feat(laptop): optionally unlock disk with fido2
This commit is contained in:
parent
b518194ba2
commit
ab6cbc0cdc
1 changed files with 3 additions and 0 deletions
|
@ -11,9 +11,11 @@
|
||||||
|
|
||||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
|
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.initrd.systemd.enable = true;
|
||||||
boot.kernelModules = [ "kvm-amd" ];
|
boot.kernelModules = [ "kvm-amd" ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
|
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
|
||||||
fsType = "btrfs";
|
fsType = "btrfs";
|
||||||
|
@ -21,6 +23,7 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8";
|
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8";
|
||||||
|
boot.initrd.luks.devices."enc".crypttabExtraOpts = [ "fido2-device=auto" ];
|
||||||
|
|
||||||
fileSystems."/log" = {
|
fileSystems."/log" = {
|
||||||
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
|
device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
|
||||||
|
|
Loading…
Reference in a new issue