nixos/stratis: enable booting from stratis volume
This commit is contained in:
parent
2eed1de920
commit
1632e73b19
2 changed files with 70 additions and 0 deletions
|
@ -476,6 +476,8 @@ In addition to numerous new and upgraded packages, this release has the followin
|
|||
|
||||
- `boot.initrd.luks.device.<name>` has a new `tryEmptyPassphrase` option, this is useful for OEM's who need to install an encrypted disk with a future settable passphrase
|
||||
|
||||
- there is a new `boot/stratisroot.nix` module that enables booting from a volume managed by the Stratis storage management daemon. Use `boot.stratis.rootPoolUuid` to configure the pool containing the root volume
|
||||
|
||||
- Lisp gained a [manual section](https://nixos.org/manual/nixpkgs/stable/#lisp), documenting a new and backwards incompatible interface. The previous interface will be removed in a future release.
|
||||
|
||||
- The `bind` module now allows the per-zone `allow-query` setting to be configured (previously it was hard-coded to `any`; it still defaults to `any` to retain compatibility).
|
||||
|
|
68
nixos/modules/system/boot/stratisroot.nix
Normal file
68
nixos/modules/system/boot/stratisroot.nix
Normal file
|
@ -0,0 +1,68 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
let
|
||||
types = lib.types;
|
||||
in
|
||||
{
|
||||
options.boot.stratis = {
|
||||
rootPoolUuid = lib.mkOption {
|
||||
type = types.uniq types.str;
|
||||
description = lib.mdoc ''
|
||||
UUID of the stratis pool that the root fs is located in
|
||||
'';
|
||||
example = "04c68063-90a5-4235-b9dd-6180098a20d9";
|
||||
};
|
||||
};
|
||||
config = {
|
||||
assertions = [
|
||||
{
|
||||
assertion = config.boot.initrd.systemd.enable;
|
||||
message = "stratis root fs requires systemd initrd";
|
||||
}
|
||||
];
|
||||
boot.initrd = {
|
||||
systemd = {
|
||||
storePaths = [
|
||||
"${pkgs.stratisd}/lib/udev/stratis-base32-decode"
|
||||
"${pkgs.stratisd}/lib/udev/stratis-str-cmp"
|
||||
"${pkgs.lvm2.bin}/bin/dmsetup"
|
||||
"${pkgs.stratisd}/libexec/stratisd-min"
|
||||
"${pkgs.stratisd.initrd}/bin/stratis-rootfs-setup"
|
||||
];
|
||||
packages = [pkgs.stratisd.initrd];
|
||||
extraBin = {
|
||||
thin_check = "${pkgs."thin-provisioning-tools"}/bin/thin_check";
|
||||
thin_repair = "${pkgs."thin-provisioning-tools"}/bin/thin_repair";
|
||||
thin_metadata_size = "${pkgs."thin-provisioning-tools"}/bin/thin_metadata_size";
|
||||
stratis-min = "${pkgs.stratisd}/bin/stratis-min";
|
||||
};
|
||||
services = {
|
||||
stratis-setup = {
|
||||
description = "setup for Stratis root filesystem";
|
||||
unitConfig.DefaultDependencies = "no";
|
||||
conflicts = [ "shutdown.target" ];
|
||||
onFailure = [ "emergency.target" ];
|
||||
unitConfig.OnFailureJobMode = "isolate";
|
||||
wants = [ "stratisd-min.service" "plymouth-start.service" "stratis-clevis-setup.service" ];
|
||||
wantedBy = [ "initrd.target" ];
|
||||
after = [ "paths.target" "plymouth-start.service" "stratisd-min.service" ];
|
||||
before = [ "initrd.target" ];
|
||||
environment.STRATIS_ROOTFS_UUID = config.boot.stratis.rootPoolUuid;
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
ExecStart = "${pkgs.stratisd.initrd}/bin/stratis-rootfs-setup";
|
||||
RemainAfterExit = "yes";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
availableKernelModules = [ "dm-thin-pool" "dm-crypt" ] ++ [ "aes" "aes_generic" "blowfish" "twofish"
|
||||
"serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512"
|
||||
"af_alg" "algif_skcipher"
|
||||
];
|
||||
services.udev.packages = [
|
||||
pkgs.stratisd.initrd
|
||||
pkgs.lvm2
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
Loading…
Reference in a new issue