| Commit message (Collapse) | Author | Age |
... | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The multipath-tools package had existed in Nixpkgs for some time but
without a nixos module to configure/drive it. This module provides
attributes to drive the majority of multipath configuration options
and is being successfully used in stage-1 and stage-2 boot to mount
/nix from a multipath-serviced iSCSI volume.
Credit goes to @grahamc for early contributions to the module and
authoring the NixOS module test.
|
| | |
|
| | |
|
|\ \
| |/
|/| |
stage-1: create temporary secrets directory in /tmp and not in cwd
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Renaming an interface must be done in stage-1: otherwise udev will
report the interface as ready and network daemons (networkd, dhcpcd,
etc.) will bring it up. Once up the interface can't be changed and the
renaming will fail.
Note: link files are read directly by udev, so they can be used even
without networkd enabled.
|
|\ \
| | |
| | | |
boot.initrd: add verbose option
|
| | | |
|
|\ \ \
| | | |
| | | | |
nixos/stage-1: Do not allow missing kernel modules in initrd
|
| | |/
| |/| |
|
| |/
|/|
| |
| | |
Co-authored-by: Atemu <atemu.main@gmail.com>
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The cyclic dependency of systemd → cryptsetup → lvm2 → udev=systemd
needs to be broken somewhere. The previous strategy of building
cryptsetup with an lvm2 built without udev (#66856) caused the
installer.luksroot test to fail. Instead, build lvm2 with a udev built
without cryptsetup.
Fixes #96479.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
|
|\ \
| | |
| | | |
treewide: completely remove types.loaOf
|
| | | |
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
dmsetup was missing symbols.
https://github.com/NixOS/nixpkgs/pull/96290#issuecomment-680252830
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
declare -a is not sufficient to make the array variable actually
exist, which resulted in the script failing when the target object did
not have any DT_NEEDED entries. This in turn resulted in some
initramfs libraries not having their rpaths patched to point to
extra-utils, which in turn broke the extra-utils tests.
|
|\ \ \
| |/ /
|/| | |
systemd: 245.6 -> 246
|
| | | |
|
|\ \ \
| |/ /
|/| | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Give a more accurate description of how fileSystems.<name/>.neededForBoot
works
- Give a more detailed description of how fileSystems.<name/>.encrypted.keyFile
works
|
|/ / |
|
| | |
|
| | |
|
| |
| |
| |
| | |
Fixes #84976.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Dropbear lags behind OpenSSH significantly in both support for modern
key formats like `ssh-ed25519`, let alone the recently-introduced
U2F/FIDO2-based `sk-ssh-ed25519@openssh.com` (as I found when I switched
my `authorizedKeys` over to it and promptly locked myself out of my
server's initrd SSH, breaking reboots), as well as security features
like multiprocess isolation. Using the same SSH daemon for stage-1 and
the main system ensures key formats will always remain compatible, as
well as more conveniently allowing the sharing of configuration and
host keys.
The main reason to use Dropbear over OpenSSH would be initrd space
concerns, but NixOS initrds are already large (17 MiB currently on my
server), and the size difference between the two isn't huge (the test's
initrd goes from 9.7 MiB to 12 MiB with this change). If the size is
still a problem, then it would be easy to shrink sshd down to a few
hundred kilobytes by using an initrd-specific build that uses musl and
disables things like Kerberos support.
This passes the test and works on my server, but more rigorous testing
and review from people who use initrd SSH would be appreciated!
|
|\ \
| | |
| | | |
nixos/boot: add option to disable initrd
|
| |/ |
|
|/
|
|
|
|
|
| |
This makes predictable interfaces names available as soon as possible
with udev by adding the default network link units to initrd which are read
by udev. Also adds some udev rules that are needed but which would normally
loaded from the udev store path which is not included in the initrd.
|
|
|
|
|
| |
We don't patch basename and readlink now too as they were added for
mdadm in 8ecd3a5e1db4.
|
| |
|
| |
|
| |
|
| |
|
|\
| |
| | |
nixos/stage-1, nixos/f2fs: added F2FS resizing
|
| | |
|
| | |
|
| |
| |
| |
| | |
resizing
|
| | |
|
| |
| |
| |
| | |
(cherry picked from commit d3ae884c9eeb4a6f66ac4e57764c04db16ea7c71)
|
| | |
|
| | |
|
|\ \ |
|
| | | |
|
|/ / |
|