diff options
author | Florian Klink <flokli@flokli.de> | 2021-10-22 15:01:55 +0200 |
---|---|---|
committer | Florian Klink <flokli@flokli.de> | 2021-10-22 15:47:21 +0200 |
commit | 0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7 (patch) | |
tree | e8e96651d77ec96cffdbdeb5227a461c9f2f75c7 /nixos/modules/system/boot/systemd.nix | |
parent | 930da485d9af8100f8858bd6fe8f28e3eca26933 (diff) | |
download | nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar.gz nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar.bz2 nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar.lz nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar.xz nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.tar.zst nixpkgs-0084c41abfbf5fa6e19539d7a32f3bce4c3eb6b7.zip |
nixos/systemd: add remote-cryptsetup.target
/etc/crypttab can contain the _netdev option, which adds crypto devices to the remote-cryptsetup.target. remote-cryptsetup.target has a dependency on cryptsetup-pre.target. So let's add both of them. Currently, one needs to manually ssh in and invoke `systemctl start systemd-cryptsetup@<name>.service` to unlock volumes. After this change, systemd will properly add it to the target, and assuming remote-cryptsetup.target is pulled in somewhere, you can simply pass the passphrase by invoking `systemd-tty-ask-password-agent` after ssh-ing in, without having to manually start these services. Whether remote-cryptsetup.target should be added to multi-user.target (as it is on other distros) is part of another discussion - right now the following snippet will do: ``` systemd.targets.multi-user.wants = [ "remote-cryptsetup.target" ]; ```
Diffstat (limited to 'nixos/modules/system/boot/systemd.nix')
-rw-r--r-- | nixos/modules/system/boot/systemd.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 93ea77d1ee7..77997ac7686 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -26,6 +26,8 @@ let "nss-user-lookup.target" "time-sync.target" "cryptsetup.target" + "cryptsetup-pre.target" + "remote-cryptsetup.target" "sigpwr.target" "timers.target" "paths.target" |