Xetibo/DashNix
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Drive encryption (#11)

Browse source 
- Add drive encryption with luks
- Refactor Hyprland binds
- Refactor cache
- Minor spelling fixes
- Add firefox stylix profiles
This commit is contained in:
Dashie 2025-05-02 12:19:48 +02:00 committed by GitHub
parent 32f0512ef5
commit 45954db37a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 334 additions and 292 deletions
Download patch file Download diff file Expand all files Collapse all files

27
modules/programs/drives.nix
View file

@ -25,6 +25,18 @@
Use swap in drive.
'';
};
useEncryption = lib.mkOption {
default = false;
example = true;
type = lib.types.bool;
description = ''
Enables encryption.
!WARNING!
You need your root drive to be named root exactly!
Otherwise there will not be a root crypt!
!WARNING!
'';
};
homeAndRootFsTypes = lib.mkOption {
default = "ext4";
example = "btrfs";
@ -149,6 +161,21 @@
config = (
lib.optionalAttrs (options ? fileSystems) {
boot.initrd.luks.devices = lib.mkIf (config.mods.drives.variant == "manual" && config.mods.drives.useEncryption) (
builtins.listToAttrs (
map (
{
name,
drive,
}: {
cryptstorage.device = lib.mkIf (name != "root") drive?device;
cryptoroot.device = lib.mkIf (name == "root") drive?device;
}
)
config.mods.drives.extraDrives
)
);
fileSystems = lib.mkIf (config.mods.drives.variant == "manual" && !config.conf.wsl) (
builtins.listToAttrs (
map (