You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a `secureboot.enrollKeys` field to the schematic, mapping to the
imager's `SDBootEnrollKeys` profile option (off / manual / if-safe /
force) for the ISO and disk image outputs. It controls systemd-boot's
`secure-boot-enroll` setting in loader.conf.
The default (if-safe) auto-enrolls SecureBoot keys only inside a virtual
machine, so on bare-metal keys are never enrolled unattended. Setting
force enables unattended enrollment when the UEFI firmware is in setup
mode, which network provisioning flows with no console operator require.
The corresponding imager flag was added in siderolabs/talos#13571; see
siderolabs/talos#12568 for the discussion.
Signed-off-by: Mickaël Canévet <mickael.canevet@proton.ch>
Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
0 commit comments