diff options
author | edef <edef@edef.eu> | 2017-10-07 17:27:46 +0200 |
---|---|---|
committer | obadz <obadz-git@obadz.com> | 2017-10-20 17:42:04 +0100 |
commit | ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba (patch) | |
tree | 1eebdaa574d935def3e7f988271d0af44df7ba9b /nixos/modules/tasks | |
parent | 7867b508817f1acfe3a524ed93ac83cb45e87720 (diff) | |
download | nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar.gz nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar.bz2 nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar.lz nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar.xz nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.tar.zst nixlib-ea35bc94bf0efd28e39cf4e8212f7df5b6e78aba.zip |
nixos/ecryptfs: init
Currently, ecryptfs support is coupled to `security.pam.enableEcryptfs`, but one might want to use ecryptfs without enabling the PAM functionality. This commit splits it out into a `boot.supportedFilesystems` switch.
Diffstat (limited to 'nixos/modules/tasks')
-rw-r--r-- | nixos/modules/tasks/filesystems/ecryptfs.nix | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/nixos/modules/tasks/filesystems/ecryptfs.nix b/nixos/modules/tasks/filesystems/ecryptfs.nix new file mode 100644 index 000000000000..12a407cabbfb --- /dev/null +++ b/nixos/modules/tasks/filesystems/ecryptfs.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: +# TODO: make ecryptfs work in initramfs? + +with lib; + +{ + config = mkIf (any (fs: fs == "ecryptfs") config.boot.supportedFilesystems) { + system.fsPackages = [ pkgs.ecryptfs ]; + security.wrappers = { + "mount.ecryptfs_private".source = "${pkgs.ecryptfs.out}/bin/mount.ecryptfs_private"; + "umount.ecryptfs_private".source = "${pkgs.ecryptfs.out}/bin/umount.ecryptfs_private"; + }; + }; +} |