From 5f43f81d51cb219df5dbfceedf21fb24eae69b6f Mon Sep 17 00:00:00 2001
From: Lillian-Violet <git@lillianviolet.dev>
Date: Tue, 10 Sep 2024 17:25:28 +0200
Subject: [PATCH] Disable lanzaboote on shodan for now

---
 flake.nix                            |  2 +-
 nixos/hosts/shodan/configuration.nix | 10 +++++-----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/flake.nix b/flake.nix
index 03cf2a4..bf5e57f 100644
--- a/flake.nix
+++ b/flake.nix
@@ -213,7 +213,7 @@
           # > Our main nixos configuration file <
           ./nixos/hosts/shodan/configuration.nix
           sops-nix.nixosModules.sops
-          lanzaboote.nixosModules.lanzaboote
+          #lanzaboote.nixosModules.lanzaboote
           disko.nixosModules.disko
           jovian.nixosModules.jovian
           home-manager.nixosModules.home-manager
diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix
index f7e0c3e..3b7eed4 100644
--- a/nixos/hosts/shodan/configuration.nix
+++ b/nixos/hosts/shodan/configuration.nix
@@ -207,13 +207,13 @@
   # This setting is usually set to true in configuration.nix
   # generated at installation time. So we force it to false
   # for now.
-  boot.loader.systemd-boot.enable = lib.mkForce false;
+  boot.loader.systemd-boot.enable = true;
   boot.initrd.systemd.enable = true;
 
-  boot.lanzaboote = {
-    enable = true;
-    pkiBundle = "/etc/secureboot";
-  };
+  #boot.lanzaboote = {
+  #  enable = true;
+  #  pkiBundle = "/etc/secureboot";
+  #};
   boot.loader.systemd-boot.configurationLimit = 3;
   boot.loader.timeout = 0;
   boot.loader.efi.canTouchEfiVariables = true;