From 0d65e2e0e5b318614bf967c71308355939d9aaaf Mon Sep 17 00:00:00 2001 From: sjau Date: Sat, 3 Feb 2018 17:29:31 +0100 Subject: zfs: add migration path for new crypto format fixes #34559 --- nixos/modules/tasks/filesystems/zfs.nix | 27 ++++++++++++++++++++++++++- 1 file changed, 26 insertions(+), 1 deletion(-) (limited to 'nixos/modules/tasks/filesystems') diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index 2c0a165887bd..5d05b99b6976 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -24,7 +24,11 @@ let kernel = config.boot.kernelPackages; - packages = if config.boot.zfs.enableUnstable then { + packages = if config.boot.zfs.enableLegacyCrypto then { + spl = kernel.splLegacyCrypto; + zfs = kernel.zfsLegacyCrypto; + zfsUser = pkgs.zfsLegacyCrypto; + } else if config.boot.zfs.enableUnstable then { spl = kernel.splUnstable; zfs = kernel.zfsUnstable; zfsUser = pkgs.zfsUnstable; @@ -75,6 +79,27 @@ in ''; }; + enableLegacyCrypto = mkOption { + type = types.bool; + default = false; + description = '' + Enabling this option will allow you to continue to use the old format for + encrypted datasets. With the inclusion of stability patches the format of + encrypted datasets has changed. They can still be access and mounted but + in read-only mode mounted. It is highly recommended to convert them to + the new format. + + This option is only for convenience to people that cannot convert their + datasets to the new format yet and it will be removed in due time. + + For migration strategies from old format to this new one, check the Wiki: + https://nixos.wiki/wiki/NixOS_on_ZFS#Encrypted_Dataset_Format_Change + + See https://github.com/zfsonlinux/zfs/pull/6864 for more details about + the stability patches. + ''; + }; + extraPools = mkOption { type = types.listOf types.str; default = []; -- cgit 1.4.1