From 3bb1e6c8fe5328186dad7bf04c7cfdbfa4626d05 Mon Sep 17 00:00:00 2001
From: Kabbone <tobias@opel-online.de>
Date: Mon, 18 Dec 2023 16:00:19 +0100
Subject: [PATCH] hosts: laptop: enable fido unlock

---
 hosts/laptop/hardware-configuration.nix | 35 ++++++++++++++-----------
 1 file changed, 20 insertions(+), 15 deletions(-)

diff --git a/hosts/laptop/hardware-configuration.nix b/hosts/laptop/hardware-configuration.nix
index a44e140..055226a 100644
--- a/hosts/laptop/hardware-configuration.nix
+++ b/hosts/laptop/hardware-configuration.nix
@@ -17,24 +17,29 @@
     [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
-  boot.initrd.kernelModules = [ "i915" "kvm_intel" ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModprobeConfig = ''
-      options i915 enable_guc=3 enable_fbc=1 fastboot=1
-      '';
-  boot.kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ];
-  boot.tmp.useTmpfs = true;
-  zramSwap.enable = true;
+  boot = {
+	  initrd = {
+		  availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
+		  kernelModules = [ "i915" "kvm_intel" ];
+		  systemd.enable = true;
+		  luks = {
+			  devices."root" = {
+				  device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5";
+				  allowDiscards = true;
+			  };
+		  };
+	  };
 
-  boot.initrd.luks = {
-    fido2Support = true;
-    devices."root" = {
-      device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5";
-      allowDiscards = true;
-    };
+	  kernelModules = [ "kvm-intel" ];
+	  extraModprobeConfig = ''
+		  options i915 enable_guc=3 enable_fbc=1 fastboot=1
+		  '';
+	  kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ];
+	  tmp.useTmpfs = true;
   };
 
+  zramSwap.enable = true;
+
   services.btrfs.autoScrub = {
     enable = true;
     interval = "monthly";