Raito Bezarius
e3f6029643
nixos/lanzaboote: use upstream bootspec for extension generation
2022-12-25 18:05:07 +01:00
Julian Stecklina
1a63419003
Merge pull request #25 from nix-community/flake
...
Deduplicate nixpkgs in Flakes Inputs
2022-12-11 14:47:27 +00:00
Jörg Thalheim
3a0a8e7d71
Update flake.nix
...
Co-authored-by: Julian Stecklina <js@alien8.de>
2022-12-10 17:26:47 +00:00
Jörg Thalheim
39774a6974
fix lanzaboote module import
2022-12-08 21:23:35 +01:00
Jörg Thalheim
a4ddbada50
deduplicate flakes
...
without this users end up with multiple copies of nixpkgs, which cannot
be overriden from the outside (follows only works on 1 level).
2022-12-08 20:40:40 +01:00
Julian Stecklina
d35ca2d7d3
nix: fix initrd integration test
2022-12-02 13:50:32 +01:00
Julian Stecklina
85b111aa17
initrd-stub: drop unused stub
...
This is not useful anymore, because we don't need to wrap the initrd
anymore.
2022-11-30 09:25:17 +01:00
Ryan Lahfa
e496b60be1
Merge pull request #22 from nix-community/crane
...
Drop Naersk and Enable Clippy for lanzaboote
2022-11-29 22:42:13 +01:00
Raito Bezarius
f7c66b027a
lanzaboot: test systemd stage 1
2022-11-29 20:10:55 +01:00
Julian Stecklina
28bb93c5f3
nix: switch everything to crane and drop naersk
2022-11-28 14:01:35 +01:00
nikstur
0a638970e7
lanzatool: enable specialisation
2022-11-27 12:01:53 +01:00
nikstur
fffa7d6bfa
lanzatool: appease clippy
2022-11-26 23:19:08 +01:00
nikstur
3c094ee5ff
flake.nix: remove some redundancies
2022-11-26 22:21:05 +01:00
Julian Stecklina
5406e69b9a
lanzatool: prepare to enable clippy
...
This still needs work.
2022-11-26 19:16:31 +01:00
Julian Stecklina
b37ffd19d6
nix: fix indentation of checks attribute
2022-11-26 19:16:31 +01:00
Julian Stecklina
85de5d52d0
nix: build lanzatool with crane
2022-11-26 19:16:31 +01:00
Ryan Lahfa
95f596f4dc
lanzatool: add support for generations and correct naming of kernels a… ( #12 )
...
* lanzatool: add support for generations and correct naming of kerels and initrds
* test: use convert_to_esp(extract_bspec_attr(⋅)) for unsigned tests
* lanzatool: ryan is a B class engineer
Co-authored-by: nikstur@outlook.com
2022-11-26 03:14:21 +01:00
Julian Stecklina
702a38398f
nix: remove remaining cruft from flakes.nix
2022-11-26 02:26:39 +01:00
Julian Stecklina
46452f0e46
nix: drop wrapInitrd from flake.nix
2022-11-26 02:21:05 +01:00
Julian Stecklina
691da44610
nix: rename lanzatoolBin to lanzatool-unwrapped
2022-11-26 02:17:34 +01:00
Julian Stecklina
74b815512c
nix: remove qemuUefi wrapper
2022-11-26 02:17:34 +01:00
Julian Stecklina
541275acae
nix: drop the stable Rust toolchain from the environment
...
... otherwise it messes with the unstable one we use for the UEFI
code.
2022-11-26 02:17:28 +01:00
Raito Bezarius
9f65f75289
feature: support initrd secrets
2022-11-26 02:01:41 +01:00
Julian Stecklina
c87b2a09dc
nix: fix lanzatool integration/merge mixup
2022-11-25 23:46:19 +01:00
Raito Bezarius
dec7c06e6b
tests: test unsigned initrd/kernel either, plus some machinery for sb tests
2022-11-25 18:42:37 +01:00
nikstur
91b8cb02e4
flake.nix: use nixosTest instead of importing file
2022-11-25 17:39:01 +01:00
nikstur
cd2ef6181d
lanzatool: improve signer code
2022-11-25 13:07:04 +01:00
Raito Bezarius
49519cb289
nixos: secureboot reached
2022-11-25 03:04:44 +01:00
Raito Bezarius
e75d892964
nixos: disable it and adapt it
2022-11-24 17:09:51 +01:00
Raito Bezarius
2148cb06ab
nixos: actually enable sb
2022-11-24 17:07:06 +01:00
Raito Bezarius
ccdd02bf1c
nixos: add a lanzaboote module
...
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
2022-11-24 17:07:05 +01:00
Raito Bezarius
c53477fbf5
nixos: add a lanzaboote module
2022-11-24 16:59:59 +01:00
Julian Stecklina
1dfa7c7fc8
Fix flake name
2022-11-24 12:29:16 +01:00
Julian Stecklina
521bf343f5
Use makeWrapper to wrap lanzatool
2022-11-24 12:05:46 +01:00
nikstur
b555c18e83
lanzatool: add wrapper
2022-11-24 11:45:09 +01:00
Julian Stecklina
10e516c148
Merge pull request #5 from blitz/magic-mk-shell
...
flake.nix: automagically use deps in shell with inputsFrom
2022-11-23 15:41:04 +01:00
Julian Stecklina
60b269b69c
Add a script to wrap an initrd into an EFI application
2022-11-23 13:11:22 +01:00
Julian Stecklina
dea1ab9798
Fix initrd-stub build
2022-11-23 13:05:19 +01:00
Julian Stecklina
9567fa7f0e
Build tiny empty PE image as initrd carrier
2022-11-23 13:00:55 +01:00
Julian Stecklina
5a6c05cf11
Pass on command line from UKI to Linux kernel
2022-11-23 12:11:20 +01:00
Julian Stecklina
5b414bd20b
Remove stable Rust toolchain for now
2022-11-23 00:58:52 +01:00
nikstur
4a90c19892
flake.nix: automagically use deps in shell with inputsFrom
2022-11-23 00:26:00 +01:00
Raito Bezarius
aada596b8c
flake: add openssl for pki generation
2022-11-22 02:18:22 +01:00
Julian Stecklina
f40199b7aa
Move Rust tools into a common directory
2022-11-22 01:53:40 +01:00
Julian Stecklina
b4f670455a
Merge remote-tracking branch 'origin/lanzatool'
2022-11-22 01:48:53 +01:00
nikstur
5dc82382e2
lanzatool: init
2022-11-22 01:29:16 +01:00
Julian Stecklina
20e1bf7fc8
Set boot loader version
2022-11-22 01:01:11 +01:00
Julian Stecklina
ed8509ce9d
Remove useless rec
2022-11-22 00:45:18 +01:00
Julian Stecklina
afcbe7140e
Minimize shell environment
2022-11-22 00:44:14 +01:00
Julian Stecklina
bcad59a20a
Move uefi-run into its own Nix file
2022-11-22 00:43:15 +01:00