chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2026-01-12 04:19:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

make manual decrypt devices exist before cryptsetup.target reached

Browse Source
This commit is contained in:
陈浩南
2023-08-01 16:34:08 +08:00
parent 1b694ea319
commit db54e3ca4f
2 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
flake.nix
View File

@@ -296,7 +296,7 @@
"/dev/mapper/root" = { "/nix" = "/nix"; "/nix/rootfs/current" = "/"; };
};
};
decrypt.manual = { enable = true; devices = [ "/" ]; };
decrypt.manual = { enable = true; devices = [ "/dev/mapper/root" ]; };
rollingRootfs = { device = "/dev/mapper/root"; path = "/nix/rootfs"; };
};
packages =

27
modules/fileSystems/default.nix
View File

@@ -56,7 +56,7 @@ inputs:
};
config =
let
inherit (builtins) listToAttrs map concatLists;
inherit (builtins) listToAttrs map concatLists concatStringsSep;
inherit (inputs.lib) mkMerge mkIf;
inherit (inputs.localLib) stripeTabs attrsToList;
inherit (inputs.config.nixos) fileSystems;
@@ -134,15 +134,28 @@ inputs:
boot.initrd =
{
luks.forceLuksSupportInInitrd = true;
systemd.extraBin =
systemd =
{
cryptsetup = "${inputs.pkgs.cryptsetup.bin}/bin/cryptsetup";
usbip = "${inputs.config.boot.kernelPackages.usbip}/bin/usbip";
extraBin =
{
cryptsetup = "${inputs.pkgs.cryptsetup.bin}/bin/cryptsetup";
usbip = "${inputs.config.boot.kernelPackages.usbip}/bin/usbip";
};
services.wait-manual-decrypt =
{
wantedBy = [ "cryptsetup.target" ];
before = [ "cryptsetup.target" ];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
script = concatStringsSep "\n" (map
(device: "while [ ! -e ${device} ]; do sleep 1; done")
fileSystems.decrypt.manual.devices);
};
};
};
fileSystems = listToAttrs (map
(device: { name = device; value.options = [ "x-systemd.mount-timeout=1h" ]; })
fileSystems.decrypt.manual.devices);
# fileSystems = listToAttrs (map
# (device: { name = device; value.options = [ "x-systemd.mount-timeout=1h" ]; })
# fileSystems.decrypt.manual.devices);
}
)
# mdadm