aboutsummaryrefslogtreecommitdiff
path: root/profiles/secureboot.nix
diff options
context:
space:
mode:
Diffstat (limited to 'profiles/secureboot.nix')
-rw-r--r--profiles/secureboot.nix17
1 files changed, 17 insertions, 0 deletions
diff --git a/profiles/secureboot.nix b/profiles/secureboot.nix
new file mode 100644
index 0000000..53df8e3
--- /dev/null
+++ b/profiles/secureboot.nix
@@ -0,0 +1,17 @@
+{ pkgs, lib, ... }:
+{
+ environment.persistence."/persist/save".directories = [
+ "/var/lib/sbctl"
+ ];
+
+ environment.systemPackages = [
+ pkgs.sbctl
+ ];
+
+ boot.loader.systemd-boot.enable = lib.mkForce false;
+
+ boot.lanzaboote = {
+ enable = true;
+ pkiBundle = "/var/lib/sbctl";
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-27 12:30:28 +0000