diff options
Diffstat (limited to 'nixos/tests')
-rw-r--r-- | nixos/tests/installer-systemd-stage-1.nix | 2 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 16 |
2 files changed, 16 insertions, 2 deletions
diff --git a/nixos/tests/installer-systemd-stage-1.nix b/nixos/tests/installer-systemd-stage-1.nix index 00205f9417718..3b5e0ed8e7bba 100644 --- a/nixos/tests/installer-systemd-stage-1.nix +++ b/nixos/tests/installer-systemd-stage-1.nix @@ -37,6 +37,8 @@ clevisLuksFallback clevisZfs clevisZfsFallback + clevisZfsParentDataset + clevisZfsParentDatasetFallback gptAutoRoot clevisBcachefs clevisBcachefsFallback diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 3f57a64333dda..bb6ad79615fa3 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -714,7 +714,7 @@ let ''; }; - mkClevisZfsTest = { fallback ? false }: makeInstallerTest "clevis-zfs${optionalString fallback "-fallback"}" { + mkClevisZfsTest = { fallback ? false, parentDataset ? false }: makeInstallerTest "clevis-zfs${optionalString parentDataset "-parent-dataset"}${optionalString fallback "-fallback"}" { clevisTest = true; clevisFallbackTest = fallback; enableOCR = fallback; @@ -731,17 +731,27 @@ let "udevadm settle", "mkswap /dev/vda2 -L swap", "swapon -L swap", + '' + optionalString (!parentDataset) '' "zpool create -O mountpoint=legacy rpool /dev/vda3", "echo -n password | zfs create" + " -o encryption=aes-256-gcm -o keyformat=passphrase rpool/root", + '' + optionalString (parentDataset) '' + "echo -n password | zpool create -O mountpoint=none -O encryption=on -O keyformat=passphrase rpool /dev/vda3", + "zfs create -o mountpoint=legacy rpool/root", + '' + + '' "mount -t zfs rpool/root /mnt", "mkfs.ext3 -L boot /dev/vda1", "mkdir -p /mnt/boot", "mount LABEL=boot /mnt/boot", "udevadm settle") ''; - extraConfig = '' + extraConfig = optionalString (!parentDataset) '' boot.initrd.clevis.devices."rpool/root".secretFile = "/etc/nixos/clevis-secret.jwe"; + '' + optionalString (parentDataset) '' + boot.initrd.clevis.devices."rpool".secretFile = "/etc/nixos/clevis-secret.jwe"; + '' + + '' boot.zfs.requestEncryptionCredentials = true; @@ -1359,6 +1369,8 @@ in { clevisLuksFallback = mkClevisLuksTest { fallback = true; }; clevisZfs = mkClevisZfsTest { }; clevisZfsFallback = mkClevisZfsTest { fallback = true; }; + clevisZfsParentDataset = mkClevisZfsTest { parentDataset = true; }; + clevisZfsParentDatasetFallback = mkClevisZfsTest { parentDataset = true; fallback = true; }; } // optionalAttrs systemdStage1 { stratisRoot = makeInstallerTest "stratisRoot" { createPartitions = '' |