Currently, ecryptfs support is coupled to `security.pam.enableEcryptfs`, but one might want to use ecryptfs without enabling the PAM functionality. This commit splits it out into a `boot.supportedFilesystems` switch.wip/yesman
parent
7867b50881
commit
ea35bc94bf
@ -0,0 +1,14 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
# TODO: make ecryptfs work in initramfs? |
||||
|
||||
with lib; |
||||
|
||||
{ |
||||
config = mkIf (any (fs: fs == "ecryptfs") config.boot.supportedFilesystems) { |
||||
system.fsPackages = [ pkgs.ecryptfs ]; |
||||
security.wrappers = { |
||||
"mount.ecryptfs_private".source = "${pkgs.ecryptfs.out}/bin/mount.ecryptfs_private"; |
||||
"umount.ecryptfs_private".source = "${pkgs.ecryptfs.out}/bin/umount.ecryptfs_private"; |
||||
}; |
||||
}; |
||||
} |
Loading…
Reference in new issue