testing

modules/nixos/boot/common/default.nix

@@ -44,30 +44,31 @@ in
       bootspec.enable = (!isArm);
 
       initrd = {
-        secrets = {
-          "/etc/clevis/nuc-nixos.jwe" = (lib.snowfall.fs.get-file "secrets/nuc-nixos.jwe");
-        };
+      #   secrets = {
+      #     "/etc/clevis/nuc-nixos.jwe" = (lib.snowfall.fs.get-file "secrets/nuc-nixos.jwe");
+      #   };
 
-        systemd.services."unlock-disk" = {
-          enable = true;
-          path = [
-            pkgs.clevis
-            pkgs.bcachefs-tools
-          ];
-          script = ''
-            ${pkgs.clevis}/bin/clevis decrypt < "/etc/clevis/nuc-nixos.jwe" | ${pkgs.bcachefs-tools}/bin/bcachefs unlock -k session /dev/disk/by-label/disk-main-nuc-nixos-bcachefs-root
-          '';
-          wantedBy = [ "initrd-root-fs.target" ];
-          requiredBy = [ "initrd-root-fs.target" ];
-          serviceConfig = {
-            Type = "oneshot";
-            TimeoutSec = "10s";
-          };
-        };
+        # systemd.services."unlock-disk" = {
+        #   enable = false;
+        #   path = [
+        #     pkgs.clevis
+        #     pkgs.bcachefs-tools
+        #   ];
+        #   script = ''
+        #     ${pkgs.clevis}/bin/clevis decrypt < "/etc/clevis/nuc-nixos.jwe"
+        #     # | ${pkgs.bcachefs-tools}/bin/bcachefs unlock -k session /dev/disk/by-label/disk-main-nuc-nixos-bcachefs-root
+        #   '';
+        #   wantedBy = [ "initrd-root-fs.target" ];
+        #   requiredBy = [ "initrd-root-fs.target" ];
+        #   serviceConfig = {
+        #     Type = "oneshot";
+        #     TimeoutSec = "10s";
+        #   };
+        # };
 
-        clevis = mkIf (config.${namespace}.hardware.disko.filesystem == "bcachefs"){
-          enable = true;
-        };
+        # clevis = mkIf (config.${namespace}.hardware.disko.filesystem == "bcachefs"){
+        #   enable = true;
+        # };
 
         luks = mkIf cfg.yubikeyEncryption {
           devices = {