From ac76b8c84208138bc5517ca3f1eb37c96f198923 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Matej=20Jane=C5=BEi=C4=8D?= <janezic.mj@gmail.com>
Date: Thu, 16 Apr 2026 23:36:10 +0200
Subject: [PATCH] feat: systemd-networkd during initrd

---
 features/initrd-ssh.nix | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/features/initrd-ssh.nix b/features/initrd-ssh.nix
index a07c44e..a5e2ed8 100644
--- a/features/initrd-ssh.nix
+++ b/features/initrd-ssh.nix
@@ -57,9 +57,10 @@
           "ip=${mkIpString cfg.ip}"
         ];
 
+        boot.initrd.systemd.enable = true;
+
         boot.initrd.network = {
           enable = true;
-          udhcpc.enable = !cfg.ip.enable;
           ssh = {
             enable = true;
             port = 22;
@@ -69,10 +70,18 @@
             ];
             inherit (cfg) authorizedKeys;
           };
-          postCommands = ''
-            echo 'cryptsetup-askpass' >> /root/.profile
-          '';
         };
+
+        # systemd-networkd retries DHCP indefinitely, unlike udhcpc
+        boot.initrd.systemd.network.networks = lib.mkIf (!cfg.ip.enable) {
+          "10-initrd" = {
+            matchConfig.Driver = cfg.networkModule;
+            networkConfig.DHCP = "yes";
+          };
+        };
+
+        # forward LUKS password prompt to the SSH session
+        boot.initrd.systemd.users.root.shell = "/bin/systemd-tty-ask-password-agent";
       };
     };
 }