diff options
Diffstat (limited to 'hosts/thinklappi/basesystem.nix')
| -rw-r--r-- | hosts/thinklappi/basesystem.nix | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/hosts/thinklappi/basesystem.nix b/hosts/thinklappi/basesystem.nix index e5bc5ba..35fd908 100644 --- a/hosts/thinklappi/basesystem.nix +++ b/hosts/thinklappi/basesystem.nix @@ -18,12 +18,10 @@ kernelModules = ["kvm-intel"]; extraModulePackages = []; kernelPackages = pkgs.linuxPackages_latest; - loader = { - systemd-boot = { - enable = true; - configurationLimit = 3; - }; - efi.canTouchEfiVariables = true; + lanzaboote = { + enable = true; + configurationLimit = 3; + pkiBundle = "/etc/secureboot"; }; }; @@ -43,6 +41,11 @@ fsType = "btrfs"; options = ["subvol=networkmanagerconfig" "compress-force=zstd"]; }; + "/etc/secureboot" = { + device = "/dev/disk/by-label/nixos-root"; + fsType = "btrfs"; + options = ["subvol=secureboot" "compress-force=zstd"]; + }; "/etc/nixos" = { device = "/dev/disk/by-label/nixos-root"; fsType = "btrfs"; |