nix-community/disko
1
1
Fork 0
mirror of https://github.com/nix-community/disko.git synced 2024-11-04 05:44:29 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #186 from lheckemann/luks-open-options

Browse Source
This commit is contained in:
Lassulus 2023-03-22 10:57:03 +07:00 committed by GitHub
commit e29cb84d6d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
example/complex.nix
View File

@ -39,7 +39,7 @@
type = "luks";
name = "crypted1";
keyFile = "/tmp/secret.key";
extraArgs = [
extraFormatArgs = [
"--iter-time 1"
];
content = {
@ -67,7 +67,7 @@
type = "luks";
name = "crypted2";
keyFile = "/tmp/secret.key";
extraArgs = [
extraFormatArgs = [
"--iter-time 1"
];
content = {

1
example/luks-lvm.nix
View File

@ -30,6 +30,7 @@
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [ "--allow-discards" ];
keyFile = "/tmp/secret.key";
content = {
type = "lvm_pv";

14
types/luks.nix
View File

@ -15,10 +15,16 @@
default = null;
description = "Path to the key for encryption";
};
extraArgs = lib.mkOption {
extraFormatArgs = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "Extra arguments";
description = "Extra arguments to pass to `cryptsetup luksFormat` when formatting";
};
extraOpenArgs = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "Extra arguments to pass to `cryptsetup luksOpen` when opening";
example = [ "--allow-discards" ];
};
content = diskoLib.deviceType;
_meta = lib.mkOption {
@ -32,8 +38,8 @@
_create = diskoLib.mkCreateOption {
inherit config options;
default = { dev }: ''
cryptsetup -q luksFormat ${dev} ${diskoLib.maybeStr config.keyFile} ${toString config.extraArgs}
cryptsetup luksOpen ${dev} ${config.name} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
cryptsetup -q luksFormat ${dev} ${diskoLib.maybeStr config.keyFile} ${toString config.extraFormatArgs}
cryptsetup luksOpen ${dev} ${config.name} ${toString config.extraOpenArgs} ${lib.optionalString (config.keyFile != null) "--key-file ${config.keyFile}"}
${lib.optionalString (config.content != null) (config.content._create {dev = "/dev/mapper/${config.name}";})}
'';
};