From e67d268f8b478199f3537cdb97eb428ede964a3c Mon Sep 17 00:00:00 2001 From: Benedikt Peetz Date: Sat, 11 May 2024 17:40:19 +0200 Subject: feat(sys/boot): Provide the latest arch-iso as boot target --- sys/boot/default.nix | 41 +++++++++++++++++++++++++++++++---------- 1 file changed, 31 insertions(+), 10 deletions(-) (limited to 'sys/boot/default.nix') diff --git a/sys/boot/default.nix b/sys/boot/default.nix index 9606c7b3..625394e8 100644 --- a/sys/boot/default.nix +++ b/sys/boot/default.nix @@ -1,8 +1,4 @@ -{ - pkgs, - lib, - ... -}: { +{pkgs, ...}: { boot = { initrd = { #compressor = "lz4"; @@ -15,14 +11,39 @@ lanzaboote = { enable = true; pkiBundle = "/etc/secureboot"; + + settings = { + }; }; loader = { - # Lanzaboote currently replaces the systemd-boot module. - # This setting is usually set to true in configuration.nix - # generated at installation time. So we force it to false - # for now. - systemd-boot.enable = lib.mkForce false; + systemd-boot = { + # Lanzaboote currently replaces the systemd-boot module. + # This setting is usually set to true in configuration.nix + # generated at installation time. So we force it to false + # for now. + enable = false; + + # Disable editing the kernel command line (which could allow someone to become root) + editor = false; + + extraEntries = { + "live.conf" = '' + title Archlinux Live ISO + linux /live/vmlinuz-linux + initrd /live/initramfs-linux.img + options img_loop=/archlinux.iso copytoram + ''; + }; + + extraFiles = let + iso = import ./archlive_iso.nix {inherit pkgs;}; + in { + "archlinux.iso" = "${iso}/archlinux.iso"; + "live/initramfs-linux.img" = "${iso}/live/initramfs-linux.img"; + "live/vmlinuz-linux" = "${iso}/live/vmlinuz-linux"; + }; + }; grub = { enable = false; -- cgit 1.4.1