summaryrefslogtreecommitdiffstats
path: root/makefu/2configs/fs/sda-crypto-root.nix
diff options
context:
space:
mode:
authorlassulus <lass@aidsballs.de>2015-09-05 12:17:59 +0200
committerlassulus <lass@aidsballs.de>2015-09-05 12:17:59 +0200
commitf54a0a9ea7fd5a9902a5b38786da42f06d615b5a (patch)
treed7c475b212d8acc35a5dc7d20ec1f2228c664010 /makefu/2configs/fs/sda-crypto-root.nix
parentf3c1727659c59ff638b1adead8e30ee2f79f39de (diff)
parentd6d9956abc60548c755d30e6a5bd13c10abbb181 (diff)
Merge branch 'makefu'
Diffstat (limited to 'makefu/2configs/fs/sda-crypto-root.nix')
-rw-r--r--makefu/2configs/fs/sda-crypto-root.nix29
1 files changed, 29 insertions, 0 deletions
diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
new file mode 100644
index 000000000..54db87547
--- /dev/null
+++ b/makefu/2configs/fs/sda-crypto-root.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+
+# sda: bootloader grub2
+# sda1: boot ext4 (label nixboot)
+# sda2: cryptoluks -> ext4
+with lib;
+{
+ boot = {
+ loader.grub.enable =true;
+ loader.grub.version =2;
+ loader.grub.device = "/dev/sda";
+
+ initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
+ initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
+ initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
+ };
+ fileSystems = {
+ "/" = {
+ device = "/dev/mapper/luksroot";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ "/boot" = {
+ device = "/dev/disk/by-label/nixboot";
+ fsType = "ext4";
+ options="defaults,discard";
+ };
+ };
+}