50 lines
756 B
Nix
50 lines
756 B
Nix
{
|
|
inputs,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
{
|
|
imports = [
|
|
inputs.lanzaboote.nixosModules.lanzaboote
|
|
];
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
sbctl
|
|
];
|
|
|
|
boot.bootspec.enable = true;
|
|
|
|
boot.initrd = {
|
|
availableKernelModules = [
|
|
"xhci_pci"
|
|
"thunderbolt"
|
|
"nvme"
|
|
"ahci"
|
|
"usbhid"
|
|
"sd_mod"
|
|
];
|
|
kernelModules = [ ];
|
|
systemd.enable = true;
|
|
};
|
|
|
|
boot.extraModulePackages = [ ];
|
|
|
|
boot.kernelModules = [ "kvm-intel" ];
|
|
|
|
boot.lanzaboote = {
|
|
enable = true;
|
|
pkiBundle = "/var/lib/sbctl";
|
|
};
|
|
|
|
boot.loader.efi = {
|
|
canTouchEfiVariables = true;
|
|
efiSysMountPoint = "efi";
|
|
};
|
|
|
|
boot.loader.systemd-boot = {
|
|
enable = lib.mkForce false;
|
|
xbootldrMountPoint = "/boot";
|
|
};
|
|
}
|