| 10 Mar 2023 |
 @dramforever:matrix.org | compatibility doesn't really matter unless you're pasting the repo contents into nixpkgd | 08:53:55 |
| @dramforever:matrix.org | * compatibility doesn't really matter unless you're pasting the repo contents into nixpkgs | 08:53:56 |
 @elvishjerricco:matrix.org | Huh... I just realized I think we're forcing initrd to be updated every time nixpkgs updates, even if nothing in initrd actually changed. | 09:07:48 |
| @elvishjerricco:matrix.org | Because of this: https://github.com/NixOS/nixpkgs/blob/88bdb6d79b0bdf03d3338f6f3d1416a55ec199ab/nixos/modules/misc/version.nix#L18-L38 | 09:08:16 |
| @elvishjerricco:matrix.org | The initrdRelease contains BUILD_ID, which includes the nixpkgs revision | 09:08:32 |
| @elvishjerricco:matrix.org | That's not good | 09:08:47 |
 @lily:lily.flowers | In reply to @elvishjerricco:matrix.org
That's not good Should we try to strip that out or just make our own initrd os-release attrset with less info to begin with? | 13:41:45 |
 @janne.hess:helsinki-systems.de | Lily Foster: added a MIT license and a README with the appropriate attribution | 13:59:25 |
| @janne.hess:helsinki-systems.de | Feel free to open a PR that mentions the package name in the README once it's upstreamed ;) | 14:00:24 |
| @elvishjerricco:matrix.org | In reply to @lily:lily.flowers
Should we try to strip that out or just make our own initrd os-release attrset with less info to begin with? Probably just separate common, stage 2, and stage 1. I'm going to need another variant for ukify since that seems to require an os-release as well | 16:15:44 |
 K900 | One thing I wanted to do for bootis but didn't get around to doing is building UKIs with Nix | 16:16:36 |
| K900 | That would be really nice | 16:16:51 |
| @elvishjerricco:matrix.org | It's not hard. I've got a little script for it somewhere | 16:16:53 |
| @elvishjerricco:matrix.org | addSections = pkgs.writeShellScriptBin "add-sections" ''
set -euo pipefail
stub="$1"
image="$2"
stub_line=$(${pkgs.binutils}/bin/objdump -h "$stub" | tail -2 | head -1)
stub_size=0x$(echo "$stub_line" | awk '{print $3}')
stub_offs=0x$(echo "$stub_line" | awk '{print $4}')
next_offs=$((stub_size + stub_offs))
args=()
while read sectionName contentsFile; do
contentsFile="$(readlink -f "$contentsFile")"
args+=(--add-section "$sectionName"="$contentsFile")
args+=(--change-section-vma "$sectionName"=$(printf 0x%x $next_offs))
next_offs=$((next_offs + $(stat -c%s "$contentsFile")))
done
set -x
exec ${pkgs.binutils}/bin/objcopy "''${args[@]}" "$stub" "$image"
'';
stub = pkgs.runCommand "stub" {nativeBuildInputs = [addSections];} ''
mkdir $out
add-sections ${nixosConfig}/systemd/lib/systemd/boot/efi/linuxx64.efi.stub $out/foo-unsigned.efi <<EOF
.osrel ${osRelease}
.linux ${nixosConfig}/kernel
.initrd ${nixosConfig}/initrd${lib.optionalString kernelBoot "\n.cmdline ${cmdline}"}
EOF
'';
| 16:18:36 |
| @elvishjerricco:matrix.org | * addSections = pkgs.writeShellScriptBin "add-sections" ''
set -euo pipefail
stub="$1"
image="$2"
stub_line=$(${pkgs.binutils}/bin/objdump -h "$stub" | tail -2 | head -1)
stub_size=0x$(echo "$stub_line" | awk '{print $3}')
stub_offs=0x$(echo "$stub_line" | awk '{print $4}')
next_offs=$((stub_size + stub_offs))
args=()
while read sectionName contentsFile; do
contentsFile="$(readlink -f "$contentsFile")"
args+=(--add-section "$sectionName"="$contentsFile")
args+=(--change-section-vma "$sectionName"=$(printf 0x%x $next_offs))
next_offs=$((next_offs + $(stat -c%s "$contentsFile")))
done
set -x
exec ${pkgs.binutils}/bin/objcopy "''${args[@]}" "$stub" "$image"
'';
stub = pkgs.runCommand "stub" {nativeBuildInputs = [addSections];} ''
mkdir $out
add-sections ${nixosConfig}/systemd/lib/systemd/boot/efi/linuxx64.efi.stub $out/foo-unsigned.efi <<EOF
.osrel ${osRelease}
.linux ${nixosConfig}/kernel
.initrd ${nixosConfig}/initrd
EOF
'';
| 16:20:44 |
| @elvishjerricco:matrix.org | But also systemd now has theukify tool to do it, which can easily be used in a nix derivation. It just requires an os-release for whatever reason | 16:22:00 |
| K900 | I know it's not hard, I just wanted to get it into nixpkgs | 16:25:24 |
| K900 | And probably wire it up as a bootspec extension | 16:25:34 |
 @gdamjan:spodeli.org | you can create a custom os-release right | 16:25:41 |
| @elvishjerricco:matrix.org | gdamjan: Yea I'm just annoyed by it :P | 16:25:58 |
| @gdamjan:spodeli.org | it's used to identify the image :D | 16:26:17 |
| @elvishjerricco:matrix.org | Is there a mapping anywhere in nixpkgs from system architecture to uefi architecture name? e.g. x86_64 -> x64 | 16:31:09 |
| @elvishjerricco:matrix.org | Oh, derp. xyzPlatform.efiArch | 16:32:46 |
| @lily:lily.flowers | Does anyone want tmpfiles working in initrd? It was a pretty simple patch to get working, but I ended up deciding I didn't need it. So I'll PR it if someone wants it, but probably won't otherwise | 18:29:17 |
| @lily:lily.flowers | https://github.com/lilyinstarlight/nixpkgs/commit/d456921f5c93f963bb5491e671b92e20382d3e5b | 18:29:18 |
| @elvishjerricco:matrix.org | Lily Foster: Possibly? For some reason there was an issue in the networkd PR when that was enabled: https://github.com/NixOS/nixpkgs/pull/169116/files#diff-68fef76b66b99ee77baba62969a434c1f912c2fcf8765bfc884b7aa5b0e70d35R71-R72
It was just a unit ordering issue, so it had nothing to do with its lack of implementation. But I can't remember what it was, considering it's been 9 months since I wrote that comment :P
| 21:07:33 |
| @elvishjerricco:matrix.org | It's possible that issue only existed back when I was trying to reuse the openssh module verbatim in stage 1, rather than doing the dead simple thing like the PR does now | 21:08:14 |
| @lily:lily.flowers | In reply to @elvishjerricco:matrix.org
It's possible that issue only existed back when I was trying to reuse the openssh module verbatim in stage 1, rather than doing the dead simple thing like the PR does now Yeah as a problem that sounds suspicious. I can probably test with it added back if you need to see how it behaves now | 21:24:38 |
| @elvishjerricco:matrix.org | Lily Foster: Feel free. Though fwiw I kinda doubt tmpfiles would be useful for us in stage 1. | 21:26:02 |
| @lily:lily.flowers | In reply to @elvishjerricco:matrix.org
Lily Foster: Feel free. Though fwiw I kinda doubt tmpfiles would be useful for us in stage 1. Yeah, me too. Which is why I wasn't gonna PR it unless someone expressed an interest to have tmpfiles in initrd | 21:26:32 |
