alyraffauf/nixcfg
1
0
Fork 0
mirror of https://github.com/alyraffauf/nixcfg.git synced 2024-12-22 05:12:56 -05:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

flake: add lanzaboote and systemd-boot modules; hosts: move bootloader settings to modules (#198)

Browse source
This commit is contained in:
Aly Raffauf 2024-12-20 21:31:05 -05:00 committed by GitHub
parent 89dc68452f
commit b3200ec381
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 33 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
common/lanzaboote.nix Normal file
View file

@ -0,0 +1,15 @@
{lib, ...}: {
boot = {
initrd.systemd.enable = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
};
}

10
common/systemd-boot.nix Normal file
View file

@ -0,0 +1,10 @@
{...}: {
boot = {
initrd.systemd.enable = true;
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
};
}

2
flake.nix
View file

@ -160,10 +160,12 @@
nixosModules = { nixosModules = {
common-auto-upgrade = import ./common/autoUpgrade.nix; common-auto-upgrade = import ./common/autoUpgrade.nix;
common-base = import ./common/base.nix; common-base = import ./common/base.nix;
common-lanzaboote = import ./common/lanzaboote.nix;
common-locale = import ./common/locale.nix; common-locale = import ./common/locale.nix;
common-mauville-share = import ./common/samba.nix; common-mauville-share = import ./common/samba.nix;
common-nix = import ./common/nix.nix; common-nix = import ./common/nix.nix;
common-pkgs = import ./common/pkgs.nix; common-pkgs = import ./common/pkgs.nix;
common-systemd-boot = import ./common/systemd-boot.nix;
common-tailscale = import ./common/tailscale.nix; common-tailscale = import ./common/tailscale.nix;
common-wifi-profiles = import ./common/wifi.nix; common-wifi-profiles = import ./common/wifi.nix;

6
hosts/fallarbor/default.nix
View file

@ -15,15 +15,11 @@
self.nixosModules.common-mauville-share self.nixosModules.common-mauville-share
self.nixosModules.common-nix self.nixosModules.common-nix
self.nixosModules.common-pkgs self.nixosModules.common-pkgs
self.nixosModules.common-systemd-boot
self.nixosModules.common-wifi-profiles self.nixosModules.common-wifi-profiles
self.nixosModules.hw-framework-13-intel-11th self.nixosModules.hw-framework-13-intel-11th
]; ];
boot.loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
};
environment.variables.GDK_SCALE = "1.5"; environment.variables.GDK_SCALE = "1.5";
networking.hostName = "fallarbor"; networking.hostName = "fallarbor";
system.stateVersion = "24.05"; system.stateVersion = "24.05";

15
hosts/lavaridge/default.nix
View file

@ -13,6 +13,7 @@
(import ./../../disko/luks-btrfs-subvolumes.nix {disks = ["/dev/nvme0n1"];}) (import ./../../disko/luks-btrfs-subvolumes.nix {disks = ["/dev/nvme0n1"];})
self.nixosModules.common-auto-upgrade self.nixosModules.common-auto-upgrade
self.nixosModules.common-base self.nixosModules.common-base
self.nixosModules.common-lanzaboote
self.nixosModules.common-locale self.nixosModules.common-locale
self.nixosModules.common-mauville-share self.nixosModules.common-mauville-share
self.nixosModules.common-nix self.nixosModules.common-nix
@ -23,20 +24,6 @@
self.nixosModules.hw-framework-13-amd-7000 self.nixosModules.hw-framework-13-amd-7000
]; ];
boot = {
initrd.systemd.enable = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
};
environment.variables.GDK_SCALE = "2"; environment.variables.GDK_SCALE = "2";
networking.hostName = "lavaridge"; networking.hostName = "lavaridge";

21
hosts/mauville/default.nix
View file

@ -17,6 +17,7 @@ in {
./stylix.nix ./stylix.nix
self.nixosModules.common-auto-upgrade self.nixosModules.common-auto-upgrade
self.nixosModules.common-base self.nixosModules.common-base
self.nixosModules.common-lanzaboote
self.nixosModules.common-locale self.nixosModules.common-locale
self.nixosModules.common-nix self.nixosModules.common-nix
self.nixosModules.common-pkgs self.nixosModules.common-pkgs
@ -26,27 +27,11 @@ in {
self.nixosModules.hw-common-amd-cpu self.nixosModules.hw-common-amd-cpu
self.nixosModules.hw-common-amd-gpu self.nixosModules.hw-common-amd-gpu
self.nixosModules.hw-common-bluetooth self.nixosModules.hw-common-bluetooth
self.nixosModules.hw-common-ssd
self.nixosModules.hw-common-gaming self.nixosModules.hw-common-gaming
self.nixosModules.hw-common-ssd
]; ];
boot = { boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" "r8169"];
initrd = {
availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" "r8169"];
systemd.enable = true;
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
};
networking.hostName = "mauville"; networking.hostName = "mauville";
services = { services = {

15
hosts/rustboro/default.nix
View file

@ -12,6 +12,7 @@
(import ./../../disko/luks-btrfs-subvolumes.nix {disks = ["/dev/sda"];}) (import ./../../disko/luks-btrfs-subvolumes.nix {disks = ["/dev/sda"];})
self.nixosModules.common-auto-upgrade self.nixosModules.common-auto-upgrade
self.nixosModules.common-base self.nixosModules.common-base
self.nixosModules.common-lanzaboote
self.nixosModules.common-locale self.nixosModules.common-locale
self.nixosModules.common-mauville-share self.nixosModules.common-mauville-share
self.nixosModules.common-nix self.nixosModules.common-nix
@ -21,20 +22,6 @@
self.nixosModules.hw-thinkpad-t440p self.nixosModules.hw-thinkpad-t440p
]; ];
boot = {
initrd.systemd.enable = true;
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
};
environment.variables.GDK_SCALE = "1.25"; environment.variables.GDK_SCALE = "1.25";
networking.hostName = "rustboro"; networking.hostName = "rustboro";
system.stateVersion = "24.05"; system.stateVersion = "24.05";