first succesful deployment of a nixos using nixos-anywhere #4

2025-10-31 07:52:44 +00:00 · 2025-10-26 15:49:15 +01:00
parent 3cd6c1c941
commit 981683bf51
2 changed files with 18 additions and 4 deletions
--- a/nix/configuration.nix
+++ b/nix/configuration.nix
@@ -11,8 +11,22 @@
  # nix settings
  nix.settings.experimental-features = [ "nix-command" "flakes" ];

-  # Bootloader.
-  boot.loader.grub.enable = true;
+  # Bootloader to work with LUKS
+  boot.loader.grub = {
+    enable = true;
+    # https://github.com/NixOS/nixpkgs/issues/55332
+    device = "nodev";                    # Don't install to MBR
+    efiSupport = true;                   # Enable EFI support
+    enableCryptodisk = true;             # Enable LUKS support
+  };
+  
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # LUKS configuration
+  boot.initrd.luks.devices."crypted" = {
+    device = "/dev/disk/by-partlabel/luks";
+    allowDiscards = true;
+  };

  
  boot.initrd.kernelModules = [ "virtio_gpu" ];
--- a/nix/disko.nix
+++ b/nix/disko.nix
@@ -11,6 +11,7 @@
            ESP = {
              size = "500M";
              type = "EF00";
+              label = "boot";
              content = {
                type = "filesystem";
                format = "vfat";
@@ -20,12 +21,11 @@
            };
            luks = {
              size = "100%";
+              label = "luks";
              content = {
                type = "luks";
                name = "crypted";
                settings.allowDiscards = true; # Enable SSD TRIM support
-                passwordFile = "/tmp/secret.key"; # install time key file location
-                # additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
                content = {
                  type = "filesystem";
                  format = "ext4";