feat: NixOS | enable secure-boot on new system

2025-02-10 09:02:10 +05:00
parent b08b65e3ab
commit c4d6a69837
1 changed files with 2 additions and 2 deletions
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -15,12 +15,12 @@ in {
  boot = {
    loader = {
      # Set this to true on first install. This must be false for secure boot.
-      systemd-boot.enable = true;
+      systemd-boot.enable = lib.mkForce false;
      efi.canTouchEfiVariables = true;
    };

    lanzaboote = {
-      enable = false;
+      enable = true;
      pkiBundle = "/var/lib/sbctl";
    };
  };