Mats
223ab53d55
tool: drop buggy condition for when to sign
2023-03-30 23:53:24 +02:00
Ryan Lahfa
7c55847aaf
Merge pull request #134 from kanashimia/hardcoding
...
nixos-module: add settings key for the loader.conf
2023-03-21 15:49:55 +01:00
Mia Kanashi
ea5e2ba437
nixos-module: add settings key for the loader.conf
...
This commit adds settings key for configuring systemd-boot to the lanzaboot
nixos module. The are couple of the default values that are set from the usual
nixos boot.loader.systemd-boot options, they are merged with the user defined
configuration.
This commit modifies default loader.conf to boot into the latest nixos
generation by default, for when you have other operating systems installed.
Primary reason behind this PR is to allow extensible loader configuration.
Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
2023-03-21 15:48:56 +01:00
Ryan Lahfa
9c0dfff36b
Merge pull request #131 from lilyinstarlight/feature/fwupd
...
Properly handle fwupd update capsules, take 2
2023-03-21 15:26:50 +01:00
Lily Foster
fd956c4864
flake.lock: Update
...
Flake lock file updates:
• Updated input 'nixpkgs-test':
'github:RaitoBezarius/nixpkgs/e51bf8cc8e2c75192e930ad83ed272938729e7be' (2022-12-23)
→ 'github:NixOS/nixpkgs/371d3778c4f9cee7d5cf014e6ce400d57366570f' (2023-03-16)
2023-03-20 07:47:21 -04:00
Lily Foster
738d986536
flake: update nixpkgs-test
...
The nixpkgs-test input has been moved to the branch from
NixOS/nixpkgs#207039 .
2023-03-20 07:46:24 -04:00
Lily Foster
658d753d1c
Properly handle fwupd update capsules
...
Co-Authored-By: Janne Heß <janne@hess.ooo>
2023-03-20 07:46:24 -04:00
Julian Stecklina
bdcada4bc2
Merge pull request #137 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-03-20 10:34:53 +01:00
renovate[bot]
9bbbae3168
fix(deps): update all dependencies
2023-03-20 09:25:02 +00:00
Julian Stecklina
a5dcc2cc3f
Merge pull request #138 from nix-community/renovate/lock-file-maintenance
...
chore(deps): lock file maintenance
2023-03-20 10:23:09 +01:00
Julian Stecklina
5a03bb751d
stub: update dependencies
...
Update nightly toolchain and UEFI dependencies. The latest crane
version comes with a bug where it fails to compile UEFI binaries.
2023-03-20 09:51:30 +01:00
renovate[bot]
dfa6c3db1f
chore(deps): lock file maintenance
2023-03-20 01:57:17 +00:00
Julian Stecklina
73fca9b923
Merge pull request #132 from nix-community/toctou
...
Don't Reload Stub from the File System
2023-03-15 23:57:12 +01:00
Julian Stecklina
7060389698
stub: add safety comment for PE parsing
2023-03-15 21:53:19 +01:00
Julian Stecklina
9c128e9ef6
stub: do not read loaded image again from ESP
...
... because this might not work, if we were not loaded from a file
system. It also removes the issue where we might not load the signed
image that was actually loaded.
Fixes #123
2023-03-15 00:36:50 +01:00
Julian Stecklina
8aad4af5ad
renovate: enable lockfile maintenance
...
This allows Renovate to update Flake dependencies and indirect Rust
dependencies.
2023-03-14 00:31:46 +01:00
Julian Stecklina
73ee9198e7
Merge pull request #130 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-03-14 00:06:23 +01:00
renovate[bot]
eed59b4d16
fix(deps): update all dependencies
2023-03-13 00:45:02 +00:00
Julian Stecklina
3efb505a2a
Merge pull request #125 from nix-community/tool-finetune-log-messsages
...
tool: fine tune a few log messages
2023-03-06 10:04:37 +01:00
nikstur
721b584940
tool: fine tune a few log messages
2023-03-06 00:52:46 +01:00
nikstur
f590204e8f
Merge pull request #121 from nix-community/tool-configurable-logging
...
tool: init configurable logging
2023-03-05 23:27:11 +01:00
nikstur
c8522e02b4
Merge pull request #122 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-02-28 22:20:33 +01:00
nikstur
a3bff52602
Merge pull request #122 from nix-community/renovate/all
...
fix(deps): update all dependencies
2023-02-27 10:03:37 +01:00
renovate[bot]
e321ad1626
fix(deps): update all dependencies
2023-02-27 02:01:48 +00:00
nikstur
a393ac7673
Merge pull request #120 from nix-community/renovate/configure
...
Configure Renovate
2023-02-26 19:56:30 +01:00
renovate[bot]
342cc80b08
Add renovate.json
2023-02-26 17:18:14 +01:00
nikstur
9dedcaea15
Merge pull request #118 from nix-community/qs-nonflakes
...
docs: add non-flakes quick start documentation
2023-02-26 00:07:51 +01:00
Raito Bezarius
eab58bda3e
docs: add non-flakes quick start documentation
2023-02-26 00:06:11 +01:00
Julian Stecklina
cf7efb6b93
Merge pull request #119 from nix-community/revert-113-feat/fwupd
...
Revert "Properly handle fwupd update capsules"
2023-02-25 23:28:27 +01:00
Julian Stecklina
754656d500
Revert "Properly handle fwupd update capsules"
2023-02-25 23:27:39 +01:00
Julian Stecklina
9daa941320
Merge pull request #113 from dasJ/feat/fwupd
...
Properly handle fwupd update capsules
2023-02-25 23:01:12 +01:00
Julian Stecklina
29e0aaf934
Merge pull request #117 from nix-community/fix-initrd-secrets-test
...
tests: correctly test appending secret to initrd
2023-02-25 22:52:55 +01:00
nikstur
ab4e90c331
tests: correctly test appending secret to initrd
...
The way the test was implemented previously did not make it fail if no
secret was appended to the initrd. Now it is implemented similary to the
initrd-secrets test in Nixpkgs and works correctly.
2023-02-25 21:41:38 +01:00
Julian Stecklina
195e29f935
Merge pull request #116 from nix-community/installation-order
...
Make File Installation Order Deterministic
2023-02-25 21:25:23 +01:00
Julian Stecklina
cbccd64c57
tool: make file installation deterministic
...
Due to the use of hash maps, the order of file installation was not
deterministic. I've changed the code the use BTreeMaps instead, which
makes this deterministic. While I was here, I tried to simplify the
code a bit.
2023-02-25 20:42:08 +01:00
Julian Stecklina
a5e283ca44
Merge pull request #112 from nix-community/log
...
Minimalistic Logging Support
2023-02-25 11:20:01 +01:00
nikstur
46b8a553b9
Merge pull request #115 from nix-community/install-typos
...
tool: fix typos
2023-02-24 01:33:44 +01:00
nikstur
32950b7708
tool: fix typos
2023-02-24 01:29:15 +01:00
nikstur
ed1676e544
Merge pull request #109 from nix-community/correctly-update-initrd-secrets
...
tool: correctly update initrd secrets
2023-02-24 01:18:57 +01:00
nikstur
f4f8c41005
tests: add initrd-secrets-update
...
Add a test for updating the secrets on an existing initrd.
2023-02-24 01:16:52 +01:00
nikstur
75a19cd818
tool: correctly sort generation links
...
To correctly overwrite existing initrd with newer secrets (from newer
generations), the links need to be sorted from oldest generation to
newest.
2023-02-24 00:32:14 +01:00
nikstur
3f0669607d
Merge pull request #110 from nix-community/ensure-signed-generations
...
tool: ensure correct up to date files in the ESP
2023-02-24 00:12:02 +01:00
nikstur
1d21d7bdd8
tool: add install tests
...
Add a few integration tests for installing files, e.g. overwriting
signed and unsigned files.
2023-02-24 00:04:00 +01:00
nikstur
362205c2ec
tool: check file hashes before copying
...
To minimize writes to the ESP but still find necessary changes, compare
the hashes of the files on the ESP with the "expected" hashes. Only copy
and overwrite already existing files if the hashes don't match. This
ensures a working-as-expected state on the ESP as opposed to previously
where already existing files were just ignored.
2023-02-24 00:04:00 +01:00
nikstur
06b9cdc69e
tool: move file_hash() to utils module
2023-02-24 00:04:00 +01:00
nikstur
3a3ad7c40d
tool: write all generation artifacts at once
...
Previously, generations were installed one after another. Now all
artifacts (kernels, initrd etc.) are first collected and then installed.
This way the writes to the ESP are reduced as duplicate paths are
already removed in the collection phase.
2023-02-24 00:04:00 +01:00
Janne Heß
048df99975
Properly handle fwupd update capsules
...
Closes #85
2023-02-23 11:38:27 +01:00
Janne Heß
de4c62a1bd
stub: lanzatool -> lzbt
2023-02-23 09:32:28 +01:00
Julian Stecklina
90755b789f
stub: use logger instead of printing manually
2023-02-21 01:32:29 +01:00
Julian Stecklina
7bde42f4a8
stub: enable logger in uefi-services
2023-02-21 01:32:29 +01:00