NixOS: remove encrypted swap section due to system bug

See NixOS/nixpkgs#157989 Signed-off-by: Maurice Zhou <[email protected]>
openzfs · Feb 7, 2022 · 891a5e1 · 891a5e1
1 parent bbea2a1
commit 891a5e1
Showing 1 changed file with 0 additions and 55 deletions.
diff --git a/docs/Getting Started/NixOS/Root on ZFS/3-optional-configuration.rst b/docs/Getting Started/NixOS/Root on ZFS/3-optional-configuration.rst
@@ -189,58 +189,3 @@ root pool will be replaced by keyfile, embedded in initrd.
    In the possible event of LUKS container corruption,
    data on root set will only be available
    with this key.
-
-Persistent swap and hibernation
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-#. Optional: enable persistent swap partition. By default
-   encryption key of swap partition is discarded on reboot::
-
-    INST_SWAPKEY=/mnt/etc/cryptkey.d/${INST_PRIMARY_DISK##*/}-part4-key-luks-swap
-    INST_SWAPMAPPER=${INST_PRIMARY_DISK##*/}-part4-luks-swap
-
-    # fstab
-    # remove existing swap entries
-    for i in $DISK; do echo $i; done | grep -v ${INST_PRIMARY_DISK##*/} \
-    | while read j; do sed -i "\,$j-part4\"; randomEncryption.enable,d" /mnt/etc/nixos/${INST_CONFIG_FILE} ; done
-    sed -i "s|${INST_PRIMARY_DISK}-part4\"; randomEncryption.enable = true|/dev/mapper/${INST_SWAPMAPPER}\"|g" /mnt/etc/nixos/${INST_CONFIG_FILE}
-
-    # create key and format partition as LUKS container
-    dd bs=32 count=1 if=/dev/urandom of=${INST_SWAPKEY};
-    chmod u=r,go= /mnt/etc/cryptkey.d/*
-    cryptsetup luksFormat -q --type luks2 --key-file ${INST_SWAPKEY} ${INST_PRIMARY_DISK}-part4
-    cryptsetup luksOpen ${INST_PRIMARY_DISK}-part4 ${INST_SWAPMAPPER} --key-file ${INST_SWAPKEY}
-
-    # initialize swap space
-    mkswap /dev/mapper/${INST_SWAPMAPPER}
-
-    # add initrd key
-    tee -a /mnt/etc/nixos/${INST_CONFIG_FILE} <<EOF
-      boot.initrd.secrets = {
-        "/etc/cryptkey.d/${INST_PRIMARY_DISK##*/}-part4-key-luks-swap" = "/etc/cryptkey.d/${INST_PRIMARY_DISK##*/}-part4-key-luks-swap";
-      };
-      boot.initrd.luks.devices = {
-        "${INST_SWAPMAPPER}" = {
-          device = "${INST_PRIMARY_DISK}-part4";
-          allowDiscards = true;
-          keyFile = "/etc/cryptkey.d/${INST_PRIMARY_DISK##*/}-part4-key-luks-swap";
-        };
-      };
-    EOF
-
-#. Optional: after enabling persistent swap partition,
-   enable hibernation::
-
-    tee -a /mnt/etc/nixos/${INST_CONFIG_FILE} <<EOF
-      boot.resumeDevice = "/dev/mapper/${INST_SWAPMAPPER}";
-    EOF
-
-
-   Note that hibernation might not work with discrete graphics, virtio graphics or
-   AMD APU integrated graphics. This is not specific to this guide.
-
-   Computer must resume from a continuous swap space, resume
-   from multiple swap partitions is not supported.
-
-   Do not touch anything on disk while the computer is
-   in hibernation, see `kernel documentation
-   <https://www.kernel.org/doc/html/latest/power/swsusp.html>`__.