From f403b17ed1071fc51f692190c34f08aa440ce8f7 Mon Sep 17 00:00:00 2001
From: Leon Vatthauer <leon.vatthauer@fau.de>
Date: Sun, 16 Feb 2025 22:47:33 +0100
Subject: [PATCH] Fix security flaw and remove systemd-boot timeout for gunther

---
 absol/configuration.nix   | 1 +
 gunther/configuration.nix | 2 ++
 2 files changed, 3 insertions(+)

diff --git a/absol/configuration.nix b/absol/configuration.nix
index 490be4c..24617a6 100755
--- a/absol/configuration.nix
+++ b/absol/configuration.nix
@@ -50,6 +50,7 @@
   boot.loader.efi.canTouchEfiVariables = true;
   boot.loader.efi.efiSysMountPoint = "/boot";
   boot.loader.systemd-boot.enable = true;
+  boot.loader.systemd-boot.editor = false;
   boot.plymouth.enable = true;
 
   # udev for brillo
diff --git a/gunther/configuration.nix b/gunther/configuration.nix
index 9489742..a879f39 100755
--- a/gunther/configuration.nix
+++ b/gunther/configuration.nix
@@ -39,6 +39,7 @@
     kernelPackages = pkgs.linuxPackages_latest;
 
     # systemd-boot
+    loader.timeout = null;
     loader.efi.canTouchEfiVariables = true;
     loader.efi.efiSysMountPoint = "/boot";
     loader.systemd-boot = {
@@ -54,6 +55,7 @@
         enable = true;
         sortKey = "z_edk2";
       };
+      editor = false;
     };
     
     # plymouth