From 262d678d12cfba431da22d57f655e9897a9ee898 Mon Sep 17 00:00:00 2001 From: ahuston-0 Date: Sun, 20 Oct 2024 18:38:40 -0400 Subject: [PATCH] fix ordering on postResumeCommands ZFS moved import from postDeviceCommands to postResumeCommands and now my key import doesnt work :( Signed-off-by: ahuston-0 --- systems/palatine-hill/hardware-changes.nix | 19 ------- systems/palatine-hill/zfs.nix | 66 ++++++++++++++++++++++ 2 files changed, 66 insertions(+), 19 deletions(-) diff --git a/systems/palatine-hill/hardware-changes.nix b/systems/palatine-hill/hardware-changes.nix index 81bc87c..4fc5d51 100644 --- a/systems/palatine-hill/hardware-changes.nix +++ b/systems/palatine-hill/hardware-changes.nix @@ -16,25 +16,6 @@ }; }; - postResumeCommands = '' - # let root mount and everything, then manually unlock stuff - load_zfs_nix() { - local device="/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e" - local mountPoint="/" - local options="x-initrd.mount,noatime,nodiratime" - local fsType="ext4" - - echo "manually mounting key location, then unmounting" - udevadm settle - - mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType" - - zfs load-key -L "file://$targetRoot/crypto/keys/zfs-nix-store-key" "ZFS-primary/nix" - umount "$targetRoot/" - } - - load_zfs_nix - ''; }; }; diff --git a/systems/palatine-hill/zfs.nix b/systems/palatine-hill/zfs.nix index fc2fc58..8b1bb53 100644 --- a/systems/palatine-hill/zfs.nix +++ b/systems/palatine-hill/zfs.nix @@ -80,4 +80,70 @@ }; }; }; + + # hack to make sure pool is imported before keys are loaded, + # and also keys are imported before things get mounted + # note to self: move zfs encryption over to luks lol + boot.initrd.postResumeCommands = '' + ZFS_FORCE="-f" + + for o in $(cat /proc/cmdline); do + case $o in + zfs_force|zfs_force=1|zfs_force=y) + ZFS_FORCE="-f" + ;; + esac + done + poolReady() { + pool="$1" + state="$("zpool" import -d "/dev/disk/by-id/" 2>/dev/null | "awk" "/pool: $pool/ { found = 1 }; /state:/ { if (found == 1) { print \$2; exit } }; END { if (found == 0) { print \"MISSING\" } }")" + if [[ "$state" = "ONLINE" ]]; then + return 0 + else + echo "Pool $pool in state $state, waiting" + return 1 + fi + } + poolImported() { + pool="$1" + "zpool" list "$pool" >/dev/null 2>/dev/null + } + poolImport() { + pool="$1" + "zpool" import -d "/dev/disk/by-id/" -N $ZFS_FORCE "$pool" + } + + echo -n "importing root ZFS pool \"ZFS-primary\"..." + # Loop across the import until it succeeds, because the devices needed may not be discovered yet. + if ! poolImported "ZFS-primary"; then + for trial in `seq 1 60`; do + poolReady "ZFS-primary" > /dev/null && msg="$(poolImport "ZFS-primary" 2>&1)" && break + sleep 1 + echo -n . + done + echo + if [[ -n "$msg" ]]; then + echo "$msg"; + fi + poolImported "ZFS-primary" || poolImport "ZFS-primary" # Try one last time, e.g. to import a degraded pool. + fi + + # let root mount and everything, then manually unlock stuff + load_zfs_nix() { + local device="/dev/disk/by-uuid/8bfaa32b-09dd-45c8-831e-05e80be82f9e" + local mountPoint="/" + local options="x-initrd.mount,noatime,nodiratime" + local fsType="ext4" + + echo "manually mounting key location, then unmounting" + udevadm settle + + mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType" + + zfs load-key -L "file://$targetRoot/crypto/keys/zfs-nix-store-key" "ZFS-primary/nix" + umount "$targetRoot/" + } + + load_zfs_nix + ''; }