spike: mount swap and µsd with keyfiles in initrd
This commit is contained in:
parent
b01205f649
commit
69998a47a0
|
@ -9,15 +9,19 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = lib.mkForce [{
|
swapDevices = lib.mkForce [{
|
||||||
device = "/dev/disk/by-partuuid/ef7cb78c-a07d-45e2-a92a-0f041c42f07a";
|
device = "/dev/disk/by-uuid/addae2e4-d7d7-4fcd-b2cb-7635c794d652";
|
||||||
randomEncryption = {
|
encrypted = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowDiscards = true;
|
label = "swap";
|
||||||
|
blkDev = "/dev/disk/by-uuid/e5381f7c-fb90-4762-8a27-aa05429893e7";
|
||||||
|
keyFile = "/sysroot/var/lib/private/swap_key";
|
||||||
};
|
};
|
||||||
}];
|
}];
|
||||||
|
|
||||||
# This has to go in crypttab because we won't have the keyfile in the initrd
|
fileSystems."/media/µsd".encrypted = {
|
||||||
environment.etc.crypttab.text = ''
|
enable = true;
|
||||||
microsd /dev/disk/by-uuid/51ed9e97-06cf-4c54-a71a-c182bb0ced9e /var/lib/private/µsd_key
|
label = "microsd";
|
||||||
'';
|
blkDev = "/dev/disk/by-uuid/51ed9e97-06cf-4c54-a71a-c182bb0ced9e";
|
||||||
|
keyFile = "/sysroot/var/lib/private/µsd_key";
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue