| 2 Aug 2025 |
 emily | by properly I mean unencrypted | 11:09:16 |
| emily | and surely you mean UEFI | 11:09:26 |
| emily | the reason we install with encrypted /boot on BIOS is that Calamares is too dumb to do anything else unless we make the mount point different for ESPs | 11:09:58 |
 K900 | I mean fully encrypted boot is not possible on legacy | 11:10:00 |
| K900 | Yes but we can just like, do that | 11:10:13 |
| emily | I don't think you understand what I'm saying | 11:10:34 |
| emily | we encrypt more on BIOS for bad reasons because of Calamares being stupid | 11:10:37 |
| K900 | Yes I know | 11:10:41 |
| K900 | But we don't have to do that | 11:10:46 |
| K900 | If we just use a different partition layout | 11:10:54 |
| emily | tbf systemd upstream lightly recommends /efi for ESPs so we could just do that and it would fix it | 11:10:58 |
| K900 | Or honestly it will take like five lines of code to fix this upstream too | 11:11:10 |
| emily | and a separate XBOOTLDR is probably not a terrible idea given Windows | 11:11:16 |
| emily | but you cannot have /boot as unencrypted FAT32 that is an ESP on UEFI and an XBOOTLDR on BIOS with unpatched Calamares | 11:11:57 |
| emily | which is going to be the natural default setup once we switch BIOS to Limine | 11:12:10 |
| emily | I wouldn't mind doing /efi though. but I bet it would annoy people | 11:12:46 |
 aloisw | Since when do they recommend /efi? | 11:15:23 |
 ElvishJerricco | systemd-gpt-auto-generator mounts the ESP on /efi unless /boot is an existing empty directory and isn't going to be used for XBOOTLDR | 11:16:52 |
| ElvishJerricco | i.e. it only mounts the ESP at /boot if it really really looks like this person is used to it being there | 11:17:11 |
| emily | yeah and the Lennart blog post advocating for the modern ESP/XBOOTLDR handling explicitly advocates for /efi for it | 11:17:48 |
| emily | that's the standard if you have XBOOTLDR as /boot but the post and man page are pretty clear that the recommendation is not conditional on that | 11:18:26 |
| emily | of course nobody does this in practice if you don't XBOOTLDR and probably some things still even do /boot/efi but it's the word of god on the matter | 11:19:06 |
| emily | XBOOTLDR is frankly probably a good idea anyway. our kernels and initrds are fairly big and we make more of them than most distros thanks to our generation handling | 11:20:13 |
| emily | and our handling when you get out of disk space on the boot partition is bad | 11:20:31 |
| emily | and graphical installer users are much more likely to be dual booting with an existing Windows-created anaemically-sized ESP | 11:21:00 |
| emily | FWIW https://gitlab.gnome.org/p3732/os-installer is a generic installer framework that looked like it might be nicer than Calamares when I took a brief look a while ago but I didn't go very in depth. there's a prototype NixOS thing for it linked but I wouldn't be surprised if it's wonky in the same ways as our Calamares one | 11:43:18 |
| emily | there's also https://github.com/snowfallorg/icicle. vlinkz has written more graphical NixOS installers than anyone else on the planet apparently | 11:43:47 |
| ElvishJerricco | oh also, it should also be noted why you want ESP at /efi and not /boot/efi. You can't have /boot as an automount if the ESP is at /boot/efi. It'll have to be always mounted instead of on demand. | 11:47:40 |
| emily | it could theoretically automount both but yes (although frankly that whole automounting business feels a little overengineered to me anyway) | 11:49:51 |
| emily | but that's only relevant when you have both | 11:49:58 |
