| 24 Apr 2023 |
 @aktaboot:tchncs.de | where does the withCruptsetup come from ? | 22:04:13 |
 @elvishjerricco:matrix.org | I think at this point we need a feature matrix system | 22:04:15 |
 @lily:lily.flowers | (since obviously adding more combinations, like systemdStage1NetworkCryptsetup would be kinda dumb) | 22:04:19 |
| @lily:lily.flowers | In reply to @elvishjerricco:matrix.org
I think at this point we need a feature matrix system Yeah that was my thought | 22:04:25 |
| @elvishjerricco:matrix.org | aktaboot: it's from where systemdStage1 is defined in all-packages.nix | 22:04:42 |
| @elvishjerricco:matrix.org | Lily Foster: Yea I think we should turn the with* things into nix options and then cache the most common configurations | 22:05:00 |
| @elvishjerricco:matrix.org | * Lily Foster: Yea I think we should turn some of the with* things into nix options and then cache the most common configurations | 22:05:18 |
| @lily:lily.flowers | Yeah, I'll agree to that | 22:05:59 |
| @elvishjerricco:matrix.org | or... hm... Actually, just using pkgs.systemd is barely bigger than the current systemdStage1. So maybe we have a minimal and we have a full | 22:06:11 |
| @elvishjerricco:matrix.org | and leave it at that | 22:06:14 |
| @lily:lily.flowers | How barely? I'd be okay with just replacing systemdStage1 and systemdStage1Network with just systemd if the size difference is minimal (like within a megabyte or so) | 22:07:22 |
| @elvishjerricco:matrix.org | It is within a megabyte | 22:07:34 |
| @lily:lily.flowers | Yeah, no reason to keep the separation then I guess | 22:07:53 |
| @elvishjerricco:matrix.org | oof but enabling cryptsetup stuff just to enable networking stuff is a bummer, adding a bunch of extra unneeded space | 22:09:14 |
| @elvishjerricco:matrix.org | but that should get fixed by the smarter condition I guess | 22:09:26 |
| @elvishjerricco:matrix.org | let me try that | 22:09:27 |
| @aktaboot:tchncs.de | is it me, or we could use withFido2 and withTpm2tss in the initrd.nix ? | 22:09:29 |
| @aktaboot:tchncs.de | but that would basically be withCryptsetup, I guess | 22:11:16 |
| @elvishjerricco:matrix.org | I need to just make a complete matrix of these sizes to analyze it.... | 22:13:24 |
| @elvishjerricco:matrix.org | Redacted or Malformed Event | 22:55:27 |
| @elvishjerricco:matrix.org | I'll convert that to a gist... | 22:56:34 |
| @elvishjerricco:matrix.org | Ok here are the results, along with a necessary nixpkgs patch file: https://gist.github.com/ElvishJerricco/ca36d26fd30b78b211aea10604b9885e | 22:57:59 |
| @elvishjerricco:matrix.org | (note that tpm2, fido2, and luks flags are all redundant unless accompanied by cryptsetup flag) | 23:09:05 |
| @elvishjerricco:matrix.org | Actually, I edited it with some fancy code to remove the redundant ones and include the non-systemd ones | 23:34:57 |
| 25 Apr 2023 |
 @mlyx:matrix.org | https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/tasks/lvm.nix
Can we disable lvm by default? For those who don't use lvm, it adds lots of unnecessary stuff in initrd. | 00:22:43 |
| @elvishjerricco:matrix.org | mlyx: We have actually have a PR for that: https://github.com/NixOS/nixpkgs/pull/183314 | 00:25:19 |
| @elvishjerricco:matrix.org | (it says swraid but it also does lvm, and we probably want to do bcache in there too) | 00:25:35 |
| @elvishjerricco:matrix.org | actualy, hm, it looks like that PR doesn't actually disable LVM depending on stateVersion like it does for swraid... so there's a reason it's not merged :P | 00:26:54 |
| @elvishjerricco:matrix.org | In reply to @elvishjerricco:matrix.org
Ok here are the results, along with a necessary nixpkgs patch file: https://gist.github.com/ElvishJerricco/ca36d26fd30b78b211aea10604b9885e So, to me it kinda looks like once you bring in either cryptsetup or networkd, you might as well bring in full, as long as you don't pull in tpm2 by default | 00:34:10 |
| @elvishjerricco:matrix.org | In reply to @elvishjerricco:matrix.org
Ok here are the results, along with a necessary nixpkgs patch file: https://gist.github.com/ElvishJerricco/ca36d26fd30b78b211aea10604b9885e * So, to me it kinda looks like once you bring in either cryptsetuluks or networkd, you might as well bring in full, as long as you don't pull in tpm2 by default | 00:35:57 |
