diff options
| author | Baitinq <manuelpalenzuelamerino@gmail.com> | 2022-08-18 00:32:39 +0200 |
|---|---|---|
| committer | Baitinq <manuelpalenzuelamerino@gmail.com> | 2022-08-19 23:35:10 +0200 |
| commit | 2fbae642bcb7a084d51ad0758842f5cfd345b0ee (patch) | |
| tree | 4731e3504146d885f6a31c2de46dd6a186fddcc2 /PARTITIONING.md | |
| parent | Update (diff) | |
| download | nixos-config-2fbae642bcb7a084d51ad0758842f5cfd345b0ee.tar.gz nixos-config-2fbae642bcb7a084d51ad0758842f5cfd345b0ee.tar.bz2 nixos-config-2fbae642bcb7a084d51ad0758842f5cfd345b0ee.zip | |
Luna: Add /boot encryption
Diffstat (limited to 'PARTITIONING.md')
| -rw-r--r-- | PARTITIONING.md | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/PARTITIONING.md b/PARTITIONING.md index 2ecbb19..674781e 100644 --- a/PARTITIONING.md +++ b/PARTITIONING.md @@ -9,8 +9,14 @@ ## TUTORIAL ## -# Create and Format EFI Boot Partition -mkfs.fat -F 32 /dev/$BOOTPARTITION +# Create and Format 64M EFI Partition +mkfs.fat -F 32 /dev/$EFIPARTITION + +# Create and Encrypt 200M /boot Partition +cryptsetup --verify-passphrase -v luksFormat --type luks1 /dev/$BOOTPARTITION +cryptsetup open /dev/$BOOTPARTITION encrypted_boot +mkfs.ext4 /dev/mapper/encrypted_boot + # Create and Encrypt /nix Partition cryptsetup --verify-passphrase -v luksFormat /dev/$NIXPARTITION @@ -39,7 +45,8 @@ mount -t tmpfs none /mnt mkdir -p /mnt/{boot,nix,persist,home} # Mount all partitions in / -mount /dev/$BOOTPARTITION /mnt/boot +mount /dev/mapper/encrypted_boot /mnt/boot +mount /dev/$EFIPARTITION /mnt/boot/efi mount -o subvol=nix,compress-force=zstd,noatime /dev/mapper/encrypted_nix /mnt/nix mount -o subvol=home,compress-force=zstd /dev/mapper/encrypted_home_and_persist /mnt/home mount -o subvol=persist,compress-force=zstd,noatime /dev/mapper/encrypted_home_and_persist /mnt/persist |