Last active
November 2, 2025 12:37
-
-
Save pooladkhay/eed2c67710cbdb55c121d503e541f387 to your computer and use it in GitHub Desktop.
I have been installing NVIDIA graphics drivers manually on Fedora Linux for years, and with Secure Boot enabled, manual signing was always required. Last night I did a clean install and thought it was time to automate this task with the help of my good friend, Claude. (I have verified this script on Fedora 43)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # NVIDIA Driver Installation Script for Fedora 43 with Secure Boot | |
| # This script automates the installation of official NVIDIA drivers with Secure Boot support | |
| set -e | |
| # Colors for output | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| YELLOW='\033[1;33m' | |
| NC='\033[0m' # No Color | |
| echo -e "${GREEN}========================================${NC}" | |
| echo -e "${GREEN}NVIDIA Driver Installation for Fedora 43${NC}" | |
| echo -e "${GREEN}with Secure Boot Support${NC}" | |
| echo -e "${GREEN}========================================${NC}\n" | |
| # Check if running as root | |
| if [ "$EUID" -eq 0 ]; then | |
| echo -e "${RED}Please do not run this script as root. It will use sudo when needed.${NC}" | |
| exit 1 | |
| fi | |
| # Check Secure Boot status | |
| echo -e "${YELLOW}Checking Secure Boot status...${NC}" | |
| if mokutil --sb-state 2>/dev/null | grep -q "SecureBoot enabled"; then | |
| echo -e "${GREEN}✓ Secure Boot is enabled${NC}\n" | |
| else | |
| echo -e "${YELLOW}Warning: Secure Boot status unclear or disabled${NC}" | |
| echo -e "Continuing anyway...\n" | |
| fi | |
| # Detect NVIDIA GPU | |
| echo -e "${YELLOW}Detecting NVIDIA GPU...${NC}" | |
| if lspci | grep -i nvidia &>/dev/null; then | |
| echo -e "${GREEN}✓ NVIDIA GPU detected:${NC}" | |
| lspci | grep -i nvidia | |
| echo "" | |
| else | |
| echo -e "${RED}✗ No NVIDIA GPU detected. Exiting.${NC}" | |
| exit 1 | |
| fi | |
| # Update system | |
| echo -e "${YELLOW}Updating system packages...${NC}" | |
| sudo dnf update -y | |
| echo -e "${GREEN}✓ System updated${NC}\n" | |
| # Enable RPM Fusion repositories | |
| echo -e "${YELLOW}Checking RPM Fusion repositories...${NC}" | |
| RPMFUSION_FREE_INSTALLED=false | |
| RPMFUSION_NONFREE_INSTALLED=false | |
| if dnf repolist enabled | grep -q "rpmfusion-free"; then | |
| echo -e "${GREEN}✓ RPM Fusion Free already enabled${NC}" | |
| RPMFUSION_FREE_INSTALLED=true | |
| else | |
| echo -e "${YELLOW}Installing RPM Fusion Free...${NC}" | |
| sudo dnf install -y https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm | |
| echo -e "${GREEN}✓ RPM Fusion Free enabled${NC}" | |
| fi | |
| if dnf repolist enabled | grep -q "rpmfusion-nonfree"; then | |
| echo -e "${GREEN}✓ RPM Fusion Nonfree already enabled${NC}" | |
| RPMFUSION_NONFREE_INSTALLED=true | |
| else | |
| echo -e "${YELLOW}Installing RPM Fusion Nonfree...${NC}" | |
| sudo dnf install -y https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm | |
| echo -e "${GREEN}✓ RPM Fusion Nonfree enabled${NC}" | |
| fi | |
| echo "" | |
| # Install required tools | |
| echo -e "${YELLOW}Installing required tools...${NC}" | |
| sudo dnf install -y akmods mokutil openssl kmodtool kernel-devel kernel-headers gcc make dkms acpid libglvnd-glx libglvnd-opengl libglvnd-devel pkgconfig | |
| echo -e "${GREEN}✓ Required tools installed${NC}\n" | |
| # Install NVIDIA drivers | |
| echo -e "${YELLOW}Installing NVIDIA drivers...${NC}" | |
| sudo dnf install -y akmod-nvidia xorg-x11-drv-nvidia-cuda xorg-x11-drv-nvidia-cuda-libs vdpauinfo libva-nvidia-driver libva-utils vulkan | |
| echo -e "${GREEN}✓ NVIDIA drivers installed${NC}\n" | |
| # Generate and import MOK key | |
| echo -e "${YELLOW}Generating MOK (Machine Owner Key)...${NC}" | |
| sudo kmodgenca -a | |
| echo -e "${GREEN}✓ MOK key generated${NC}\n" | |
| echo -e "${YELLOW}Enrolling MOK key for Secure Boot...${NC}" | |
| echo -e "${YELLOW}You will be prompted to create a password.${NC}" | |
| echo -e "${YELLOW}REMEMBER THIS PASSWORD - you'll need it on the next boot!${NC}\n" | |
| sudo mokutil --import /etc/pki/akmods/certs/public_key.der | |
| echo -e "${GREEN}✓ MOK key enrollment initiated${NC}\n" | |
| # Build kernel modules | |
| echo -e "${YELLOW}Building NVIDIA kernel modules...${NC}" | |
| echo -e "${YELLOW}This may take several minutes...${NC}" | |
| sudo akmods --force --kernels $(uname -r) | |
| echo -e "${GREEN}✓ Kernel modules built${NC}\n" | |
| # Check if module was built successfully | |
| if [ -f "/usr/lib/modules/$(uname -r)/extra/nvidia/nvidia.ko.xz" ] || [ -f "/usr/lib/modules/$(uname -r)/extra/nvidia/nvidia.ko" ]; then | |
| echo -e "${GREEN}✓ NVIDIA kernel module successfully built${NC}\n" | |
| else | |
| echo -e "${YELLOW}Warning: Module file not found in expected location. It may build on first boot.${NC}\n" | |
| fi | |
| # Create script to check status after reboot | |
| cat > ./check_nvidia.sh << 'EOF' | |
| #!/bin/bash | |
| echo "Checking NVIDIA driver status..." | |
| echo "" | |
| echo "Kernel modules:" | |
| lsmod | grep nvidia | |
| echo "" | |
| echo "Driver version:" | |
| modinfo -F version nvidia 2>/dev/null || echo "Module not loaded yet" | |
| echo "" | |
| echo "nvidia-smi output:" | |
| nvidia-smi 2>/dev/null || echo "nvidia-smi not available or driver not loaded" | |
| echo "" | |
| echo "If driver is not loaded, wait a few minutes for akmods to finish building or run: sudo akmods --force" | |
| EOF | |
| chmod +x ./check_nvidia.sh | |
| echo -e "${GREEN}========================================${NC}" | |
| echo -e "${GREEN}Installation Complete!${NC}" | |
| echo -e "${GREEN}========================================${NC}\n" | |
| echo -e "${YELLOW}IMPORTANT NEXT STEPS:${NC}" | |
| echo -e "1. Reboot your system: ${GREEN}sudo reboot${NC}" | |
| echo -e "2. During boot, you'll see the MOK Manager (blue screen)" | |
| echo -e "3. Select: ${GREEN}Enroll MOK${NC}" | |
| echo -e "4. Select: ${GREEN}Continue${NC}" | |
| echo -e "5. Select: ${GREEN}Yes${NC}" | |
| echo -e "6. Enter the password you just created" | |
| echo -e "7. Select: ${GREEN}Reboot${NC}" | |
| echo -e "8. Run: ${GREEN}./check_nvidia.sh${NC} to verify installation\n" | |
| echo -e "9. After every kernel update, wait 5-10 minutes for module building process to finish or build manually with: 'sudo akmods --force'\n" | |
| echo -e "${YELLOW}A helper script has been created at ./check_nvidia.sh${NC}" | |
| echo -e "${YELLOW}Run it after reboot to check the driver status.${NC}\n" | |
| read -p "Would you like to reboot now? (y/n) " -n 1 -r | |
| echo | |
| if [[ $REPLY =~ ^[Yy]$ ]]; then | |
| echo -e "${GREEN}Rebooting...${NC}" | |
| sudo reboot | |
| else | |
| echo -e "${YELLOW}Please reboot manually when ready: sudo reboot${NC}" | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment