From bf276b1d19ce2ff48a5deb2ccbcc370a63384152 Mon Sep 17 00:00:00 2001 From: chn Date: Tue, 1 Aug 2023 16:09:26 +0800 Subject: [PATCH] longer wait time for manually unlocked device --- flake.nix | 8 +++++++- modules/fileSystems/default.nix | 9 ++++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/flake.nix b/flake.nix index 1682f444..e86c3ae5 100644 --- a/flake.nix +++ b/flake.nix @@ -268,6 +268,12 @@ };}) ]; }; + # sudo usbipd + # ssh -R 3240:127.0.0.1:3240 root@192.168.122.57 + # sudo usbip bind -b 3-6 + # usbip attach -r 127.0.0.1 -b 3-6 + # systemd-cryptenroll --fido2-device=auto /dev/vda2 + # systemd-cryptsetup attach root /dev/vda2 "vps6" = inputs.nixpkgs.lib.nixosSystem { system = "x86_64-linux"; @@ -289,7 +295,7 @@ "/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; }; }; }; - decrypt.manual.enable = true; + decrypt.manual = { enable = true; devices = [ "/dev/mapper/root" ]; }; rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; }; }; packages = diff --git a/modules/fileSystems/default.nix b/modules/fileSystems/default.nix index 6d387f8e..eeeafded 100644 --- a/modules/fileSystems/default.nix +++ b/modules/fileSystems/default.nix @@ -24,7 +24,11 @@ inputs: }); default = {}; }; - manual.enable = mkOption { type = types.bool; default = false; }; + manual = + { + enable = mkOption { type = types.bool; default = false; }; + devices = mkOption { type = types.listOf types.nonEmptyStr; default = []; }; + }; }; mdadm = mkOption { type = types.nullOr types.str; default = null; }; swap = mkOption { type = types.listOf types.nonEmptyStr; default = []; }; @@ -136,6 +140,9 @@ inputs: usbip = "${inputs.config.boot.kernelPackages.usbip}/bin/usbip"; }; }; + fileSystems = listToAttrs (map + (device: { name = device; value.options = [ "x-systemd.mount-timeout=1h" ]; }) + fileSystems.decrypt.manual.devices); } ) # mdadm