nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lanazboote fix

Browse Source
This commit is contained in:
Lennart J. Kurzweg (Nx2)
2025-06-10 19:30:01 +02:00
parent ed18e8bd51
commit 5775bc88d6
2 changed files with 3 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
flake.nix
View File

@@ -12,7 +12,7 @@
nix-on-droid = { url = "github:nix-community/nix-on-droid/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-on-droid = { url = "github:nix-community/nix-on-droid/release-24.05"; inputs.nixpkgs.follows = "nixpkgs"; };
sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; sops-nix = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; };
lanzaboote = { url = "github:nix-community/lanzaboote/v0.3.0"; }; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; };
hyprland = { url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; }; hyprland = { url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; };
hyprland-plugins = { url = "github:hyprwm/hyprland-plugins"; inputs.hyprland.follows = "hyprland"; }; hyprland-plugins = { url = "github:hyprwm/hyprland-plugins"; inputs.hyprland.follows = "hyprland"; };

52
system-modules/boot.nix
View File

@@ -17,62 +17,14 @@ in
environment.systemPackages = with pkgs; [ sbctl ]; environment.systemPackages = with pkgs; [ sbctl ];
boot = { boot = {
lanzaboote = let lanzaboote = {
windows-efi-shell-fs-alias = "HD0a65535a2";
in {
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/var/lib/sbctl";
package = pkgs.lib.mkForce (pkgs.writeShellApplication {
name = "lzbt";
runtimeInputs = [
inputs.lanzaboote.packages.x86_64-linux.tool
pkgs.coreutils
pkgs.sbctl
];
# https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431
text = /*bash*/ ''
# execute normal lanazboote functionality
lzbt "$@"
# Create windows.nsh file
ESP='${config.boot.loader.efi.efiSysMountPoint}'
echo "${windows-efi-shell-fs-alias}:EFI\Microsoft\Boot\Bootmgfw.efi" > "$ESP/windows.nsh"
# cp efi-shell boot file
# systemd-boot will automatically add an entry for it
cp -f '${pkgs.edk2-uefi-shell.efi}' "$ESP/shellx64.efi"
# should exist already
mkdir -p "$ESP/loader/entries"
# sign shell file
sbctl sign -s "$ESP/shellx64.efi"
# Create windows.conf boot entry
cat << EOF > "$ESP/loader/entries/windows.conf"
title Windows-Hack
efi /shellx64.efi
options -nointerrupt -noconsolein -noconsoleout windows.nsh
EOF
'';
});
}; };
loader.systemd-boot = { loader.systemd-boot = {
enable = false; # let lanzaboote install systemd-boot enable = false; # let lanzaboote install systemd-boot
consoleMode = "max"; consoleMode = "max";
configurationLimit = 10; configurationLimit = 10;
# extraEntries = {
# "Windo7s-11.conf" = ''
# Windows eleven
# search --file --no-floppy --set=root /EFI/Microsoft/Boot/bootmgfw.efi
# chainloader (''${root})/EFI/Microsoft/Boot/bootmgfw.efi
# '';
# "Firmware.conf" = ''
# Firmware
# fwsetup
# '';
# "Shutdown.conf" = ''
# title Shutdown
# halt
# '';
# };
}; };
kernelPackages = pkgs.linuxPackages_zen; kernelPackages = pkgs.linuxPackages_zen;
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];