swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add minimal config support (WIP)

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-07-04 19:54:45 +02:00
parent 34badc91d5
commit 49b557befa
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
26 changed files with 726 additions and 599 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/nixos/common/lanzaboote.nix
View file

@ -1,13 +1,13 @@
{ lib, config, ... }:
{ lib, config, minimal, ... }:
{
options.swarselsystems.modules.lanzaboote = lib.mkEnableOption "lanzaboote config";
config = lib.mkIf config.swarselsystems.modules.lanzaboote {
boot = {
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.swarselsystems.mkIfElse (config.swarselsystems.initialSetup || !config.swarselsystems.isSecureBoot) (lib.mkForce true) (lib.mkForce false);
systemd-boot.enable = lib.swarselsystems.mkIfElse (config.swarselsystems.initialSetup || minimal || !config.swarselsystems.isSecureBoot) (lib.mkForce true) (lib.mkForce false);
};
lanzaboote = lib.mkIf (!config.swarselsystems.initialSetup && config.swarselsystems.isSecureBoot) {
lanzaboote = lib.mkIf (!config.swarselsystems.initialSetup && !minimal && config.swarselsystems.isSecureBoot) {
enable = true;
pkiBundle = "/var/lib/sbctl";
configurationLimit = 6;