min
/
lanzaboote
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
184 Commits 1 Branch 0 Tags 958 KiB
Commit Graph

60 Commits

Author SHA1 Message Date
nikstur 110f1bb9fd flake.nix: move lanzatool to inputsFrom in devShell 
When lanzatool is in the packages attr of the devShell, any compliation
error in lanzatool means direnv cannot load the environment anymore.
Then LSP support in your editor and even cargo in your shell is missing.
 2022-12-26 16:33:19 +01:00
Raito Bezarius 8e482e7db9 chore: support non-flake users 2022-12-26 01:22:34 +01:00
nikstur a6926d7419 flake.nix: add statix and nixpkgs-fmt to devSHell 2022-12-25 18:49:29 +01:00
nikstur 7d5ac15cbb nix.tests: move from flake 2022-12-25 18:49:28 +01:00
nikstur 912c9b27a6 nix: move package and module into subdir 2022-12-25 18:38:41 +01:00
nikstur e90262608e flake.nix: apply suggestions from statix 2022-12-25 18:38:41 +01:00
nikstur eb9b1bbbe3 treewide: format with nixpkgs-fmt 2022-12-25 18:38:39 +01:00
Raito Bezarius e3f6029643 nixos/lanzaboote: use upstream bootspec for extension generation 2022-12-25 18:05:07 +01:00
Julian Stecklina 1a63419003
Merge pull request #25 from nix-community/flake 
Deduplicate nixpkgs in Flakes Inputs
 2022-12-11 14:47:27 +00:00
Jörg Thalheim 3a0a8e7d71
Update flake.nix 
Co-authored-by: Julian Stecklina <js@alien8.de>
 2022-12-10 17:26:47 +00:00
Jörg Thalheim 39774a6974 fix lanzaboote module import 2022-12-08 21:23:35 +01:00
Jörg Thalheim a4ddbada50 deduplicate flakes 
without this users end up with multiple copies of nixpkgs, which cannot
be overriden from the outside (follows only works on 1 level).
 2022-12-08 20:40:40 +01:00
Julian Stecklina d35ca2d7d3 nix: fix initrd integration test 2022-12-02 13:50:32 +01:00
Julian Stecklina 85b111aa17 initrd-stub: drop unused stub 
This is not useful anymore, because we don't need to wrap the initrd
anymore.
 2022-11-30 09:25:17 +01:00
Ryan Lahfa e496b60be1
Merge pull request #22 from nix-community/crane 
Drop Naersk and Enable Clippy for lanzaboote
 2022-11-29 22:42:13 +01:00
Raito Bezarius f7c66b027a lanzaboot: test systemd stage 1 2022-11-29 20:10:55 +01:00
Julian Stecklina 28bb93c5f3 nix: switch everything to crane and drop naersk 2022-11-28 14:01:35 +01:00
nikstur 0a638970e7 lanzatool: enable specialisation 2022-11-27 12:01:53 +01:00
nikstur fffa7d6bfa lanzatool: appease clippy 2022-11-26 23:19:08 +01:00
nikstur 3c094ee5ff flake.nix: remove some redundancies 2022-11-26 22:21:05 +01:00
Julian Stecklina 5406e69b9a lanzatool: prepare to enable clippy 
This still needs work.
 2022-11-26 19:16:31 +01:00
Julian Stecklina b37ffd19d6 nix: fix indentation of checks attribute 2022-11-26 19:16:31 +01:00
Julian Stecklina 85de5d52d0 nix: build lanzatool with crane 2022-11-26 19:16:31 +01:00
Ryan Lahfa 95f596f4dc lanzatool: add support for generations and correct naming of kernels a… (#12) 
* lanzatool: add support for generations and correct naming of kerels and initrds

* test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests

* lanzatool: ryan is a B class engineer

Co-authored-by: nikstur@outlook.com
 2022-11-26 03:14:21 +01:00
Julian Stecklina 702a38398f nix: remove remaining cruft from flakes.nix 2022-11-26 02:26:39 +01:00
Julian Stecklina 46452f0e46 nix: drop wrapInitrd from flake.nix 2022-11-26 02:21:05 +01:00
Julian Stecklina 691da44610 nix: rename lanzatoolBin to lanzatool-unwrapped 2022-11-26 02:17:34 +01:00
Julian Stecklina 74b815512c nix: remove qemuUefi wrapper 2022-11-26 02:17:34 +01:00
Julian Stecklina 541275acae nix: drop the stable Rust toolchain from the environment 
... otherwise it messes with the unstable one we use for the UEFI
code.
 2022-11-26 02:17:28 +01:00
Raito Bezarius 9f65f75289 feature: support initrd secrets 2022-11-26 02:01:41 +01:00
Julian Stecklina c87b2a09dc nix: fix lanzatool integration/merge mixup 2022-11-25 23:46:19 +01:00
Raito Bezarius dec7c06e6b tests: test unsigned initrd/kernel either, plus some machinery for sb tests 2022-11-25 18:42:37 +01:00
nikstur 91b8cb02e4 flake.nix: use nixosTest instead of importing file 2022-11-25 17:39:01 +01:00
nikstur cd2ef6181d lanzatool: improve signer code 2022-11-25 13:07:04 +01:00
Raito Bezarius 49519cb289 nixos: secureboot reached 2022-11-25 03:04:44 +01:00
Raito Bezarius e75d892964 nixos: disable it and adapt it 2022-11-24 17:09:51 +01:00
Raito Bezarius 2148cb06ab nixos: actually enable sb 2022-11-24 17:07:06 +01:00
Raito Bezarius ccdd02bf1c nixos: add a lanzaboote module 
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
 2022-11-24 17:07:05 +01:00
Raito Bezarius c53477fbf5 nixos: add a lanzaboote module 2022-11-24 16:59:59 +01:00
Julian Stecklina 1dfa7c7fc8 Fix flake name 2022-11-24 12:29:16 +01:00
Julian Stecklina 521bf343f5 Use makeWrapper to wrap lanzatool 2022-11-24 12:05:46 +01:00
nikstur b555c18e83 lanzatool: add wrapper 2022-11-24 11:45:09 +01:00
Julian Stecklina 10e516c148 Merge pull request #5 from blitz/magic-mk-shell 
flake.nix: automagically use deps in shell with inputsFrom
 2022-11-23 15:41:04 +01:00
Julian Stecklina 60b269b69c Add a script to wrap an initrd into an EFI application 2022-11-23 13:11:22 +01:00
Julian Stecklina dea1ab9798 Fix initrd-stub build 2022-11-23 13:05:19 +01:00
Julian Stecklina 9567fa7f0e Build tiny empty PE image as initrd carrier 2022-11-23 13:00:55 +01:00
Julian Stecklina 5a6c05cf11 Pass on command line from UKI to Linux kernel 2022-11-23 12:11:20 +01:00
Julian Stecklina 5b414bd20b Remove stable Rust toolchain for now 2022-11-23 00:58:52 +01:00
nikstur 4a90c19892 flake.nix: automagically use deps in shell with inputsFrom 2022-11-23 00:26:00 +01:00
Raito Bezarius aada596b8c flake: add openssl for pki generation 2022-11-22 02:18:22 +01:00