-
Notifications
You must be signed in to change notification settings - Fork 13
/
raid_crypt_serial.toml
33 lines (25 loc) · 1.03 KB
/
raid_crypt_serial.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# This configuration file is used to run agetty on ttyS1, where the keys for the gpg encrypted LUKS keyfiles can be entered.
# This example decrypts 2 root drives which are in btrfs raid 1.
# In this example, all required kernel modules are assumed to be in the kernel.
# This means this initramfs works as long as kernel modules are not required, and does not have to be updated with each kernel update.
modules = [
# "ugrd.base.console", # implied by gpg
"ugrd.crypto.gpg",
]
# Set the key type for all cryptsetup keys
cryptsetup_key_type = "gpg"
# Set the primary_console to ttyS1
# The gpg module uses agetty on tty1 so this must be overridden
primary_console = "ttyS1"
auto_mounts = ['/boot'] # Automatically create mount config for /boot on the host
# Define console information
[console.ttyS1]
baud = 115_200
type = "vt100"
local = true
[cryptsetup.root1]
uuid = "9e04e825-7f60-4171-815a-86e01ec4c4d3"
key_file = "/boot/keys/crypt1.gpg"
[cryptsetup.root2]
uuid = "37b8e5ad-e855-4248-b93d-23df30c6e6aa"
key_file = "/boot/keys/crypt2.gpg"