2023-02-07 18:24:28 +01:00
|
|
|
{
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
2022-10-31 11:04:38 +01:00
|
|
|
in {
|
2018-09-23 14:09:35 +02:00
|
|
|
boot.loader.grub = {
|
|
|
|
|
enable = true;
|
|
|
|
|
version = 2;
|
|
|
|
|
device = "/dev/vda";
|
|
|
|
|
efiSupport = true;
|
|
|
|
|
enableCryptodisk = true;
|
|
|
|
|
};
|
|
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
|
|
2023-02-07 18:24:28 +01:00
|
|
|
boot.initrd.luks.devices = [
|
|
|
|
|
{
|
|
|
|
|
name = "crypt";
|
|
|
|
|
device = "/dev/disk/uuid/463d886d-7dfe-421b-8cef-f9af3a3fa09d";
|
|
|
|
|
preLVM = true;
|
|
|
|
|
allowDiscards = true;
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
fileSystems."/" = {label = "root";};
|
2018-09-23 14:09:35 +02:00
|
|
|
|
2023-02-07 18:24:28 +01:00
|
|
|
fileSystems."/boot" = {label = "boot";};
|
2018-09-23 14:09:35 +02:00
|
|
|
|
|
|
|
|
boot.tmpOnTmpfs = true;
|
|
|
|
|
|
2023-02-07 18:24:28 +01:00
|
|
|
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
|
2022-10-31 11:04:38 +01:00
|
|
|
|
2018-09-23 14:09:35 +02:00
|
|
|
users.extraUsers.root.initialPassword = lib.mkForce "toorroot";
|
|
|
|
|
users.mutableUsers = false;
|
|
|
|
|
}
|
