nikstur
|
46df12d579
|
Merge pull request #38 from nix-community/fix-malformed-gens
lanzatool: ignore malformed generations
|
2022-12-26 02:51:15 +01:00 |
|
Raito Bezarius
|
0ad20b0d5a
|
lanzatool: ignore malformed generations
|
2022-12-26 02:47:28 +01:00 |
|
nikstur
|
de5545a67f
|
Merge pull request #36 from nix-community/non-flake
chore: support non-flake users
|
2022-12-26 01:24:26 +01:00 |
|
Raito Bezarius
|
8e482e7db9
|
chore: support non-flake users
|
2022-12-26 01:22:34 +01:00 |
|
nikstur
|
287fb0978d
|
Merge pull request #35 from nix-community/refactor-nix
Move tests into separate file, add more structure to nix directory, and run nixpkgs-fmt & statix over everything
|
2022-12-25 19:03:44 +01:00 |
|
nikstur
|
a6926d7419
|
flake.nix: add statix and nixpkgs-fmt to devSHell
|
2022-12-25 18:49:29 +01:00 |
|
nikstur
|
7d5ac15cbb
|
nix.tests: move from flake
|
2022-12-25 18:49:28 +01:00 |
|
nikstur
|
912c9b27a6
|
nix: move package and module into subdir
|
2022-12-25 18:38:41 +01:00 |
|
nikstur
|
e90262608e
|
flake.nix: apply suggestions from statix
|
2022-12-25 18:38:41 +01:00 |
|
nikstur
|
eb9b1bbbe3
|
treewide: format with nixpkgs-fmt
|
2022-12-25 18:38:39 +01:00 |
|
nikstur
|
07fc31613e
|
Merge pull request #27 from nix-community/docs
Initial "experimental end-user" documentation
|
2022-12-25 18:22:59 +01:00 |
|
Raito Bezarius
|
c38e155d3c
|
documentation: add a simple quick start
|
2022-12-25 18:16:14 +01:00 |
|
nikstur
|
14c6c413f3
|
Merge pull request #26 from nix-community/upstream-bootspec
project: support upstream bootspec
|
2022-12-25 18:11:28 +01:00 |
|
nikstur
|
65f3c67357
|
lanzatool: appease clippy by removing borrow
|
2022-12-25 18:05:07 +01:00 |
|
nikstur
|
6e66c5f0ed
|
Cargo.toml: update bootspec to upstream
|
2022-12-25 18:05:07 +01:00 |
|
Raito Bezarius
|
e3f6029643
|
nixos/lanzaboote: use upstream bootspec for extension generation
|
2022-12-25 18:05:07 +01:00 |
|
Ryan Lahfa
|
1e149b8e9f
|
Merge pull request #32 from nix-community/nlnet
Thank (a lot) NLnet for making this possible
|
2022-12-21 20:24:40 +01:00 |
|
Raito Bezarius
|
1b9fac224d
|
readme: thank (a lot) NLnet for making this possible
|
2022-12-21 05:09:00 +01:00 |
|
Raito Bezarius
|
92e7e4f49a
|
lanzatool(bootspec): introduce DetSys's bootspec library
|
2022-12-18 00:29:49 +01:00 |
|
Julian Stecklina
|
30be791826
|
Merge pull request #24 from nix-community/remove-auto-entroll
Remove auto entroll leftovers
|
2022-12-11 14:48:27 +00:00 |
|
Julian Stecklina
|
1a63419003
|
Merge pull request #25 from nix-community/flake
Deduplicate nixpkgs in Flakes Inputs
|
2022-12-11 14:47:27 +00:00 |
|
Jörg Thalheim
|
3a0a8e7d71
|
Update flake.nix
Co-authored-by: Julian Stecklina <js@alien8.de>
|
2022-12-10 17:26:47 +00:00 |
|
nikstur
|
36c0a13c4c
|
lanzaboote module: remove --pki-bundle option
|
2022-12-10 18:11:23 +01:00 |
|
nikstur
|
614131d648
|
lanzatool: remove placeholder code for auto enrolling uefi keys
|
2022-12-10 18:11:23 +01:00 |
|
Julian Stecklina
|
06da27529f
|
Merge pull request #21 from nix-community/boot-file-integrity
Verify Kernel/Initrd Integrity using Blake3
|
2022-12-09 23:54:14 +00:00 |
|
Jörg Thalheim
|
c9f9f1c52a
|
nixos/lanzaboote: pkiBundle is not actual optional
the installHook needs it.
|
2022-12-08 21:26:17 +01:00 |
|
Jörg Thalheim
|
39774a6974
|
fix lanzaboote module import
|
2022-12-08 21:23:35 +01:00 |
|
Jörg Thalheim
|
a4ddbada50
|
deduplicate flakes
without this users end up with multiple copies of nixpkgs, which cannot
be overriden from the outside (follows only works on 1 level).
|
2022-12-08 20:40:40 +01:00 |
|
nikstur
|
49a8ae8aec
|
lanzatool: skip existing files in esp
|
2022-12-03 19:05:12 +01:00 |
|
Julian Stecklina
|
d35ca2d7d3
|
nix: fix initrd integration test
|
2022-12-02 13:50:32 +01:00 |
|
Julian Stecklina
|
85b111aa17
|
initrd-stub: drop unused stub
This is not useful anymore, because we don't need to wrap the initrd
anymore.
|
2022-11-30 09:25:17 +01:00 |
|
Julian Stecklina
|
401c3b8c1c
|
lanzatool, lanzaboote: don't wrap initrd as PE
... because we check its integrity using the embedded blake3 hash. So
there is no need for the LoadImage hack anymore.
|
2022-11-30 09:23:42 +01:00 |
|
Julian Stecklina
|
1739ffde26
|
lanzaboote: verify hash of kernel and initrd
|
2022-11-30 09:22:14 +01:00 |
|
Julian Stecklina
|
7a15bba50b
|
lanzaboote: load kernel and initrd into memory only once
|
2022-11-30 09:22:14 +01:00 |
|
Julian Stecklina
|
d754a87d5c
|
lanzaboote: cleanup kernel/initrd opening
|
2022-11-30 09:22:14 +01:00 |
|
Julian Stecklina
|
3f78939d0a
|
lanzatool: embed kernel and initrd hashes
|
2022-11-30 09:22:14 +01:00 |
|
Julian Stecklina
|
ba119d398f
|
lanzatool: add function documentation
|
2022-11-30 09:22:14 +01:00 |
|
Ryan Lahfa
|
e496b60be1
|
Merge pull request #22 from nix-community/crane
Drop Naersk and Enable Clippy for lanzaboote
|
2022-11-29 22:42:13 +01:00 |
|
Julian Stecklina
|
c3e0e73b82
|
Merge pull request #23 from nix-community/test-sd-stage1
lanzaboot: test systemd stage 1
|
2022-11-29 21:04:50 +00:00 |
|
Raito Bezarius
|
f7c66b027a
|
lanzaboot: test systemd stage 1
|
2022-11-29 20:10:55 +01:00 |
|
Julian Stecklina
|
28bb93c5f3
|
nix: switch everything to crane and drop naersk
|
2022-11-28 14:01:35 +01:00 |
|
Julian Stecklina
|
7926ab9e5e
|
lanzaboote: fix clippy issues
|
2022-11-28 13:38:01 +01:00 |
|
Julian Stecklina
|
4fb1e0d0dd
|
flake.lock: Update
Flake lock file updates:
• Updated input 'crane':
'github:ipetkov/crane/c61d98aaea5667607a36bafe5a6fa87fe5bb2c7e' (2022-11-21)
→ 'github:ipetkov/crane/24591d5f8cc979f7b243b88a2d39da09976970ad' (2022-11-28)
• Updated input 'naersk/nixpkgs':
'github:NixOS/nixpkgs/3ea5616c21dd186129f90a86c66352359a45cb07' (2022-11-23)
→ 'github:NixOS/nixpkgs/b45ec953794bb07922f0468152ad1ebaf8a084b3' (2022-11-27)
• Updated input 'nixpkgs':
'github:NixOS/nixpkgs/3ea5616c21dd186129f90a86c66352359a45cb07' (2022-11-23)
→ 'github:NixOS/nixpkgs/b45ec953794bb07922f0468152ad1ebaf8a084b3' (2022-11-27)
• Updated input 'rust-overlay':
'github:oxalica/rust-overlay/018df6d3f900fc53d567045bd86208f5c00d8956' (2022-11-24)
→ 'github:oxalica/rust-overlay/b9da8e68a08707115be750c0cf7ade33f49d8ec4' (2022-11-28)
|
2022-11-28 13:15:59 +01:00 |
|
nikstur
|
e6aa11f76c
|
Merge pull request #19 from blitz/specialisation
Lanzatool: enable specialisation
|
2022-11-27 18:19:59 +01:00 |
|
nikstur
|
0a638970e7
|
lanzatool: enable specialisation
|
2022-11-27 12:01:53 +01:00 |
|
nikstur
|
8e04bbf63c
|
Merge pull request #18 from blitz/lanzatool-cli-help
Lanzatool: improve --help output
|
2022-11-27 00:21:28 +01:00 |
|
nikstur
|
98cf9e0978
|
lanzatool: improve --help output
|
2022-11-27 00:12:00 +01:00 |
|
Julian Stecklina
|
452e558e40
|
Merge pull request #17 from blitz/appease-clippy
Lanzatool: appease clippy
|
2022-11-26 23:36:15 +01:00 |
|
nikstur
|
fffa7d6bfa
|
lanzatool: appease clippy
|
2022-11-26 23:19:08 +01:00 |
|
nikstur
|
f080c010e9
|
Merge pull request #16 from blitz/lanzatool-bootspec-from-generation
Lanzatool read bootspec for each generation
|
2022-11-26 23:13:32 +01:00 |