Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hosts: fix nas encryption

Browse Source
This commit is contained in:
Kabbone 2023-01-08 12:19:10 +01:00
parent 2ce76b55eb
commit 9594c7389d
Signed by: Kabbone
SSH Key Fingerprint: SHA256:A5zPB5I6u5V78V51c362BBdCwhDhfDUVbt7NfKdjWBY
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/configuration_desktop.nix
View File

@ -100,6 +100,7 @@
agenix.defaultPackage.x86_64-linux agenix.defaultPackage.x86_64-linux
age-plugin-yubikey age-plugin-yubikey
pwgen pwgen
cryptsetup
]; ];
}; };

15
hosts/nas/hardware-configuration.nix
View File

@ -19,6 +19,21 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" "vfio_virqfd" ]; boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" "vfio_virqfd" ];
boot.initrd.secrets = {
"/root/NASKeyfile" =
/root/NASKeyfile;
};
boot.initrd.luks.devices = {
NAS-RAID1 = {
device = "/dev/disk/by-uuid/57e6446d-faca-4b67-9063-e8d9afb80088";
keyFile = "/root/NASKeyfile";
};
NAS-RAID2 = {
device = "/dev/disk/by-uuid/b9edc489-ac37-4b28-981d-442722df7ae2";
keyFile = "/root/NASKeyfile";
};
};
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
boot.tmpOnTmpfs = true; boot.tmpOnTmpfs = true;