boot

Lluís Batlle Sun, 04 Mar 2012 13:00:46 -0800

Author: viric
Date: Sun Mar  4 21:00:35 2012
New Revision: 32784
URL: https://nixos.org/websvn/nix/?rev=32784&sc=1


Log:
Adding an option to luksroot, so it allows to define whether to launch 
cryptsetup after or before LVM.
To allow dmcrypt over lvm and lvm over dmcrypt.

Modified:
   nixos/trunk/modules/system/boot/luksroot.nix

Modified: nixos/trunk/modules/system/boot/luksroot.nix
==============================================================================
--- nixos/trunk/modules/system/boot/luksroot.nix        Sun Mar  4 20:57:34 
2012        (r32783)
+++ nixos/trunk/modules/system/boot/luksroot.nix        Sun Mar  4 21:00:35 
2012        (r32784)
@@ -5,7 +5,7 @@
 let
   luks = config.boot.initrd.luks;
 
-  openCommand = { name, device }: ''
+  openCommand = { name, device, ... }: ''
     # Wait for luksRoot to appear, e.g. if on a usb drive.
     # XXX: copied and adapted from stage-1-init.sh - should be
     # available as a function.
@@ -14,7 +14,7 @@
         for ((try = 0; try < 10; try++)); do
             sleep 1
             if test -e ${device}; then break; fi
-            echo -n "OK"
+            echo -n .
         done
         echo "ok"
     fi
@@ -23,6 +23,10 @@
     cryptsetup luksOpen ${device} ${name}
   '';
 
+  isPreLVM = f: f.preLVM;
+  preLVM = filter isPreLVM luks.devices;
+  postLVM = filter (f: !(isPreLVM f)) luks.devices;
+
 in
 {
 
@@ -36,7 +40,7 @@
 
     boot.initrd.luks.devices = mkOption {
       default = [ ];
-      example = [ { name = "luksroot"; device = "/dev/sda3"; } ];
+      example = [ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } 
];
       description = '';
         The list of devices that should be decrypted using LUKS before trying 
to mount the
         root partition. This works for both LVM-over-LUKS and LUKS-over-LVM 
setups.
@@ -45,6 +49,36 @@
 
         Make sure that initrd has the crypto modules needed for decryption.
       '';
+
+      type = types.list types.optionSet;
+
+      options = {
+
+        name = mkOption {
+          example = "luksroot";
+          type = types.string;
+          description = ''
+            Name of the interface.
+          '';
+        };
+
+        device = mkOption {
+          example = "/dev/sda2";
+          type = types.string;
+          description = ''
+            IP address of the interface.  Leave empty to configure the
+            interface using DHCP.
+          '';
+        };
+
+        preLVM = mkOption {
+          default = true;
+          type = types.bool;
+          description = ''
+            Whether the luksOpen will be attempted before LVM scan or after it.
+          '';
+        };
+      };
     };
   };
 
@@ -68,6 +102,7 @@
       $out/bin/cryptsetup --version
     '';
 
-    boot.initrd.preLVMCommands = concatMapStrings openCommand luks.devices;
+    boot.initrd.preLVMCommands = concatMapStrings openCommand preLVM;
+    boot.initrd.postDeviceCommands = concatMapStrings openCommand postLVM;
   };
 }
_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits

[Nix-commits] SVN commit: nix - r32784 - nixos/trunk/modules/system/boot

Reply via email to