14 lines
224 B
Nix
14 lines
224 B
Nix
{ ... }:
|
|
{
|
|
boot.initrd.luks.devices.cryptroot.crypttabExtraOpts = [
|
|
"tpm2-device=auto"
|
|
"tpm2-pcrs=7"
|
|
];
|
|
|
|
security.tpm2 = {
|
|
enable = true;
|
|
pkcs11.enable = true;
|
|
tctiEnvironment.enable = true;
|
|
};
|
|
}
|