2024-08-12 16:52:17 +01:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
lib,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: let
|
|
|
|
inherit (lib.modules) mkIf;
|
|
|
|
inherit (lib.lists) flatten optionals;
|
|
|
|
|
|
|
|
cfg = config.boot.encryptedDrive;
|
|
|
|
in {
|
2024-08-12 16:54:39 +01:00
|
|
|
config = mkIf cfg.enable {
|
2024-08-12 16:52:17 +01:00
|
|
|
boot.initrd.availableKernelModules =
|
|
|
|
flatten
|
|
|
|
[
|
|
|
|
# For USB w/ Encryption Key
|
|
|
|
"usb_storage"
|
|
|
|
"usbcore"
|
|
|
|
"uas"
|
|
|
|
"rtsx_pci_sdmmc"
|
|
|
|
# For USB Keyboards
|
|
|
|
"usbhid"
|
|
|
|
"hid_generic"
|
|
|
|
# For Cryptography
|
|
|
|
"cryptd"
|
|
|
|
|
|
|
|
(optionals (pkgs.system == "x86_64_linux") [
|
|
|
|
"aesni_intel"
|
2024-08-12 17:01:18 +01:00
|
|
|
"crypto_simd"
|
2024-08-12 16:52:17 +01:00
|
|
|
])
|
|
|
|
];
|
|
|
|
};
|
|
|
|
}
|