diff options
Diffstat (limited to 'system-profiles')
| -rw-r--r-- | system-profiles/initrd-all-crypto-modules.nix | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/system-profiles/initrd-all-crypto-modules.nix b/system-profiles/initrd-all-crypto-modules.nix index 3b3b24fc..45cd4b74 100644 --- a/system-profiles/initrd-all-crypto-modules.nix +++ b/system-profiles/initrd-all-crypto-modules.nix | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | { pkgs, config, ...}: | 1 | { lib, pkgs, config, ...}: |
| 2 | let | 2 | let |
| 3 | moduleList = builtins.fromJSON (builtins.readFile (pkgs.runCommandCC "crypto-modules" { buildInputs = with pkgs; [ jq ]; } '' | 3 | moduleList = builtins.fromJSON (builtins.readFile (pkgs.runCommandCC "crypto-modules" { buildInputs = with pkgs; [ jq ]; } '' |
| 4 | echo "[]" > $out | 4 | echo "[]" > $out |
| @@ -12,6 +12,13 @@ let | |||
| 12 | '')); | 12 | '')); |
| 13 | in { | 13 | in { |
| 14 | boot.initrd.luks.cryptoModules = moduleList ++ [ | 14 | boot.initrd.luks.cryptoModules = moduleList ++ [ |
| 15 | "encrypted_keys" "rng" | 15 | "encrypted_keys" "trusted" "rng" |
| 16 | ]; | ||
| 17 | boot.kernelPatches = [ | ||
| 18 | { | ||
| 19 | name = "encrypted_key"; | ||
| 20 | patch = null; | ||
| 21 | extraStructuredConfig.ENCRYPTED_KEYS = lib.kernel.yes; | ||
| 22 | } | ||
| 16 | ]; | 23 | ]; |
| 17 | } | 24 | } |