From fce3afaa65370c9a3b76b58c31cfd82aec1282c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20B=C3=B6hme?= Date: Mon, 13 Mar 2023 20:35:02 +0100 Subject: [PATCH] feat(desktop): optionally unlock disk with fido2 --- hosts/nixos-desktop/hardware-configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hosts/nixos-desktop/hardware-configuration.nix b/hosts/nixos-desktop/hardware-configuration.nix index fab68a6..888ff0a 100644 --- a/hosts/nixos-desktop/hardware-configuration.nix +++ b/hosts/nixos-desktop/hardware-configuration.nix @@ -11,6 +11,7 @@ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; + boot.initrd.systemd.enable = true; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; @@ -21,6 +22,7 @@ }; boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/30025a9f-44cf-4074-8ae2-d4925efd67dd"; + boot.initrd.luks.devices."enc".crypttabExtraOpts = [ "fido2-device=auto" ]; fileSystems."/home" = { device = "/dev/disk/by-uuid/668a49b3-d169-461f-861d-0c3e6a1642d1";