Implement kernel signing

recipes/base/post-build.yml

@@ -0,0 +1,18 @@
+---
+# yaml-language-server: $schema=https://schema.blue-build.org/module-list-v1.json
+modules:
+  - type: script
+    env:
+      PUBLIC_KEY_DER_PATH: /etc/pki/akmods/certs/akmods-wunker-bunker.der
+    secrets:
+      - type: file
+        source: ./.secure-files/MOK.priv
+        mount: 
+          type: file
+          destination: /tmp/certs/private_key.priv
+    scripts:
+      - signkernel.sh
+  - type: initramfs
+    env:
+      DRACUT_NO_XATTR: '1'
+    source: local