swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: enable fallback initrd systemd for work

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-03-23 00:27:52 +01:00
parent 01efa60483
commit 4a78e643f0
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
2 changed files with 19 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

12
SwarselSystems.org
View file

@ -8325,7 +8325,17 @@ Options that I need specifically at work. There are more options at [[#h:f0b2ea9
}; };
}; };
# boot.initrd.luks.yubikeySupport = true; boot.initrd = {
systemd.enable = lib.mkForce true; # make sure we are using initrd systemd even when not using Impermanence
luks = {
# disable "support" since we use systemd-cryptenroll
# make sure yubikeys are enrolled using
# sudo systemd-cryptenroll --fido2-device=auto --fido2-with-user-verification=no --fido2-with-user-presence=true --fido2-with-client-pin=no /dev/nvme0n1p2
yubikeySupport = false;
fido2Support = false;
};
};
programs = { programs = {
zsh.shellInit = '' zsh.shellInit = ''
export VSPHERE_USER="$(cat ${config.sops.secrets.vcuser.path})" export VSPHERE_USER="$(cat ${config.sops.secrets.vcuser.path})"

9
profiles/nixos/optional/work.nix
View file

@ -16,7 +16,14 @@ in
}; };
}; };
# boot.initrd.luks.yubikeySupport = true; boot.initrd = {
systemd.enable = true;
luks = {
yubikeySupport = false;
fido2Support = false;
};
};
programs = { programs = {
zsh.shellInit = '' zsh.shellInit = ''
export VSPHERE_USER="$(cat ${config.sops.secrets.vcuser.path})" export VSPHERE_USER="$(cat ${config.sops.secrets.vcuser.path})"