diff options
| author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2024-01-05 00:02:27 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-05 00:02:27 +0000 |
| commit | 1e290d634f9bd583923f6a8aa1ac631bd53f4255 (patch) | |
| tree | dcd81edf7aecde4eeef5d907411a4559aebb5b8c /nixos/modules/system | |
| parent | f567c559e35565b5a2c079e4fac8ab308355d7b2 (diff) | |
| parent | 434f6aea7372220d5560907cf7d3eca644651279 (diff) | |
| download | nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar.gz nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar.bz2 nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar.lz nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar.xz nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.tar.zst nixlib-1e290d634f9bd583923f6a8aa1ac631bd53f4255.zip | |
Merge master into staging-next
Diffstat (limited to 'nixos/modules/system')
| -rw-r--r-- | nixos/modules/system/activation/bootspec.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/nixos/modules/system/activation/bootspec.nix b/nixos/modules/system/activation/bootspec.nix index 98c234bc340d..2ed6964b2a6a 100644 --- a/nixos/modules/system/activation/bootspec.nix +++ b/nixos/modules/system/activation/bootspec.nix @@ -11,6 +11,7 @@ let cfg = config.boot.bootspec; children = lib.mapAttrs (childName: childConfig: childConfig.configuration.system.build.toplevel) config.specialisation; + hasAtLeastOneInitrdSecret = lib.length (lib.attrNames config.boot.initrd.secrets) > 0; schemas = { v1 = rec { filename = "boot.json"; @@ -27,6 +28,7 @@ let label = "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} (Linux ${config.boot.kernelPackages.kernel.modDirVersion})"; } // lib.optionalAttrs config.boot.initrd.enable { initrd = "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}"; + } // lib.optionalAttrs hasAtLeastOneInitrdSecret { initrdSecrets = "${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets"; }; })); diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py index e2e7ffe59dcd..6cd46f30373b 100644 --- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py +++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py @@ -20,13 +20,13 @@ from dataclasses import dataclass class BootSpec: init: str initrd: str - initrdSecrets: str kernel: str kernelParams: List[str] label: str system: str toplevel: str specialisations: Dict[str, "BootSpec"] + initrdSecrets: str | None = None @@ -131,9 +131,8 @@ def write_entry(profile: str | None, generation: int, specialisation: str | None specialisation=" (%s)" % specialisation if specialisation else "") try: - subprocess.check_call([bootspec.initrdSecrets, "@efiSysMountPoint@%s" % (initrd)]) - except FileNotFoundError: - pass + if bootspec.initrdSecrets is not None: + subprocess.check_call([bootspec.initrdSecrets, "@efiSysMountPoint@%s" % (initrd)]) except subprocess.CalledProcessError: if current: print("failed to create initrd secrets!", file=sys.stderr) |