2019-08-02 03:17:00 +00:00
|
|
|
{ lib, config, ... }:
|
2020-09-16 17:32:23 +00:00
|
|
|
let secretsFile = "/var/lib/luks-secret/key";
|
2021-05-18 14:33:28 +00:00
|
|
|
in
|
|
|
|
{
|
2020-09-16 17:32:23 +00:00
|
|
|
boot = {
|
|
|
|
initrd = {
|
|
|
|
luks.devices."nixos" = {
|
|
|
|
fallbackToPassword = true;
|
|
|
|
keyFile = secretsFile;
|
|
|
|
};
|
|
|
|
# copy the secret into the additional initramfs. `null` means same path
|
|
|
|
secrets."${secretsFile}" = null;
|
|
|
|
};
|
2019-08-02 03:17:00 +00:00
|
|
|
};
|
|
|
|
}
|