From ab6cbc0cdcc7ba30c629c6937d89b82de2a3e00d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Moritz=20B=C3=B6hme?= <mail@moritzboeh.me>
Date: Mon, 13 Mar 2023 21:39:44 +0100
Subject: [PATCH] feat(laptop): optionally unlock disk with fido2

---
 hosts/nixos-laptop/hardware-configuration.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/hosts/nixos-laptop/hardware-configuration.nix b/hosts/nixos-laptop/hardware-configuration.nix
index 0a7d47b..9d88a4c 100644
--- a/hosts/nixos-laptop/hardware-configuration.nix
+++ b/hosts/nixos-laptop/hardware-configuration.nix
@@ -11,9 +11,11 @@
 
   boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
+  boot.initrd.systemd.enable = true;
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
+
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";
     fsType = "btrfs";
@@ -21,6 +23,7 @@
   };
 
   boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/078b81ba-238e-471d-9951-b743588532b8";
+  boot.initrd.luks.devices."enc".crypttabExtraOpts = [ "fido2-device=auto" ];
 
   fileSystems."/log" = {
     device = "/dev/disk/by-uuid/4a91d3eb-1633-42d9-8304-c10e49a61154";