37 lines
725 B
Nix
37 lines
725 B
Nix
{ lib
|
|
, ...
|
|
}:
|
|
|
|
{
|
|
boot.loader.grub.efiInstallAsRemovable = lib.mkForce true;
|
|
boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
|
|
|
|
boot.initrd.availableKernelModules = [
|
|
"xhci_pci"
|
|
"ahci"
|
|
"usb_storage"
|
|
"sd_mod"
|
|
"rtsx_pci_sdmmc"
|
|
"aes_x86_64"
|
|
"aesni_intel"
|
|
"cryptd"
|
|
];
|
|
|
|
boot.kernelModules = [
|
|
"kvm-intel"
|
|
|
|
# Workaround for nm-pptp to enforce module load
|
|
"nf_conntrack_proto_gre"
|
|
"nf_conntrack_pptp"
|
|
];
|
|
|
|
boot.extraModprobeConfig = ''
|
|
options kvm-intel nested=1
|
|
options kvm-intel enable_shadow_vmcs=1
|
|
options kvm-intel enable_apicv=1
|
|
options kvm-intel ept=1
|
|
'';
|
|
boot.extraModulePackages = [ ];
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
}
|