[Nix-dev] systemd in initrd
Luca Bruno
lethalman88 at gmail.com
Tue Oct 21 00:52:41 CEST 2014
Update on systemd-initrd: basic luks support.
I've been able to create a very basic nixos test for luks with keyfile [1]
(ignore the overrides needed for the test, and the vda disk setup).
Not yet asking for a password, it's a simple script and it's not using
cryptsetup from systemd.
The preLVM is not needed anymore. Whether you want to run luksOpen before
or after a service (lvm being such a service) is about writing systemd
dependences.
E.g. for emulating the old preLVM = false:
boot.initrd.systemd.services.cryptsetup-luksroot = {
requires = [ "lvm-foo.service" ];
after = [ "lvm-foo.service" ];
};
Note there's still no lvm service in my branch.
What we gain:
- Currently the luks script waits in a loop sleep 1 second until both the
device and the keyfile appear. With systemd, this is immediate using udev
(.device) and inotify (.path).
- Being able to move every single cryptsetup wherever you want during the
boot process.
Thanks to shlevy for helping with the test overrides ;)
[1] https://github.com/lethalman/nixpkgs/blob/systemd/nixos/tests/luks.nix
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20141021/fbcef201/attachment.html
More information about the nix-dev
mailing list