encrypting drives

hosts/server/hardware-configuration.nix

@@ -16,35 +16,31 @@
       };
     };
     initrd = {
-      secrets."/keyfile" = /etc/keyfile;
+      # secrets."/keyfile" = /etc/keyfile;
       luks.devices = {
         nvme = {
           device = "/dev/disk/by-uuid/af72f45c-cf7c-4e7d-8eab-2a95ab754921";
-          keyFile = "/keyfile";
+          # keyFile = "/keyfile";
           preLVM = true;
         };
-        # WHEN MIGRATING THE DISKS
-        # remember to delete this keyfile
-        # and replace it with the one on miniserver
-        # or move the keyfile
         disk1 = {
           device = "/dev/disk/by-uuid/a9b0f346-7e38-40a6-baf6-3ad80cafc842";
-          keyFile = "/keyfile";
+          # keyFile = "/keyfile";
           preLVM = true;
         };
         disk2 = {
           device = "/dev/disk/by-uuid/0ed12b83-4c56-4ba8-b4ea-75a9e927d771";
-          keyFile = "/keyfile";
+          # keyFile = "/keyfile";
           preLVM = true;
         };
         disk3 = {
           device = "/dev/disk/by-uuid/8cd728f6-0d5b-4cea-8f7d-01aad11192c1";
-          keyFile = "/keyfile";
+          # keyFile = "/keyfile";
           preLVM = true;
         };
         disk4 = {
           device = "/dev/disk/by-uuid/7fcac808-491f-4846-a4a9-a34cc77cb43d";
-          keyFile = "/keyfile";
+          # keyFile = "/keyfile";
           preLVM = true;
         };
       };

hosts/workstation/hardware-configuration.nix

@@ -75,7 +75,7 @@ in
     };
     initrd = {
       verbose = false;
-      secrets."/keyfile" = /etc/keyfile;
+      # secrets."/keyfile" = /etc/keyfile;
       availableKernelModules = [
         "xhci_pci"
         "ahci"
@@ -88,7 +88,7 @@ in
         let
           decryptLuks = uuid: {
             device = getUUID uuid;
-            keyFile = "/keyfile";
+            # keyFile = "/keyfile";
             preLVM = true;
           };
         in