disko
disko copied to clipboard
nix-community
encrypted swap and hibernation
I have the following template running, and the swap is being picked up by htop. However, running systemctl hibernate results in the following error:
✦ ❯ systemctl hibernate
Call to Hibernate failed: Not enough suitable swap space for hibernation available on compatible block devices and file systems
{ config, ... }:
let
cfg = config.services.disko;
in
{
disko.devices = {
disk = {
"${cfg.disk}" = {
type = "disk";
device = "/dev/${cfg.disk}";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot/efi";
};
};
luks = {
end = "-32G";
content = {
type = "luks";
name = "crypted";
settings.allowDiscards = true;
passwordFile = "/tmp/secret.key";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
encryptedSwap = {
size = "100%";
content = {
type = "swap";
randomEncryption = true;
resumeDevice = true;
};
};
};
};
};
};
};
}
Thanks for the help!
The issue is, that randomEncryption and resumeDevice do not work together. The best bet would be something like this for you: https://unix.stackexchange.com/questions/529047/is-there-a-way-to-have-hibernate-and-encrypted-swap-on-nixos
Yes. The encrypted swap option uses a random key in NixOS. This is nothing that Disko can fix.
