From 69998a47a05739d8445d95375dc9584ed0e05723 Mon Sep 17 00:00:00 2001
From: Artemis Tosini <me@artem.ist>
Date: Mon, 27 Nov 2023 06:19:04 +0000
Subject: [PATCH] =?UTF-8?q?spike:=20mount=20swap=20and=20=C2=B5sd=20with?=
 =?UTF-8?q?=20keyfiles=20in=20initrd?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 system/spike/boot-config.nix | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/system/spike/boot-config.nix b/system/spike/boot-config.nix
index a48ec50..83fc777 100644
--- a/system/spike/boot-config.nix
+++ b/system/spike/boot-config.nix
@@ -9,15 +9,19 @@
   };
 
   swapDevices = lib.mkForce [{
-    device = "/dev/disk/by-partuuid/ef7cb78c-a07d-45e2-a92a-0f041c42f07a";
-    randomEncryption = {
+    device = "/dev/disk/by-uuid/addae2e4-d7d7-4fcd-b2cb-7635c794d652";
+    encrypted = {
       enable = true;
-      allowDiscards = true;
+      label = "swap";
+      blkDev = "/dev/disk/by-uuid/e5381f7c-fb90-4762-8a27-aa05429893e7";
+      keyFile = "/sysroot/var/lib/private/swap_key";
     };
   }];
 
-  # This has to go in crypttab because we won't have the keyfile in the initrd
-  environment.etc.crypttab.text = ''
-    microsd /dev/disk/by-uuid/51ed9e97-06cf-4c54-a71a-c182bb0ced9e /var/lib/private/µsd_key
-  '';
+  fileSystems."/media/µsd".encrypted = {
+    enable = true;
+    label = "microsd";
+    blkDev = "/dev/disk/by-uuid/51ed9e97-06cf-4c54-a71a-c182bb0ced9e";
+    keyFile = "/sysroot/var/lib/private/µsd_key";
+  };
 }