From 17180722c1e1bbffb321fd3e487c886f545f16b8 Mon Sep 17 00:00:00 2001
From: Antoine Viallon <antoine@lesviallon.fr>
Date: Fri, 5 May 2023 11:50:18 +0200
Subject: [PATCH] [Hardening] Add sbctl to system packages Not really useful
 yet

---
 hardening.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hardening.nix b/hardening.nix
index 74b1c83..c022c0e 100644
--- a/hardening.nix
+++ b/hardening.nix
@@ -108,6 +108,9 @@ in
       (optional cfg.expensive "-a exit,always -F arch=b64 -S execve")
     ];
 
+    environment.systemPackages = with pkgs; [
+      sbctl # Secure Boot keys generation
+    ];
 
     systemd.services.dbus.serviceConfig = mkIf cfg.services.dbus {
       # Hardening