From fca55ba34fed0630d0bccc010f977624e537f36a Mon Sep 17 00:00:00 2001
From: Lillian-Violet <git@lillianviolet.dev>
Date: Sat, 3 Feb 2024 18:10:52 +0100
Subject: [PATCH] Update boot for EDI, put the boot for GLaDOS in her own file
 now

---
 flake.nix                            | 4 ++--
 nixos/desktop/configuration.nix      | 6 ------
 nixos/hosts/EDI/configuration.nix    | 8 +++++++-
 nixos/hosts/GLaDOS/configuration.nix | 6 ++++++
 4 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/flake.nix b/flake.nix
index ea49f6d..6351a63 100644
--- a/flake.nix
+++ b/flake.nix
@@ -16,7 +16,7 @@
     # Also see the 'unstable-packages' overlay at 'overlays/default.nix'.
 
     # Lanzaboot (secure boot)
-    #lanzaboote.url = "github:nix-community/lanzaboote";
+    lanzaboote.url = "github:nix-community/lanzaboote";
 
     # Jovian nixos (steam deck)
     jovian.url = "github:Jovian-Experiments/Jovian-NixOS";
@@ -83,7 +83,7 @@
           # > Our main nixos configuration file <
           ./nixos/hosts/EDI/configuration.nix
           sops-nix.nixosModules.sops
-          #lanzaboote.nixosModules.lanzaboote
+          lanzaboote.nixosModules.lanzaboote
           home-manager.nixosModules.home-manager
           {
             home-manager.sharedModules = [plasma-manager.homeManagerModules.plasma-manager];
diff --git a/nixos/desktop/configuration.nix b/nixos/desktop/configuration.nix
index adecf1e..fb02a9d 100644
--- a/nixos/desktop/configuration.nix
+++ b/nixos/desktop/configuration.nix
@@ -161,12 +161,6 @@
     enable = true;
   };
 
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.systemd-boot.configurationLimit = 3;
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.supportedFilesystems = ["bcachefs"];
-  boot.kernelPackages = pkgs.linuxPackages_latest;
-
   users.users = {
     lillian = {
       isNormalUser = true;
diff --git a/nixos/hosts/EDI/configuration.nix b/nixos/hosts/EDI/configuration.nix
index 8bc0b8a..1929455 100644
--- a/nixos/hosts/EDI/configuration.nix
+++ b/nixos/hosts/EDI/configuration.nix
@@ -39,7 +39,13 @@
   networking.hostName = "EDI";
 
   boot.bootspec.enable = true;
-
+  boot = {
+    loader.systemd-boot.enable = lib.mkForce false;
+    lanzaboote = {
+      enable = true;
+      pkiBundle = "/etc/secureboot";
+    };
+  };
   # Enable bluetooth hardware
   hardware.bluetooth.enable = true;
 
diff --git a/nixos/hosts/GLaDOS/configuration.nix b/nixos/hosts/GLaDOS/configuration.nix
index 730f894..d42cb1c 100644
--- a/nixos/hosts/GLaDOS/configuration.nix
+++ b/nixos/hosts/GLaDOS/configuration.nix
@@ -28,6 +28,12 @@
     ./hardware-configuration.nix
   ];
 
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.systemd-boot.configurationLimit = 3;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.supportedFilesystems = ["bcachefs"];
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
   home-manager = {
     extraSpecialArgs = {inherit inputs outputs;};
     users = {