nixos/clevis: guard zfs code behind config.clevis.boot.initrd.enable
This commit is contained in:
parent
c0443ea94c
commit
9b6b934949
1 changed files with 2 additions and 2 deletions
|
@ -157,7 +157,7 @@ let
|
||||||
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
||||||
fi
|
fi
|
||||||
if poolImported "${pool}"; then
|
if poolImported "${pool}"; then
|
||||||
${concatMapStringsSep "\n" (elem: "clevis decrypt < /etc/clevis/${elem}.jwe | zfs load-key ${elem} || true ") (filter (p: (elemAt (splitString "/" p) 0) == pool) clevisDatasets)}
|
${optionalString config.boot.initrd.clevis.enable (concatMapStringsSep "\n" (elem: "clevis decrypt < /etc/clevis/${elem}.jwe | zfs load-key ${elem} || true ") (filter (p: (elemAt (splitString "/" p) 0) == pool) clevisDatasets))}
|
||||||
|
|
||||||
|
|
||||||
${optionalString keyLocations.hasKeys ''
|
${optionalString keyLocations.hasKeys ''
|
||||||
|
@ -630,7 +630,7 @@ in
|
||||||
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool.
|
||||||
fi
|
fi
|
||||||
|
|
||||||
${concatMapStringsSep "\n" (elem: "clevis decrypt < /etc/clevis/${elem}.jwe | zfs load-key ${elem}") (filter (p: (elemAt (splitString "/" p) 0) == pool) clevisDatasets)}
|
${optionalString config.boot.initrd.clevis.enable (concatMapStringsSep "\n" (elem: "clevis decrypt < /etc/clevis/${elem}.jwe | zfs load-key ${elem}") (filter (p: (elemAt (splitString "/" p) 0) == pool) clevisDatasets))}
|
||||||
|
|
||||||
${if isBool cfgZfs.requestEncryptionCredentials
|
${if isBool cfgZfs.requestEncryptionCredentials
|
||||||
then optionalString cfgZfs.requestEncryptionCredentials ''
|
then optionalString cfgZfs.requestEncryptionCredentials ''
|
||||||
|
|
Loading…
Reference in a new issue