From 491bd8a8387e3bc3c42097e6fc708d5cbd88d644 Mon Sep 17 00:00:00 2001 From: Andre Date: Sat, 29 Jun 2024 10:30:48 -0400 Subject: [PATCH] fix(system): add initrd settings for tpm2 --- system/modules/system/bootloader.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/system/modules/system/bootloader.nix b/system/modules/system/bootloader.nix index b6f803a..27e0f06 100644 --- a/system/modules/system/bootloader.nix +++ b/system/modules/system/bootloader.nix @@ -45,6 +45,13 @@ in # Set up TPM if enabled. See https://nixos.wiki/wiki/TPM (lib.mkIf (cfg.tpm2.enable) { + boot.initrd = { + # Enable systemd for TPM auto-unlocking + systemd.enable = true; + + availableKernelModules = [ "tpm_crb"]; + kernelModules = ["tpm_crb"]; + }; # After installing and rebooting, set it up via https://wiki.archlinux.org/title/Systemd-cryptenroll#Trusted_Platform_Module environment.systemPackages = with pkgs; [ tpm2-tss ]; security.tpm2 = {