From 919b70b29fc607d1d76f1e3e621d969c7ab13b8e Mon Sep 17 00:00:00 2001
From: r-vdp <ramses@well-founded.dev>
Date: Fri, 5 Jun 2026 18:01:06 +0300
Subject: [PATCH] nixos/systemd-boot: refuse to wipe ESP when no generations
 found

---
 .../boot/loader/systemd-boot/systemd-boot-builder.py  | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
index 801b598233ae..a0d4256c3c0f 100644
--- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
+++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py
@@ -532,6 +532,17 @@ def install_bootloader(args: argparse.Namespace) -> None:
     for profile in get_profiles():
         gens += get_generations(profile)
 
+    if not gens:
+        # With zero generations we would garbage-collect every kernel,
+        # initrd and loader entry off the ESP, leaving the system
+        # unbootable.
+        print(
+            "error: no system generations found in /nix/var/nix/profiles, "
+            "refusing to remove all boot loader entries",
+            file=sys.stderr,
+        )
+        sys.exit(1)
+
     boot_files: BootFileList = []
     critical_paths: set[Path] = set()