Lillian-Violet/NixOS-Config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Update for secure boot

Browse source
This commit is contained in:
Lillian Violet 2024-02-03 17:50:32 +01:00
parent a17a04d551
commit 17eca8a394
3 changed files with 17 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
disko/EDI/configuration.nix
View file

@ -19,6 +19,20 @@
];
};
};
encryptedSwap = {
size = "20M";
content = {
type = "swap";
randomEncryption = true;
};
};
plainSwap = {
size = "4G";
content = {
type = "swap";
resumeDevice = true; # resume from hiberation from this device
};
};
luks = {
size = "100%";
content = {
@ -28,33 +42,14 @@
#passwordFile = "/tmp/secret.key"; # Interactive
settings = {
allowDiscards = true;
keyFile = "/tmp/secret.key";
#keyFile = "/tmp/secret.key";
};
#additionalKeyFiles = ["/tmp/additionalSecret.key"];
content = {
root = {
name = "root";
end = "-2G";
content = {
type = "filesystem";
format = "bcachefs";
mountpoint = "/";
};
};
encryptedSwap = {
size = "20M";
content = {
type = "swap";
randomEncryption = true;
};
};
plainSwap = {
size = "100%";
content = {
type = "swap";
resumeDevice = true; # resume from hiberation from this device
};
};
};
};
};
@ -62,5 +57,4 @@
};
};
};
};
}

1
nixos/desktop/configuration.nix
View file

@ -165,7 +165,6 @@
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 3;
boot.loader.efi.canTouchEfiVariables = true;
boot.bootspec.enable = true;
boot.supportedFilesystems = ["bcachefs"];
boot.kernelPackages = pkgs.linuxPackages_latest;

2
nixos/hosts/EDI/configuration.nix
View file

@ -38,6 +38,8 @@
networking.hostName = "EDI";
boot.bootspec.enable = true;
# Enable bluetooth hardware
hardware.bluetooth.enable = true;