feat: Initial attempt at tpm setup

2022-07-24 13:52:34 -04:00 · 2022-07-24 13:52:34 -04:00 · eb12fb0024
parent 186146ba99
commit eb12fb0024
2 changed files with 18 additions and 2 deletions
--- a/machines/levitation/configuration.nix
+++ b/machines/levitation/configuration.nix
@ -63,4 +63,20 @@

  # Setup home manager
  home-manager.users.nathan = import ./home.nix;
+
+  # TPM setup
+  security = {
+    tpm2 = {
+      enable = true;
+    };
+  };
+  boot = {
+    initrd = {
+      kernelModules = [ "tpm_crb" ];
+      systemd = {
+        enable = true;
+      };
+    };
+    kernelParams = [ "crypt-pv.luks.options=tpm2-device=auto" ];
+  };
 }
--- a/modules/desktop.nix
+++ b/modules/desktop.nix
@ -15,7 +15,7 @@ with lib; {
        # Configure grub if configured
      })
    (mkIf nc.setupGrub {
-      ## Boot, drivers, and host name
+      # Boot, drivers, and host name
      # Use grub
      boot.loader = {
        grub = {
@ -32,8 +32,8 @@ with lib; {
          canTouchEfiVariables = false;
        };
      };
-      # Configure audio
    })
+    # Configure audio
    (mkIf nc.audio {
      # Disable normal audio subsystem explicitly
      sound.enable = false;