Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hosts: laptop: enable fido unlock

Browse Source
This commit is contained in:
Kabbone 2023-12-18 16:00:19 +01:00
parent 7dece1e338
commit 3bb1e6c8fe
Signed by: Kabbone
SSH Key Fingerprint: SHA256:ezolxoMIF3LNo1yc1aGNCvFNUiSZNjUbNhrZohFeKd0
1 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
hosts/laptop/hardware-configuration.nix
View File

@ -17,24 +17,29 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
boot.initrd.kernelModules = [ "i915" "kvm_intel" ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModprobeConfig = ''
options i915 enable_guc=3 enable_fbc=1 fastboot=1
'';
boot.kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ];
boot.tmp.useTmpfs = true;
zramSwap.enable = true;
boot = {
initrd = {
availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
kernelModules = [ "i915" "kvm_intel" ];
systemd.enable = true;
luks = {
devices."root" = {
device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5";
allowDiscards = true;
};
};
};
boot.initrd.luks = {
fido2Support = true;
devices."root" = {
device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5";
allowDiscards = true;
};
kernelModules = [ "kvm-intel" ];
extraModprobeConfig = ''
options i915 enable_guc=3 enable_fbc=1 fastboot=1
'';
kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ];
tmp.useTmpfs = true;
};
zramSwap.enable = true;
services.btrfs.autoScrub = {
enable = true;
interval = "monthly";