Mirrors/disko
2
0
Fork 0
mirror of https://github.com/nix-community/disko synced 2024-11-10 06:14:14 +00:00
Code Issues Projects Releases Packages Wiki Activity

add additionalKeyFiles option to luks

Browse source
This commit is contained in:
arch 2023-07-06 20:33:44 +02:00 committed by lassulus
parent 68eb09b183
commit 9a454adcd6
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/types/luks.nix
View file

@ -44,6 +44,15 @@ in
};
'';
};
additionalKeyFiles = lib.mkOption {
type = lib.types.listOf diskoLib.optionTypes.absolute-pathname;
default = [];
description = ''
Path to additional key files for encryption.
these additional keyFiles are just used during creation of the device.
'';
example = ["/tmp/disk2.key"];
};
initrdUnlock = lib.mkOption {
type = lib.types.bool;
default = true;
@ -82,6 +91,7 @@ in
cryptsetup luksOpen ${config.device} ${config.name} \
${toString config.extraOpenArgs} \
${keyFileArgs}
${lib.optionalString (config.keyFile != null) toString (lib.lists.forEach config.additionalKeyFiles (x: "cryptsetup luksAddKey ${config.device} --key-file ${config.keyFile} ${x};"))}
${lib.optionalString (config.content != null) config.content._create}
'';
};