@fvrings this is the issue: OVMF.fd: Hardcoded directory on virt-manager (can break if profile don't referrence ovmf in the configuration after nix-collect-garbage) · Issue #378894 · NixOS/nixpkgs · GitHub
I managed to fix it for debian 12 and creating vms through virt manager
- Create a new VM with the same image/type of image
- Begin installation, then check the xml that was generated
- Look for:
<loader readonly="yes" secure="yes" type="pflash">/nix/store/xbfjilai721rzd9rf9dhhpv03xza4xp4-qemu-9.1.3/share/qemu/edk2-x86_64-secure-code.fd</loader>
Overwrite in your broken VM this line.
This might fix it, in my case I got: “Cannot boot from misc uefi device”
If so
-
Hit enter to go to boot manager → boot maintenance → boot by file and find grub, hit enter and it will boot
-
Linux will now boot then run these commands, modify as needed:
sudo grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=debian
sudo update-grub
Reboot, and all is good now BUT it will break on a next update
I found this dir /run/libvirt/nix-ovmf but it doesn’t contain the uefi_secure_boot.fd for some reason, so the hash will change every update.