n0vvvonder/my_nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added FDE for Ratchet

Browse Source
This commit is contained in:
yaroslav
2026-05-08 01:23:27 +03:00
parent e0c7e0aa95
commit cc5f1561d3
2 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
hosts/Ratchet/hardware-Ratchet.nix
+12 -2
View File
@@ -14,18 +14,28 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.extraModprobeConfig = "options kvm_amd nested=1"; boot.extraModprobeConfig = "options kvm_amd nested=1";
boot.initrd.clevis = {
enable = true;
devices."luks-zroot".secretFile = ../../secrets/Ratchet/main.jwe;
devices."luks-swap".secretFile = ../../secrets/Ratchet/main.jwe;
};
boot.initrd.luks.devices = {
luks-zroot.device = "/dev/nvme0n1p2";
luks-swap.device = "/dev/nvme0n1p3";
};
fileSystems."/" = fileSystems."/" =
{ device = "none"; { device = "none";
fsType = "tmpfs"; fsType = "tmpfs";
options = ["defaults" "size=1G" "mode=755"]; options = ["defaults" "size=1G" "mode=755"];
}; };
fileSystems."/nix" = fileSystems."/nix" =
{ device = "ratchet-zfs/root/nix"; { device = "ratchet-zroot/system/nix";
fsType = "zfs"; fsType = "zfs";
}; };
fileSystems."/home" = fileSystems."/home" =
{ device = "ratchet-zfs/root/home"; { device = "ratchet-zroot/system/home";
fsType = "zfs"; fsType = "zfs";
}; };
secrets/Ratchet/main.jwe
+1
View File
@@ -0,0 +1 @@
eyJhbGciOiJkaXIiLCJjbGV2aXMiOnsicGluIjoidHBtMiIsInRwbTIiOnsiaGFzaCI6InNoYTI1NiIsImp3a19wcml2IjoiQU80QUlGcGVicDJDN0VGdTNHTzlfNUlTdm9nUElSRXN6dzBqV2RKcWxWQld3aXpDQUJDalRLS1QzdjlZdlltM2RHQ28yVDRmc2hvM2NNeS14dUpHSG5Nc1FpY1dRbWc0VUthOWtjWFJpSnFNZGZuS09icXJEb25OYXprOEN5T0RnYUVnNVpuX1hQLVhsR1ZzTmprUjQxSUFHNWwxRjhoRDdLZ21jYS1SNmNaZElnSXkyQVdwdEFUV1kzX3hXNURENUNuZk5ib1NmWWdwSmJ0NmZUTmpFU0MyMTc1MlpLbGZnakJYZnlhOFNFVTVnSnhEd2JDLUZEb2JFcUVGT1JaRTVTOWdrWVlmblFaaVU2T2ttT3g0VFRzN0pyVmtkZVdhTkNtN2EtM25GdHVKdWNlZkxLa3Yta3hwdlJLakt6YS0iLCJqd2tfcHViIjoiQUM0QUNBQUxBQUFFMGdBQUFCQUFJT1lMbTVMaXpQZlhIdzBILWtFSmgtSFloWDItQl9pV1o1UTZ1ajJtSHNLNCIsImtleSI6ImVjYyJ9fSwiZW5jIjoiQTI1NkdDTSJ9..j57z2RsOHQ9tTBa0.-GYNuTq9eXP7fOgXCn1ia8LG.0Pghun0zmm4z_7JCcUBE3g