Skip to content

Commit 889fba3

Browse files
PlopmenzPlopmenz
committed
replace clover with opencore
1 parent e5f9f47 commit 889fba3

1 file changed

Lines changed: 131 additions & 135 deletions

File tree

nix/os/boot.nix

Lines changed: 131 additions & 135 deletions
Original file line numberDiff line numberDiff line change
@@ -48,144 +48,140 @@ in
4848
pkgs.binutils
4949
]
5050
++ lib.optionals (boot == "BIOS") [ pkgs.gptfdisk ];
51-
text = lib.concatStrings [
52-
# Set environment
53-
''
54-
boot_json=/nix/var/nix/profiles/system/boot.json
55-
kernel=$(jq -r '."org.nixos.bootspec.v1".kernel' "$boot_json")
56-
initrd=$(jq -r '."org.nixos.bootspec.v1".initrd' "$boot_json")
57-
init=$(jq -r '."org.nixos.bootspec.v1".init' "$boot_json")
58-
kernelParams=$(jq -r '."org.nixos.bootspec.v1".kernelParams | join(" ")' "$boot_json")
59-
60-
esp=/boot
61-
tmp=$(mktemp -d)
62-
''
63-
64-
# Build UKI
65-
''
66-
ukify build \
67-
--linux="$kernel" \
68-
--initrd="$initrd" \
69-
--cmdline="init=$init $kernelParams" \
70-
--uname "${config.boot.kernelPackages.kernel.modDirVersion}" \
71-
--os-release "@${config.system.build.etc}/etc/os-release" \
72-
--output="$tmp/uki.efi"
73-
''
74-
75-
# Sign UKI
76-
''
77-
sbctl sign "$tmp/uki.efi"
78-
''
79-
80-
# Clean up ESP
81-
''
82-
rm -rf "''${esp:?}/*"
83-
''
84-
85-
# Move UKI to ESP
86-
''
87-
mkdir -p "$esp/EFI/BOOT"
88-
mv "$tmp/uki.efi" "$esp/EFI/BOOT/BOOT${lib.toUpper config.nixpkgs.hostPlatform.efiArch}.EFI"
89-
''
90-
91-
# Emulate UEFI on BIOS to allow UKI booting
92-
# https://github.com/NixOS/nixpkgs/issues/124132
93-
# https://wiki.archlinux.org/title/Clover#chainload_systemd-boot
94-
(lib.optionalString (boot == "BIOS") ''
95-
clover=${
96-
let
97-
version = "5165";
98-
in
99-
pkgs.fetchzip {
100-
name = "clover-${version}";
101-
url = "https://github.com/CloverHackyColor/CloverBootloader/releases/download/${version}/CloverV2-${version}.zip";
102-
sha256 = "sha256-KbaSQMJWNkBwdFKbYALCTfw0XcL5Cnfb2uIDzLdiLI0=";
51+
text =
52+
let
53+
arch = lib.toUpper config.nixpkgs.hostPlatform.efiArch;
54+
in
55+
lib.concatStrings [
56+
# Set environment
57+
''
58+
boot_json=/nix/var/nix/profiles/system/boot.json
59+
kernel=$(jq -r '."org.nixos.bootspec.v1".kernel' "$boot_json")
60+
initrd=$(jq -r '."org.nixos.bootspec.v1".initrd' "$boot_json")
61+
init=$(jq -r '."org.nixos.bootspec.v1".init' "$boot_json")
62+
kernelParams=$(jq -r '."org.nixos.bootspec.v1".kernelParams | join(" ")' "$boot_json")
63+
64+
esp=/boot
65+
tmp=$(mktemp -d)
66+
''
67+
68+
# Build UKI
69+
''
70+
ukify build \
71+
--linux="$kernel" \
72+
--initrd="$initrd" \
73+
--cmdline="init=$init $kernelParams" \
74+
--uname "${config.boot.kernelPackages.kernel.modDirVersion}" \
75+
--os-release "@${config.system.build.etc}/etc/os-release" \
76+
--output="$tmp/uki.efi"
77+
''
78+
79+
# Sign UKI
80+
''
81+
sbctl sign "$tmp/uki.efi"
82+
''
83+
84+
# Clean up ESP
85+
''
86+
rm -rf "''${esp:?}/*"
87+
''
88+
89+
# Move UKI to ESP
90+
''
91+
mkdir -p "$esp/EFI/BOOT"
92+
mv "$tmp/uki.efi" "$esp/EFI/BOOT/BOOT${arch}.EFI"
93+
''
94+
95+
# Emulate UEFI on BIOS to allow UKI booting
96+
# https://github.com/NixOS/nixpkgs/issues/124132
97+
# https://wiki.archlinux.org/title/Clover#chainload_systemd-boot
98+
(lib.optionalString (boot == "BIOS") ''
99+
oc=${
100+
let
101+
version = "1.0.6";
102+
in
103+
pkgs.fetchzip {
104+
name = "open-core-${version}";
105+
url = "https://github.com/acidanthera/OpenCorePkg/releases/download/${version}/OpenCore-${version}-RELEASE.zip";
106+
sha256 = "sha256-+YcwRZ4mbbyh4Ivbk1bzLPFLlYtKUON0n+Co0+cp8c8=";
107+
stripRoot = false;
108+
}
103109
}
104-
}
105-
boot0=$clover/BootSectors/boot0af
106-
boot1=$clover/BootSectors/boot1f32
107-
boot2=$clover/Bootloaders/x64/boot7
108-
disks=(${
109-
lib.concatStringsSep " " (map (disk: disk.device) (lib.attrValues config.disko.devices.disk))
110-
})
111-
112-
for disk in "''${disks[@]}"; do
113-
partition="1"
114-
case "$disk" in
115-
*nvme*|*mmcblk*)
116-
part="''${disk}p''${partition}"
117-
;;
118-
*)
119-
part="''${disk}''${partition}"
120-
;;
121-
esac
122-
123-
sgdisk --attributes="''${partition}:set:2" "$disk"
124-
125-
dd if="$boot0" of="$disk" bs=1 count=440 conv=notrunc
126-
127-
cp "$boot1" "$tmp/new_PBR"
128-
dd if="$part" of="$tmp/original_PBR" bs=512 count=1 conv=notrunc
129-
dd if="$tmp/original_PBR" of="$tmp/new_PBR" skip=3 seek=3 bs=1 count=87 conv=notrunc
130-
dd if="$tmp/new_PBR" of="$part" bs=512 count=1 conv=notrunc
131-
rm "$tmp/new_PBR" "$tmp/original_PBR"
132-
done
133-
134-
cp $boot2 "$esp/boot"
135-
mkdir -p "$esp/EFI"
136-
cp -a "$clover/EFI/CLOVER" "$esp/EFI/CLOVER"
137-
cat << EOF > "$esp/EFI/CLOVER/config.plist"
138-
<?xml version="1.0" encoding="UTF-8"?>
139-
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd">
140-
<plist version="1.0">
141-
<dict>
142-
<key>Boot</key>
110+
boot0=$oc/Utilities/LegacyBoot/boot0
111+
boot1=$oc/Utilities/LegacyBoot/boot1f32
112+
boot2=$oc/Utilities/LegacyBoot/boot${arch}-blockio
113+
disks=(${
114+
lib.concatStringsSep " " (map (disk: disk.device) (lib.attrValues config.disko.devices.disk))
115+
})
116+
117+
for disk in "''${disks[@]}"; do
118+
partition="1"
119+
case "$disk" in
120+
*nvme*|*mmcblk*)
121+
part="''${disk}p''${partition}"
122+
;;
123+
*)
124+
part="''${disk}''${partition}"
125+
;;
126+
esac
127+
128+
sgdisk --attributes="''${partition}:set:2" "$disk"
129+
130+
dd if="$boot0" of="$disk" bs=1 count=446 conv=notrunc
131+
132+
cp "$boot1" "$tmp/new_PBR"
133+
dd if="$part" of="$tmp/original_PBR" count=1
134+
dd if="$tmp/original_PBR" of="$tmp/new_PBR" skip=3 seek=3 bs=1 count=87 conv=notrunc
135+
dd if=/dev/random of="$tmp/new_PBR" skip=496 seek=496 bs=1 count=14 conv=notrunc
136+
dd if="$tmp/new_PBR" of="$part"
137+
rm "$tmp/new_PBR" "$tmp/original_PBR"
138+
done
139+
140+
cp $boot2 "$esp/boot"
141+
mkdir -p "$esp/EFI"
142+
cp -a "$oc/${arch}/EFI/OC" "$esp/EFI/OC"
143+
cat << EOF > "$esp/EFI/OC/config.plist"
144+
<?xml version="1.0" encoding="UTF-8"?>
145+
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
146+
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
147+
<plist version="1.0">
143148
<dict>
144-
<key>DefaultVolume</key>
145-
<string>EFI</string>
146-
<key>DefaultLoader</key>
147-
<string>\EFI\BOOT\BOOT${lib.toUpper config.nixpkgs.hostPlatform.efiArch}.EFI</string>
148-
<key>Fast</key>
149-
<true/>
149+
<key>Misc</key>
150+
<dict>
151+
<key>BlessOverride</key>
152+
<array>
153+
<string>\EFI\BOOT\BOOT${arch}.EFI</string>
154+
</array>
155+
156+
<key>Boot</key>
157+
<dict>
158+
<key>ShowPicker</key>
159+
<true/>
160+
<key>PickerMode</key>
161+
<string>External</string>
162+
</dict>
163+
164+
<key>Security</key>
165+
<dict>
166+
<key>ScanPolicy</key>
167+
<integer>0</integer>
168+
</dict>
169+
</dict>
150170
</dict>
151-
<key>GUI</key>
152-
<dict>
153-
<key>Custom</key>
154-
<dict>
155-
<key>Entries</key>
156-
<array>
157-
<dict>
158-
<key>Hidden</key>
159-
<false/>
160-
<key>Disabled</key>
161-
<false/>
162-
<key>Volume</key>
163-
<string>EFI</string>
164-
<key>Path</key>
165-
<string>\EFI\BOOT\BOOT${lib.toUpper config.nixpkgs.hostPlatform.efiArch}.EFI</string>
166-
<key>Title</key>
167-
<string>XnodeOS</string>
168-
<key>Type</key>
169-
<string>Linux</string>
170-
</dict>
171-
</array>
172-
</dict>
173-
</dict>
174-
</dict>
175-
</plist>
176-
EOF
177-
'')
178-
179-
# Update unattended disk decryption lock
180-
(lib.optionalString (tpm == "2") ''
181-
SYSTEMD_ESP_PATH="$esp" ${config.systemd.package}/lib/systemd/systemd-pcrlock make-policy --pcr=7
182-
'')
183-
184-
# Remove temporary files
185-
''
186-
rm -rf "$tmp"
187-
''
188-
];
171+
</plist>
172+
EOF
173+
'')
174+
175+
# Update unattended disk decryption lock
176+
(lib.optionalString (tpm == "2") ''
177+
SYSTEMD_ESP_PATH="$esp" ${config.systemd.package}/lib/systemd/systemd-pcrlock make-policy --pcr=7
178+
'')
179+
180+
# Remove temporary files
181+
''
182+
rm -rf "$tmp"
183+
''
184+
];
189185
}
190186
)}";
191187
};

0 commit comments

Comments
 (0)