mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-20 12:29:02 +02:00
nixos/zfs: disable unlock timeout with systemd
Currently systemd-ask-passwd times out after 1m30s. After 3 tries this causees systemd to enter the emergency shell and basically lead to an unbootable system requiring a reboot to be able to try to unlock again. Also if a pool is imported but not unlocked, the unlock step will no longer be skipped.
This commit is contained in:
parent
897876e4c4
commit
dbb940f433
|
@ -137,14 +137,15 @@ let
|
|||
awkCmd = "${pkgs.gawk}/bin/awk";
|
||||
inherit cfgZfs;
|
||||
}) + ''
|
||||
poolImported "${pool}" && exit
|
||||
echo -n "importing ZFS pool \"${pool}\"..."
|
||||
# Loop across the import until it succeeds, because the devices needed may not be discovered yet.
|
||||
for trial in `seq 1 60`; do
|
||||
poolReady "${pool}" && poolImport "${pool}" && break
|
||||
sleep 1
|
||||
done
|
||||
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
||||
if ! poolImported "${pool}"; then
|
||||
echo -n "importing ZFS pool \"${pool}\"..."
|
||||
# Loop across the import until it succeeds, because the devices needed may not be discovered yet.
|
||||
for trial in `seq 1 60`; do
|
||||
poolReady "${pool}" && poolImport "${pool}" && break
|
||||
sleep 1
|
||||
done
|
||||
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
||||
fi
|
||||
if poolImported "${pool}"; then
|
||||
${optionalString keyLocations.hasKeys ''
|
||||
${keyLocations.command} | while IFS=$'\t' read ds kl ks; do
|
||||
|
@ -159,7 +160,7 @@ let
|
|||
tries=3
|
||||
success=false
|
||||
while [[ $success != true ]] && [[ $tries -gt 0 ]]; do
|
||||
${systemd}/bin/systemd-ask-password "Enter key for $ds:" | ${cfgZfs.package}/sbin/zfs load-key "$ds" \
|
||||
${systemd}/bin/systemd-ask-password --timeout=${toString cfgZfs.passwordTimeout} "Enter key for $ds:" | ${cfgZfs.package}/sbin/zfs load-key "$ds" \
|
||||
&& success=true \
|
||||
|| tries=$((tries - 1))
|
||||
done
|
||||
|
@ -312,6 +313,16 @@ in
|
|||
an interactive prompt (keylocation=prompt) and from a file (keylocation=file://).
|
||||
'';
|
||||
};
|
||||
|
||||
passwordTimeout = mkOption {
|
||||
type = types.int;
|
||||
default = 0;
|
||||
description = lib.mdDoc ''
|
||||
Timeout in seconds to wait for password entry for decrypt at boot.
|
||||
|
||||
Defaults to 0, which waits forever.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
services.zfs.autoSnapshot = {
|
||||
|
|
Loading…
Reference in a new issue