nix-config/hosts/common/optional/encrypted-root.nix

{ config, ... }:
let hostname = config.networking.hostName;
in {
  boot.initrd = {
    # Enable swap on luks
    luks.devices."luks-3b6dddfd-5390-441f-a72d-a3b2809204df".device = "/dev/disk/by-uuid/3b6dddfd-5390-441f-a72d-a3b2809204df";

    # Setup encrypted root keyfile
    luks.devices."luks-3b6dddfd-5390-441f-a72d-a3b2809204df".keyFile = "/crypto_keyfile.bin";
    secrets = {
      "/crypto_keyfile.bin" = null;
    };
  };

}
A fork of Misterio77 and his standard template. Many thangs to the hard work and generous availability of: git@github.com:Misterio77/nix-config.git 2023-09-15 14:53:38 +00:00			`{ config, ... }:`
			`let hostname = config.networking.hostName;`
			`in {`
			`boot.initrd = {`
refined for my use 2023-09-19 17:05:08 +00:00			`# Enable swap on luks`
			`luks.devices."luks-3b6dddfd-5390-441f-a72d-a3b2809204df".device = "/dev/disk/by-uuid/3b6dddfd-5390-441f-a72d-a3b2809204df";`

			`# Setup encrypted root keyfile`
			`luks.devices."luks-3b6dddfd-5390-441f-a72d-a3b2809204df".keyFile = "/crypto_keyfile.bin";`
			`secrets = {`
			`"/crypto_keyfile.bin" = null;`
			`};`
A fork of Misterio77 and his standard template. Many thangs to the hard work and generous availability of: git@github.com:Misterio77/nix-config.git 2023-09-15 14:53:38 +00:00			`};`
refined for my use 2023-09-19 17:05:08 +00:00
A fork of Misterio77 and his standard template. Many thangs to the hard work and generous availability of: git@github.com:Misterio77/nix-config.git 2023-09-15 14:53:38 +00:00			`}`