diff --git a/hosts/deck/boot.nix b/hosts/deck/boot.nix
index f32cd65..3589982 100755
--- a/hosts/deck/boot.nix
+++ b/hosts/deck/boot.nix
@@ -10,7 +10,7 @@ in
     kernelModules = [ "nct6775" ];
     loader = {
       systemd-boot = {
-        enable = true;
+        enable = false;
         configurationLimit = 5;
         extraInstallCommands = ''
           ${pkgs.uutils-coreutils}/bin/uutils-echo "timeout 0
@@ -23,6 +23,20 @@ in
         canTouchEfiVariables = true;
         efiSysMountPoint = "/boot";
       };
+
+      lanzaboote = {
+        enable = true;
+        pkiBundle = "/etc/secureboot";
+        settings = {
+          console-mode = "max";
+        };
+        configurationLimit = 5;
+        extraInstallCommands = ''
+          ${pkgs.uutils-coreutils}/bin/uutils-echo "timeout 0
+          console-mode 1
+          default nixos-*" > /boot/loader/loader.conf
+        '';
+      };
     };
 
     plymouth = {
diff --git a/hosts/nas/boot.nix b/hosts/nas/boot.nix
index 084aae3..a85bf51 100755
--- a/hosts/nas/boot.nix
+++ b/hosts/nas/boot.nix
@@ -61,4 +61,8 @@ in
     # Enable binfmt emulation for ARM
     binfmt.emulatedSystems = [ "aarch64-linux" ]; # --argstr system aarch64-linux
   };
+
+  zramSwap = {
+    enable = true;
+  };
 }