ahuston-0/nix-dotfiles
1
0
Fork 0
Code Issues 1 Pull Requests 3 Actions 1 Packages Projects Releases Wiki Activity

luks migration, home migration fixes
Check flake.lock / Check health of `flake.lock` (pull_request) Successful in 9s
Details
Check Nix flake / Perform Nix flake checks (pull_request) Successful in 3m49s
Details

Browse Source
This commit is contained in:
ahuston-0
2026-05-03 17:33:56 -04:00
parent 43c026c451
commit b4233b8f1c
6 changed files with 59 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
systems/argiletum/configuration.nix
+12 -2
View File
@@ -13,8 +13,18 @@
useNetworkd = true;
};
# Raspberry Pi 4 uses U-Boot / extlinux, not systemd-boot
boot.useSystemdBoot = lib.mkForce false;
# Raspberry Pi 4 uses U-Boot / extlinux — disable both GRUB and systemd-boot
# TPM 2.0 HAT: systemd initrd required for tpm2-device auto-unlock
# After first install, enroll with:
# systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 --recovery-key /dev/mmcblk0p3
boot = {
useSystemdBoot = lib.mkForce false;
loader.grub.enable = lib.mkOverride 0 false;
initrd = {
systemd.enable = true;
luks.devices."cryptroot".crypttabExtraOpts = [ "tpm2-device=auto" ];
};
};
sops = {
defaultSopsFile = ./secrets.yaml;