EFI boot loader. | 54 | lanzaboote.configurationLimit = 15; |
| 55 | loader = { | 55 | loader = { |
| 56 | systemd-boot = { | ||
| 57 | enable = true; | ||
| 58 | configurationLimit = 15; | ||
| 59 | netbootxyz.enable = true; | ||
| 60 | }; | ||
| 61 | efi.canTouchEfiVariables = true; | 56 | efi.canTouchEfiVariables = true; |
| 62 | timeout = null; | 57 | timeout = null; |
| 63 | }; | 58 | }; |
| @@ -679,6 +674,7 @@ in { | |||
| 679 | "/var/lib/upower" | 674 | "/var/lib/upower" |
| 680 | "/var/lib/postfix" | 675 | "/var/lib/postfix" |
| 681 | "/etc/NetworkManager/system-connections" | 676 | "/etc/NetworkManager/system-connections" |
| 677 | config.boot.lanzaboote.pkiBundle | ||
| 682 | ]; | 678 | ]; |
| 683 | files = [ | 679 | files = [ |
| 684 | ]; | 680 | ]; |