{ config, pkgs, pkgs-unstable, lib, host, inputs, ... }: let grub-theme-ascii-diana = (pkgs.fetchFromGitea { domain = "git.nx2.site"; owner = "nx2"; repo = "grub-theme-ascii-diana"; rev = "0.5.0"; hash = "sha256-e+55NYsSsWY6GPbYUtdVEB9krueuCAWT3Ce/Ghops1g="; }); in { imports = if host == "NxNORTH" then [ inputs.lanzaboote.nixosModules.lanzaboote ] else []; config = if host == "NxNORTH" then { # I have to boot with secureboot becasue of the chinese spyware called Vanguard environment.systemPackages = with pkgs; [ sbctl ]; boot = { lanzaboote = let windows-efi-shell-fs-alias = "HD0a65535a2"; in { enable = true; pkiBundle = "/etc/secureboot"; package = lib.mkForce (pkgs.writeShellApplication { name = "lzbt"; runtimeInputs = [ inputs.lanzaboote.packages.x86_64-linux.tool pkgs.coreutils pkgs.sbctl ]; # https://forum.endeavouros.com/t/tutorial-add-a-systemd-boot-loader-menu-entry-for-a-windows-installation-using-a-separate-esp-partition/37431 text = /*bash*/ '' # execute normal lanazboote functionality lzbt "$@" # Create windows.nsh file ESP='${config.boot.loader.efi.efiSysMountPoint}' echo "${windows-efi-shell-fs-alias}:EFI\Microsoft\Boot\Bootmgfw.efi" > "$ESP/windows.nsh" # cp efi-shell boot file # systemd-boot will automatically add an entry for it cp -f '${pkgs.edk2-uefi-shell.efi}' "$ESP/shellx64.efi" # should exist already mkdir -p "$ESP/loader/entries" # sign shell file sbctl sign -s "$ESP/shellx64.efi" # Create windows.conf boot entry cat << EOF > "$ESP/loader/entries/windows.conf" title Windows-Hack efi /shellx64.efi options -nointerrupt -noconsolein -noconsoleout windows.nsh EOF ''; }); }; loader.systemd-boot = { enable = false; # let lanzaboote install systemd-boot consoleMode = "max"; configurationLimit = 10; # extraEntries = { # "Windo7s-11.conf" = '' # Windows eleven # search --file --no-floppy --set=root /EFI/Microsoft/Boot/bootmgfw.efi # chainloader (''${root})/EFI/Microsoft/Boot/bootmgfw.efi # ''; # "Firmware.conf" = '' # Firmware # fwsetup # ''; # "Shutdown.conf" = '' # title Shutdown # halt # ''; # }; }; kernelPackages = pkgs-unstable.linuxPackages_zen; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; kernelModules = [ "v4l2loopback" ]; extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1''; }; security.polkit.enable = true; } else if host == "NxXPS" then { boot = { loader = { efi.canTouchEfiVariables = true; grub = { enable = true; configurationLimit = 30; device = "nodev"; # useOSProber = true; efiSupport = true; theme = grub-theme-ascii-diana; font = "${grub-theme-ascii-diana}/unicode.pf2"; fontSize = 50; extraEntries = '' menuentry 'Windows 11' --class windows --class os $menuentry_id_option 'osprober-efi-0A97-7A2D' { insmod part_gpt insmod fat search --no-floppy --fs-uuid --set=root 0A97-7A2D chainloader /EFI/Microsoft/Boot/bootmgfw.efi } ''; }; }; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; kernelModules = [ "v4l2loopback" ]; extraModprobeConfig = ''options v4l2loopback devices=1 video_nr=1 card_label="OBS VCam" exclusive_caps=1''; }; } else { # NxACE boot = { loader = { efi.canTouchEfiVariables = true; grub = { enable = true; device = "nodev"; efiSupport = true; }; }; }; }; }