summaryrefslogtreecommitdiff
path: root/overlays/clevis.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-04-21 20:44:34 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-04-21 20:44:34 +0200
commit448ec9307e28033231bde607026381a586e796bb (patch)
tree3836aa39089d50fa49bbccd7b95a959ac2df24e1 /overlays/clevis.nix
parentc8192d8299149350c70b3e536d2fd3bd295a84d0 (diff)
downloadnixos-448ec9307e28033231bde607026381a586e796bb.tar
nixos-448ec9307e28033231bde607026381a586e796bb.tar.gz
nixos-448ec9307e28033231bde607026381a586e796bb.tar.bz2
nixos-448ec9307e28033231bde607026381a586e796bb.tar.xz
nixos-448ec9307e28033231bde607026381a586e796bb.zip
clevis: fix for use with tpm2/luks
Diffstat (limited to 'overlays/clevis.nix')
-rw-r--r--overlays/clevis.nix37
1 files changed, 37 insertions, 0 deletions
diff --git a/overlays/clevis.nix b/overlays/clevis.nix
new file mode 100644
index 00000000..a786340c
--- /dev/null
+++ b/overlays/clevis.nix
@@ -0,0 +1,37 @@
1final: prev:
2{
3 clevis = prev.clevis.overrideAttrs (oldAttrs: {
4 buildInputs = (oldAttrs.buildInputs or []) ++ [final.tpm2-tools];
5 nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [final.makeWrapper];
6
7 preFixup = ''
8 ${oldAttrs.preFixup or ""}
9
10 for bin in $out/bin/*; do
11 test -x $bin || continue
12
13 substituteInPlace $bin \
14 --replace /bin/cat ${final.coreutils}/bin/cat
15
16 wrapProgram $bin \
17 --prefix PATH : ${final.tpm2-tools}/bin \
18 --prefix PATH : ${final.jose}/bin \
19 --prefix PATH : ${final.libpwquality}/bin
20 done
21 '';
22 });
23
24 tpm2-tools = prev.tpm2-tools.overrideAttrs (oldAttrs: {
25 fixupPhase = ''
26 ${oldAttrs.fixupPhase or ""}
27
28 for wrapper in $out/bin/tpm2_*; do
29 symlink=.''${wrapper}-wrapped
30
31 test -h $symlink || continue
32
33 mv -v $symlink $wrapper
34 done
35 '';
36 });
37}