mirror of
https://github.com/ItsDrike/nixdots
synced 2024-11-10 08:19:42 +00:00
19 lines
726 B
Nix
19 lines
726 B
Nix
{ config, lib, ... }: let
|
|
cfg = config.myOptions.system.boot;
|
|
in {
|
|
boot.loader.systemd-boot = {
|
|
enable = true;
|
|
memtest86.enable = true;
|
|
|
|
# Enabling the editor will allow anyone to change the kernel params.
|
|
# This can be useful for debugging, however it is a potential security hole
|
|
# as this allows setting init=/bin/bash, which will boot directly into bash
|
|
# as root, bypassing any need for authentication.
|
|
#
|
|
# If you're using an encrypted setup, and you can't get into the system without
|
|
# entering a decryption password (or have TPM release it conditionally, only if
|
|
# the kernel parameters remain the same), this can safely be enabled.
|
|
editor = lib.mkDefault false;
|
|
};
|
|
}
|