From 4b5a7b1be781e902be44fcf6e109e9c7eed7aae2 Mon Sep 17 00:00:00 2001
From: Ryan Yin <xiaoyin_c@qq.com>
Date: Wed, 18 Mar 2026 22:46:38 +0800
Subject: [PATCH] fix: macbook do not have a tpm2 device for luks auto unlock

Signed-off-by: Ryan Yin <xiaoyin_c@qq.com>
---
 hosts/12kingdoms-shoukei/apple-silicon.nix | 4 ++++
 nixos-installer/README.shoukei.md          | 3 ---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hosts/12kingdoms-shoukei/apple-silicon.nix b/hosts/12kingdoms-shoukei/apple-silicon.nix
index 283e953f..92a13217 100644
--- a/hosts/12kingdoms-shoukei/apple-silicon.nix
+++ b/hosts/12kingdoms-shoukei/apple-silicon.nix
@@ -10,6 +10,10 @@
     nixos-apple-silicon.nixosModules.default
   ];
 
+  # NOTE:macbook do not have a tpm2 device for luks auto unlock
+  # we have to enter the luks passphrase on boot, so remove login manager here to reduce the pain.
+  services.greetd.settings.default_session.command = lib.mkForce "$HOME/.wayland-session";
+
   zramSwap.memoryPercent = lib.mkForce 75;
 
   nix.settings = {
diff --git a/nixos-installer/README.shoukei.md b/nixos-installer/README.shoukei.md
index 4a6a5555..ffc582eb 100755
--- a/nixos-installer/README.shoukei.md
+++ b/nixos-installer/README.shoukei.md
@@ -134,9 +134,6 @@ cryptsetup luksOpen /dev/nvme0n1p6 crypted-nixos
 
 # show disk status
 lsblk
-
-# setup the automatic unlock via the tpm2 chip
-systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/nvme0n1p6
 ```
 
 Formatting the root partition: