sys/boot: rename sb.nix -> secure-boot.nix

author: Alejandro Soto <alejandro@34project.org> 2025-07-23 20:37:33 -0600
committer: Alejandro Soto <alejandro@34project.org> 2025-07-23 20:37:33 -0600
commit: 7a6f4790282d001e2c7adbdaa4806f8beed02ddb (patch)
tree: 59e4bd556c6d868afc68cab45c58631b39963da5 /sys/boot/sb.nix
parent: 9d01e6dd2213dccd566c6204bd81465d3da68e46 (diff)
1 files changed, 0 insertions, 37 deletions
diff --git a/sys/boot/sb.nix b/sys/boot/sb.nix
deleted file mode 100644
index bdf7f0f..0000000
--- a/sys/boot/sb.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-{ config, lib, pkgs, ... }:
-with lib; let
-  cfg = config.local.boot.secureBoot;
-in
-{
-  options.local.boot.secureBoot = {
-    enable = mkEnableOption "secure boot";
-  };
-
-  config = mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = config.local.boot.efi.enable;
-        message = "secure boot requires EFI";
-      }
-      {
-        assertion = config.local.boot.loader == "systemd-boot";
-        message = "lanzaboote requires systemd-boot";
-      }
-    ];
-
-    boot = {
-      loader.systemd-boot.enable = mkForce false;
-
-      lanzaboote = {
-        enable = true;
-        pkiBundle = "/etc/secureboot";
-      };
-    };
-
-    environment.systemPackages = [
-      pkgs.sbctl
-    ];
-
-    local.boot.impermanence.directories = [ "/etc/secureboot" ];
-  };
-}
author	Alejandro Soto <alejandro@34project.org>	2025-07-23 20:37:33 -0600
committer	Alejandro Soto <alejandro@34project.org>	2025-07-23 20:37:33 -0600
commit	7a6f4790282d001e2c7adbdaa4806f8beed02ddb (patch)
tree	59e4bd556c6d868afc68cab45c58631b39963da5 /sys/boot/sb.nix
parent	9d01e6dd2213dccd566c6204bd81465d3da68e46 (diff)