nixos/tests/limine/secure-boot.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / tests / limine / secure-boot.nix

at master 869 B view raw

 1{ lib, pkgs, ... }:
 2{
 3  name = "secureBoot";
 4  meta = {
 5    inherit (pkgs.limine.meta) maintainers;
 6  };
 7
 8  meta.platforms = [
 9    "aarch64-linux"
10    "i686-linux"
11    "x86_64-linux"
12  ];
13  nodes.machine =
14    { pkgs, ... }:
15    {
16      virtualisation.useBootLoader = true;
17      virtualisation.useEFIBoot = true;
18      virtualisation.useSecureBoot = true;
19      virtualisation.efi.OVMF = pkgs.OVMFFull.fd;
20      virtualisation.efi.keepVariables = true;
21
22      boot.loader.efi.canTouchEfiVariables = true;
23
24      boot.loader.limine.enable = true;
25      boot.loader.limine.efiSupport = true;
26      boot.loader.limine.secureBoot.enable = true;
27      boot.loader.limine.secureBoot.createAndEnrollKeys = true;
28      boot.loader.timeout = 0;
29    };
30
31  testScript = ''
32    machine.start()
33    assert "Secure Boot: enabled (user)" in machine.succeed("bootctl status")
34  '';
35}