summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlassulus <lassulus@lassul.us>2018-07-25 01:26:25 +0200
committerlassulus <lassulus@lassul.us>2018-07-31 21:39:56 +0200
commite8f7aa94c20ce43b6977e82fe8ef1f9cc2c07d6b (patch)
tree6c37818eebd53a5c3ede9aba5f8f5ffbf17d0520
parent0e8c5d1e6757ea049e5e58c2d56701748d99fe6a (diff)
add luks.extraArgs
-rw-r--r--example/config.nix4
-rw-r--r--lib/default.nix2
2 files changed, 5 insertions, 1 deletions
diff --git a/example/config.nix b/example/config.nix
index be02f23..199412d 100644
--- a/example/config.nix
+++ b/example/config.nix
@@ -29,6 +29,10 @@
algo = "aes-xts...";
name = "crypted";
keyfile = "/tmp/secret.key";
+ extraArgs = [
+ "--hash sha512"
+ "--iter-time 5000"
+ ];
content = {
type = "lvm";
name = "pool";
diff --git a/lib/default.nix b/lib/default.nix
index 7bfa59a..d1f6acf 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -43,7 +43,7 @@ let {
'';
create.luks = q: x: ''
- cryptsetup -q luksFormat ${q.device} ${x.keyfile}
+ cryptsetup -q luksFormat ${q.device} ${x.keyfile} ${toString (x.extraArgs or [])}
cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile}
${body.create { device = "/dev/mapper/${x.name}"; } x.content}
'';