diff options
| author | Franck Cuny <franck@fcuny.net> | 2026-01-25 08:20:25 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2026-01-25 08:29:39 -0800 |
| commit | 2777680940425a9a741a8ba1befef2fcf1cc139b (patch) | |
| tree | a86d7ea98aceb31325de04324ba59ebd5b20f96e /machines | |
| parent | enforce sorting in some places (diff) | |
| download | infra-2777680940425a9a741a8ba1befef2fcf1cc139b.tar.gz | |
enable lanzaboote
Diffstat (limited to 'machines')
| -rw-r--r-- | machines/framebox.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/machines/framebox.nix b/machines/framebox.nix index 15a82bd..34ef32b 100644 --- a/machines/framebox.nix +++ b/machines/framebox.nix @@ -9,6 +9,7 @@ wgPublicKey = "jf7T7TMKQWSgSXhUplldZDV9G2y2BjMmHIAhg5d26ng="; publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID76U5kt8DfBbuP16rMzfBTVTpjjPFKWnnheMALaCQEd"; ephemeralRoot = true; + secureBoot = true; age.secrets = { wireguard.file = ../secrets/framebox/wireguard.age; @@ -36,6 +37,7 @@ }; imports = [ + # keep-sorted start ../profiles/authelia.nix ../profiles/core-metrics.nix ../profiles/defaults.nix @@ -48,12 +50,14 @@ ../profiles/postgresql.nix ../profiles/remote-unlock.nix ../profiles/restic-backup.nix + ../profiles/secureboot.nix ../profiles/server.nix ../profiles/state.nix ../profiles/users/admin-user.nix ../profiles/users/builder.nix ../profiles/users/home-manager.nix ../profiles/wireguard.nix + # keep-sorted end ]; boot.kernelModules = [ "sg" ]; |