I checked my working dracut config again and it actually looks like this:
add_dracutmodules+=" crypt "
install_items+=" /root/header.img /usr/sbin/cryptsetup /etc/crypttab "
hostonly=no
So this and the entry x-initrd.attach in /etc/crypttab are the only things I changed from the original guide, but I don’t know which additional entry actually caused it to work for me.
If I had to guess, I would say it’s the entry /etc/crypttab. I’ve read that dracut doesn’t always reliably include crypttab automatically in all setups. Therefore it’s probably more reliable to include it explicitly. /usr/sbin/cryptsetup is not necessary I guess, but it doesn’t hurt either.
But using systemd-cryptsetup-generator parameters is probably also a good alternative.