diff --git a/ops/nixos/rexxar/default.nix b/ops/nixos/rexxar/default.nix index 3c5822f047..85ab32e79b 100644 --- a/ops/nixos/rexxar/default.nix +++ b/ops/nixos/rexxar/default.nix @@ -22,12 +22,27 @@ "sd_mod" "sr_mod" ]; + systemd.enable = true; + systemd.services."zfs-import-zu2" = { + after = [ "zfs-import-zboot.service" ]; + requires = [ "zfs-import-zboot.service" ]; + + script = lib.mkBefore '' + test -d /sysroot/persist || mount -t zfs zboot/local/root /sysroot + test -f /sysroot/persist/zu2-key || mount -t zfs zboot/safe/persist /sysroot/persist + ln -s /sysroot/persist /persist + ''; + }; }; + security.tpm2.enable = true; boot.kernelModules = [ "kvm-amd" ]; hardware.cpu.amd.updateMicrocode = true; boot.kernelParams = [ "nomodeset" ]; + environment.systemPackages = with pkgs; [ + clevis + ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true;