From 7594f32c7ad2b1fd487aaeee91ee2fbd9e0276fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= <motiejus@jakstys.lt>
Date: Wed, 28 Aug 2024 08:09:36 +0300
Subject: [PATCH] fwminex: enable tpm2 unlock

---
 hosts/fwminex/configuration.nix | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/hosts/fwminex/configuration.nix b/hosts/fwminex/configuration.nix
index 80b2733..f6bae4c 100644
--- a/hosts/fwminex/configuration.nix
+++ b/hosts/fwminex/configuration.nix
@@ -40,6 +40,7 @@ in
     kernelModules = [ "kvm-intel" ];
     loader.systemd-boot.enable = true;
     initrd = {
+      systemd.enable = true;
       kernelModules = [ "usb_storage" ];
       availableKernelModules = [
         "xhci_pci"
@@ -48,22 +49,15 @@ in
         "usbhid"
         "tpm_tis"
       ];
-      systemd.enableTpm2 = true;
       luks.devices = {
         luksroot = {
           device = "${nvme}-part3";
           allowDiscards = true;
-          #crypttabExtraOpts = ["tpm2-device=auto"];
-          keyFileOffset = 9728;
-          keyFileSize = 512;
-          keyFile = "/dev/sda";
         };
       };
     };
   };
 
-  security.tpm2.enable = true;
-
   swapDevices = [
     {
       device = "${nvme}-part2";