diff options
Diffstat (limited to 'nixos/modules/tasks/filesystems/ecryptfs.nix')
-rw-r--r-- | nixos/modules/tasks/filesystems/ecryptfs.nix | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/nixos/modules/tasks/filesystems/ecryptfs.nix b/nixos/modules/tasks/filesystems/ecryptfs.nix new file mode 100644 index 00000000000..8138e659161 --- /dev/null +++ b/nixos/modules/tasks/filesystems/ecryptfs.nix @@ -0,0 +1,24 @@ +{ config, lib, pkgs, ... }: +# TODO: make ecryptfs work in initramfs? + +with lib; + +{ + config = mkIf (any (fs: fs == "ecryptfs") config.boot.supportedFilesystems) { + system.fsPackages = [ pkgs.ecryptfs ]; + security.wrappers = { + "mount.ecryptfs_private" = + { setuid = true; + owner = "root"; + group = "root"; + source = "${pkgs.ecryptfs.out}/bin/mount.ecryptfs_private"; + }; + "umount.ecryptfs_private" = + { setuid = true; + owner = "root"; + group = "root"; + source = "${pkgs.ecryptfs.out}/bin/umount.ecryptfs_private"; + }; + }; + }; +} |