system/activation/bootspec: do not synthesize initrdSecrets if unneeded

We should not always create an appender script if we have no secret, this has no usefulness whatsover.
This commit is contained in:
Raito Bezarius 2024-01-04 02:42:03 +01:00
parent b3d998e7ea
commit 7c6f64914f

View file

@ -11,6 +11,7 @@
let
cfg = config.boot.bootspec;
children = lib.mapAttrs (childName: childConfig: childConfig.configuration.system.build.toplevel) config.specialisation;
hasAtLeastOneInitrdSecret = lib.length (lib.attrNames config.boot.initrd.secrets) > 0;
schemas = {
v1 = rec {
filename = "boot.json";
@ -27,6 +28,7 @@ let
label = "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} (Linux ${config.boot.kernelPackages.kernel.modDirVersion})";
} // lib.optionalAttrs config.boot.initrd.enable {
initrd = "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}";
} // lib.optionalAttrs hasAtLeastOneInitrdSecret {
initrdSecrets = "${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets";
};
}));