Security.pam.mount no examples

How can I mount a luks encrypted volume during login?

I suppose the option for it is: security.pam.mount.extraVolumes or either security.pam.mount.fuseMountOptions

extraVolumes is a list of strings. So I checked pam_mount - ArchWiki
and couldnt find an example how would I go to enter list of strings to it.

Would have been nice to have an example.

I appreciate any help.

  security.pam.mount.enable = true;
  users.users.peter.cryptHomeLuks = "/dev/mapper/vg0-lv_home_peter";

1 Like

This is not very obvious in docs, thanks.

What if it is not a home partition?

You can add arbitrary content through security.pam.mount.extraVolumes, but yeah - our docs aren’t great…

I will strongly recommend that you clone nixpkgs locally and have a look at the source for the various modules you are working with.

1 Like