{
  config,
  inputs,
  pkgs,
  ...
}: {
  imports = with inputs; [
    chaotic.nixosModules.default
    ./loader.nix
    ./lanzaboote.nix
  ];
  boot = {
    plymouth.enable = true;
    consoleLogLevel = 0;
    kernelPackages = pkgs.linuxPackages_cachyos;
    kernelParams = [
      "amd_iommu=force_isolation"
      "debugfs=off"
      "efi=disable_early_pci_dma"
      "gather_data_sampling=force"
      "intel_iommu=on"
      "iommu.passthrough=0"
      "iommu.strict=1"
      "iommu=force"
      "page_alloc.shuffle=1"
      "vsyscall=none"
      # "ia32_emulation=0"
      # "lockdown=confidentiality"
      # "module.sig_enforce=1"
    ];
    initrd = {
      systemd.enable = true;
      systemd.tpm2.enable = false;
    };
  };
}