pyrox.dev
lol
nixos/boot: add postResumeCommands option
Adds a postResumeCommands option to the initramfs to allow inserting
code to execute after the device has attempted to resume, and before
filesystems are mounted. This allows to inject code for operations like
wiping the rootfs on boot; if those were instead put in
postDeviceCommands, on a hibernated device, they would execute before
the device resumes from hibernation.
+12
-1
+2
nixos/modules/system/boot/stage-1-init.sh
+2
nixos/modules/system/boot/stage-1-init.sh
+9
-1
nixos/modules/system/boot/stage-1.nix
+9
-1
nixos/modules/system/boot/stage-1.nix
···
316
316
inherit (config.system.build) earlyMountScript;
317
317
318
318
inherit (config.boot.initrd) checkJournalingFS verbose
319
-
preLVMCommands preDeviceCommands postDeviceCommands postMountCommands preFailCommands kernelModules;
319
+
preLVMCommands preDeviceCommands postDeviceCommands postResumeCommands postMountCommands preFailCommands kernelModules;
320
320
321
321
resumeDevices = map (sd: if sd ? device then sd.device else "/dev/disk/by-label/${sd.label}")
322
322
(filter (sd: hasPrefix "/dev/" sd.device && !sd.randomEncryption.enable
···
521
521
Shell commands to be executed immediately after stage 1 of the
522
522
boot has loaded kernel modules and created device nodes in
523
523
{file}`/dev`.
524
+
'';
525
+
};
526
+
527
+
boot.initrd.postResumeCommands = mkOption {
528
+
default = "";
529
+
type = types.lines;
530
+
description = lib.mdDoc ''
531
+
Shell commands to be executed immediately after attempting to resume.
524
532
'';
525
533
};
526
534