enable swap

modules/boot/chn-PC.nix

@@ -25,8 +25,8 @@
 				options iwlmvm power_scheme=1
 				options iwlwifi uapsd_disable=1
 			'';
-			# kernelParams = [ "delayacct" "acpi_osi=Linux" "resume_offset=19145984" ];
-			# resumeDevice = "/dev/mapper/root";
+			kernelParams = [ "delayacct" "acpi_osi=Linux" "resume_offset=41696016" ];
+			resumeDevice = "/dev/mapper/root";
 		};
 		hardware.cpu.intel.updateMicrocode = true;
 	};

modules/filesystem/chn-PC.nix

@@ -9,12 +9,6 @@
 				fsType = "tmpfs";
 				options = [ "size=16G" "relatime" "mode=755" ];
 			};
-			# "/" =
-			# {
-			# 	device = "/dev/mapper/root";
-			# 	fsType = "btrfs";
-			# 	options = [ "size=16G" "relatime" "mode=755" ];
-			# };
 			"/nix" =
 			{
 				device = "/dev/mapper/root";
@@ -33,9 +27,29 @@
 				fsType = "vfat";
 			};
 		};
-		# swapDevices = [ { device = "/nix/swap/swap"; } ];
+		# sudo btrfs fi mkswapfile --size 64g --uuid clear swap
+		# sudo btrfs inspect-internal map-swapfile -r swap
+		swapDevices = [ { device = "/nix/swap/swap"; } ];
 		boot.initrd.luks =
 		{
+			# setup accroding to https://github.com/sgillespie/nixos-yubikey-luks
+			# nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz
+			# ykpersonalize -2 -ochal-resp -ochal-hmac
+			# SALT_LENGTH=16
+			# SALT="$(dd if=/dev/random bs=1 count=$SALT_LENGTH 2>/dev/null | rbtohex)"
+			# read -s USER_PASSPHRASE
+			# CHALLENGE="$(echo -n $SALT | openssl dgst -binary -sha512 | rbtohex)"
+			# RESPONSE=$(ykchalresp -2 -x $CHALLENGE 2>/dev/null)
+			# KEY_LENGTH=512
+			# ITERATIONS=1000000
+			# LUKS_KEY="$(echo -n $USER_PASSPHRASE | pbkdf2-sha512 $(($KEY_LENGTH / 8)) $ITERATIONS $RESPONSE | rbtohex)"
+			# CIPHER=aes-xts-plain64
+			# HASH=sha512
+			# echo -n "$LUKS_KEY" | hextorb | cryptsetup luksFormat --cipher="$CIPHER" \
+			#	--key-size="$KEY_LENGTH" --hash="$HASH" --key-file=- /dev/sdb5
+			# mkdir -p /boot/crypt-storage
+			# echo -ne "$SALT\n$ITERATIONS" > /boot/crypt-storage/default
+			# echo -n "$LUKS_KEY" | hextorb | cryptsetup open /dev/sdb5 encrypted --key-file=-
 			yubikeySupport = true;
 			devices.root =
 			{
@@ -91,24 +105,5 @@
 			TIMELINE_LIMIT_MONTHLY = "0";
 			TIMELINE_LIMIT_YEARLY = "0";
 		};
-
-		# setup accroding to https://github.com/sgillespie/nixos-yubikey-luks
-		# nix-shell https://github.com/sgillespie/nixos-yubikey-luks/archive/master.tar.gz
-		# ykpersonalize -2 -ochal-resp -ochal-hmac
-		# SALT_LENGTH=16
-		# SALT="$(dd if=/dev/random bs=1 count=$SALT_LENGTH 2>/dev/null | rbtohex)"
-		# read -s USER_PASSPHRASE
-		# CHALLENGE="$(echo -n $SALT | openssl dgst -binary -sha512 | rbtohex)"
-		# RESPONSE=$(ykchalresp -2 -x $CHALLENGE 2>/dev/null)
-		# KEY_LENGTH=512
-		# ITERATIONS=1000000
-		# LUKS_KEY="$(echo -n $USER_PASSPHRASE | pbkdf2-sha512 $(($KEY_LENGTH / 8)) $ITERATIONS $RESPONSE | rbtohex)"
-		# CIPHER=aes-xts-plain64
-		# HASH=sha512
-		# echo -n "$LUKS_KEY" | hextorb | cryptsetup luksFormat --cipher="$CIPHER" \
-		#	--key-size="$KEY_LENGTH" --hash="$HASH" --key-file=- /dev/sdb5
-		# mkdir -p /boot/crypt-storage
-		# echo -ne "$SALT\n$ITERATIONS" > /boot/crypt-storage/default
-		# echo -n "$LUKS_KEY" | hextorb | cryptsetup open /dev/sdb5 encrypted --key-file=-
 	};
 }