diff options
author | Raito Bezarius <masterancpp@gmail.com> | 2024-01-04 02:42:03 +0100 |
---|---|---|
committer | Raito Bezarius <masterancpp@gmail.com> | 2024-01-04 23:11:23 +0100 |
commit | 7c6f64914f37903ec3af2ac98ff3fafa970a1d5b (patch) | |
tree | 5ef1d7c1b50d4f48332402474e0366da62cf532f /nixos/modules/system/activation/bootspec.nix | |
parent | b3d998e7eae49863b09a9edb1956a521a26eeefd (diff) |
system/activation/bootspec: do not synthesize `initrdSecrets` if unneeded
We should not always create an appender script if we have no secret, this has no usefulness whatsover.
Diffstat (limited to 'nixos/modules/system/activation/bootspec.nix')
-rw-r--r-- | nixos/modules/system/activation/bootspec.nix | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/nixos/modules/system/activation/bootspec.nix b/nixos/modules/system/activation/bootspec.nix index 98c234bc340d0..2ed6964b2a6a6 100644 --- a/nixos/modules/system/activation/bootspec.nix +++ b/nixos/modules/system/activation/bootspec.nix @@ -11,6 +11,7 @@ let cfg = config.boot.bootspec; children = lib.mapAttrs (childName: childConfig: childConfig.configuration.system.build.toplevel) config.specialisation; + hasAtLeastOneInitrdSecret = lib.length (lib.attrNames config.boot.initrd.secrets) > 0; schemas = { v1 = rec { filename = "boot.json"; @@ -27,6 +28,7 @@ let label = "${config.system.nixos.distroName} ${config.system.nixos.codeName} ${config.system.nixos.label} (Linux ${config.boot.kernelPackages.kernel.modDirVersion})"; } // lib.optionalAttrs config.boot.initrd.enable { initrd = "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}"; + } // lib.optionalAttrs hasAtLeastOneInitrdSecret { initrdSecrets = "${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets"; }; })); |