From aa38b2b1eea5bdff539076cac021f04da11e2748 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Thu, 7 Sep 2023 09:24:17 +0200
Subject: [PATCH] add yubikey to luks

---
 .../nb-01.cloonar.com/hardware-configuration.nix  | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/hosts/nb-01.cloonar.com/hardware-configuration.nix b/hosts/nb-01.cloonar.com/hardware-configuration.nix
index cfdcd74..e9ff179 100644
--- a/hosts/nb-01.cloonar.com/hardware-configuration.nix
+++ b/hosts/nb-01.cloonar.com/hardware-configuration.nix
@@ -22,7 +22,20 @@
       options = [ "subvol=root" ];
     };
 
-  boot.initrd.luks.devices."nixos-enc".device = "/dev/disk/by-uuid/7435d48f-f942-485b-9817-328ad3fc0b93";
+  boot.initrd.luks = {
+    yubikeySupport = true;
+    devices = [ {
+      name = "nixos-enc";
+      device = "/dev/disk/by-uuid/7435d48f-f942-485b-9817-328ad3fc0b93";
+      yubikey = {
+        slot = 2;
+        twoFactor = false;
+        storage = {
+          device = "/dev/nvme0n1p1";
+        };
+      };
+    } ];
+  };
 
   fileSystems."/home" =
     { device = "/dev/disk/by-uuid/92284909-c5dd-4e0f-ab22-64157c8175cb";