nix/modules/secureboot.nix

18 lines
554 B
Nix
Raw Normal View History

2023-07-12 16:43:21 +02:00
{ lib, config, pkgs, ...}: {
# Bootloader
boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.cleanOnBoot = true;
# Plymouth splash screen
boot.plymouth.enable = true;
2023-08-22 07:04:56 +02:00
# https://github.com/adi1090x/plymouth-themes
boot.plymouth.theme = "red_loader";
2023-08-22 10:52:22 +02:00
boot.plymouth.themePackages = [ adi1090x-plymouth-themes ];
boot.initrd.systemd.enable = true;
boot.kernelParams = ["quiet"];
# SecureBoot
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote.enable = true;
boot.lanzaboote.pkiBundle = "/etc/secureboot";
}