Feat(system/boot): Enable lanzaboote (and with it secure boot)

author: Soispha <soispha@vhack.eu> 2023-07-15 20:09:17 +0200
committer: Soispha <soispha@vhack.eu> 2023-07-15 20:09:55 +0200
commit: 59bc28565f102c0ce17d3cf513cdab058608b0dc (patch)
tree: 66623f11d41a435790612a4880d5ab05dc2e9716 /system/impermanence
parent: Fix(system/disks/hibernate): Try to activate it (diff)
download: nixos-config-59bc28565f102c0ce17d3cf513cdab058608b0dc.tar.gz
nixos-config-59bc28565f102c0ce17d3cf513cdab058608b0dc.zip
1 files changed, 8 insertions, 1 deletions
diff --git a/system/impermanence/default.nix b/system/impermanence/default.nix
index 126e9e10..8e6d81fb 100644
--- a/system/impermanence/default.nix
+++ b/system/impermanence/default.nix
@@ -5,6 +5,12 @@
       "/etc/NetworkManager" # store the networkmanager configs
     ]
     else [];
+  secureboot =
+    if config.boot.lanzaboote.enable
+    then [
+      "/etc/secureboot"
+    ]
+    else [];
   directories =
     [
       "/etc/nixos"
@@ -14,7 +20,8 @@
       #"/var/lib/nixos"
       #"/var/lib/systemd/coredump"
     ]
-    ++ networkmanager;
+    ++ networkmanager
+    ++ secureboot;
 in {
   # needed for the hm impermanence config
   programs.fuse.userAllowOther = true;
author	Soispha <soispha@vhack.eu>	2023-07-15 20:09:17 +0200
committer	Soispha <soispha@vhack.eu>	2023-07-15 20:09:55 +0200
commit	59bc28565f102c0ce17d3cf513cdab058608b0dc (patch)
tree	66623f11d41a435790612a4880d5ab05dc2e9716 /system/impermanence
parent	Fix(system/disks/hibernate): Try to activate it (diff)
download	nixos-config-59bc28565f102c0ce17d3cf513cdab058608b0dc.tar.gz nixos-config-59bc28565f102c0ce17d3cf513cdab058608b0dc.zip