forked from mirrors/nixpkgs
nixos/luksroot: Support keyfile offsets
This commit is contained in:
parent
9e727bfc72
commit
690dac11f3
|
@ -5,7 +5,7 @@ with lib;
|
|||
let
|
||||
luks = config.boot.initrd.luks;
|
||||
|
||||
openCommand = name': { name, device, header, keyFile, keyFileSize, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name; ''
|
||||
openCommand = name': { name, device, header, keyFile, keyFileSize, keyFileOffset, allowDiscards, yubikey, fallbackToPassword, ... }: assert name' == name; ''
|
||||
|
||||
# Wait for a target (e.g. device, keyFile, header, ...) to appear.
|
||||
wait_target() {
|
||||
|
@ -47,6 +47,7 @@ let
|
|||
${optionalString (keyFile != null) ''
|
||||
${optionalString fallbackToPassword "if [ -e ${keyFile} ]; then"}
|
||||
echo " --key-file=${keyFile} ${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"}" \
|
||||
${optionalString (keyFileOffset != null) "--keyfile-offset=${toString keyFileOffset}"}" \
|
||||
>> /.luksopen_args
|
||||
${optionalString fallbackToPassword ''
|
||||
else
|
||||
|
@ -316,6 +317,19 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
keyFileOffset = mkOption {
|
||||
default = null;
|
||||
example = 4096;
|
||||
type = types.nullOr types.int;
|
||||
description = ''
|
||||
The offset of the key file. Use this in combination with
|
||||
<literal>keyFileSize</literal> to use part of a file as key file
|
||||
(often the case if a raw device or partition is used as a key file).
|
||||
If not specified, the key begins at the first byte of
|
||||
<literal>keyFile</literal>.
|
||||
'';
|
||||
};
|
||||
|
||||
# FIXME: get rid of this option.
|
||||
preLVM = mkOption {
|
||||
default = true;
|
||||
|
|
Loading…
Reference in a new issue