From b4d9ba419a430d0162ec19eb426f2b3f9a5aae0e Mon Sep 17 00:00:00 2001
From: Kjetil Orbekk <kj@orbekk.com>
Date: Mon, 12 Jul 2021 09:14:36 -0400
Subject: allow unattended boot firelink

---
 machines/firelink.nix | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/machines/firelink.nix b/machines/firelink.nix
index 4f23835..7673c21 100644
--- a/machines/firelink.nix
+++ b/machines/firelink.nix
@@ -133,7 +133,7 @@ in {
   console.earlySetup = true;
 
   boot.loader.grub.enable = true;
-  boot.loader.grub.devices = ["nodev"];
+  boot.loader.grub.devices = [ "nodev" ];
   boot.loader.grub.efiSupport = true;
   boot.loader.efi.canTouchEfiVariables = true;
   # boot.loader.grub.efiInstallAsRemovable = true;
@@ -210,9 +210,13 @@ in {
     options = [ "noatime" "discard" ];
   };
 
-  boot.initrd.luks.devices."cryptsystem".device =
-    "/dev/disk/by-uuid/8acc11c2-e540-4561-8c88-34176fca1a72";
-  boot.initrd.luks.devices."cryptsystem".allowDiscards = true;
+  boot.initrd.luks.devices."cryptsystem" = {
+    device = "/dev/disk/by-uuid/8acc11c2-e540-4561-8c88-34176fca1a72";
+    allowDiscards = true;
+    keyFile = "/dev/zero";
+    keyFileSize = 32;
+    fallbackToPassword = true;
+  };
 
   fileSystems."/boot" = {
     device = "/dev/disk/by-uuid/C636-D264";
-- 
cgit v1.2.3