Removed pcr check for testing purposes

2025-12-07 10:52:39 +01:00
parent f496bf032f
commit 476523cc2f
3 changed files with 5 additions and 6 deletions
@@ -568,6 +568,8 @@ EOF

 postrun_action() {
  echo ""
+  # Add TPM2 boot disk decryption
+  # Add pcr-check.nix
 }

 nixos_update() {
@@ -7,8 +7,7 @@
    inputs.sops-nix.nixosModules.sops
    ./disks/disko.nix
    ./disks/snapraid.nix
-    ./disks/pcr-check.nix
-    ./hardware-configuration.nix
+#    ./disks/pcr-check.nix
  ];

  # Hardware settings
@@ -37,10 +36,8 @@
  boot.loader.efi.canTouchEfiVariables = true;

  # TPM2 PCR check
-  systemIdentity.enable = true;
-  # On first boot, get the value with: systemd-analyze pcrs 15 --json=short | jq -r ".[0].sha256"
-  # and place it here.
-  systemIdentity.pcr15 = null; # "6214de8c3d861c4b451acc8c4e24294c95d55bcec516bbf15c077ca3bffb6547";
+#  systemIdentity.enable = true;
+#  systemIdentity.pcr15 = null; 

  # Timezone
  time.timeZone = "Europe/Paris";