From 24d6e7dd741c636269a0a76a03ed845a709f32e3 Mon Sep 17 00:00:00 2001
From: xmm16 <dev@fault.wtf>
Date: Thu, 12 Dec 2024 20:09:50 -0300
Subject: [PATCH] Systemdification is real

---
 hosts/micronix/system.nix | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/hosts/micronix/system.nix b/hosts/micronix/system.nix
index 19f66aa..97dbaf5 100644
--- a/hosts/micronix/system.nix
+++ b/hosts/micronix/system.nix
@@ -11,6 +11,33 @@
     generationsDir.copyKernels = true;
   };
 
+  boot.initrd = {
+    systemd = {
+      enable = true;
+      dbus = {
+        enable = true;
+      };
+      tpm2.enable = true;
+    };
+  };
+
+  boot.plymouth = {
+    enable = true;
+    theme = "tribar";
+  };
+
+  systemd = {
+    tpm2.enable = true;
+    sysupdate.enable = true;
+    oomd = {
+      enable = true;
+      enableRootSlice = true;
+      enableSystemSlice = true;
+      enableUserSlices = true;
+    };
+    enableStrictShellChecks = true;
+  };
+
   boot.kernelPackages = pkgs.linuxPackages_cachyos-lto;
 
   boot.kernelParams = [
@@ -26,7 +53,6 @@
     "debugfs=off"
     "oops=panic"
     "module.sig_enforce=1"
-    "lockdown=confidentiality"
     "mce=0"
     "quiet"
     "splash"
@@ -170,8 +196,6 @@
     forcePageTableIsolation = true;
   };
 
-  systemd.tpm2.enable = true;
-
   fonts = {
     enableGhostscriptFonts = true;
     enableDefaultPackages = true;