19 lines
467 B
Bash
Executable file
19 lines
467 B
Bash
Executable file
#! /usr/bin/env nix-shell
|
|
#! nix-shell -i bash -p efitools
|
|
|
|
set -eux
|
|
|
|
mkdir signed
|
|
cp -L result/* signed/
|
|
|
|
loopdev=$(sudo losetup -f)
|
|
sudo losetup -P "$loopdev" signed/*.img
|
|
sudo mount "${loopdev}p1" /mnt -t vfat
|
|
|
|
sudo find signed/ /mnt/ -name "*.efi" -type f -exec sbsign --key <(echo "$DB_KEY") --cert <(echo "$DB_CRT") --output {} {} \;
|
|
|
|
sudo mkdir -p /mnt/loader/keys/patos
|
|
sudo cp keys/*.auth /mnt/loader/keys/patos/
|
|
|
|
sudo umount /mnt
|
|
sudo losetup -d "$loopdev"
|