From 0736418e6046aa6a0d697620274b1948b581eb2f Mon Sep 17 00:00:00 2001 From: Daniel Langbein Date: Fri, 18 Aug 2023 19:18:47 +0200 Subject: [PATCH] automount encrypted SD card --- README.md | 12 +++++++++++- yodaTux/hardware-configuration.nix | 9 ++++++++- 2 files changed, 19 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 01c28d1..fdb8b15 100644 --- a/README.md +++ b/README.md @@ -70,4 +70,14 @@ There are two (?) theses about Nix. One is https://edolstra.github.io/pubs/phd-t ## TODOS -* FDE remote SSH unlock: https://nixos.wiki/wiki/Remote_LUKS_Unlocking \ No newline at end of file +* FDE remote SSH unlock: https://nixos.wiki/wiki/Remote_LUKS_Unlocking + +## Automount Encrypted Drive + +* Generate and add keyfile to LUKS device +* luksOpen and mount drive, e.g. to `/mnt/data1` +* Re-generate hardware configuration: + +```shell +sudo nixos-generate-config --dir yodaTux +``` \ No newline at end of file diff --git a/yodaTux/hardware-configuration.nix b/yodaTux/hardware-configuration.nix index 989ea4e..b311e6d 100644 --- a/yodaTux/hardware-configuration.nix +++ b/yodaTux/hardware-configuration.nix @@ -8,7 +8,7 @@ [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "uas" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "rtsx_pci_sdmmc" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; @@ -26,6 +26,13 @@ fsType = "vfat"; }; + fileSystems."/mnt/512gb" = + { device = "/dev/disk/by-uuid/c27f48d4-b39c-46a4-a27a-71aa6e4113e3"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."512gb".device = "/dev/disk/by-uuid/03d4ac28-2c81-463e-b615-fb623d40b6fa"; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking