basesystem: set lanzaboote.settings.editor to false

This prevents gaining a root shell with init=/bin/sh
author: Silas Schöffel <sils@sils.li> 2024-04-09 16:44:21 +0200
committer: Silas Schöffel <sils@sils.li> 2024-04-10 18:04:16 +0200
commit: d0565553a231fc9a2cfbfca13d261199d1d0b8e8 (patch)
tree: 1f2e1122d09052542fde1734aef2c66c208fe64e
parent: flake.lock: update (diff)
download: nix-config-d0565553a231fc9a2cfbfca13d261199d1d0b8e8.tar.gz
nix-config-d0565553a231fc9a2cfbfca13d261199d1d0b8e8.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/nixos/sils/basesystem.nix b/modules/nixos/sils/basesystem.nix
index 1812feb..6d10f3f 100644
--- a/modules/nixos/sils/basesystem.nix
+++ b/modules/nixos/sils/basesystem.nix
@@ -28,6 +28,9 @@
         enable = true;
         configurationLimit = 10;
         pkiBundle = "/etc/secureboot";
+        settings = {
+          editor = false;
+        };
       };
       resumeDevice = config.sils.meta.mainDisk;
       kernelParams = ["resume_offset=369403136"];
author	Silas Schöffel <sils@sils.li>	2024-04-09 16:44:21 +0200
committer	Silas Schöffel <sils@sils.li>	2024-04-10 18:04:16 +0200
commit	d0565553a231fc9a2cfbfca13d261199d1d0b8e8 (patch)
tree	1f2e1122d09052542fde1734aef2c66c208fe64e
parent	flake.lock: update (diff)
download	nix-config-d0565553a231fc9a2cfbfca13d261199d1d0b8e8.tar.gz nix-config-d0565553a231fc9a2cfbfca13d261199d1d0b8e8.zip