nixos/zfs: load encryption keys for all pools #41846
Conversation
|
@GrahamcOfBorg test zfs |
|
No attempt on aarch64-linux (full log) The following builds were skipped because they don't evaluate on aarch64-linux: tests.zfs Partial log (click to expand)
|
|
No attempt on x86_64-linux (full log) The following builds were skipped because they don't evaluate on x86_64-linux: tests.zfs Partial log (click to expand)
|
| ("$zpool_cmd" list "${pool}" >/dev/null) || "$zpool_cmd" import -d ${cfgZfs.devNodes} -N ${optionalString cfgZfs.forceImportAll "-f"} "${pool}" | ||
| ${optionalString cfgZfs.requestEncryptionCredentials "\"$zfs_cmd\" load-key -r \"${pool}\""} |
There was a problem hiding this comment.
Just tested this, it works and loads the key (from file:///, not prompt). I just wonder why zfs-mount.service does not get started. (manual "systemctl start zfs-mount.service" works).
|
I mentioned the change in the option description. Fixes for enabling the zfs-mount services follow in separate PRs |
fixes NixOS#41838 At the moment it works fine for "file://" keys, but does not work for dataPools with "prompt" keys, because the passphrase cannot be entered (yet).
|
Tested, updated description, squashed and rebased. |
| @@ -397,9 +397,8 @@ in | |||
| }; | |||
| script = '' | |||
| zpool_cmd="${packages.zfsUser}/sbin/zpool" | |||
| zfs_cmd="${packages.zfsUser}/sbin/zfs" | |||
| ("$zpool_cmd" list "${pool}" >/dev/null) || "$zpool_cmd" import -d ${cfgZfs.devNodes} -N ${optionalString cfgZfs.forceImportAll "-f"} "${pool}" | |||
There was a problem hiding this comment.
This should be improved, but will be overwritten by #42269 anyway :-)
|
Thanks @Mic92 ! |
this is a proposal to fix #41838
Motivation for this change
Things done
sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)