n0vvvonder/my_nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added clevis

Browse Source
This commit is contained in:
yaroslav
2026-05-03 14:52:59 +03:00
parent 69c2209ebb
commit e0c7e0aa95
4 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
hosts/Aphelion/hardware-Aphelion.nix
+13 -1
View File
@@ -15,6 +15,12 @@
boot.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
boot.zfs.package = pkgs.zfs_2_4; boot.zfs.package = pkgs.zfs_2_4;
boot.initrd.clevis = {
enable = true;
devices."aphelion-zroot/data/sensitive".secretFile = ../../secrets/Aphelion/sensitive.jwe;
devices."aphelion-zroot/nix-enc".secretFile = ../../secrets/Aphelion/sensitive.jwe;
};
fileSystems."/" = fileSystems."/" =
{ device = "none"; { device = "none";
fsType = "tmpfs"; fsType = "tmpfs";
@@ -28,7 +34,7 @@
}; };
fileSystems."/nix" = fileSystems."/nix" =
{ device = "aphelion-zroot/nix"; { device = "aphelion-zroot/nix-enc";
fsType = "zfs"; fsType = "zfs";
}; };
@@ -52,6 +58,12 @@
fsType = "ext4"; fsType = "ext4";
options = [ "x-mount.mkdir" "rw" ]; options = [ "x-mount.mkdir" "rw" ];
}; };
fileSystems."/Volumes/Sensitive" =
{
device = "aphelion-zroot/data/sensitive";
fsType = "zfs";
options = [ "x-mount.mkdir" "rw" ];
};
# fileSystems."/Volumes/ssd_g" = # fileSystems."/Volumes/ssd_g" =
# { # {
# device = "/dev/disk/by-id/ata-KINGSTON_SA400S37240G_50026B77846D940A-part1"; # device = "/dev/disk/by-id/ata-KINGSTON_SA400S37240G_50026B77846D940A-part1";
secrets/Aphelion/sensitive.jwe
+1
View File
@@ -0,0 +1 @@
eyJhbGciOiJkaXIiLCJjbGV2aXMiOnsicGluIjoidHBtMiIsInRwbTIiOnsiaGFzaCI6InNoYTI1NiIsImp3a19wcml2IjoiQU80QUlJXzBfY0tfX2xQUVl5VjZOVHpQZXp3TjFtRW5STDZKSENfVDZiM29nRU5MQUJDenVyRDRiRjFrWXFWVjZmZkVLeEJOTE5nZ19YTldVcUR6VktrZU1fR21DdUNmeFFMWFF5SzhrckdHRzI2M21YVVZSdlJqUVdibWx4TUhvUEFqOWg4bnkwUnMyNFZhRjRjUW9SSUF6STIyVmxaRkpwc1g3SWF3djZqT3NxbWQ3SlBITl9TbUpCSEhCSDV0d09Rb0F5aHQzbWVfQm1mZWhHaEN1bWt3eW9RVE91MFVpak83aXg5QkEtYmJWeEkwZmtzLXhFM0RsYmppQmp3T1NrNUdwS0NvS2xmN1RTWEcwbXMtSldZWlF0d0N2Rm1lZERfcTB0SWVOZU5PSkw5anR0TGdSYmhMMEE4UExfS0YiLCJqd2tfcHViIjoiQUM0QUNBQUxBQUFFMGdBQUFCQUFJTFFjQ1lQZUtuVVRVY2Z3cG5wUjRzMEVMaHJuWUlheS03OGFDNVBXbGtPNCIsImtleSI6ImVjYyJ9fSwiZW5jIjoiQTI1NkdDTSJ9..oEVHsx4QXe2S2mLF.dNllN0zvGW70Q85SwcsSHcU.cnv7VoY4wqB9XqI31B6txA
secrets/Aphelion/wg0-client-pc.conf
View File
secrets/Aphelion/wg0.conf
View File