2023-02-07 18:24:28 +01:00
|
|
|
{...}: let
|
2022-10-31 11:04:38 +01:00
|
|
|
stage1Modules = [
|
2018-11-05 14:31:58 +01:00
|
|
|
"aesni_intel"
|
|
|
|
|
"kvm-intel"
|
|
|
|
|
"aes_x86_64"
|
|
|
|
|
"nvme"
|
|
|
|
|
"nvme_core"
|
2018-11-12 20:20:36 +01:00
|
|
|
|
|
|
|
|
"pcieport"
|
|
|
|
|
"thunderbolt"
|
|
|
|
|
"e1000e"
|
|
|
|
|
"xhci_pci"
|
|
|
|
|
"hxci_hcd"
|
2018-11-05 14:31:58 +01:00
|
|
|
];
|
2022-10-31 11:04:38 +01:00
|
|
|
in {
|
2018-11-05 00:05:45 +01:00
|
|
|
# TASK: new device
|
|
|
|
|
hardware.encryptedDisk = {
|
|
|
|
|
enable = true;
|
2020-11-25 12:17:50 +01:00
|
|
|
diskId = "ata-Crucial_CT750MX300SSD1_16161311C7A6";
|
2018-11-05 00:05:45 +01:00
|
|
|
};
|
|
|
|
|
|
2018-11-05 14:31:58 +01:00
|
|
|
# boot.initrd.availableKernelModules = stage1Modules;
|
|
|
|
|
boot.initrd.kernelModules = stage1Modules;
|
2018-11-05 00:05:45 +01:00
|
|
|
boot.extraModprobeConfig = ''
|
|
|
|
|
options kvm-intel nested=1
|
|
|
|
|
options kvm-intel enable_shadow_vmcs=1
|
|
|
|
|
options kvm-intel enable_apicv=1
|
|
|
|
|
options kvm-intel ept=1
|
|
|
|
|
'';
|
|
|
|
|
}
|
