2014-04-14 15:26:48 +01:00
|
|
|
|
{ config, lib, pkgs, ... }:
|
2009-01-02 16:07:34 +00:00
|
|
|
|
|
2014-04-14 15:26:48 +01:00
|
|
|
|
with lib;
|
2009-01-02 16:07:34 +00:00
|
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
2012-05-14 02:53:47 +01:00
|
|
|
|
cfg = config.boot.loader.grub;
|
|
|
|
|
|
2015-01-14 09:30:57 +00:00
|
|
|
|
efi = config.boot.loader.efi;
|
|
|
|
|
|
2014-08-31 17:18:13 +01:00
|
|
|
|
realGrub = if cfg.version == 1 then pkgs.grub
|
2015-02-13 22:40:41 +00:00
|
|
|
|
else if cfg.zfsSupport then pkgs.grub2.override { zfsSupport = true; }
|
2015-12-21 19:20:29 +00:00
|
|
|
|
else if cfg.trustedBoot.enable
|
|
|
|
|
then if cfg.trustedBoot.isHPLaptop
|
|
|
|
|
then pkgs.trustedGrub-for-HP
|
|
|
|
|
else pkgs.trustedGrub
|
|
|
|
|
else pkgs.grub2;
|
2013-06-04 13:05:07 +01:00
|
|
|
|
|
|
|
|
|
grub =
|
|
|
|
|
# Don't include GRUB if we're only generating a GRUB menu (e.g.,
|
|
|
|
|
# in EC2 instances).
|
|
|
|
|
if cfg.devices == ["nodev"]
|
|
|
|
|
then null
|
|
|
|
|
else realGrub;
|
2009-12-15 21:11:39 +00:00
|
|
|
|
|
2015-01-14 09:30:57 +00:00
|
|
|
|
grubEfi =
|
|
|
|
|
# EFI version of Grub v2
|
2015-04-29 19:18:47 +01:00
|
|
|
|
if cfg.efiSupport && (cfg.version == 2)
|
2015-02-13 22:40:41 +00:00
|
|
|
|
then realGrub.override { efiSupport = cfg.efiSupport; }
|
2015-01-14 09:30:57 +00:00
|
|
|
|
else null;
|
|
|
|
|
|
2012-07-25 14:27:51 +01:00
|
|
|
|
f = x: if x == null then "" else "" + x;
|
|
|
|
|
|
2015-06-10 23:47:08 +01:00
|
|
|
|
grubConfig = args:
|
|
|
|
|
let
|
|
|
|
|
efiSysMountPoint = if args.efiSysMountPoint == null then args.path else args.efiSysMountPoint;
|
|
|
|
|
efiSysMountPoint' = replaceChars [ "/" ] [ "-" ] efiSysMountPoint;
|
|
|
|
|
in
|
|
|
|
|
pkgs.writeText "grub-config.xml" (builtins.toXML
|
2015-06-10 19:50:21 +01:00
|
|
|
|
{ splashImage = f cfg.splashImage;
|
2012-07-25 14:27:51 +01:00
|
|
|
|
grub = f grub;
|
2015-02-09 03:31:14 +00:00
|
|
|
|
grubTarget = f (grub.grubTarget or "");
|
2012-12-16 20:41:47 +00:00
|
|
|
|
shell = "${pkgs.stdenv.shell}";
|
2015-07-05 17:54:35 +01:00
|
|
|
|
fullName = (builtins.parseDrvName realGrub.name).name;
|
2013-06-04 13:05:07 +01:00
|
|
|
|
fullVersion = (builtins.parseDrvName realGrub.name).version;
|
2015-01-14 09:30:57 +00:00
|
|
|
|
grubEfi = f grubEfi;
|
2015-02-16 19:19:44 +00:00
|
|
|
|
grubTargetEfi = if cfg.efiSupport && (cfg.version == 2) then f (grubEfi.grubTarget or "") else "";
|
2015-05-25 22:57:20 +01:00
|
|
|
|
bootPath = args.path;
|
2015-06-13 14:00:43 +01:00
|
|
|
|
storePath = config.boot.loader.grub.storePath;
|
2015-06-10 23:47:08 +01:00
|
|
|
|
bootloaderId = if args.efiBootloaderId == null then "NixOS${efiSysMountPoint'}" else args.efiBootloaderId;
|
2016-05-25 09:34:54 +01:00
|
|
|
|
timeout = if config.boot.loader.timeout == null then -1 else config.boot.loader.timeout;
|
2015-06-10 23:47:08 +01:00
|
|
|
|
inherit efiSysMountPoint;
|
2015-05-25 22:57:20 +01:00
|
|
|
|
inherit (args) devices;
|
|
|
|
|
inherit (efi) canTouchEfiVariables;
|
2013-06-04 13:05:07 +01:00
|
|
|
|
inherit (cfg)
|
2012-07-25 00:16:27 +01:00
|
|
|
|
version extraConfig extraPerEntryConfig extraEntries
|
2016-05-25 09:34:54 +01:00
|
|
|
|
extraEntriesBeforeNixOS extraPrepareConfig configurationLimit copyKernels
|
2015-06-10 19:50:21 +01:00
|
|
|
|
default fsIdentifier efiSupport gfxmodeEfi gfxmodeBios;
|
2016-04-13 13:53:51 +01:00
|
|
|
|
path = (makeBinPath ([
|
2016-01-03 18:21:27 +00:00
|
|
|
|
pkgs.coreutils pkgs.gnused pkgs.gnugrep pkgs.findutils pkgs.diffutils pkgs.btrfs-progs
|
2015-01-14 09:30:57 +00:00
|
|
|
|
pkgs.utillinux ] ++ (if cfg.efiSupport && (cfg.version == 2) then [pkgs.efibootmgr ] else [])
|
2016-04-14 16:14:28 +01:00
|
|
|
|
)) + ":" + (makeSearchPathOutput "bin" "sbin" [
|
2014-08-31 17:18:13 +01:00
|
|
|
|
pkgs.mdadm pkgs.utillinux
|
2013-07-08 00:44:48 +01:00
|
|
|
|
]);
|
2012-07-25 00:16:27 +01:00
|
|
|
|
});
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2015-05-25 22:57:20 +01:00
|
|
|
|
bootDeviceCounters = fold (device: attr: attr // { "${device}" = (attr."${device}" or 0) + 1; }) {}
|
|
|
|
|
(concatMap (args: args.devices) cfg.mirroredBoots);
|
|
|
|
|
|
2009-01-02 16:07:34 +00:00
|
|
|
|
in
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
###### interface
|
|
|
|
|
|
|
|
|
|
options = {
|
2009-10-13 22:39:23 +01:00
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
boot.loader.grub = {
|
|
|
|
|
|
|
|
|
|
enable = mkOption {
|
2013-11-27 15:54:20 +00:00
|
|
|
|
default = !config.boot.isContainer;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.bool;
|
2009-09-29 10:50:38 +01:00
|
|
|
|
description = ''
|
2009-10-13 22:39:23 +01:00
|
|
|
|
Whether to enable the GNU GRUB boot loader.
|
2009-09-29 10:50:38 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2009-10-13 22:39:18 +01:00
|
|
|
|
version = mkOption {
|
2013-10-07 10:06:08 +01:00
|
|
|
|
default = 2;
|
|
|
|
|
example = 1;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.int;
|
2009-10-13 22:39:18 +01:00
|
|
|
|
description = ''
|
2013-10-07 10:05:33 +01:00
|
|
|
|
The version of GRUB to use: <literal>1</literal> for GRUB
|
2013-10-07 10:06:08 +01:00
|
|
|
|
Legacy (versions 0.9x), or <literal>2</literal> (the
|
|
|
|
|
default) for GRUB 2.
|
2009-10-13 22:39:18 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
device = mkOption {
|
|
|
|
|
default = "";
|
|
|
|
|
example = "/dev/hda";
|
2013-10-30 10:02:04 +00:00
|
|
|
|
type = types.str;
|
2009-10-13 22:39:23 +01:00
|
|
|
|
description = ''
|
2012-05-14 02:53:47 +01:00
|
|
|
|
The device on which the GRUB boot loader will be installed.
|
|
|
|
|
The special value <literal>nodev</literal> means that a GRUB
|
|
|
|
|
boot menu will be generated, but GRUB itself will not
|
|
|
|
|
actually be installed. To install GRUB on multiple devices,
|
|
|
|
|
use <literal>boot.loader.grub.devices</literal>.
|
2012-03-08 21:37:30 +00:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
devices = mkOption {
|
|
|
|
|
default = [];
|
|
|
|
|
example = [ "/dev/hda" ];
|
2013-10-30 16:37:45 +00:00
|
|
|
|
type = types.listOf types.str;
|
2012-03-08 21:37:30 +00:00
|
|
|
|
description = ''
|
|
|
|
|
The devices on which the boot loader, GRUB, will be
|
|
|
|
|
installed. Can be used instead of <literal>device</literal> to
|
2015-07-25 17:54:26 +01:00
|
|
|
|
install GRUB onto multiple devices.
|
2009-10-13 22:39:23 +01:00
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
|
|
|
|
|
2015-05-25 22:57:20 +01:00
|
|
|
|
mirroredBoots = mkOption {
|
|
|
|
|
default = [ ];
|
|
|
|
|
example = [
|
|
|
|
|
{ path = "/boot1"; devices = [ "/dev/sda" ]; }
|
|
|
|
|
{ path = "/boot2"; devices = [ "/dev/sdb" ]; }
|
|
|
|
|
];
|
|
|
|
|
description = ''
|
|
|
|
|
Mirror the boot configuration to multiple partitions and install grub
|
|
|
|
|
to the respective devices corresponding to those partitions.
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
type = types.listOf types.optionSet;
|
|
|
|
|
|
|
|
|
|
options = {
|
|
|
|
|
|
|
|
|
|
path = mkOption {
|
|
|
|
|
example = "/boot1";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
The path to the boot directory where GRUB will be written. Generally
|
|
|
|
|
this boot path should double as an EFI path.
|
2015-05-25 22:57:20 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
efiSysMountPoint = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
example = "/boot1/efi";
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The path to the efi system mount point. Usually this is the same
|
|
|
|
|
partition as the above path and can be left as null.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2015-06-10 23:47:08 +01:00
|
|
|
|
efiBootloaderId = mkOption {
|
|
|
|
|
default = null;
|
|
|
|
|
example = "NixOS-fsid";
|
|
|
|
|
type = types.nullOr types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
The id of the bootloader to store in efi nvram.
|
|
|
|
|
The default is to name it NixOS and append the path or efiSysMountPoint.
|
|
|
|
|
This is only used if <literal>boot.loader.efi.canTouchEfiVariables</literal> is true.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2015-05-25 22:57:20 +01:00
|
|
|
|
devices = mkOption {
|
|
|
|
|
default = [ ];
|
|
|
|
|
example = [ "/dev/sda" "/dev/sdb" ];
|
|
|
|
|
type = types.listOf types.str;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
The path to the devices which will have the GRUB MBR written.
|
2015-05-25 22:57:20 +01:00
|
|
|
|
Note these are typically device paths and not paths to partitions.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2014-08-27 08:26:40 +01:00
|
|
|
|
configurationName = mkOption {
|
|
|
|
|
default = "";
|
|
|
|
|
example = "Stable 2.6.21";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
GRUB entry name instead of default.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2015-06-13 14:00:43 +01:00
|
|
|
|
storePath = mkOption {
|
|
|
|
|
default = "/nix/store";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
|
|
|
|
Path to the Nix store when looking for kernels at boot.
|
|
|
|
|
Only makes sense when copyKernels is false.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2012-04-02 18:19:21 +01:00
|
|
|
|
extraPrepareConfig = mkOption {
|
|
|
|
|
default = "";
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.lines;
|
2012-04-02 18:19:21 +01:00
|
|
|
|
description = ''
|
|
|
|
|
Additional bash commands to be run at the script that
|
2015-07-25 17:54:26 +01:00
|
|
|
|
prepares the GRUB menu entries.
|
2012-04-02 18:19:21 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2010-06-16 23:18:26 +01:00
|
|
|
|
extraConfig = mkOption {
|
|
|
|
|
default = "";
|
|
|
|
|
example = "serial; terminal_output.serial";
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.lines;
|
2010-06-16 23:18:26 +01:00
|
|
|
|
description = ''
|
|
|
|
|
Additional GRUB commands inserted in the configuration file
|
|
|
|
|
just before the menu entries.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2010-07-22 15:40:29 +01:00
|
|
|
|
extraPerEntryConfig = mkOption {
|
|
|
|
|
default = "";
|
|
|
|
|
example = "root (hd0)";
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.lines;
|
2010-07-22 15:40:29 +01:00
|
|
|
|
description = ''
|
|
|
|
|
Additional GRUB commands inserted in the configuration file
|
|
|
|
|
at the start of each NixOS menu entry.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
extraEntries = mkOption {
|
|
|
|
|
default = "";
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.lines;
|
2009-10-13 22:39:23 +01:00
|
|
|
|
example = ''
|
2012-03-28 11:34:40 +01:00
|
|
|
|
# GRUB 1 example (not GRUB 2 compatible)
|
2009-09-29 10:50:38 +01:00
|
|
|
|
title Windows
|
|
|
|
|
chainloader (hd0,1)+1
|
2012-03-28 11:34:40 +01:00
|
|
|
|
|
|
|
|
|
# GRUB 2 example
|
2014-04-20 18:41:15 +01:00
|
|
|
|
menuentry "Windows 7" {
|
|
|
|
|
chainloader (hd0,4)+1
|
2012-03-28 11:34:40 +01:00
|
|
|
|
}
|
2009-10-13 22:39:23 +01:00
|
|
|
|
'';
|
|
|
|
|
description = ''
|
|
|
|
|
Any additional entries you want added to the GRUB boot menu.
|
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
extraEntriesBeforeNixOS = mkOption {
|
|
|
|
|
default = false;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.bool;
|
2009-10-13 22:39:23 +01:00
|
|
|
|
description = ''
|
2009-09-29 10:50:38 +01:00
|
|
|
|
Whether extraEntries are included before the default option.
|
2009-10-13 22:39:23 +01:00
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
|
|
|
|
|
2013-10-02 11:29:07 +01:00
|
|
|
|
extraFiles = mkOption {
|
2016-01-17 18:34:55 +00:00
|
|
|
|
type = types.attrsOf types.path;
|
2013-10-02 11:29:07 +01:00
|
|
|
|
default = {};
|
|
|
|
|
example = literalExample ''
|
2013-10-30 15:19:07 +00:00
|
|
|
|
{ "memtest.bin" = "''${pkgs.memtest86plus}/memtest.bin"; }
|
2013-10-02 11:29:07 +01:00
|
|
|
|
'';
|
|
|
|
|
description = ''
|
|
|
|
|
A set of files to be copied to <filename>/boot</filename>.
|
|
|
|
|
Each attribute name denotes the destination file name in
|
|
|
|
|
<filename>/boot</filename>, while the corresponding
|
|
|
|
|
attribute value specifies the source file.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
splashImage = mkOption {
|
2015-02-23 17:00:21 +00:00
|
|
|
|
type = types.nullOr types.path;
|
2013-10-23 19:06:39 +01:00
|
|
|
|
example = literalExample "./my-background.png";
|
2009-10-13 22:39:23 +01:00
|
|
|
|
description = ''
|
|
|
|
|
Background image used for GRUB. It must be a 640x480,
|
2009-09-29 10:50:38 +01:00
|
|
|
|
14-colour image in XPM format, optionally compressed with
|
|
|
|
|
<command>gzip</command> or <command>bzip2</command>. Set to
|
2009-10-13 22:39:23 +01:00
|
|
|
|
<literal>null</literal> to run GRUB in text mode.
|
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
|
|
|
|
|
2015-06-10 19:50:21 +01:00
|
|
|
|
gfxmodeEfi = mkOption {
|
|
|
|
|
default = "auto";
|
|
|
|
|
example = "1024x768";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
The gfxmode to pass to GRUB when loading a graphical boot interface under EFI.
|
2015-06-10 19:50:21 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
gfxmodeBios = mkOption {
|
|
|
|
|
default = "1024x768";
|
|
|
|
|
example = "auto";
|
|
|
|
|
type = types.str;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
The gfxmode to pass to GRUB when loading a graphical boot interface under BIOS.
|
2015-06-10 19:50:21 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
configurationLimit = mkOption {
|
|
|
|
|
default = 100;
|
|
|
|
|
example = 120;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.int;
|
2009-10-13 22:39:23 +01:00
|
|
|
|
description = ''
|
2009-09-29 10:50:38 +01:00
|
|
|
|
Maximum of configurations in boot menu. GRUB has problems when
|
|
|
|
|
there are too many entries.
|
2009-10-13 22:39:23 +01:00
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
2009-01-02 16:07:34 +00:00
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
copyKernels = mkOption {
|
|
|
|
|
default = false;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.bool;
|
2009-10-13 22:39:23 +01:00
|
|
|
|
description = ''
|
|
|
|
|
Whether the GRUB menu builder should copy kernels and initial
|
2009-12-16 18:57:02 +00:00
|
|
|
|
ramdisks to /boot. This is done automatically if /boot is
|
|
|
|
|
on a different partition than /.
|
2009-10-13 22:39:23 +01:00
|
|
|
|
'';
|
2009-09-29 10:50:38 +01:00
|
|
|
|
};
|
2009-10-13 22:39:23 +01:00
|
|
|
|
|
2009-12-11 00:51:07 +00:00
|
|
|
|
default = mkOption {
|
2009-12-15 18:21:55 +00:00
|
|
|
|
default = 0;
|
2013-10-07 10:05:33 +01:00
|
|
|
|
type = types.int;
|
2009-12-11 00:51:07 +00:00
|
|
|
|
description = ''
|
2009-12-15 18:21:55 +00:00
|
|
|
|
Index of the default menu item to be booted.
|
2009-12-11 00:51:07 +00:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2014-08-31 17:18:13 +01:00
|
|
|
|
fsIdentifier = mkOption {
|
|
|
|
|
default = "uuid";
|
|
|
|
|
type = types.addCheck types.str
|
|
|
|
|
(type: type == "uuid" || type == "label" || type == "provided");
|
2014-04-09 19:27:18 +01:00
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
Determines how GRUB will identify devices when generating the
|
2014-08-31 17:18:13 +01:00
|
|
|
|
configuration file. A value of uuid / label signifies that grub
|
|
|
|
|
will always resolve the uuid or label of the device before using
|
2015-07-25 17:54:26 +01:00
|
|
|
|
it in the configuration. A value of provided means that GRUB will
|
2014-08-31 17:18:13 +01:00
|
|
|
|
use the device name as show in <command>df</command> or
|
|
|
|
|
<command>mount</command>. Note, zfs zpools / datasets are ignored
|
|
|
|
|
and will always be mounted using their labels.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
zfsSupport = mkOption {
|
|
|
|
|
default = false;
|
|
|
|
|
type = types.bool;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
Whether GRUB should be build against libzfs.
|
2015-01-14 09:30:57 +00:00
|
|
|
|
ZFS support is only available for GRUB v2.
|
|
|
|
|
This option is ignored for GRUB v1.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
efiSupport = mkOption {
|
|
|
|
|
default = false;
|
|
|
|
|
type = types.bool;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
Whether GRUB should be build with EFI support.
|
2015-01-14 09:30:57 +00:00
|
|
|
|
EFI support is only available for GRUB v2.
|
|
|
|
|
This option is ignored for GRUB v1.
|
2014-04-09 19:27:18 +01:00
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2014-09-21 19:41:46 +01:00
|
|
|
|
enableCryptodisk = mkOption {
|
|
|
|
|
default = false;
|
|
|
|
|
type = types.bool;
|
|
|
|
|
description = ''
|
2015-07-25 17:54:26 +01:00
|
|
|
|
Enable support for encrypted partitions. GRUB should automatically
|
2014-09-21 19:41:46 +01:00
|
|
|
|
unlock the correct encrypted partition and look for filesystems.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
2015-12-21 19:20:29 +00:00
|
|
|
|
trustedBoot = {
|
|
|
|
|
|
|
|
|
|
enable = mkOption {
|
|
|
|
|
default = false;
|
|
|
|
|
type = types.bool;
|
|
|
|
|
description = ''
|
|
|
|
|
Enable trusted boot. GRUB will measure all critical components during
|
|
|
|
|
the boot process to offer TCG (TPM) support.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
systemHasTPM = mkOption {
|
|
|
|
|
default = "";
|
|
|
|
|
example = "YES_TPM_is_activated";
|
|
|
|
|
type = types.string;
|
|
|
|
|
description = ''
|
|
|
|
|
Assertion that the target system has an activated TPM. It is a safety
|
|
|
|
|
check before allowing the activation of 'trustedBoot.enable'. TrustedBoot
|
|
|
|
|
WILL FAIL TO BOOT YOUR SYSTEM if no TPM is available.
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
isHPLaptop = mkOption {
|
|
|
|
|
default = false;
|
|
|
|
|
type = types.bool;
|
|
|
|
|
description = ''
|
|
|
|
|
Use a special version of TrustedGRUB that is needed by some HP laptops
|
|
|
|
|
and works only for the HP laptops.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2015-07-05 17:54:35 +01:00
|
|
|
|
|
2015-10-05 12:45:20 +01:00
|
|
|
|
};
|
|
|
|
|
|
2009-01-02 16:07:34 +00:00
|
|
|
|
};
|
Making modular my previous changes for armv5tel. I updated the way to use
grub. Its options are no more inside 'boot', but inside 'boot.loader.grub'.
I added a new bootloader configuration for nixos, generationsDir. It creates
/boot/default/{init,initrd,kernel,system} symlinks, and the same for the generations
in /boot/system-$gen/{init,initrd,kernel,system}.
I can program the u-boot loader to load /boot/default files always, and have
a minimal nixos boot loader installer functionality. Additionally, I can refer
to the other system generations easily, with a simple 'ls' in /boot.
svn path=/nixos/trunk/; revision=17460
2009-09-27 22:51:37 +01:00
|
|
|
|
|
2009-01-02 16:07:34 +00:00
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2009-09-29 10:50:38 +01:00
|
|
|
|
|
|
|
|
|
###### implementation
|
2009-01-02 16:07:34 +00:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
config = mkMerge [
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
{ boot.loader.grub.splashImage = mkDefault (
|
|
|
|
|
if cfg.version == 1 then pkgs.fetchurl {
|
|
|
|
|
url = http://www.gnome-look.org/CONTENT/content-files/36909-soft-tux.xpm.gz;
|
|
|
|
|
sha256 = "14kqdx2lfqvh40h6fjjzqgff1mwk74dmbjvmqphi6azzra7z8d59";
|
|
|
|
|
}
|
|
|
|
|
# GRUB 1.97 doesn't support gzipped XPMs.
|
2015-06-09 02:32:32 +01:00
|
|
|
|
else "${pkgs.nixos-artwork}/share/artwork/gnome/Gnome_Dark.png");
|
2013-10-24 00:48:07 +01:00
|
|
|
|
}
|
2012-05-14 02:53:47 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
(mkIf cfg.enable {
|
2013-10-23 19:06:39 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
boot.loader.grub.devices = optional (cfg.device != "") cfg.device;
|
2013-10-17 12:30:49 +01:00
|
|
|
|
|
2015-05-25 22:57:20 +01:00
|
|
|
|
boot.loader.grub.mirroredBoots = optionals (cfg.devices != [ ]) [
|
|
|
|
|
{ path = "/boot"; inherit (cfg) devices; inherit (efi) efiSysMountPoint; }
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
system.build.installBootLoader = pkgs.writeScript "install-grub.sh" (''
|
|
|
|
|
#!${pkgs.stdenv.shell}
|
|
|
|
|
set -e
|
|
|
|
|
export PERL5LIB=${makePerlPath (with pkgs.perlPackages; [ FileSlurp XMLLibXML XMLSAX ListCompare ])}
|
|
|
|
|
${optionalString cfg.enableCryptodisk "export GRUB_ENABLE_CRYPTODISK=y"}
|
|
|
|
|
'' + flip concatMapStrings cfg.mirroredBoots (args: ''
|
2015-05-29 20:01:50 +01:00
|
|
|
|
${pkgs.perl}/bin/perl ${./install-grub.pl} ${grubConfig args} $@
|
2015-05-25 22:57:20 +01:00
|
|
|
|
''));
|
Making modular my previous changes for armv5tel. I updated the way to use
grub. Its options are no more inside 'boot', but inside 'boot.loader.grub'.
I added a new bootloader configuration for nixos, generationsDir. It creates
/boot/default/{init,initrd,kernel,system} symlinks, and the same for the generations
in /boot/system-$gen/{init,initrd,kernel,system}.
I can program the u-boot loader to load /boot/default files always, and have
a minimal nixos boot loader installer functionality. Additionally, I can refer
to the other system generations easily, with a simple 'ls' in /boot.
svn path=/nixos/trunk/; revision=17460
2009-09-27 22:51:37 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
system.build.grub = grub;
|
2009-10-13 22:39:18 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
# Common attribute for boot loaders so only one of them can be
|
|
|
|
|
# set at once.
|
|
|
|
|
system.boot.loader.id = "grub";
|
2009-10-13 22:39:18 +01:00
|
|
|
|
|
2013-10-30 13:18:41 +00:00
|
|
|
|
environment.systemPackages = optional (grub != null) grub;
|
2013-10-02 11:29:07 +01:00
|
|
|
|
|
2013-10-24 00:48:07 +01:00
|
|
|
|
boot.loader.grub.extraPrepareConfig =
|
|
|
|
|
concatStrings (mapAttrsToList (n: v: ''
|
|
|
|
|
${pkgs.coreutils}/bin/cp -pf "${v}" "/boot/${n}"
|
|
|
|
|
'') config.boot.loader.grub.extraFiles);
|
|
|
|
|
|
2015-05-25 22:57:20 +01:00
|
|
|
|
assertions = [
|
|
|
|
|
{
|
|
|
|
|
assertion = !cfg.zfsSupport || cfg.version == 2;
|
2015-07-25 17:54:26 +01:00
|
|
|
|
message = "Only GRUB version 2 provides ZFS support";
|
2015-05-25 22:57:20 +01:00
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
assertion = cfg.mirroredBoots != [ ];
|
|
|
|
|
message = "You must set the option ‘boot.loader.grub.devices’ or "
|
|
|
|
|
+ "'boot.loader.grub.mirroredBoots' to make the system bootable.";
|
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
assertion = all (c: c < 2) (mapAttrsToList (_: c: c) bootDeviceCounters);
|
|
|
|
|
message = "You cannot have duplicated devices in mirroredBoots";
|
|
|
|
|
}
|
2015-07-05 17:54:35 +01:00
|
|
|
|
{
|
2015-12-21 19:20:29 +00:00
|
|
|
|
assertion = !cfg.trustedBoot.enable || cfg.version == 2;
|
2015-07-05 17:54:35 +01:00
|
|
|
|
message = "Trusted GRUB is only available for GRUB 2";
|
|
|
|
|
}
|
|
|
|
|
{
|
2015-12-21 19:20:29 +00:00
|
|
|
|
assertion = !cfg.efiSupport || !cfg.trustedBoot.enable;
|
2015-07-05 17:54:35 +01:00
|
|
|
|
message = "Trusted GRUB does not have EFI support";
|
|
|
|
|
}
|
|
|
|
|
{
|
2015-12-21 19:20:29 +00:00
|
|
|
|
assertion = !cfg.zfsSupport || !cfg.trustedBoot.enable;
|
2015-07-05 17:54:35 +01:00
|
|
|
|
message = "Trusted GRUB does not have ZFS support";
|
|
|
|
|
}
|
|
|
|
|
{
|
2015-12-21 19:20:29 +00:00
|
|
|
|
assertion = !cfg.trustedBoot.enable || cfg.trustedBoot.systemHasTPM == "YES_TPM_is_activated";
|
2015-10-05 12:45:20 +01:00
|
|
|
|
message = "Trusted GRUB can break the system! Confirm that the system has an activated TPM by setting 'systemHasTPM'.";
|
2015-07-05 17:54:35 +01:00
|
|
|
|
}
|
2015-05-25 22:57:20 +01:00
|
|
|
|
] ++ flip concatMap cfg.mirroredBoots (args: [
|
|
|
|
|
{
|
|
|
|
|
assertion = args.devices != [ ];
|
2015-12-10 18:52:08 +00:00
|
|
|
|
message = "A boot path cannot have an empty devices string in ${args.path}";
|
2015-05-25 22:57:20 +01:00
|
|
|
|
}
|
|
|
|
|
{
|
|
|
|
|
assertion = hasPrefix "/" args.path;
|
|
|
|
|
message = "Boot paths must be absolute, not ${args.path}";
|
|
|
|
|
}
|
|
|
|
|
{
|
2015-05-26 07:03:24 +01:00
|
|
|
|
assertion = if args.efiSysMountPoint == null then true else hasPrefix "/" args.efiSysMountPoint;
|
2015-05-25 22:57:20 +01:00
|
|
|
|
message = "Efi paths must be absolute, not ${args.efiSysMountPoint}";
|
|
|
|
|
}
|
|
|
|
|
] ++ flip map args.devices (device: {
|
|
|
|
|
assertion = device == "nodev" || hasPrefix "/" device;
|
2016-04-20 21:27:34 +01:00
|
|
|
|
message = "GRUB devices must be absolute paths, not ${device} in ${args.path}";
|
2015-05-25 22:57:20 +01:00
|
|
|
|
}));
|
2013-10-24 00:48:07 +01:00
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
];
|
2011-09-14 19:20:50 +01:00
|
|
|
|
|
2015-10-14 17:05:50 +01:00
|
|
|
|
|
|
|
|
|
imports =
|
|
|
|
|
[ (mkRemovedOptionModule [ "boot" "loader" "grub" "bootDevice" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "copyKernels" ] [ "boot" "loader" "grub" "copyKernels" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "extraGrubEntries" ] [ "boot" "loader" "grub" "extraEntries" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "extraGrubEntriesBeforeNixos" ] [ "boot" "loader" "grub" "extraEntriesBeforeNixOS" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "grubDevice" ] [ "boot" "loader" "grub" "device" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "bootMount" ] [ "boot" "loader" "grub" "bootDevice" ])
|
|
|
|
|
(mkRenamedOptionModule [ "boot" "grubSplashImage" ] [ "boot" "loader" "grub" "splashImage" ])
|
|
|
|
|
];
|
|
|
|
|
|
2009-01-02 16:07:34 +00:00
|
|
|
|
}
|