diff options
Diffstat (limited to 'machines')
-rw-r--r-- | machines/aszlig/managed/shakti.nix | 33 |
1 files changed, 27 insertions, 6 deletions
diff --git a/machines/aszlig/managed/shakti.nix b/machines/aszlig/managed/shakti.nix index 00ad9542..39575196 100644 --- a/machines/aszlig/managed/shakti.nix +++ b/machines/aszlig/managed/shakti.nix @@ -1,8 +1,29 @@ -# FIXME: Currently just a placeholder to get Hydra builds. { pkgs, unfreeAndNonDistributablePkgs, lib, ... }: { - boot.initrd.availableKernelModules = [ "usbhid" ]; + boot.loader.efi.canTouchEfiVariables = true; + + boot.initrd.availableKernelModules = [ + "aes_x86_64" "af_alg" "algif_skcipher" "cbc" "cryptd" "crypto_simd" + "dm_crypt" "ecb" "gf128mul" "glue_helper" "xts" + ]; + boot.initrd.luks.devices = [ + { name = "00vault"; + device = "/dev/disk/by-uuid/a70f4ff8-e463-42fa-8148-6783dd352f96"; + } + { name = "shakti-swap"; + device = "/dev/disk/by-uuid/69f3a774-c796-4dbd-a38b-32f019d05e7c"; + keyFile = "/dev/mapper/00vault"; + } + { name = "shakti-root"; + device = "/dev/disk/by-uuid/8a67bdf9-08bb-4214-b728-88cf1c2ee206"; + keyFile = "/dev/mapper/00vault"; + } + ]; + boot.initrd.postDeviceCommands = lib.mkAfter '' + cryptsetup luksClose /dev/mapper/00vault + ''; + boot.kernelModules = [ "kvm-amd" ]; environment.systemPackages = with pkgs; [ @@ -10,10 +31,10 @@ firefox ]; - # TODO: fileSystems."/boot".device = "/dev/disk/by-uuid/XXX"; - # TODO: fileSystems."/boot".fsType = "vfat"; + fileSystems."/boot".device = "/dev/disk/by-uuid/D54F-2AF3"; + fileSystems."/boot".fsType = "vfat"; - fileSystems."/".label = "shakti-root"; + fileSystems."/".device = "/dev/mapper/shakti-root"; fileSystems."/".fsType = "btrfs"; fileSystems."/".options = [ "compress=zstd" @@ -22,7 +43,7 @@ ]; swapDevices = lib.singleton { - label = "tyree-swap"; + device = "/dev/mapper/shakti-swap"; }; networking.hostName = "shakti"; |