diff options
author | aszlig <aszlig@nix.build> | 2018-04-25 13:34:52 +0200 |
---|---|---|
committer | aszlig <aszlig@nix.build> | 2018-04-25 13:34:52 +0200 |
commit | 2fcc918f6e8b3b7010c16c96d90a96213bfa0d4c (patch) | |
tree | e7a40ed0444fd362083e8980129a54b985792d79 /machines/aszlig/managed/tyree.nix | |
parent | 2a12b296d563df7e210dd178803bd96dafdfe755 (diff) |
machines/tyree: Add options for encryption
The new installation of this Laptop uses encryption and so far these options have been residing in the local configuration.nix, so let's get it over to Vuizvui. Signed-off-by: aszlig <aszlig@nix.build> Cc: @brokkoliberta
Diffstat (limited to 'machines/aszlig/managed/tyree.nix')
-rw-r--r-- | machines/aszlig/managed/tyree.nix | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/machines/aszlig/managed/tyree.nix b/machines/aszlig/managed/tyree.nix index bd0b8a56..63363818 100644 --- a/machines/aszlig/managed/tyree.nix +++ b/machines/aszlig/managed/tyree.nix @@ -4,6 +4,24 @@ boot.initrd.availableKernelModules = [ "usbhid" ]; boot.kernelModules = [ "kvm-intel" ]; + boot.initrd.luks.devices = [ + { name = "00-vault"; + device = "/dev/disk/by-uuid/e4eb3d30-7fa5-4af4-86fb-80b47518cc25"; + } + { name = "tyree-swap"; + device = "/dev/disk/by-uuid/d96e29b4-0b9a-442d-af27-805f69ffffb3"; + keyFile = "/dev/mapper/00-vault"; + } + { name = "tyree-root"; + device = "/dev/disk/by-uuid/21e9a86e-c8dc-4d8f-ba75-d03552dc32f7"; + keyFile = "/dev/mapper/00-vault"; + } + ]; + + boot.initrd.postDeviceCommands = lib.mkAfter '' + cryptsetup luksClose /dev/mapper/00-vault + ''; + environment.systemPackages = with pkgs; [ darktable digikam firefox gphoto2 krita mosh rawtherapee wget ]; |