about summary refs log blame commit diff stats
path: root/sys/boot/default.nix
blob: 9606c7b3888d6db9fccd9eb2181423997d221e32 (plain) (tree)
1
2
3
4
5
6
7
8
9
10



       
              

                                       
      
                                               
                  
                    

                                    
              




                                                                
              
                       
                                         
                                              

                                        
 





                                    
{
  pkgs,
  lib,
  ...
}: {
  boot = {
    initrd = {
      #compressor = "lz4";
      #compressorArgs = ["-9"];
      kernelModules = ["nvme" "btrfs"];
    };

    kernelPackages = pkgs.linuxPackages_latest;

    lanzaboote = {
      enable = true;
      pkiBundle = "/etc/secureboot";
    };

    loader = {
      # Lanzaboote currently replaces the systemd-boot module.
      # This setting is usually set to true in configuration.nix
      # generated at installation time. So we force it to false
      # for now.
      systemd-boot.enable = lib.mkForce false;

      grub = {
        enable = false;
        # theme = pkgs.nixos-grub2-theme;
        splashImage = ./boot_pictures/gnu.png;
        efiSupport = true;
        device = "nodev"; # only for efi
      };

      efi = {
        canTouchEfiVariables = true;
        efiSysMountPoint = "/boot";
      };
    };
  };
}