fix(system): add initrd settings for tpm2

This commit is contained in:
Andre 2024-06-29 10:30:48 -04:00
parent 09d5cd2c8a
commit f77c7ca594

View file

@ -45,6 +45,13 @@ in
# Set up TPM if enabled. See https://nixos.wiki/wiki/TPM # Set up TPM if enabled. See https://nixos.wiki/wiki/TPM
(lib.mkIf (cfg.tpm2.enable) { (lib.mkIf (cfg.tpm2.enable) {
boot.initrd = {
# Enable systemd for TPM auto-unlocking
systemd.enable = true;
availableKernelModules = [ "tpm_crb"];
kernelModules = ["tpm_crb"];
};
# After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module # After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module
environment.systemPackages = with pkgs; [ tpm2-tss ]; environment.systemPackages = with pkgs; [ tpm2-tss ];
security.tpm2 = { security.tpm2 = {