blob: 9606c7b3888d6db9fccd9eb2181423997d221e32 (
plain) (
tree)
|
|
{
pkgs,
lib,
...
}: {
boot = {
initrd = {
#compressor = "lz4";
#compressorArgs = ["-9"];
kernelModules = ["nvme" "btrfs"];
};
kernelPackages = pkgs.linuxPackages_latest;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
loader = {
# Lanzaboote currently replaces the systemd-boot module.
# This setting is usually set to true in configuration.nix
# generated at installation time. So we force it to false
# for now.
systemd-boot.enable = lib.mkForce false;
grub = {
enable = false;
# theme = pkgs.nixos-grub2-theme;
splashImage = ./boot_pictures/gnu.png;
efiSupport = true;
device = "nodev"; # only for efi
};
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
};
}
|