enable trustedgrub
parent
a130550dc3
commit
330f52bf3e
|
@ -13,6 +13,10 @@
|
||||||
loader.grub = {
|
loader.grub = {
|
||||||
enable = true;
|
enable = true;
|
||||||
device = "/dev/sda";
|
device = "/dev/sda";
|
||||||
|
trustedBoot = {
|
||||||
|
enable = true;
|
||||||
|
systemHasTPM = "YES_TPM_is_activated";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
kernelPackages = pkgs.linuxPackages_latest;
|
kernelPackages = pkgs.linuxPackages_latest;
|
||||||
kernelModules = ["nvidiabl" "kvm-intel"];
|
kernelModules = ["nvidiabl" "kvm-intel"];
|
||||||
|
@ -63,4 +67,5 @@
|
||||||
nix.maxJobs = 8;
|
nix.maxJobs = 8;
|
||||||
|
|
||||||
services.tcsd.enable = true; # it has a TPM. maybe use this?
|
services.tcsd.enable = true; # it has a TPM. maybe use this?
|
||||||
|
environment.systemPackages = with pkgs; [tpm-tools];
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue