17 lines
575 B
Nix
17 lines
575 B
Nix
|
{ ... }: {
|
||
|
# https://nixos.wiki/wiki/Remote_LUKS_Unlocking
|
||
|
# Unlock command:
|
||
|
# ssh root@<Local_IP_Address> "Password"
|
||
|
|
||
|
# ssh setup
|
||
|
boot.initrd.network.enable = true;
|
||
|
boot.initrd.network.ssh = {
|
||
|
enable = true;
|
||
|
port = 22;
|
||
|
shell = "/bin/cryptsetup-askpass";
|
||
|
authorizedKeys = [ config.users.users.albert.openssh.authorizedKeys.keyFiles ];
|
||
|
hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key" ];
|
||
|
};
|
||
|
boot.initrd.availableKernelModules = [ "e1000e" ];
|
||
|
boot.kernelParams = [ "ip=dhcp" ];
|
||
|
}
|