group initrd zfs

modules/nixos/hardware/disko.nix

@@ -28,18 +28,22 @@ in
   config = lib.mkMerge [
     # Initrd SSH for remote unlocking
     (lib.mkIf (cfg.enable && cfg.initrd-ssh.enable) {
-      boot.initrd.network.enable = true;
+      boot = {
-      boot.initrd.availableKernelModules = cfg.initrd-ssh.ethernetDrivers;
+        kernelParams = [ "ip=152.53.152.129::152.53.152.1:255.255.252.0::eth0:none" ];
-      boot.kernelParams = [ "ip=152.53.152.129::152.53.152.1:255.255.252.0::eth0:none" ];
+        initrd = {
-      boot.initrd.network.ssh = {
+          network.enable = true;
-        enable = true;
+          availableKernelModules = cfg.initrd-ssh.ethernetDrivers;
-        port = 2222; # different port to avoid conflicts
+          network.ssh = {
-        shell = "/bin/cryptsetup-askpass";
+            enable = true;
-        inherit authorizedKeys;
+            port = 2222; # different port to avoid conflicts
-        hostKeys = [ "/etc/ssh/initrd" ];
+            shell = "/bin/cryptsetup-askpass";
-      };
+            inherit authorizedKeys;
-      boot.initrd.secrets = {
+            hostKeys = [ "/etc/ssh/initrd" ];
-        "/etc/ssh/initrd" = "/etc/ssh/initrd";
+          };
+          secrets = {
+            "/etc/ssh/initrd" = "/etc/ssh/initrd";
+          };
+        };
       };
     })
 
@@ -318,12 +322,13 @@ in
         };
       };
 
-      # Needed for agenix - SSH keys must be available before ZFS mounts
+      fileSystems = {
-      fileSystems."/etc/ssh".neededForBoot = true;
+        # Needed for agenix - SSH keys must be available before ZFS mounts
-
+        "/etc/ssh".neededForBoot = true;
-      # Needed for impermanence
+        # Needed for impermanence
-      fileSystems."/persist".neededForBoot = true;
+        "/persist".neededForBoot = true;
-      fileSystems."/persist/save".neededForBoot = true;
+        "/persist/save".neededForBoot = true;
+      };
     })
 
     # Impermanence: wipe root on boot