From a8e43936cf85badb3dd4da6752de6e53a085fb0e Mon Sep 17 00:00:00 2001 From: Kyle Isom Date: Wed, 1 Apr 2026 23:53:00 -0700 Subject: [PATCH] pass #2 following random blogs doesn't always work --- hw/straylight/hardware-configuration.nix | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/hw/straylight/hardware-configuration.nix b/hw/straylight/hardware-configuration.nix index d7504bb..a9fbbc9 100644 --- a/hw/straylight/hardware-configuration.nix +++ b/hw/straylight/hardware-configuration.nix @@ -1,5 +1,3 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. { config, lib, pkgs, modulesPath, ... }: @@ -13,19 +11,35 @@ boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; + boot.initrd.luks.fido2Support = true; + + boot.initrd.luks.devices."luks-922e2c13-35bc-40de-a829-716b9368e4a7" = { + device = "/dev/disk/by-uuid/922e2c13-35bc-40de-a829-716b9368e4a7"; + #fido2.credential = ""; + #fido2.passwordLess = true; + }; + fileSystems."/" = { device = "/dev/mapper/luks-922e2c13-35bc-40de-a829-716b9368e4a7"; fsType = "ext4"; }; - boot.initrd.luks.devices."luks-922e2c13-35bc-40de-a829-716b9368e4a7".device = "/dev/disk/by-uuid/922e2c13-35bc-40de-a829-716b9368e4a7"; - fileSystems."/boot" = { device = "/dev/disk/by-uuid/9BAD-52AA"; fsType = "vfat"; options = [ "fmask=0077" "dmask=0077" ]; }; + fileSystems."/home" = { + device = "/dev/mapper/home-crypt"; + fsType = "ext4"; + options = [ "defaults" ]; + }; + + environment.etc.crypttab.text = '' + home-crypt UUID=edfdcdf4-083a-4826-a1f8-9670545e0bc5 /etc/secrets/home.key luks + ''; + swapDevices = [ ]; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";