ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Split off disk encryption.

Browse Source
This commit is contained in:
Petru
2023-06-30 10:35:34 +01:00
parent 969f173f5c
commit 329fafc3fc
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
hosts/common/compute-node.nix
View File

@@ -4,16 +4,9 @@
./impermanence.nix ./impermanence.nix
./sshd.nix ./sshd.nix
./user-ppetru.nix ./user-ppetru.nix
./unattended-encryption.nix
]; ];
boot.initrd.kernelModules = [ "usb_storage" ];
boot.initrd.luks.devices."luksroot" = {
allowDiscards = true;
bypassWorkqueues = true;
keyFileSize = 4096;
keyFile = "/dev/sda";
};
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

9
hosts/common/unattended-encryption.nix Normal file
View File

@@ -0,0 +1,9 @@
{
boot.initrd.kernelModules = [ "usb_storage" ];
boot.initrd.luks.devices."luksroot" = {
allowDiscards = true;
bypassWorkqueues = true;
keyFileSize = 4096;
keyFile = "/dev/sda";
};
}