I am fairly new to nixOS (/linux in general) can someone tell me how we can boot The nixOS on a secure boot enabled laptop.
I currently have windows and Fedora on my system but want to try and learn nixOS. So i was thinking of replacing my fedora system with nixOS.
I downloaded the latest stable ios of nixOS but secure boot doesn’t allow me to boot into the ios. I dont want to disable secure boot just to try nixOS so is there any workaround for this.
Ubuntu, fedora didn’t require me to disable secure boot to boot into the live ios for installation and worked fine.
Was looking through this link and few latest comments suggested that nixOS ios already works with secure boot system.
NixOS does not support Secure Boot at this time. There are other projects like lanzaboote that can enable Secure Boot with NixOS but it’s not what you’re thinking. Lanzaboote is self-signed Secure Boot, while Windows, Ubuntu, and Fedora all worked for you because they’re Microsoft-signed. NixOS is a ways away from supporting self-signed Secure Boot upstream, and it’s a very far cry away from getting MS approval to be MS signed.
You can however still use Secure Boot if you reconfigure your machine for self-signing and enroll both your own keys and MS keys; that way you can only boot your own signed OS and MS signed OSes like Ubuntu. Whether or not your machine allows this depends on how lenient it is about Secure Boot. Sometimes machines just straight up won’t let you disable MS-only Secure Boot (this is rare). Sometimes they come with no Secure Boot enabled, but once configured, it can’t be disabled without the keys (don’t lose them!). But most of the time you can always just disable Secure Boot from the BIOS and reconfigure it however you want, no keys needed.
Point is, you can’t do it unless you want to start messing with keys, and in that case, it’s going to take some knowhow and you’re going to have to be careful.