Commit Graph

9 Commits

Author SHA1 Message Date
Mia Kanashi ea5e2ba437 nixos-module: add settings key for the loader.conf
This commit adds settings key for configuring systemd-boot to the lanzaboot
nixos module. The are couple of the default values that are set from the usual
nixos boot.loader.systemd-boot options, they are merged with the user defined
configuration.

This commit modifies default loader.conf to boot into the latest nixos
generation by default, for when you have other operating systems installed.

Primary reason behind this PR is to allow extensible loader configuration.

Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
2023-03-21 15:48:56 +01:00
nikstur ab4e90c331 tests: correctly test appending secret to initrd
The way the test was implemented previously did not make it fail if no
secret was appended to the initrd. Now it is implemented similary to the
initrd-secrets test in Nixpkgs and works correctly.
2023-02-25 21:41:38 +01:00
nikstur f4f8c41005 tests: add initrd-secrets-update
Add a test for updating the secrets on an existing initrd.
2023-02-24 01:16:52 +01:00
Julian Stecklina 0963ba83dd tests: check whether disabled secure boot relaxes hash checks 2023-02-02 18:05:09 +01:00
Julian Stecklina f3ede28eac ci: fix regression after Linux loader change
Now that we don't sign the kernel anymore, we need to manually
invalidate its checksum.
2023-02-02 17:57:34 +01:00
nikstur ce3b2c27b5 tool: write systemd-boot loader.conf
To minimize the number of arguments passed to `lzbt`, the loader config
is assembled outside `lzbt` and passed as a single argument.

Instead of reimplementing `consoleMode` under the `lanzaboote`
namespace, `config.loader.systemd-boot.consoleMode` is reused as is.
2023-01-29 16:19:14 +01:00
nikstur fd2e7f7a40 nix.tests: clean up
The test attributes and names are simplified and standardized. They now
roughly follow the same structure as the systemd-boot test in Nixpkgs.
Some comments are added and variable names changed to make it more clear
what they actually do.
2023-01-28 01:40:48 +01:00
nikstur efa2410292 treewide: move uefi-keys into test fixtures
To clean up the repository move the uefi keys (`pki/`) to
`nix/tests/fixtures/uefi-keys`.
2023-01-26 01:18:41 +01:00
nikstur 7d5ac15cbb nix.tests: move from flake 2022-12-25 18:49:28 +01:00