{ username, ... }: { # https://nixos.wiki/wiki/Remote_LUKS_Unlocking # Unlock command: # ssh root@ "Password" # ssh setup boot.initrd.network.enable = true; boot.initrd.network.ssh = { enable = true; port = 22; shell = "/bin/cryptsetup-askpass"; authorizedKeys = [ config.users.users.${username}.openssh.authorizedKeys.keyFiles ]; hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key" ]; }; boot.initrd.availableKernelModules = [ "e1000e" ]; boot.kernelParams = [ "ip=dhcp" ]; }