This includes the options of all modules used in the evaluation, not
just the ones from `<nixpkgs/nixos>` in the local manual.
Right now this breaks with
error: attribute 'loader' missing
at /nix/store/wf59fvxch3l5s7x0pnpfv7b26q6y010x-source/nix/modules/lanzaboote.nix:26:17:
25| configurationLimit = mkOption {
26| default = config.boot.loader.systemd-boot.configurationLimit;
| ^
27| example = 120;
I'm not sure what's up with `config.boot.loader` (had the exact same
issue with `disko`), but using `defaultText` is the common workaround
for that.
We will hard fail in case of encountering different architectures in bootspec.
This should still be compatible with cross-compiling systems in the future.
This commit adds settings key for configuring systemd-boot to the lanzaboot
nixos module. The are couple of the default values that are set from the usual
nixos boot.loader.systemd-boot options, they are merged with the user defined
configuration.
This commit modifies default loader.conf to boot into the latest nixos
generation by default, for when you have other operating systems installed.
Primary reason behind this PR is to allow extensible loader configuration.
Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
To minimize the number of arguments passed to `lzbt`, the loader config
is assembled outside `lzbt` and passed as a single argument.
Instead of reimplementing `consoleMode` under the `lanzaboote`
namespace, `config.loader.systemd-boot.consoleMode` is reused as is.
The process of installing systemd-boot is "smarter" because it now
considers a a few conditions instead of doing nothing if there is a file
at the deistination path. systemd-boot is now forcibly installed (i.e.
overwriting any file at the destination) if (1) there is no file at the
destination, OR (2) a newer version of systemd-boot is available, OR (3)
the signature of the file at the destination could not be verified.
Maximilian Bosch