tux/nix-config
1
0
Fork 0
mirror of https://github.com/tuxdotrs/nix-config.git synced 2026-06-17 10:16:31 +05:30
Code Issues Actions Packages Projects Releases Wiki Activity

feat(boot): configure systemd-boot and GRUB based on options

Browse Source
This commit is contained in:
tux
2026-05-10 04:54:52 +05:30
parent bd6055cae5
commit cb3389bce6
2 changed files with 34 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
modules/nixos/boot/loader.nix
View File

@@ -1,8 +1,29 @@
{ {
flake.modules.nixos.boot = { flake.modules.nixos.boot =
boot.loader = { { config, lib, ... }:
timeout = 1; let
efi.canTouchEfiVariables = true; cfg = config.tnix.boot;
in
{
options.tnix.boot.legacy = {
enable = lib.mkEnableOption "legacy boot (GRUB) instead of systemd-boot";
};
config = lib.mkMerge [
{
boot.loader = {
timeout = 1;
efi.canTouchEfiVariables = true;
};
}
(lib.mkIf (!cfg.legacy.enable && !cfg.secure-boot.enable) {
boot.loader.systemd-boot.enable = true;
})
(lib.mkIf cfg.legacy.enable {
boot.loader.grub.enable = true;
})
];
}; };
};
} }

11
modules/nixos/boot/secure-boot.nix
View File

@@ -18,11 +18,16 @@
}; };
config = lib.mkIf cfg.secure-boot.enable { config = lib.mkIf cfg.secure-boot.enable {
environment.systemPackages = [ assertions = [
pkgs.sbctl {
assertion = !cfg.legacy.enable;
message = "secure-boot and legacy boot (GRUB) cannot be enabled at the same time";
}
]; ];
# Lanzaboote currently replaces the systemd-boot module. environment.systemPackages = [ pkgs.sbctl ];
# Lanzaboote replaces systemd-boot, so force it off
boot.loader.systemd-boot.enable = lib.mkForce false; boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = { boot.lanzaboote = {