On Thu, Sep 10, 2015 at 09:22:13PM +0100, Tomasz Czyż wrote: > I have a problem with this method as you cannot copy the file outside > extras tree. > > I used: > > ''cp /my.key $out/key" - the final file is in /nix/store/XXXXX/here > (hard to access, if hash will change this stuff stop work. > > "cp /my.key $out/../../key" or "cp /my.key /key" doesn't work, > permission error, so I cannot put key in the root of initrd.
I don't have encrypted boot going myself... I'm passing on a reply I got off-list from Leroy (bcc'ed, thanks, hope you don't mind), whose config works using boot.initrd.extraUtilsCommands: On Wed, Sep 09, 2015 at 07:40:21PM +1200, Leroy Hopson wrote: > Hi Bryan, > > I have a similar setup. I'm using `boot.initrd.extraUtilsCommands` as > Evygeny suggested. > > Here is a link to the relevant section of my configuration: > https://github.com/lihop/nixos/blob/7b1b0a7fd4396713573c35368791e32843feb957/devices/desktop.nix#L59-L72 > > Regards, > Leroy He's putting the keyfile in the initrd's /bin, then I suspect that $PATH is only "/bin" in his keyFile = ...; arguments. If that's the case, then with your first cp command above, your keyfile should simply be at "/key" in your initrd, no need to know the hash. Cheers, Bryan
pgpzACXgfa5I9.pgp
Description: PGP signature
_______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
