From c9f9f1c52a1c4d7fb8af8502d87ec3c632257d68 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Thu, 8 Dec 2022 21:26:16 +0100
Subject: [PATCH] nixos/lanzaboote: pkiBundle is not actual optional

the installHook needs it.
---
 nix/lanzaboote.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/nix/lanzaboote.nix b/nix/lanzaboote.nix
index 2a651ad..5bab3b6 100644
--- a/nix/lanzaboote.nix
+++ b/nix/lanzaboote.nix
@@ -12,17 +12,16 @@ in
     enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
     pkiBundle = mkOption {
       type = types.nullOr types.path;
-      default = null;
       description = "PKI bundle containg db, PK, KEK";
     };
     publicKeyFile = mkOption {
       type = types.path;
-      default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.pem" else null;
+      default = "${cfg.pkiBundle}/keys/db/db.pem";
       description = "Public key to sign your boot files";
     };
     privateKeyFile = mkOption {
       type = types.path;
-      default = if cfg.pkiBundle != null then "${cfg.pkiBundle}/keys/db/db.key" else null;
+      default = "${cfg.pkiBundle}/keys/db/db.key";
       description = "Private key to sign your boot files";
     };
     package = mkOption {