From c50153912702938bf5f677abb25d95310a601f68 Mon Sep 17 00:00:00 2001
From: Frantisek Bohacek <rutherther@proton.me>
Date: Sun, 19 Nov 2023 17:34:43 +0100
Subject: [PATCH] feat: add luks keyFile with fallback to password

---
 hosts/laptop-phobos/default.nix | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/hosts/laptop-phobos/default.nix b/hosts/laptop-phobos/default.nix
index 9afdccf..8e352aa 100644
--- a/hosts/laptop-phobos/default.nix
+++ b/hosts/laptop-phobos/default.nix
@@ -45,11 +45,15 @@
       timeout = 1;                          # Grub auto select time
     };
 
+    initrd.systemd.enable = true;
     initrd.luks.devices = {
       "crypted-linux-root" = {
         device = "/dev/disk/by-label/crypted-linux-root";
-        preLVM = true;
-        # allowDiscards = true;
+        allowDiscards = true;
+
+        keyFileSize = 256;
+        keyFile = "/dev/disk/by-id/usb-VendorCo_ProductCode_92073160DC061126104-0:0";
+        keyFileTimeout = 5;
       };
     };
   };
-- 
2.48.1