tmp

etcnixos/system-mreow.nix

@@ -58,10 +58,10 @@
   };
 
   boot = {
-    lanzaboote = {
-      enable = true;
-      pkiBundle = "/etc/secureboot";
-    };
+    # lanzaboote = {
+    # enable = true;
+    # pkiBundle = "/etc/secureboot";
+    # };
 
     # Bootloader.
     loader = {
@@ -71,7 +71,7 @@
         generated at installation time. So we force it to false
         for now.
       */
-      systemd-boot.enable = lib.mkForce false;
+      # systemd-boot.enable = lib.mkForce false;
     };
 
     kernelParams = [
@@ -110,15 +110,15 @@
   # if I move to another lock screen program, i will have to replace `swaylock`
   security.pam.services.swaylock = { };
 
-  system.activationScripts = {
-    # extract all my secureboot keys
-    "secureboot-keys".text = ''
-      #!/bin/sh
-      rm -fr ${config.boot.lanzaboote.pkiBundle} || true
-      mkdir -p ${config.boot.lanzaboote.pkiBundle}
-      ${pkgs.gnutar}/bin/tar xf ${./secrets/secureboot.tar} -C ${config.boot.lanzaboote.pkiBundle}
-    '';
-  };
+  # system.activationScripts = {
+  #   # extract all my secureboot keys
+  #   "secureboot-keys".text = ''
+  #     #!/bin/sh
+  #     rm -fr ${config.boot.lanzaboote.pkiBundle} || true
+  #     mkdir -p ${config.boot.lanzaboote.pkiBundle}
+  #     ${pkgs.gnutar}/bin/tar xf ${./secrets/secureboot.tar} -C ${config.boot.lanzaboote.pkiBundle}
+  #   '';
+  # };
 
   # disable framework kernel module
   # https://github.com/NixOS/nixos-hardware/issues/1330