From e8f7aa94c20ce43b6977e82fe8ef1f9cc2c07d6b Mon Sep 17 00:00:00 2001
From: lassulus <lassulus@lassul.us>
Date: Wed, 25 Jul 2018 01:26:25 +0200
Subject: add luks.extraArgs

---
 example/config.nix | 4 ++++
 lib/default.nix    | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/example/config.nix b/example/config.nix
index be02f23..199412d 100644
--- a/example/config.nix
+++ b/example/config.nix
@@ -29,6 +29,10 @@
             algo = "aes-xts...";
             name = "crypted";
             keyfile = "/tmp/secret.key";
+            extraArgs = [
+              "--hash sha512"
+              "--iter-time 5000"
+            ];
             content = {
               type = "lvm";
               name = "pool";
diff --git a/lib/default.nix b/lib/default.nix
index 7bfa59a..d1f6acf 100644
--- a/lib/default.nix
+++ b/lib/default.nix
@@ -43,7 +43,7 @@ let {
   '';
 
   create.luks = q: x: ''
-    cryptsetup -q luksFormat ${q.device} ${x.keyfile}
+    cryptsetup -q luksFormat ${q.device} ${x.keyfile} ${toString (x.extraArgs or [])}
     cryptsetup luksOpen ${q.device} ${x.name} --key-file ${x.keyfile}
     ${body.create { device = "/dev/mapper/${x.name}"; } x.content}
   '';
-- 
cgit v1.2.3