From 390e3fb0ba0f9c7d95c517d5fc8b4f51c45077e9 Mon Sep 17 00:00:00 2001
From: Antoine Viallon <antoine@lesviallon.fr>
Date: Tue, 7 Nov 2023 21:30:04 +0100
Subject: [PATCH] [Security/Encryption] almos-force systemd stage-1 init if
 encryption is enabled Also copy /etc/crypttab from initrd to regular /etc

---
 security/encryption.nix | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/security/encryption.nix b/security/encryption.nix
index 144ee68..c62815d 100644
--- a/security/encryption.nix
+++ b/security/encryption.nix
@@ -17,6 +17,14 @@ in {
       cfg.cryptsetup.package
     ];
 
+    boot.initrd.systemd.contents."/etc/crypttab".text = mkDefault "";
+
+    environment.etc.crypttab = {
+      text = config.boot.initrd.systemd.contents."/etc/crypttab".text;
+    };
+
+    boot.initrd.systemd.enable = mkOverride 10 true;
+    
     boot.initrd.availableKernelModules = [ "cryptd" ];
   };
 }