Trolli Schmittlauch
993308a2d3
First step in modularising the NixOS config, with a focus on separation of host-specific and common configs. Common modules still need to be split up and refined, several TODOs and FIXUPs remain in code. But the config builds fine on thinknix. Roughly based on/ inspired by https://johns.codes/blog/organizing-system-configs-with-nixos#using-nixos
21 lines
494 B
Nix
21 lines
494 B
Nix
{ config, lib, pkgs, inputs, ...}:
|
|
{
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
# UEFI secure boot
|
|
environment.systemPackages = [
|
|
pkgs.sbctl
|
|
];
|
|
# Lanzaboote currently replaces the systemd-boot module.
|
|
# This setting is usually set to true in configuration.nix
|
|
# generated at installation time. So we force it to false
|
|
# for now.
|
|
boot.loader.systemd-boot.enable = lib.mkForce false;
|
|
|
|
boot.lanzaboote = {
|
|
enable = true;
|
|
pkiBundle = "/etc/secureboot";
|
|
};
|
|
|
|
}
|