34 lines
619 B
Nix
34 lines
619 B
Nix
{ ... }:
|
|
|
|
let
|
|
stage1Modules = [
|
|
"aesni_intel"
|
|
"kvm-intel"
|
|
"aes_x86_64"
|
|
"nvme"
|
|
"nvme_core"
|
|
|
|
"pcieport"
|
|
"thunderbolt"
|
|
"e1000e"
|
|
"xhci_pci"
|
|
"hxci_hcd"
|
|
];
|
|
|
|
in
|
|
{
|
|
# TASK: new device
|
|
hardware.encryptedDisk = {
|
|
enable = true;
|
|
diskId = "nvme-SAMSUNG_MZVLW256HEHP-000L7_S35ENX0K827498";
|
|
};
|
|
|
|
# boot.initrd.availableKernelModules = stage1Modules;
|
|
boot.initrd.kernelModules = stage1Modules;
|
|
boot.extraModprobeConfig = ''
|
|
options kvm-intel nested=1
|
|
options kvm-intel enable_shadow_vmcs=1
|
|
options kvm-intel enable_apicv=1
|
|
options kvm-intel ept=1
|
|
'';
|
|
}
|