Loading nixos/tests/zfs.nix +24 −2 Original line number Diff line number Diff line Loading @@ -80,6 +80,11 @@ let fsType = "zfs"; options = [ "noauto" ]; }; virtualisation.fileSystems."/manual/httpkey" = { device = "manual/httpkey"; fsType = "zfs"; options = [ "noauto" ]; }; }; specialisation.forcepool.configuration = { Loading @@ -92,6 +97,19 @@ let options = [ "noauto" ]; }; }; services.nginx = { enable = true; virtualHosts = { localhost = { locations = { "/zfskey" = { return = ''200 "httpkeyabc"''; }; }; }; }; }; }; testScript = '' Loading Loading @@ -130,6 +148,8 @@ let "zpool create -O mountpoint=legacy manual /dev/vdd1", "echo otherpass | zfs create " + "-o encryption=aes-256-gcm -o keyformat=passphrase manual/encrypted", "zfs create -o encryption=aes-256-gcm -o keyformat=passphrase " + "-o keylocation=http://localhost/zfskey manual/httpkey", "bootctl set-default nixos-generation-1-specialisation-encryption.conf", "sync", "zpool export automatic", Loading @@ -141,10 +161,12 @@ let machine.send_console("password\n") machine.wait_for_unit("multi-user.target") machine.succeed( "zfs get keystatus manual/encrypted | grep unavailable", "zfs get -Ho value keystatus manual/encrypted | grep -Fx unavailable", "echo otherpass | zfs load-key manual/encrypted", "systemctl start manual-encrypted.mount", "umount /automatic /manual/encrypted /manual", "zfs load-key manual/httpkey", "systemctl start manual-httpkey.mount", "umount /automatic /manual/encrypted /manual/httpkey /manual", "zpool destroy automatic", "zpool destroy manual", ) Loading pkgs/os-specific/linux/zfs/default.nix +4 −0 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ , gawk, gnugrep, gnused, systemd , smartmontools, enableMail ? false , sysstat, pkg-config , curl # Kernel dependencies , kernel ? null Loading Loading @@ -76,6 +77,8 @@ let nfs-utils.override (old: { enablePython = old.enablePython or true && enablePython; }) }/bin/exportfs" substituteInPlace ./lib/libshare/smb.h --replace "/usr/bin/net" "${samba}/bin/net" # Disable dynamic loading of libcurl substituteInPlace ./config/user-libfetch.m4 --replace "curl-config --built-shared" "true" substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" \ --replace "/etc/default" "$out/etc/default" Loading Loading @@ -111,6 +114,7 @@ let ++ optional buildUser pkg-config; buildInputs = optionals buildUser [ zlib libuuid attr libtirpc ] ++ optional buildUser openssl ++ optional buildUser curl ++ optional (buildUser && enablePython) python3; # for zdb to get the rpath to libgcc_s, needed for pthread_cancel to work Loading Loading
nixos/tests/zfs.nix +24 −2 Original line number Diff line number Diff line Loading @@ -80,6 +80,11 @@ let fsType = "zfs"; options = [ "noauto" ]; }; virtualisation.fileSystems."/manual/httpkey" = { device = "manual/httpkey"; fsType = "zfs"; options = [ "noauto" ]; }; }; specialisation.forcepool.configuration = { Loading @@ -92,6 +97,19 @@ let options = [ "noauto" ]; }; }; services.nginx = { enable = true; virtualHosts = { localhost = { locations = { "/zfskey" = { return = ''200 "httpkeyabc"''; }; }; }; }; }; }; testScript = '' Loading Loading @@ -130,6 +148,8 @@ let "zpool create -O mountpoint=legacy manual /dev/vdd1", "echo otherpass | zfs create " + "-o encryption=aes-256-gcm -o keyformat=passphrase manual/encrypted", "zfs create -o encryption=aes-256-gcm -o keyformat=passphrase " + "-o keylocation=http://localhost/zfskey manual/httpkey", "bootctl set-default nixos-generation-1-specialisation-encryption.conf", "sync", "zpool export automatic", Loading @@ -141,10 +161,12 @@ let machine.send_console("password\n") machine.wait_for_unit("multi-user.target") machine.succeed( "zfs get keystatus manual/encrypted | grep unavailable", "zfs get -Ho value keystatus manual/encrypted | grep -Fx unavailable", "echo otherpass | zfs load-key manual/encrypted", "systemctl start manual-encrypted.mount", "umount /automatic /manual/encrypted /manual", "zfs load-key manual/httpkey", "systemctl start manual-httpkey.mount", "umount /automatic /manual/encrypted /manual/httpkey /manual", "zpool destroy automatic", "zpool destroy manual", ) Loading
pkgs/os-specific/linux/zfs/default.nix +4 −0 Original line number Diff line number Diff line Loading @@ -10,6 +10,7 @@ , gawk, gnugrep, gnused, systemd , smartmontools, enableMail ? false , sysstat, pkg-config , curl # Kernel dependencies , kernel ? null Loading Loading @@ -76,6 +77,8 @@ let nfs-utils.override (old: { enablePython = old.enablePython or true && enablePython; }) }/bin/exportfs" substituteInPlace ./lib/libshare/smb.h --replace "/usr/bin/net" "${samba}/bin/net" # Disable dynamic loading of libcurl substituteInPlace ./config/user-libfetch.m4 --replace "curl-config --built-shared" "true" substituteInPlace ./config/user-systemd.m4 --replace "/usr/lib/modules-load.d" "$out/etc/modules-load.d" substituteInPlace ./config/zfs-build.m4 --replace "\$sysconfdir/init.d" "$out/etc/init.d" \ --replace "/etc/default" "$out/etc/default" Loading Loading @@ -111,6 +114,7 @@ let ++ optional buildUser pkg-config; buildInputs = optionals buildUser [ zlib libuuid attr libtirpc ] ++ optional buildUser openssl ++ optional buildUser curl ++ optional (buildUser && enablePython) python3; # for zdb to get the rpath to libgcc_s, needed for pthread_cancel to work Loading
