add remote zfs unlock

hosts/minime/hardware-configuration.nix

@@ -51,7 +51,7 @@
 
   swapDevices =
     [ {
-      device = "/dev/disk/by-partuuid/5c3e37ec-c277-4487-8169-813446a5f723";
+      device = "/dev/disk/by-partuuid/7e7d0e0b-90b7-465c-a022-089b38e0f16d";
       randomEncryption = true;
     } ];
 

hosts/minime/zfs.nix

@@ -28,4 +28,22 @@ in latestKernelPackage;
     plymouth.enable = false;
     tmp.useTmpfs = true;
   };
+
+  # unlock over ssh
+  boot.initrd.network = {
+    enable = true;
+    ssh = {
+      enable = true;
+      port = 2222;
+      hostKeys = [ /etc/secrets/initrd/ssh_host_rsa_key ];
+      authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJl9iYG5oHBq/poBn7Jf1/FGWWbAnbx+NKjs7qtT3uAK 0xa@toaster 2024-12-31" ];
+    };
+    postCommands = ''
+        zpool import -a
+        echo "zfs load-key -a; killall zfs" >> /root/.profile
+    '';
+  };
+  # support for network
+  boot.initrd.kernelModules = [ "igc" "i40e" "mt7921e" ];
+  boot.kernelModules = [ "igc" "i40e" "mt7921e" ];
 }