tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity

decryption function

Browse source
This commit is contained in:
tristan 2024-01-08 21:53:43 +00:00
parent cd5a381451
commit f3eb45a361
7 changed files with 38 additions and 43 deletions
Download patch file Download diff file Expand all files Collapse all files

18
hardware/fcs-tristan-nixbook.nix
View file

@ -6,6 +6,7 @@
... ...
}: let }: let
user = config.user; user = config.user;
decrypt = import ../lib/decrypt.nix;
in { in {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
@ -22,19 +23,10 @@ in {
options = ["subvol=@" "compress=zstd" "autodefrag"]; options = ["subvol=@" "compress=zstd" "autodefrag"];
}; };
boot.initrd.postDeviceCommands = pkgs.lib.mkBefore '' boot.initrd.postDeviceCommands = pkgs.lib.mkBefore (decrypt {
mkdir -m 0755 -p /key keydevice = "/dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0";
keypartname = "usbkey";
until cryptsetup luksOpen /dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0 usbkey });
do
echo "Failed to unlock usbkey!"
echo "Found block devices:"
ls /dev/disk/by-id/
sleep 2
done
mount -n -t vfat -o ro /dev/mapper/usbkey /key
'';
boot.initrd.luks.devices."cryptroot" = { boot.initrd.luks.devices."cryptroot" = {
device = "/dev/disk/by-uuid/570cc51f-bd5c-4bee-a18f-f6aabaf60881"; device = "/dev/disk/by-uuid/570cc51f-bd5c-4bee-a18f-f6aabaf60881";

21
hardware/zenix.nix
View file

@ -6,6 +6,7 @@
... ...
}: let }: let
user = config.user; user = config.user;
decrypt = import ../lib/decrypt.nix;
in { in {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
@ -24,22 +25,10 @@ in {
options = ["subvol=@" "compress=zstd" "autodefrag"]; options = ["subvol=@" "compress=zstd" "autodefrag"];
}; };
boot.initrd.postDeviceCommands = pkgs.lib.mkBefore '' boot.initrd.postDeviceCommands = pkgs.lib.mkBefore (decrypt {
mkdir -m 0755 -p /key keydevice = "/dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0";
keypartname = "usbkey";
dev=/dev/disk/by-id/usb-Generic_Flash_Disk_BCC97785-0:0 });
sleep 1
until cryptsetup luksOpen "$dev" usbkey
do
echo "Insert key and press enter..."
read res
if test "$res" = "fzf"
then
ls /dev/disk/by-id | ${pkgs.fzf}/bin/fzf
fi
done
mount -n -t vfat -o ro /dev/mapper/usbkey /key
'';
boot.initrd.luks.devices."cryptroot" = { boot.initrd.luks.devices."cryptroot" = {
device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151"; device = "/dev/disk/by-uuid/cc0617df-8cbf-4618-abbc-df64c96de151";

3
home/programs/hyprland.nix
View file

@ -5,13 +5,12 @@
... ...
}: let }: let
modifier = config.windowManager.modifierKey; modifier = config.windowManager.modifierKey;
in { in {
imports = [ imports = [
(import ./swaylock.nix) (import ./swaylock.nix)
(import ./swayidle.nix) (import ./swayidle.nix)
(import ./waybar.nix) (import ./waybar.nix)
(import ./hycov.nix) # (import ./hycov.nix)
]; ];
xdg.portal = { xdg.portal = {
enable = true; enable = true;

15
lib/decrypt.nix Normal file
View file

@ -0,0 +1,15 @@
{
keydevice,
keypartname,
}: ''
mkdir -m 0755 -p /key
dev=${keydevice}
sleep 1
until cryptsetup luksOpen "$dev" usbkey
do
echo "Insert key and press enter..."
read res
done
mount -n -t vfat -o ro /dev/mapper/${keypartname} /key
''

6
nixos/modules/display.nix
View file

@ -62,7 +62,8 @@ with lib; let
name = display.name; name = display.name;
value = let value = let
res = display.resolution; res = display.resolution;
in { in
{
mode = mode =
mkIf (!resUnset res) mkIf (!resUnset res)
"${toString res.x}x${toString res.y}@${toString res.freq}Hz"; "${toString res.x}x${toString res.y}@${toString res.freq}Hz";
@ -70,8 +71,7 @@ with lib; let
} }
// lib.mkIf (display ? wallpaper && display.wallpaper != null) { // lib.mkIf (display ? wallpaper && display.wallpaper != null) {
bg = "${display.wallpaper} fill"; bg = "${display.wallpaper} fill";
} };
;
}; };
resolutionType = types.submodule { resolutionType = types.submodule {