kylekrein/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

zh

Browse source
This commit is contained in:
Aleksandr Lebedev 2025-09-26 19:21:48 +02:00
parent 1c5299e2ca
commit 8061c5c132
2 changed files with 15 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

8
modules/nixos/presets/disko/impermanenceBtrfsLuks/default.nix
View file

@ -61,7 +61,13 @@ in {
"--perf-no_write_workqueue" "--perf-no_write_workqueue"
]; ];
# https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html # https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
settings = {crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];}; settings = {
keyFile = "/tmp/secret.key";
crypttabExtraOpts = [
"fido2-device=auto"
"token-timeout=10"
];
};
content = { content = {
type = "btrfs"; type = "btrfs";
extraArgs = ["-L" "nixos" "-f"]; extraArgs = ["-L" "nixos" "-f"];

8
systems/x86_64-linux/stargate/disko.nix
View file

@ -17,7 +17,13 @@
"--perf-no_write_workqueue" "--perf-no_write_workqueue"
]; ];
# https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html # https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
settings = {crypttabExtraOpts = ["fido2-device=auto" "token-timeout=10"];}; settings = {
keyFile = "/tmp/secret.key";
crypttabExtraOpts = [
"fido2-device=auto"
"token-timeout=10"
];
};
content = { content = {
type = "zfs"; type = "zfs";
pool = "zstorage"; pool = "zstorage";