1 files changed, 17 insertions, 6 deletions

diff --git a/system/encryption.nix b/system/encryption.nix
index 152d657..76a4245 100644
--- a/system/encryption.nix
+++ b/system/encryption.nix
@@ -1,17 +1,28 @@
 {pkgs, ...}: {
-  environment.systemPackages = with pkgs; [
-    cryptsetup
-  ];
-
   environment.etc."crypttab" = {
     text = ''
-      ssh-keys UUID=da31e270-80d4-4a89-9633-87dd4d736ca2 none noauto,x-systemd.device-timeout=0
+      ssh-keys UUID=your-uuid-here none noauto,x-systemd.device-timeout=0
     '';
   };
 
   fileSystems."/mnt/ssh-keys" = {
     device = "/dev/mapper/ssh-keys";
     fsType = "ext4";
-    options = ["noauto" "nofail" "x-systemd.automount" "x-systemd.idle-timeout=300"];
+    options = ["noauto" "nofail" "users" "exec"];
   };
+
+  # define the scripts as system commands
+  environment.systemPackages = with pkgs; [
+    cryptsetup
+    (writeShellScriptBin "keys-mount" ''
+      sudo systemctl start systemd-cryptsetup@ssh\x2dkeys.service
+      sudo mount /mnt/ssh-keys
+      ssh-add /mnt/ssh-keys/id_ed25519
+    '')
+    (writeShellScriptBin "keys-umount" ''
+      ssh-add -d /mnt/ssh-keys/id_ed25519
+      sudo umount /mnt/ssh-keys
+      sudo systemctl stop systemd-cryptsetup@ssh\x2dkeys.service
+    '')
+  ];
 }