Support optional keyfile for luks encrypted partitions

If the keyfile attribute is not present it will omit any keyfile luks configuration and instead will make the user be prompted for any passphrases.
author: Baitinq <manuelpalenzuelamerino@gmail.com> 2022-08-24 16:48:31 +0200
committer: Baitinq <manuelpalenzuelamerino@gmail.com> 2022-08-24 16:48:31 +0200
commit: e1927693e33eabf1bdd29155bb843efb09d47af1 (patch)
tree: 39efacffa6fbf4570843d9d1d5b75b15091b34ea /lib
parent: 9bca66ca7d2f8c9ac39d1f4a067ae45e681b87f9 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/default.nix b/lib/default.nix
index f2908f5..3d86f28 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -76,8 +76,8 @@ let {
   '';
 
   create.luks = q: x: ''
-    cryptsetup -q luksFormat ${q.device} ${x.keyfile} ${toString (x.extraArgs or [])}
-    cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile}
+    cryptsetup -q luksFormat ${q.device} ${if builtins.hasAttr "keyfile" x then x.keyfile else ""} ${toString (x.extraArgs or [])}
+    cryptsetup luksOpen ${q.device} ${x.name} ${if builtins.hasAttr "keyfile" x then "--key-file " + x.keyfile else ""}
     ${create-f { device = "/dev/mapper/${x.name}"; } x.content}
   '';
 
@@ -141,7 +141,7 @@ let {
     recursiveUpdate
     (mount-f { device = "/dev/mapper/${x.name}"; } x.content)
     {luks.${q.device} = ''
-      cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile}
+      cryptsetup luksOpen ${q.device} ${x.name} ${if builtins.hasAttr "keyfile" x then "--key-file " + x.keyfile else ""}
     '';}
   );
author	Baitinq <manuelpalenzuelamerino@gmail.com>	2022-08-24 16:48:31 +0200
committer	Baitinq <manuelpalenzuelamerino@gmail.com>	2022-08-24 16:48:31 +0200
commit	e1927693e33eabf1bdd29155bb843efb09d47af1 (patch)
tree	39efacffa6fbf4570843d9d1d5b75b15091b34ea /lib
parent	9bca66ca7d2f8c9ac39d1f4a067ae45e681b87f9 (diff)