Working mounted encrypted file system! Neat.

lib/fudo/host-filesystems.nix

@@ -5,11 +5,13 @@ let
   hostname = config.instance.hostname;
   host-filesystems = config.fudo.hosts.${hostname}.encrypted-filesystems;
 
-  optionalOrDefault = tst: str: default: if tst then str else default;
+  optionalOrDefault = str: default: if (str != null) then str else default;
 
   filesystemsToMountpointLists = mapAttrsToList
     (fs: fsOpts: fsOpts.mountpoints);
 
+  concatMapAttrs = f: as: concatMap (i: i) (mapAttrsToList f as);
+
 in {
   config = {
     users.groups = let
@@ -18,8 +20,10 @@ in {
           (nameValuePair mpOpts.group {
             members = mpOpts.users;
           });
-      mountpointListsToGroups = mapConcat
+      mountpointListToGroups =
-        (mps: mapAttrsToList mountpointToGroups mps);
+        concatMapAttrs mountpointToGroups;
+      mountpointListsToGroups =
+        concatMap mountpointListToGroups;
     in listToAttrs
       (mountpointListsToGroups
         (filesystemsToMountpointLists host-filesystems));

lib/fudo/initrd-network.nix

@@ -31,8 +31,13 @@ let
 in {
   config = {
     boot = mkIf (initrd-cfg != null) {
-      kernelParams = [
+      kernelParams = let
-        "ip=${initrd-cfg.ip}"
+        site = config.instance.site;
+        site-gateway = site.gateway-v4;
+        netmask =
+          nixpkgs.lib.fudo.ip.maskFromV32Network site.network;
+      in [
+        "ip=${initrd-cfg.ip}:${site-gateway}:${netmask}:${hostname}:${initrd-cfg.interface}"
       ];
       initrd = {
         network = {