technofab/disko
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/disko.git synced 2026-02-02 17:35:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

lib.types: turn _create, _mount and _config into values

Browse source
This commit is contained in:
lassulus 2023-07-01 19:02:01 +02:00 committed by mergify[bot]
parent 8002e7cb89
commit ab9b880db2
17 changed files with 194 additions and 146 deletions
Download patch file Download diff file Expand all files Collapse all files

29
lib/types/luks.nix
View file

@ -1,4 +1,4 @@
{ config, options, lib, diskoLib, parent, ... }:
{ config, options, lib, diskoLib, parent, device, ... }:
{
options = {
type = lib.mkOption {
@ -6,6 +6,11 @@
internal = true;
description = "Type";
};
device = lib.mkOption {
type = lib.types.str;
description = "Device to encrypt";
default = device;
};
name = lib.mkOption {
type = lib.types.str;
description = "Name of the LUKS";
@ -33,7 +38,7 @@
description = "Extra arguments to pass to `cryptsetup luksOpen` when opening";
example = [ "--allow-discards" ];
};
content = diskoLib.deviceType { parent = config; };
content = diskoLib.deviceType { parent = config; device = "/dev/mapper/${config.name}"; };
_parent = lib.mkOption {
internal = true;
default = parent;
@ -48,22 +53,22 @@
};
_create = diskoLib.mkCreateOption {
inherit config options;
default = { dev }: ''
cryptsetup -q luksFormat ${dev} ${diskoLib.maybeStr config.keyFile} ${toString config.extraFormatArgs}
cryptsetup luksOpen ${dev} ${config.name} ${toString config.extraOpenArgs} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
${lib.optionalString (config.content != null) (config.content._create {dev = "/dev/mapper/${config.name}";})}
default = ''
cryptsetup -q luksFormat ${config.device} ${diskoLib.maybeStr config.keyFile} ${toString config.extraFormatArgs}
cryptsetup luksOpen ${config.device} ${config.name} ${toString config.extraOpenArgs} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
${lib.optionalString (config.content != null) config.content._create}
'';
};
_mount = diskoLib.mkMountOption {
inherit config options;
default = { dev }:
default =
let
contentMount = config.content._mount { dev = "/dev/mapper/${config.name}"; };
contentMount = config.content._mount;
in
{
dev = ''
cryptsetup status ${config.name} >/dev/null 2>/dev/null ||
cryptsetup luksOpen ${dev} ${config.name} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
cryptsetup luksOpen ${config.device} ${config.name} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
${lib.optionalString (config.content != null) contentMount.dev or ""}
'';
fs = lib.optionalAttrs (config.content != null) contentMount.fs or { };
@ -72,10 +77,10 @@
_config = lib.mkOption {
internal = true;
readOnly = true;
default = dev: [ ]
default = [ ]
# If initrdUnlock is true, then add a device entry to the initrd.luks.devices config.
++ (lib.optional config.initrdUnlock [{ boot.initrd.luks.devices.${config.name}.device = dev; }])
++ (lib.optional (config.content != null) (config.content._config "/dev/mapper/${config.name}"));
++ (lib.optional config.initrdUnlock [{ boot.initrd.luks.devices.${config.name}.device = config.device; }])
++ (lib.optional (config.content != null) config.content._config);
description = "NixOS configuration";
};
_pkgs = lib.mkOption {