Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-29 07:10:51 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Activate secure boot

Browse source
This commit is contained in:
Julien Malka 2023-11-02 17:23:53 +01:00
parent 4d898e4a95
commit 968b0c90bd
Signed by: Luj
GPG key ID: 6FC74C847011FD83
1 changed files with 16 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
machines/telecom/default.nix
View file

@ -11,7 +11,12 @@
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
boot.initrd.systemd.enable = true;
sound.enable = true;
#hardware.pulseaudio.enable = true;
@ -48,6 +53,7 @@
displayManager.gdm.enable = true;
};
services.tailscale.enable = true;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
@ -104,6 +110,15 @@
];
services.gnome.gnome-keyring.enable = true;
services.openssh.extraConfig = ''
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
HostKey /etc/ssh/ssh_host_ed25519_key
TrustedUserCAKeys /etc/ssh/ssh_user_key.pub
MaxAuthTries 20
'';
system.stateVersion = "23.05";
}