diff options
| -rw-r--r-- | flake.lock | 18 | ||||
| -rw-r--r-- | system-profiles/initrd-all-crypto-modules.nix | 18 |
2 files changed, 23 insertions, 13 deletions
| @@ -7,11 +7,11 @@ | |||
| 7 | ] | 7 | ] |
| 8 | }, | 8 | }, |
| 9 | "locked": { | 9 | "locked": { |
| 10 | "lastModified": 1622145920, | 10 | "lastModified": 1622938142, |
| 11 | "narHash": "sha256-/tt6IApLuVcGP5auy4zjLzfm5+MBHYLS3Nauvv2U2EQ=", | 11 | "narHash": "sha256-eNA2HPZI/iO4MCi/FCs+nRuFbpuMplM93Aj6YA2XCyY=", |
| 12 | "owner": "nix-community", | 12 | "owner": "nix-community", |
| 13 | "repo": "home-manager", | 13 | "repo": "home-manager", |
| 14 | "rev": "0e6c61a44092e98ba1d75b41f4f947843dc7814d", | 14 | "rev": "7591c8041d290d4bb99679e9fed2d8061a8f0435", |
| 15 | "type": "github" | 15 | "type": "github" |
| 16 | }, | 16 | }, |
| 17 | "original": { | 17 | "original": { |
| @@ -23,11 +23,11 @@ | |||
| 23 | }, | 23 | }, |
| 24 | "nixpkgs": { | 24 | "nixpkgs": { |
| 25 | "locked": { | 25 | "locked": { |
| 26 | "lastModified": 1622290771, | 26 | "lastModified": 1622984109, |
| 27 | "narHash": "sha256-VDIJJMEjpdhbU+z0+JnQx/puJaaPGywf/osCbOtEj4Y=", | 27 | "narHash": "sha256-geVjAIToERcsjmHQo2tdD0UaLNk+k68nI5XCRmE3tHM=", |
| 28 | "owner": "NixOS", | 28 | "owner": "NixOS", |
| 29 | "repo": "nixpkgs", | 29 | "repo": "nixpkgs", |
| 30 | "rev": "dd51c8eb0e10dded8c8967c431757fceef9a3866", | 30 | "rev": "690496c4e545e68482b5c162a03f0a4f97d35373", |
| 31 | "type": "github" | 31 | "type": "github" |
| 32 | }, | 32 | }, |
| 33 | "original": { | 33 | "original": { |
| @@ -51,11 +51,11 @@ | |||
| 51 | ] | 51 | ] |
| 52 | }, | 52 | }, |
| 53 | "locked": { | 53 | "locked": { |
| 54 | "lastModified": 1618840526, | 54 | "lastModified": 1622915462, |
| 55 | "narHash": "sha256-3VAac44xE+kO8o7BQXLqHrAMUQT+XqIK8BcLkEEDwOA=", | 55 | "narHash": "sha256-Hr/DVKUnQt3BTR3o4vzux1Ed1mciKZOrCRWuwORzt4Y=", |
| 56 | "owner": "Mic92", | 56 | "owner": "Mic92", |
| 57 | "repo": "sops-nix", | 57 | "repo": "sops-nix", |
| 58 | "rev": "4f384662a85804fa2bc1bc1f99e70bb468e76f88", | 58 | "rev": "7918c59b392f23665c0b726d4c640d14be4b0b8b", |
| 59 | "type": "github" | 59 | "type": "github" |
| 60 | }, | 60 | }, |
| 61 | "original": { | 61 | "original": { |
diff --git a/system-profiles/initrd-all-crypto-modules.nix b/system-profiles/initrd-all-crypto-modules.nix index 6b1da298..ede68e9f 100644 --- a/system-profiles/initrd-all-crypto-modules.nix +++ b/system-profiles/initrd-all-crypto-modules.nix | |||
| @@ -1,7 +1,17 @@ | |||
| 1 | {...}: | 1 | { pkgs, config, ...}: |
| 2 | { | 2 | let |
| 3 | boot.initrd.luks.cryptoModules = [ | 3 | moduleList = builtins.fromJSON (builtins.readFile (pkgs.runCommandCC "crypto-modules" { buildInputs = with pkgs; [ jq ]; } '' |
| 4 | "serpent_generic" "algif_rng" "authencesn" "crct10dif_generic" "blowfish_generic" "aegis128" "crc32c_generic" "md4" "lz4hc" "cbc" "adiantum" "authenc" "seqiv" "ecdh_generic" "842" "pcbc" "curve25519-generic" "sha256_generic" "cmac" "async_tx" "async_raid6_recov" "async_memcpy" "async_xor" "gcm" "ccm" "async_pq" "sha512_generic" "echainiv" "anubis" "blowfish_common" "algif_hash" "tgr192" "ghash-generic" "crypto_simd" "michael_mic" "ansi_cprng" "cast_common" "rmd128" "sm4_generic" "twofish_common" "wp512" "zstd" "cast5_generic" "algif_skcipher" "crc32_generic" "sm3_generic" "nhpoly1305" "cryptd" "twofish_generic" "crypto_user" "af_alg" "des_generic" "rmd320" "salsa20_generic" "xts" "xxhash_generic" "ecrdsa_generic" "deflate" "rmd256" "camellia_generic" "lrw" "xor" "gf128mul" "ecc" "arc4" "crypto_engine" "ecb" "lz4" "xcbc" "aes_ti" "khazad" "streebog_generic" "cast6_generic" "blake2b_generic" "keywrap" "chacha_generic" "tea" "aes_generic" "fcrypt" "cts" "chacha20poly1305" "essiv" "hmac" "vmac" "poly1305_generic" "sha3_generic" "rmd160" "algif_aead" "ctr" "crct10dif_common" "jitterentropy_rng" "pcrypt" "serpent-avx-x86_64" "cast5-avx-x86_64" "twofish-x86_64-3way" "sha1-ssse3" "seed" "cfb" "blake2s_generic" "ofb" "cast6-avx-x86_64" "twofish-x86_64" "drbg" "serpent-sse2-x86_64" "camellia-aesni-avx2" "crct10dif-pclmul" "sha256-ssse3" "sha512-ssse3" "crc32-pclmul" "camellia-x86_64" "curve25519-x86_64" "nhpoly1305-avx2" "ghash-clmulni-intel" "poly1305-x86_64" "aegis128-aesni" "camellia-aesni-avx-x86_64" "blowfish-x86_64" "nhpoly1305-sse2" "crc32c-intel" "aesni-intel" "blake2s-x86_64" "twofish-avx-x86_64" "glue_helper" "chacha-x86_64" "serpent-avx2" "des3_ede-x86_64" "asym_tpm" "pkcs7_test_key" "tpm_key_parser" | 4 | echo "[]" > $out |
| 5 | while IFS= read -r -d $'\0' file; do | ||
| 6 | unpacked=$(basename "''${file}" .xz) | ||
| 7 | xz -cd "''${file}" > "''${unpacked}" | ||
| 8 | |||
| 9 | module=$(readelf -Wp .gnu.linkonce.this_module "''${unpacked}" | sed -rn '/\[\s*[0-9]+\] /{ s/^[^]]*\]\s*//; p; q; }') | ||
| 10 | jq '. + [ $name ]' $out --arg name "''${module}" > out.json && mv out.json $out | ||
| 11 | done < <(find ${config.system.modulesTree}/lib/modules/*/kernel{,/arch/*}/crypto -iname '*.ko.xz' -print0 | sort -z) | ||
| 12 | '')); | ||
| 13 | in { | ||
| 14 | boot.initrd.luks.cryptoModules = moduleList ++ [ | ||
| 5 | "encrypted_keys" | 15 | "encrypted_keys" |
| 6 | ]; | 16 | ]; |
| 7 | } | 17 | } |