nixos: Support systemd-gpt-auto-root

This commit is contained in:
Will Fancher 2024-01-19 05:39:01 -05:00
parent bda93c2221
commit f1731f2e28
5 changed files with 68 additions and 8 deletions

View file

@ -688,7 +688,7 @@ in
config = mkIf config.boot.initrd.enable { config = mkIf config.boot.initrd.enable {
assertions = [ assertions = [
{ assertion = any (fs: fs.mountPoint == "/") fileSystems; { assertion = !config.boot.initrd.systemd.enable -> any (fs: fs.mountPoint == "/") fileSystems;
message = "The fileSystems option does not specify your root file system."; message = "The fileSystems option does not specify your root file system.";
} }
{ assertion = let inherit (config.boot) resumeDevice; in { assertion = let inherit (config.boot) resumeDevice; in

View file

@ -212,6 +212,19 @@ in {
default = []; default = [];
}; };
root = lib.mkOption {
type = lib.types.enum [ "fstab" "gpt-auto" ];
default = "fstab";
example = "gpt-auto";
description = ''
Controls how systemd will interpret the root FS in initrd. See
{manpage}`kernel-command-line(7)`. NixOS currently does not
allow specifying the root file system itself this
way. Instead, the `fstab` value is used in order to interpret
the root file system specified with the `fileSystems` option.
'';
};
emergencyAccess = mkOption { emergencyAccess = mkOption {
type = with types; oneOf [ bool (nullOr (passwdEntry str)) ]; type = with types; oneOf [ bool (nullOr (passwdEntry str)) ];
description = lib.mdDoc '' description = lib.mdDoc ''
@ -342,7 +355,12 @@ in {
}; };
config = mkIf (config.boot.initrd.enable && cfg.enable) { config = mkIf (config.boot.initrd.enable && cfg.enable) {
assertions = map (name: { assertions = [
{
assertion = cfg.root == "fstab" -> any (fs: fs.mountPoint == "/") (builtins.attrValues config.fileSystems);
message = "The fileSystems option does not specify your root file system.";
}
] ++ map (name: {
assertion = lib.attrByPath name (throw "impossible") config.boot.initrd == ""; assertion = lib.attrByPath name (throw "impossible") config.boot.initrd == "";
message = '' message = ''
systemd stage 1 does not support 'boot.initrd.${lib.concatStringsSep "." name}'. Please systemd stage 1 does not support 'boot.initrd.${lib.concatStringsSep "." name}'. Please
@ -371,7 +389,12 @@ in {
"autofs" "autofs"
# systemd-cryptenroll # systemd-cryptenroll
] ++ lib.optional cfg.enableTpm2 "tpm-tis" ] ++ lib.optional cfg.enableTpm2 "tpm-tis"
++ lib.optional (cfg.enableTpm2 && !(pkgs.stdenv.hostPlatform.isRiscV64 || pkgs.stdenv.hostPlatform.isArmv7)) "tpm-crb"; ++ lib.optional (cfg.enableTpm2 && !(pkgs.stdenv.hostPlatform.isRiscV64 || pkgs.stdenv.hostPlatform.isArmv7)) "tpm-crb"
++ lib.optional cfg.package.withEfi "efivarfs";
boot.kernelParams = [
"root=${config.boot.initrd.systemd.root}"
] ++ lib.optional (config.boot.resumeDevice != "") "resume=${config.boot.resumeDevice}";
boot.initrd.systemd = { boot.initrd.systemd = {
initrdBin = [pkgs.bash pkgs.coreutils cfg.package.kmod cfg.package]; initrdBin = [pkgs.bash pkgs.coreutils cfg.package.kmod cfg.package];
@ -554,7 +577,5 @@ in {
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";
}; };
}; };
boot.kernelParams = lib.mkIf (config.boot.resumeDevice != "") [ "resume=${config.boot.resumeDevice}" ];
}; };
} }

View file

@ -37,6 +37,7 @@
clevisLuksFallback clevisLuksFallback
clevisZfs clevisZfs
clevisZfsFallback clevisZfsFallback
gptAutoRoot
; ;
} }

View file

@ -82,6 +82,7 @@ let
testScriptFun = { bootLoader, createPartitions, grubDevice, grubUseEfi, grubIdentifier testScriptFun = { bootLoader, createPartitions, grubDevice, grubUseEfi, grubIdentifier
, postInstallCommands, preBootCommands, postBootCommands, extraConfig , postInstallCommands, preBootCommands, postBootCommands, extraConfig
, testSpecialisationConfig, testFlakeSwitch, clevisTest, clevisFallbackTest , testSpecialisationConfig, testFlakeSwitch, clevisTest, clevisFallbackTest
, disableFileSystems
}: }:
let let
qemu-common = import ../lib/qemu-common.nix { inherit (pkgs) lib pkgs; }; qemu-common = import ../lib/qemu-common.nix { inherit (pkgs) lib pkgs; };
@ -163,7 +164,7 @@ let
${createPartitions} ${createPartitions}
with subtest("Create the NixOS configuration"): with subtest("Create the NixOS configuration"):
machine.succeed("nixos-generate-config --root /mnt") machine.succeed("nixos-generate-config ${optionalString disableFileSystems "--no-filesystems"} --root /mnt")
machine.succeed("cat /mnt/etc/nixos/hardware-configuration.nix >&2") machine.succeed("cat /mnt/etc/nixos/hardware-configuration.nix >&2")
machine.copy_from_host( machine.copy_from_host(
"${ makeConfig { "${ makeConfig {
@ -433,6 +434,7 @@ let
, testFlakeSwitch ? false , testFlakeSwitch ? false
, clevisTest ? false , clevisTest ? false
, clevisFallbackTest ? false , clevisFallbackTest ? false
, disableFileSystems ? false
}: }:
makeTest { makeTest {
inherit enableOCR; inherit enableOCR;
@ -541,7 +543,8 @@ let
testScript = testScriptFun { testScript = testScriptFun {
inherit bootLoader createPartitions postInstallCommands preBootCommands postBootCommands inherit bootLoader createPartitions postInstallCommands preBootCommands postBootCommands
grubDevice grubIdentifier grubUseEfi extraConfig grubDevice grubIdentifier grubUseEfi extraConfig
testSpecialisationConfig testFlakeSwitch clevisTest clevisFallbackTest; testSpecialisationConfig testFlakeSwitch clevisTest clevisFallbackTest
disableFileSystems;
}; };
}; };
@ -1414,4 +1417,39 @@ in {
}; };
}; };
}; };
gptAutoRoot = let
rootPartType = {
ia32 = "44479540-F297-41B2-9AF7-D131D5F0458A";
x64 = "4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709";
arm = "69DAD710-2CE4-4E3C-B16C-21A1D49ABED3";
aa64 = "B921B045-1DF0-41C3-AF44-4C6F280D3FAE";
}.${pkgs.stdenv.hostPlatform.efiArch};
in makeInstallerTest "gptAutoRoot" {
disableFileSystems = true;
createPartitions = ''
machine.succeed(
"sgdisk --zap-all /dev/vda",
"sgdisk --new=1:0:+100M --typecode=0:ef00 /dev/vda", # /boot
"sgdisk --new=2:0:+1G --typecode=0:8200 /dev/vda", # swap
"sgdisk --new=3:0:+5G --typecode=0:${rootPartType} /dev/vda", # /
"udevadm settle",
"mkfs.vfat /dev/vda1",
"mkswap /dev/vda2 -L swap",
"swapon -L swap",
"mkfs.ext4 -L root /dev/vda3",
"udevadm settle",
"mount /dev/vda3 /mnt",
"mkdir -p /mnt/boot",
"mount /dev/vda1 /mnt/boot"
)
'';
bootLoader = "systemd-boot";
extraConfig = ''
boot.initrd.systemd.root = "gpt-auto";
boot.initrd.supportedFilesystems = ["ext4"];
'';
};
} }

View file

@ -866,7 +866,7 @@ stdenv.mkDerivation (finalAttrs: {
# needed - and therefore `interfaceVersion` should be incremented. # needed - and therefore `interfaceVersion` should be incremented.
interfaceVersion = 2; interfaceVersion = 2;
inherit withBootloader withCryptsetup withHostnamed withImportd withKmod inherit withBootloader withCryptsetup withEfi withHostnamed withImportd withKmod
withLocaled withMachined withPortabled withTimedated withUtmp util-linux kmod kbd; withLocaled withMachined withPortabled withTimedated withUtmp util-linux kmod kbd;
tests = { tests = {