28 May 2023 |
@lily:lily.flowers | (But once sd v254 you won't have to use those very-specific targets because the device and sysroot should be correctly attached to relevant initrd-root-* targets based on fstab) | 21:35:48 |
@lily:lily.flowers | (Genuinely though, even if you don't end up using systemd-initrd, at least share the config you were having issues with and I can at least look and see what was going on and if we need to fix nixos bugs) | 21:37:38 |
Winter (she/her) | In reply to @lily:lily.flowers (Genuinely though, even if you don't end up using systemd-initrd, at least share the config you were having issues with and I can at least look and see what was going on and if we need to fix nixos bugs) the one I was using for the luksroot issue doesn't have any custom stuff | 21:38:45 |
Winter (she/her) | just a nixos-generate-config generated luks config | 21:38:52 |
@lily:lily.flowers | Oh, rip | 21:39:33 |
@lily:lily.flowers | That's probably bad | 21:39:54 |
@lily:lily.flowers | Oh actually, was it just timing out? | 21:40:06 |
@lily:lily.flowers | Luks unlocking can (indirectly) time out in systemd-initrd right now (because although the cryptsetup unit doesn't timeout, the mapped device unit for mounting the filesystem does...) | 21:41:13 |
@lily:lily.flowers | (Iirc) | 21:41:24 |
@elvishjerricco:matrix.org | (I think we can fix that) | 21:41:58 |
@lily:lily.flowers | (I'm pretty sure we can, yes. We just haven't I suppose) | 21:42:52 |
@elvishjerricco:matrix.org | Should just be a matter of a crypttab option | 21:43:49 |
@lily:lily.flowers | In reply to @winterqt:nixos.dev
boot.initrd.systemd.services.wipe-root = {
wantedBy = [ "cryptsetup.target" ];
after = [ "cryptsetup.target" ];
before = [ "local-fs.target" ];
anyone know why this causes (apparently) a dep cycle?
Oh yeah that'll cause a dep cycle anyway without DefaultDependencies being false too maybe? I forget. I would have to double check manual pages again to be sure | 21:50:15 |
@elvishjerricco:matrix.org | I think that's correct | 21:50:59 |
@elvishjerricco:matrix.org | After=local-fs.target is implied for services (transitively, anyway) | 21:51:37 |
@elvishjerricco:matrix.org | so you have to do DefaultDependencies=no to avoid it | 21:51:48 |
@hexa:lossy.network | boot.initrd.systemd.services.rollback = {
description = "Rollback ZFS datasets to a pristine state";
wantedBy = [
"initrd.target"
];
after = [
"zfs-import-zroot.service"
];
before = [
"sysroot.mount"
];
path = with pkgs; [
zfs
];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
set -ex
zfs rollback -r zroot/local/root@blank && echo "rollback complete"
'';
};
| 21:58:24 |
@hexa:lossy.network | will gladly repost till eternity 🙂 | 21:58:35 |
@hexa:lossy.network | * will gladly repost in eternity 🙂 | 21:59:15 |
Winter (she/her) | In reply to @lily:lily.flowers Oh actually, was it just timing out? Maybe? But like... crashing to an emergency shell with no other messages is... not good UX. | 22:02:30 |
@lily:lily.flowers | In reply to @hexa:lossy.network will gladly repost in eternity 🙂 I would say you probably also want after = "local-fs-pre.target"; for hibernation resume reasons, but it's ZFS so I'm pretty sure resume doesn't work anyway 😛 | 22:02:53 |
@lily:lily.flowers | * I would say you probably also want `after = [ "local-fs-pre.target" ];` for hibernation resume reasons, but it's ZFS so I'm pretty sure resume doesn't work anyway 😛 | 22:03:06 |
@elvishjerricco:matrix.org | In reply to @winterqt:nixos.dev Maybe? But like... crashing to an emergency shell with no other messages is... not good UX. I mean, what else is there to do? If a critical thing fails, an emergency shell is really the only option | 22:03:14 |
@hexa:lossy.network | team randomencrypted swap 😛 | 22:03:24 |
@lily:lily.flowers | In reply to @hexa:lossy.network team randomencrypted swap 😛 I mean the crimes required for hibernate/resume are kinda horrifying tbh. So this is probably the way | 22:04:17 |
@hexa:lossy.network | agreed | 22:04:27 |
@elvishjerricco:matrix.org | In reply to @elvishjerricco:matrix.org I mean, what else is there to do? If a critical thing fails, an emergency shell is really the only option maybe we could make emergency.target output systemctl status --failed before starting emergency.service? | 22:04:36 |
@lily:lily.flowers | In reply to @elvishjerricco:matrix.org maybe we could make emergency.target output systemctl status --failed before starting emergency.service? Now that sounds like a good idea, actually | 22:04:57 |
@elvishjerricco:matrix.org | yea we could put it in the ExecStartPre of emergency.service | 22:05:39 |
@elvishjerricco:matrix.org | since it takes the TTY | 22:05:45 |