fwminex: enable tpm2 unlock

2024-08-28 08:09:36 +03:00 · 2024-08-28 08:09:36 +03:00 · 7594f32c7a
commit 7594f32c7a
parent 5dd533cf34
1 changed files with 1 additions and 7 deletions
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@ -40,6 +40,7 @@ in
    kernelModules = [ "kvm-intel" ];
    loader.systemd-boot.enable = true;
    initrd = {
+      systemd.enable = true;
      kernelModules = [ "usb_storage" ];
      availableKernelModules = [
        "xhci_pci"
@ -48,22 +49,15 @@ in
        "usbhid"
        "tpm_tis"
      ];
-      systemd.enableTpm2 = true;
      luks.devices = {
        luksroot = {
          device = "${nvme}-part3";
          allowDiscards = true;
-          #crypttabExtraOpts = ["tpm2-device=auto"];
-          keyFileOffset = 9728;
-          keyFileSize = 512;
-          keyFile = "/dev/sda";
        };
      };
    };
  };

-  security.tpm2.enable = true;
-
  swapDevices = [
    {
      device = "${nvme}-part2";