mirror of
https://github.com/JasonN3/build-container-installer.git
synced 2025-12-25 10:57:55 +01:00
bf4d1368fc
* chore: First pass of adding secure boot key enrollment * feat: Add secure boot support * feat: Removed Test this media grub entry and set default to install * fix: simplify secureboot scripts --------- Co-authored-by: Kyle Gospodnetich <me@kylegospodneti.ch>
19 lines
486 B
Bash
Executable file
19 lines
486 B
Bash
Executable file
#!/bin/sh
|
|
|
|
set -oue pipefail
|
|
|
|
readonly SECUREBOOT_KEY="/run/install/repo/ublue-os-akmods-public-key.der"
|
|
readonly ENROLLMENT_PASSWORD="ublue-os"
|
|
|
|
if [[ ! -d "/sys/firmware/efi" ]]; then
|
|
echo "EFI mode not detected. Skipping key enrollment."
|
|
exit 0
|
|
fi
|
|
|
|
if [[ ! -f "${SECUREBOOT_KEY}" ]]; then
|
|
echo "Secure boot key not found: ${SECUREBOOT_KEY}"
|
|
exit 1
|
|
fi
|
|
|
|
mokutil --timeout -1 || :
|
|
echo -e "${ENROLLMENT_PASSWORD}\n${ENROLLMENT_PASSWORD}" | mokutil --import "${SECUREBOOT_KEY}" || :
|