Merge remote-tracking branch 'prism/master'

author: tv <tv@krebsco.de> 2016-06-30 16:31:05 +0200
committer: tv <tv@krebsco.de> 2016-06-30 16:31:05 +0200
commit: d81b068113325fb7604089c3647c365a41804978 (patch)
tree: 4c43ad2142825ac7c0a7045e5c48a039b25f6786 /makefu/2configs/fs/sda-crypto-root.nix
parent: 1542f9bbee823025f703e6abf3836905cee416fd (diff)
parent: f12578c66f8b7b829c0dec5255f358778c0d3366 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/makefu/2configs/fs/sda-crypto-root.nix b/makefu/2configs/fs/sda-crypto-root.nix
index b82c0e44..5c7cdf71 100644
--- a/makefu/2configs/fs/sda-crypto-root.nix
+++ b/makefu/2configs/fs/sda-crypto-root.nix
@@ -1,16 +1,16 @@
 { config, lib, pkgs, ... }:
 
 # sda:  bootloader grub2
-# sda1: boot ext4 (label nixboot)
+# sda1: boot ext4 (label nixboot) - must be unlocked on boot if required:
+  # boot.initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
 # sda2: cryptoluks -> ext4
 with config.krebs.lib;
 {
   boot = {
     loader.grub.enable = true;
     loader.grub.version = 2;
-    loader.grub.device = "/dev/sda";
+    loader.grub.device = lib.mkDefault "/dev/sda";
 
-    initrd.luks.devices = [ { name = "luksroot"; device = "/dev/sda2"; allowDiscards=true; }];
     initrd.luks.cryptoModules = ["aes" "sha512" "sha1" "xts" ];
     initrd.availableKernelModules = ["xhci_hcd" "ehci_pci" "ahci" "usb_storage" ];
   };
author	tv <tv@krebsco.de>	2016-06-30 16:31:05 +0200
committer	tv <tv@krebsco.de>	2016-06-30 16:31:05 +0200
commit	d81b068113325fb7604089c3647c365a41804978 (patch)
tree	4c43ad2142825ac7c0a7045e5c48a039b25f6786 /makefu/2configs/fs/sda-crypto-root.nix
parent	1542f9bbee823025f703e6abf3836905cee416fd (diff)
parent	f12578c66f8b7b829c0dec5255f358778c0d3366 (diff)