diff options
| author | lassulus <lassulus@lassul.us> | 2018-07-25 01:26:25 +0200 |
|---|---|---|
| committer | lassulus <lassulus@lassul.us> | 2018-07-31 21:39:56 +0200 |
| commit | e8f7aa94c20ce43b6977e82fe8ef1f9cc2c07d6b (patch) | |
| tree | 6c37818eebd53a5c3ede9aba5f8f5ffbf17d0520 | |
| parent | 0e8c5d1e6757ea049e5e58c2d56701748d99fe6a (diff) | |
add luks.extraArgs
| -rw-r--r-- | example/config.nix | 4 | ||||
| -rw-r--r-- | lib/default.nix | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/example/config.nix b/example/config.nix index be02f23..199412d 100644 --- a/example/config.nix +++ b/example/config.nix @@ -29,6 +29,10 @@ algo = "aes-xts..."; name = "crypted"; keyfile = "/tmp/secret.key"; + extraArgs = [ + "--hash sha512" + "--iter-time 5000" + ]; content = { type = "lvm"; name = "pool"; diff --git a/lib/default.nix b/lib/default.nix index 7bfa59a..d1f6acf 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -43,7 +43,7 @@ let { ''; create.luks = q: x: '' - cryptsetup -q luksFormat ${q.device} ${x.keyfile} + cryptsetup -q luksFormat ${q.device} ${x.keyfile} ${toString (x.extraArgs or [])} cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile} ${body.create { device = "/dev/mapper/${x.name}"; } x.content} ''; |