diff --git a/hosts/dunamis/boot.nix b/hosts/dunamis/boot.nix
index 7ab401b..0ad1dea 100644
--- a/hosts/dunamis/boot.nix
+++ b/hosts/dunamis/boot.nix
@@ -1,10 +1,12 @@
 {
   pkgs,
+  config,
   inputs,
   ...
 }: {
   imports = with inputs; [
     chaotic.nixosModules.default
+    lanzaboote.nixosModules.lanzaboote
   ];
   boot = {
     # kernelPackages = pkgs.linuxPackages_latest;
@@ -42,9 +44,13 @@
     };
     loader.efi.canTouchEfiVariables = true;
     loader.systemd-boot = {
-      enable = true;
+      enable = !config.boot.lanzaboote.enable;
       consoleMode = "auto";
     };
+    lanzaboote = {
+      enable = true;
+      pkiBundle = "/var/lib/sbctl";
+    };
     plymouth.enable = true;
   };
   console = {
diff --git a/hosts/dunamis/services.nix b/hosts/dunamis/services.nix
index 5a7e2f8..bb9398b 100644
--- a/hosts/dunamis/services.nix
+++ b/hosts/dunamis/services.nix
@@ -24,7 +24,7 @@
       };
     };
     scx = {
-      enable = true;
+      enable = false;
       scheduler = "scx_flash";
     };
     logind = {