From 164e86468dc0b2299f9de6adad1454b2c5abac30 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Sat, 24 Aug 2024 00:48:40 -0400
Subject: [PATCH] import all the keys

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
 systems/palatine-hill/hardware-changes.nix | 66 ++++++++++++----------
 1 file changed, 35 insertions(+), 31 deletions(-)

diff --git a/systems/palatine-hill/hardware-changes.nix b/systems/palatine-hill/hardware-changes.nix
index 0cedbe9..81bc87c 100644
--- a/systems/palatine-hill/hardware-changes.nix
+++ b/systems/palatine-hill/hardware-changes.nix
@@ -1,37 +1,41 @@
-{ lib, ... }:
+{ lib, pkgs, ... }:
 {
 
-  boot.zfs.requestEncryptionCredentials = lib.mkForce false;
-
-  boot.initrd = {
-    services.lvm.enable = true;
-    luks.devices = {
-      "nixos-pv" = {
-        device = "/dev/disk/by-uuid/614787a6-784a-4932-b787-cb6424725444";
-        preLVM = true;
-        allowDiscards = true;
-      };
-    };
-
-    postResumeCommands = ''
-      # let root mount and everything, then manually unlock stuff
-      load_zfs_nix() {
-        local device="/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e"
-        local mountPoint="/"
-        local options="x-initrd.mount,noatime,nodiratime"
-        local fsType="ext4"
-
-        echo "manually mounting key location, then unmounting"
-        udevadm settle
-
-        mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType"
-
-        zfs load-key -L "file://$targetRoot/crypto/keys/zfs-nix-store-key" "ZFS-primary/nix"
-        umount "$targetRoot/"
-      }
-
-      load_zfs_nix
+  boot = {
+    zfs.requestEncryptionCredentials = lib.mkForce false;
+    postBootCommands = ''
+      ${pkgs.zfs}/bin/zfs load-key -a
     '';
+    initrd = {
+      services.lvm.enable = true;
+      luks.devices = {
+        "nixos-pv" = {
+          device = "/dev/disk/by-uuid/614787a6-784a-4932-b787-cb6424725444";
+          preLVM = true;
+          allowDiscards = true;
+        };
+      };
+
+      postResumeCommands = ''
+        # let root mount and everything, then manually unlock stuff
+        load_zfs_nix() {
+          local device="/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e"
+          local mountPoint="/"
+          local options="x-initrd.mount,noatime,nodiratime"
+          local fsType="ext4"
+
+          echo "manually mounting key location, then unmounting"
+          udevadm settle
+
+          mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType"
+
+          zfs load-key -L "file://$targetRoot/crypto/keys/zfs-nix-store-key" "ZFS-primary/nix"
+          umount "$targetRoot/"
+        }
+
+        load_zfs_nix
+      '';
+    };
   };
 
   fileSystems = {