mirror of
https://github.com/nix-community/disko.git
synced 2024-09-17 09:37:17 +03:00
Remove trialing newline in passwordFile
This commit is contained in:
parent
3eb703b7bc
commit
bf50636a65
38
example/luks-interactive-login.nix
Normal file
38
example/luks-interactive-login.nix
Normal file
@ -0,0 +1,38 @@
|
||||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
vdb = {
|
||||
type = "disk";
|
||||
device = "/dev/vdb";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
size = "100M";
|
||||
type = "EF00";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
};
|
||||
luks = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "crypted";
|
||||
extraOpenArgs = [ "--allow-discards" ];
|
||||
passwordFile = "/tmp/secret.key";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -4,9 +4,12 @@ let
|
||||
if lib.hasAttr "keyFile" config.settings
|
||||
then config.settings.keyFile
|
||||
else if config.passwordFile != null
|
||||
then config.passwordFile
|
||||
then ''<(echo -n "$(cat ${config.passwordFile})")''
|
||||
else if config.keyFile != null
|
||||
then lib.warn "The option `keyFile` is deprecated. Use passwordFile instead" config.keyFile
|
||||
then lib.warn
|
||||
("The option `keyFile` is deprecated."
|
||||
+ "Use passwordFile instead if you want to use interactive login or settings.keyFile if you want to use key file login")
|
||||
config.keyFile
|
||||
else null;
|
||||
keyFileArgs = ''\
|
||||
${lib.optionalString (keyFile != null) "--key-file ${keyFile}"} \
|
||||
@ -33,13 +36,13 @@ in
|
||||
keyFile = lib.mkOption {
|
||||
type = lib.types.nullOr diskoLib.optionTypes.absolute-pathname;
|
||||
default = null;
|
||||
description = "Path to the key for encryption (Renamed to passwordFile)";
|
||||
description = "DEPRECATED use passwordFile or settings.keyFile. Path to the key for encryption";
|
||||
example = "/tmp/disk.key";
|
||||
};
|
||||
passwordFile = lib.mkOption {
|
||||
type = lib.types.nullOr diskoLib.optionTypes.absolute-pathname;
|
||||
default = null;
|
||||
description = "Path to the file which contains the password for initial encryption. Make sure it doesn't contain a trailing newline";
|
||||
description = "Path to the file which contains the password for initial encryption";
|
||||
example = "/tmp/disk.key";
|
||||
};
|
||||
settings = lib.mkOption {
|
||||
|
11
tests/luks-interactive-login.nix
Normal file
11
tests/luks-interactive-login.nix
Normal file
@ -0,0 +1,11 @@
|
||||
{ pkgs ? import <nixpkgs> { }
|
||||
, diskoLib ? pkgs.callPackage ../lib { }
|
||||
}:
|
||||
diskoLib.testLib.makeDiskoTest {
|
||||
inherit pkgs;
|
||||
name = "luks-interactive-login";
|
||||
disko-config = ../example/luks-interactive-login.nix;
|
||||
extraTestScript = ''
|
||||
machine.succeed("cryptsetup isLuks /dev/vda2");
|
||||
'';
|
||||
}
|
Loading…
Reference in New Issue
Block a user