From 6dc92812997e99e12ae5fcab3bda65f056a74edb Mon Sep 17 00:00:00 2001 From: Alex Auvolat Date: Fri, 25 Feb 2022 17:52:17 +0100 Subject: Add remote LUKS unlocking configuration --- doc/example-hardware-configuration.nix | 38 ++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 doc/example-hardware-configuration.nix (limited to 'doc') diff --git a/doc/example-hardware-configuration.nix b/doc/example-hardware-configuration.nix new file mode 100644 index 0000000..0a72bd1 --- /dev/null +++ b/doc/example-hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + boot.initrd.luks.devices."cryptlvm" = { + device = "/dev/disk/by-uuid/5d4fcef7-433d-43a9-be26-be940ce291c0"; + allowDiscards = true; + }; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/5bad79e1-fdbf-48f3-861f-6810adc76195"; + fsType = "ext4"; + options = [ "relatime" "discard" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/07E8-5958"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/a3e0bae8-8b07-4e66-a4a7-6955639f2155"; } + ]; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} + -- cgit v1.2.3