feat(desktop): optionally unlock disk with fido2

This commit is contained in:
Moritz Böhme 2023-03-13 20:35:02 +01:00
parent 42970f7f9b
commit fce3afaa65
Signed by: moritz
GPG key ID: 970C6E89EB0547A9

View file

@ -11,6 +11,7 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.initrd.systemd.enable = true;
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -21,6 +22,7 @@
}; };
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd"; boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd";
boot.initrd.luks.devices."enc".crypttabExtraOpts = [ "fido2-device=auto" ];
fileSystems."/home" = { fileSystems."/home" = {
device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1"; device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";