Commit 2c2e79e71cbf

Vincent Demeester <vincent@sbr.pm>
2025-06-16 16:43:52
systems/kobe: small boot adjustements
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
main
1 parent 61bc139
Changed files (2)
systems
kobe
boot.nix
extra.nix
systems/kobe/boot.nix
@@ -10,13 +10,13 @@
   ];
   boot = {
     # Secure boot configuration
-    bootspec.enable = true;
+    # bootspec.enable = true;
     # First boot systemd-boot has to be enabled, then switch to lanzaboote
-    loader.systemd-boot.enable = lib.mkForce false;
-    lanzaboote = {
-      enable = true;
-      pkiBundle = "/var/lib/sbctl";
-    };
+    # loader.systemd-boot.enable = lib.mkForce false;
+    # lanzaboote = {
+    # enable = true;
+    # pkiBundle = "/var/lib/sbctl";
+    # };
     initrd.availableKernelModules = [
       "nvme"
       "rtsx_pci_sdmmc"
systems/kobe/extra.nix
@@ -1,4 +1,4 @@
-{ globals, ... }:
+{ globals, lib, ... }:
 {
   imports = [
     ../common/services/prometheus-exporters-node.nix
@@ -35,5 +35,5 @@
   security.pam.enableSSHAgentAuth = true;
 
   security.apparmor.enable = true;
-  # security.tpm2.enable = lib.mkForce false;
+  security.tpm2.enable = lib.mkForce false;
 }