From 3c89dcaef4abb0562d167268042c8c19fb0a5300 Mon Sep 17 00:00:00 2001 From: Rouven Seifert Date: Tue, 3 Jan 2023 18:18:09 +0100 Subject: [PATCH] added secure boot to qemu vms --- hosts/thinkpad/default.nix | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/hosts/thinkpad/default.nix b/hosts/thinkpad/default.nix index facfe07..64c7b36 100755 --- a/hosts/thinkpad/default.nix +++ b/hosts/thinkpad/default.nix @@ -64,6 +64,19 @@ virtualisation.libvirtd.enable = true; virtualisation.spiceUSBRedirection.enable = true; + # fix to enable secure boot in vms + environment.etc = { + "ovmf/edk2-x86_64-secure-code.fd" = { + source = config.virtualisation.libvirtd.qemu.package + "/share/qemu/edk2-x86_64-secure-code.fd"; + }; + + "ovmf/edk2-i386-vars.fd" = { + source = config.virtualisation.libvirtd.qemu.package + "/share/qemu/edk2-i386-vars.fd"; + mode = "0644"; + user = "libvirtd"; + }; + }; + environment.systemPackages = with pkgs; [ # essentials