doc: add a more complete flakes fragment for quickstart

This commit is contained in:
Julian Stecklina 2023-02-19 19:34:52 +01:00
parent a75e2b4c95
commit 6e72e2fed2
1 changed files with 47 additions and 28 deletions

View File

@ -125,16 +125,32 @@ Below is a fragment of a NixOS configuration that enables the Secure
Boot stack.
```nix
{
description = "A SecureBoot-enabled NixOS configurations";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
lanzaboote = {
url = "github:nix-community/lanzaboote";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, lanzaboote, ...}: {
nixosConfigurations = {
yourHost = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
# ... other modules ...
# This is not a complete NixOS configuration and you need to reference
# your normal configuration here.
lanzaboote.nixosModules.lanzaboote
({ config, pkgs, lib, ... }: {
({ pkgs, lib, ... }: {
# This should already be here from switching to bootspec earlier.
# It's not required anymore, but also doesn't do any harm.
boot.bootspec.enable = true;
@ -157,6 +173,9 @@ nixosConfigurations = {
})
];
};
};
};
}
```
After you rebuild your system, check `sbctl verify` output: