Hey, I’m having trouble setting up secure boot and TPM backed decryption with Endeavour OS Titan with systemd-boot. The only guides I found used mkinitcpio and Endeavour OS currently uses dracut. If someone could source a guide on how to do this it would be greatly appreciated.
Welcome to team purple! 
The ArchWiki has a good guide on secure boot and it’s what I followed to set up secure boot on my EnOS install. The key points for my install was deleting the existing keys and putting the UEFI in setup mode (scary), and using SBCTL to do all the heavy work. Read through the guide at least twice before doing the steps that apply to your system.
I don’t have encryption, so can’t comment on that.
Also Secure boot and TPM is just an Microsoft “invention” to track and secure what thy want.
No need for it in Linux.
Secure Boot only offer some extra security for some rare scenarios.