Compare commits

...

11 Commits

Author SHA1 Message Date
minish d7958dd005 never mind dont
This reverts commit 2d62a850c0.
2024-05-12 01:09:13 -04:00
minish 2d62a850c0 try this too 2024-05-12 01:04:51 -04:00
minish 0ce19bd9c8 Revert "fat stub test"
This reverts commit 8d02012ddc.
2024-05-12 01:04:14 -04:00
minish 8d02012ddc fat stub test 2024-05-12 00:52:56 -04:00
minish 2fb1d3dad4 createKeys option 2024-05-10 22:51:27 -04:00
nikstur 850f273222
Merge pull request #338 from Jappie3/master
fix: remove deprecated lib.mdDoc
2024-04-17 16:03:51 +00:00
Jappie3 0f252af9b8
fix: remove deprecated lib.mdDoc 2024-04-16 23:20:44 +02:00
nikstur 1197e51e8f
Merge pull request #337 from nix-community/renovate/all
fix(deps): update all dependencies
2024-04-15 14:46:42 +00:00
renovate[bot] c6a7167c8d
fix(deps): update all dependencies 2024-04-15 01:23:50 +00:00
Julian Stecklina 999c0cb03f
Merge pull request #334 from nix-community/renovate/all
chore(deps): update all dependencies
2024-04-04 20:11:52 +00:00
renovate[bot] fe804aac25
chore(deps): update all dependencies 2024-04-02 19:11:21 +00:00
5 changed files with 18 additions and 13 deletions

View File

@ -21,13 +21,14 @@ in
enable = mkEnableOption "Enable the LANZABOOTE"; enable = mkEnableOption "Enable the LANZABOOTE";
enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl"; enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
createKeys = mkEnableOption "Automatic creation of the keys using sbctl";
configurationLimit = mkOption { configurationLimit = mkOption {
default = config.boot.loader.systemd-boot.configurationLimit; default = config.boot.loader.systemd-boot.configurationLimit;
defaultText = "config.boot.loader.systemd-boot.configurationLimit"; defaultText = "config.boot.loader.systemd-boot.configurationLimit";
example = 120; example = 120;
type = types.nullOr types.int; type = types.nullOr types.int;
description = lib.mdDoc '' description = ''
Maximum number of latest generations in the boot menu. Maximum number of latest generations in the boot menu.
Useful to prevent boot partition running out of disk space. Useful to prevent boot partition running out of disk space.
@ -110,6 +111,10 @@ in
boot.loader.external = { boot.loader.external = {
enable = true; enable = true;
installHook = pkgs.writeShellScript "bootinstall" '' installHook = pkgs.writeShellScript "bootinstall" ''
${optionalString cfg.createKeys ''
${pkgs.sbctl}/bin/sbctl create-keys
''}
${optionalString cfg.enrollKeys '' ${optionalString cfg.enrollKeys ''
mkdir -p /tmp/pki mkdir -p /tmp/pki
cp -r ${cfg.pkiBundle}/* /tmp/pki cp -r ${cfg.pkiBundle}/* /tmp/pki

12
rust/tool/Cargo.lock generated
View File

@ -67,9 +67,9 @@ dependencies = [
[[package]] [[package]]
name = "anyhow" name = "anyhow"
version = "1.0.81" version = "1.0.82"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0952808a6c2afd1aa8947271f3a60f1a6763c7b912d210184c5149b5cf147247" checksum = "f538837af36e6f6a9be0faa67f9a314f8119e4e4b5867c6ab40ed60360142519"
[[package]] [[package]]
name = "assert_cmd" name = "assert_cmd"
@ -299,9 +299,9 @@ dependencies = [
[[package]] [[package]]
name = "expect-test" name = "expect-test"
version = "1.4.1" version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "30d9eafeadd538e68fb28016364c9732d78e420b9ff8853fa5e4058861e9f8d3" checksum = "9e0be0a561335815e06dab7c62e50353134c796e7a6155402a64bcff66b6a5e0"
dependencies = [ dependencies = [
"dissimilar", "dissimilar",
"once_cell", "once_cell",
@ -698,9 +698,9 @@ dependencies = [
[[package]] [[package]]
name = "serde_json" name = "serde_json"
version = "1.0.114" version = "1.0.115"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c5f09b1bd632ef549eaa9f60a1f8de742bdbc698e6cee2095fc84dde5f549ae0" checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd"
dependencies = [ dependencies = [
"itoa", "itoa",
"ryu", "ryu",

View File

@ -6,21 +6,21 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies] [dependencies]
anyhow = "1.0.81" anyhow = "1.0.82"
base32ct = { version = "0.2.0", features = ["alloc"] } base32ct = { version = "0.2.0", features = ["alloc"] }
stderrlog = "0.6.0" stderrlog = "0.6.0"
log = { version = "0.4.21", features = ["std"] } log = { version = "0.4.21", features = ["std"] }
clap = { version = "4.5.4", features = ["derive"] } clap = { version = "4.5.4", features = ["derive"] }
lanzaboote_tool = { path = "../shared" } lanzaboote_tool = { path = "../shared" }
indoc = "2.0.5" indoc = "2.0.5"
serde_json = "1.0.114" serde_json = "1.0.115"
sha2 = "0.10.8" sha2 = "0.10.8"
tempfile = "3.10.1" tempfile = "3.10.1"
nix = { version = "0.28.0", default-features = false, features = [ "fs" ] } nix = { version = "0.28.0", default-features = false, features = [ "fs" ] }
[dev-dependencies] [dev-dependencies]
assert_cmd = "2.0.14" assert_cmd = "2.0.14"
expect-test = "1.4.1" expect-test = "1.5.0"
filetime = "0.2.23" filetime = "0.2.23"
rand = "0.8.5" rand = "0.8.5"
goblin = "0.7.1" goblin = "0.7.1"

4
rust/uefi/Cargo.lock generated
View File

@ -31,9 +31,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
[[package]] [[package]]
name = "cpio" name = "cpio"
version = "0.2.2" version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "27e77cfc4543efb4837662cb7cd53464ae66f0fd5c708d71e0f338b1c11d62d3" checksum = "60f1e083e4cca56002af53561ec885d6de310b60515f525e0bc093d14515908c"
[[package]] [[package]]
name = "cpufeatures" name = "cpufeatures"

View File

@ -10,4 +10,4 @@ embedded-io = { version = "0.6.1", features = [ "alloc" ] }
snafu = { version = "0.8.2", default-features = false } snafu = { version = "0.8.2", default-features = false }
[dev-dependencies] [dev-dependencies]
cpio = "0.2.2" cpio = "0.3.0"