small update
This commit is contained in:
parent
c4f6785845
commit
b1490ec9a8
SSH key fingerprint:
SHA256:Uj2AXqvtdCA4hn5Hq0ZonhIAyUqI1q4w2sMG3Z1TH7E
100 changed files with 187 additions and 1695 deletions
|
|
@ -1,95 +0,0 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
inherit (lib.modules) mkForce mkDefault;
|
||||
inherit (lib.options) mkOption mkEnableOption;
|
||||
inherit (lib.types) int;
|
||||
|
||||
cfg = config.modules.system.boot;
|
||||
in {
|
||||
options.modules.system.boot = {
|
||||
grub.enable = mkEnableOption "Grub, a bloated boot loader";
|
||||
systemd-boot.enable = mkEnableOption "Poetteringboot";
|
||||
timeout = mkOption {
|
||||
description = ''
|
||||
Set the boot loader's timeout. This is 0 by default, but preferably longer on remote servers to make switching to previous generations easier.
|
||||
'';
|
||||
type = int;
|
||||
# I love spamming space
|
||||
default = 0;
|
||||
};
|
||||
};
|
||||
config = {
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.systemd-boot.enable || cfg.grub.enable;
|
||||
message = "No bootloader is enabled.";
|
||||
}
|
||||
{
|
||||
assertion = cfg.systemd-boot.enable -> !cfg.grub.enable && cfg.grub.enable -> !cfg.systemd-boot.enable;
|
||||
message = "Please enable only ONE of systemd-boot or grub.";
|
||||
}
|
||||
];
|
||||
boot = {
|
||||
tmp.useTmpfs = true;
|
||||
consoleLogLevel = 0;
|
||||
|
||||
kernelParams = [
|
||||
"quiet"
|
||||
"splash"
|
||||
"rd.systemd.show_status=false"
|
||||
"rd.udev.log_level=3"
|
||||
"udev.log_priority=3"
|
||||
"boot.shell_on_fail"
|
||||
];
|
||||
|
||||
initrd = {
|
||||
verbose = false;
|
||||
systemd.enable = true;
|
||||
};
|
||||
loader = {
|
||||
efi.canTouchEfiVariables = true;
|
||||
timeout = mkDefault cfg.timeout;
|
||||
systemd-boot = {
|
||||
inherit (cfg.systemd-boot) enable;
|
||||
# INFO: Leaving this enabled is a security vulneratibility,
|
||||
# since we can just start /bin/sh from there and get root access.
|
||||
# Since I have FDE, this isn't _as_ critical, but it would still be
|
||||
# a bad idea to leave it enabled
|
||||
editor = mkForce false;
|
||||
consoleMode = "auto";
|
||||
configurationLimit = 5;
|
||||
};
|
||||
grub = {
|
||||
inherit (cfg.grub) enable;
|
||||
efiSupport = true;
|
||||
device = "nodev";
|
||||
configurationLimit = 5;
|
||||
};
|
||||
};
|
||||
plymouth = {
|
||||
enable = true;
|
||||
themePackages = [
|
||||
(pkgs.adi1090x-plymouth-themes.override
|
||||
{
|
||||
selected_themes = [
|
||||
"hud_3"
|
||||
];
|
||||
})
|
||||
];
|
||||
theme = "hud_3";
|
||||
};
|
||||
};
|
||||
powerManagement = {
|
||||
powerDownCommands = ''
|
||||
${pkgs.plymouth} --show-splash
|
||||
'';
|
||||
resumeCommands = ''
|
||||
${pkgs.plymouth} --quit
|
||||
'';
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue