tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity

encrypt usbkey

Browse source
This commit is contained in:
tristan 2023-04-19 08:46:26 +01:00
parent 74777d7f12
commit 97b8d30b7c
1 changed files with 14 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

16
system/zenix/hardware.nix
View file

@ -9,7 +9,7 @@
]; ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = ["uas" "usbcore" "usb_storage" "vfat" "nls_cp437" "nls_iso8859_1"];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -19,10 +19,22 @@
options = [ "subvol=@" "compress=zstd" "autodefrag" ]; options = [ "subvol=@" "compress=zstd" "autodefrag" ];
}; };
boot.initrd.postDeviceCommands = pkgs.lib.mkBefore ''
mkdir -m 0755 -p /key
sleep 2
echo "found block devices"
ls /dev/disk/by-id/
cryptsetup luksOpen /dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0 usbkey
mount -n -t vfat -o ro /dev/mapper/usbkey /key
'';
boot.initrd.luks.devices."cryptroot" = { boot.initrd.luks.devices."cryptroot" = {
device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151"; device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151";
keyFileSize = 4096; keyFileSize = 4096;
keyFile = "/dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0"; keyFile = "/key/keyfile";
preLVM = false;
}; };
fileSystems."/home" = fileSystems."/home" =