modules/nixos/drives.nix

@@ -1,6 +1,15 @@
 { config, lib, pkgs, ... }:
 
+# Add encrypted drives to argon
+
 {
+  # copy keyfiles into initrd to make them available during early boot
+  boot.initrd.secrets = {
+    "/etc/nixos/keys/data1.key" = "/etc/nixos/keys/data1.key";
+    "/etc/nixos/keys/data2.key" = "/etc/nixos/keys/data2.key";
+    "/etc/nixos/keys/nvmecache.key" = "/etc/nixos/keys/nvmecache.key";
+  };
+
   # decrypt data drives with keyfiles for argon
   boot.initrd.luks.devices = {
     "data1" = {
@@ -17,13 +26,6 @@
     };
   };
 
-  # copy keyfiles into initrd to make them available during early boot
-  boot.initrd.secrets = {
-    "/etc/nixos/keys/data1.key" = "/etc/nixos/keys/data1.key";
-    "/etc/nixos/keys/data2.key" = "/etc/nixos/keys/data2.key";
-    "/etc/nixos/keys/nvmecache.key" = "/etc/nixos/keys/nvmecache.key";
-  };
-
   # mount decrypted filesystems
   fileSystems."/mnt/data1" = {
     device = "/dev/mapper/data1";