summaryrefslogtreecommitdiff
path: root/gnu/system
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2016-11-24 23:03:04 +0100
committerLudovic Courtès <ludo@gnu.org>2016-11-24 23:20:41 +0100
commit13fb1bd94e77ca231faaae25e8c9e3c4bde1b0f2 (patch)
tree69e6a25cdf9b6d52da5ad7ae7583b8895d893f17 /gnu/system
parentcbf1024e9907c7402e66c0c225dba7406fbd82e8 (diff)
doc: Document encrypted root partitions.
This is a followup to f7f292d359e0eb77617f4ecf6b3164f868ec1784. * doc/guix.texi (Preparing for Installation): Give commands for encrypted root installation. (Proceeding with the Installation): Add item about mapped devices. (File Systems): Mention that 'dependencies' can list <mapped-device> objects. * gnu/system/examples/desktop.tmpl (mapped-devices): New field. (file-systems): Add 'dependencies' field.
Diffstat (limited to 'gnu/system')
-rw-r--r--gnu/system/examples/desktop.tmpl15
1 files changed, 13 insertions, 2 deletions
diff --git a/gnu/system/examples/desktop.tmpl b/gnu/system/examples/desktop.tmpl
index 2fcf90f8b1..82687e740b 100644
--- a/gnu/system/examples/desktop.tmpl
+++ b/gnu/system/examples/desktop.tmpl
@@ -1,5 +1,6 @@
;; This is an operating system configuration template
-;; for a "desktop" setup with GNOME and Xfce.
+;; for a "desktop" setup with GNOME and Xfce where the
+;; root partition is encrypted with LUKS.
(use-modules (gnu) (gnu system nss))
(use-service-modules desktop)
@@ -13,11 +14,21 @@
;; Assuming /dev/sdX is the target hard disk, and "my-root"
;; is the label of the target root file system.
(bootloader (grub-configuration (device "/dev/sdX")))
+
+ ;; Specify a mapped device for the encrypted root partition.
+ ;; The UUID is that returned by 'cryptsetup luksUUID'.
+ (mapped-devices
+ (list (mapped-device
+ (source (uuid "12345678-1234-1234-1234-123456789abc"))
+ (target "the-root-device")
+ (type luks-device-mapping))))
+
(file-systems (cons (file-system
(device "my-root")
(title 'label)
(mount-point "/")
- (type "ext4"))
+ (type "ext4")
+ (dependencies mapped-devices))
%base-file-systems))
(users (cons (user-account