Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hosts: laptop: enable fido unlock

Browse Source
This commit is contained in:
Kabbone 2023-12-18 16:00:19 +01:00
parent 7dece1e338
commit 3bb1e6c8fe
Signed by: Kabbone
SSH Key Fingerprint: SHA256:ezolxoMIF3LNo1yc1aGNCvFNUiSZNjUbNhrZohFeKd0
1 changed files with 20 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
hosts/laptop/hardware-configuration.nix
View File

@ -17,24 +17,29 @@
[ (modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ]; boot = {
boot.initrd.kernelModules = [ "i915" "kvm_intel" ]; initrd = {
boot.kernelModules = [ "kvm-intel" ]; availableKernelModules = [ "ahci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" "rtsx_usb_sdmmc" ];
boot.extraModprobeConfig = '' kernelModules = [ "i915" "kvm_intel" ];
options i915 enable_guc=3 enable_fbc=1 fastboot=1 systemd.enable = true;
''; luks = {
boot.kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ]; devices."root" = {
boot.tmp.useTmpfs = true; device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5";
zramSwap.enable = true; allowDiscards = true;
};
};
};
boot.initrd.luks = { kernelModules = [ "kvm-intel" ];
fido2Support = true; extraModprobeConfig = ''
devices."root" = { options i915 enable_guc=3 enable_fbc=1 fastboot=1
device = "/dev/disk/by-uuid/75eccc7f-30b0-4fe8-8f82-90edaf284cd5"; '';
allowDiscards = true; kernelParams = [ "mitigations=off" "luks.options=fido2-device=auto" ];
}; tmp.useTmpfs = true;
}; };
zramSwap.enable = true;
services.btrfs.autoScrub = { services.btrfs.autoScrub = {
enable = true; enable = true;
interval = "monthly"; interval = "monthly";