Merge pull request #229318 from ReneHollander/fix/nixos-zfs-systemd-unlock-times-out

pyrox.dev / nixpkgs

fork atom

lol

fork atom

nixos/zfs: disable unlock timeout with systemd

authored by

Will Fancher and committed by

GitHub 2 years ago edcd3d30 203c6bea

+20 -9

1 changed file

expand all

unified split

nixos

modules

tasks

filesystems

zfs.nix

+20 -9

nixos/modules/tasks/filesystems/zfs.nix

··· 137 awkCmd = "${pkgs.gawk}/bin/awk"; 138 inherit cfgZfs; 139 }) + '' 140 - poolImported "${pool}" && exit 141 - echo -n "importing ZFS pool \"${pool}\"..." 142 - # Loop across the import until it succeeds, because the devices needed may not be discovered yet. 143 - for trial in `seq 1 60`; do 144 - poolReady "${pool}" && poolImport "${pool}" && break 145 - sleep 1 146 - done 147 - poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool. 148 if poolImported "${pool}"; then 149 ${optionalString keyLocations.hasKeys '' 150 ${keyLocations.command} | while IFS=$'\t' read ds kl ks; do ··· 159 tries=3 160 success=false 161 while [[ $success != true ]] && [[ $tries -gt 0 ]]; do 162 - ${systemd}/bin/systemd-ask-password "Enter key for $ds:" | ${cfgZfs.package}/sbin/zfs load-key "$ds" \ 163 && success=true \ 164 || tries=$((tries - 1)) 165 done ··· 310 are requested. To only decrypt selected datasets supply a list of dataset 311 names instead. For root pools the encryption key can be supplied via both 312 an interactive prompt (keylocation=prompt) and from a file (keylocation=file://). 313 ''; 314 }; 315 };

··· 137 awkCmd = "${pkgs.gawk}/bin/awk"; 138 inherit cfgZfs; 139 }) + '' 140 + if ! poolImported "${pool}"; then 141 + echo -n "importing ZFS pool \"${pool}\"..." 142 + # Loop across the import until it succeeds, because the devices needed may not be discovered yet. 143 + for trial in `seq 1 60`; do 144 + poolReady "${pool}" && poolImport "${pool}" && break 145 + sleep 1 146 + done 147 + poolImported "${pool}" || poolImport "${pool}" # Try one last time, e.g. to import a degraded pool. 148 + fi 149 if poolImported "${pool}"; then 150 ${optionalString keyLocations.hasKeys '' 151 ${keyLocations.command} | while IFS=$'\t' read ds kl ks; do ··· 160 tries=3 161 success=false 162 while [[ $success != true ]] && [[ $tries -gt 0 ]]; do 163 + ${systemd}/bin/systemd-ask-password --timeout=${toString cfgZfs.passwordTimeout} "Enter key for $ds:" | ${cfgZfs.package}/sbin/zfs load-key "$ds" \ 164 && success=true \ 165 || tries=$((tries - 1)) 166 done ··· 311 are requested. To only decrypt selected datasets supply a list of dataset 312 names instead. For root pools the encryption key can be supplied via both 313 an interactive prompt (keylocation=prompt) and from a file (keylocation=file://). 314 + ''; 315 + }; 316 + 317 + passwordTimeout = mkOption { 318 + type = types.int; 319 + default = 0; 320 + description = lib.mdDoc '' 321 + Timeout in seconds to wait for password entry for decrypt at boot. 322 + 323 + Defaults to 0, which waits forever. 324 ''; 325 }; 326 };