I use UEFI Secure Boot, I have a bootloader (signed with my image signing key) that I don’t want NixOS to manage whatsoever that I use to boot into Windows, macOS and (hopefully soon) NixOS. For booting linux it uses Boot Loader Specification files it searches for in /loader/entries directories on partitions. I intend to compile kernels manually: I like to add my own patches, compile with clang and llvm tools, and I need to sign them with my image signing key anyway, so no point in letting NixOS handle that. How do I configure NixOS to only take care of the boot loader entries, if that’s possible? What it would need to do is keep the options bit there up to date, so the kernel commandline gets populated with the right parameters in terms of letting the kernel know where the current init is.
I don’t want to use grub, nor systemd-boot. All I require is that NixOS updates that ‘options’ part of the boot loader spec entry. If it’s not possible with any current configuration option, it should be doable with some hook and/or script, right?
what you want is a custom/new bootloader module in nixos. you can tell nixos to put kernel/initrd anywhere you want and modify/add any kind of config you want. If you are nix newbie it might take some time to figure out something like this.
There is a different option, you can use a grub2 in legacy mode with “nodev” device, so it will not install it on a disk, but will put both grub config and all the files in a predictable place, so you can configure any boot system to boot from it, or write a script to parse the config and do configuration of your bootloader
checkout this modules
That second option sounds basically exactly how I’ve been handling this same issue with Fedora (my current OS). Thanks a lot for the pointer!
it is a way, and it will work, but a future suggestion, when you are comfortable with nix, and if nixos becomes your main os, use it to build both the bootloader and the config to boot all the systems
But at that time you will already want to do exactly that)
I ended up using the systemd-boot option anyway, since after study of its nix file, I figured out it generates the /boot/loader/entries files exactly as I need them. Now it’s just a matter of adding a configuration option to the systemd-boot.nix to not make it actually copy any of the systemd bootloader files over