diff --git a/nixos/modules/tasks/filesystems/bcachefs.nix b/nixos/modules/tasks/filesystems/bcachefs.nix index 851c09781339..6e5adb2a64c5 100644 --- a/nixos/modules/tasks/filesystems/bcachefs.nix +++ b/nixos/modules/tasks/filesystems/bcachefs.nix @@ -63,6 +63,32 @@ in ''; }; + boot.initrd.systemd.services = lib.mapAttrs' (mountpoint: fileSystem: let + mountUnitName = + if mountpoint == "/" + then "sysroot.mount" + else "sysroot-" + (utils.escapeSystemdPath mountpoint) + ".mount"; + deviceUnit = (utils.escapeSystemdPath fileSystem.device) + ".device"; + in { + name = "unlock-bcachefs-${utils.escapeSystemdPath mountpoint}"; + value = { + requiredBy = [mountUnitName]; + before = [mountUnitName]; + after = [deviceUnit]; + requires = [deviceUnit]; + serviceConfig.Type = "oneshot"; + script = '' + if ! bcachefs unlock -c ${fileSystem.device}; then + exit 0 + fi + passphrase= + until bcachefs unlock ${fileSystem.device} <<<"$passphrase"; do + passphrase=$(systemd-ask-password "bcachefs passphrase for ${fileSystem.device}") + done + ''; + }; + }) bootFs; + boot.initrd.extraUtilsCommands = lib.mkIf (!config.boot.initrd.systemd.enable) '' copy_bin_and_libs ${pkgs.bcachefs-tools}/bin/bcachefs ''; diff --git a/nixos/tests/installer-systemd-stage-1.nix b/nixos/tests/installer-systemd-stage-1.nix index 03f0ec8d746b..69c19f089e4c 100644 --- a/nixos/tests/installer-systemd-stage-1.nix +++ b/nixos/tests/installer-systemd-stage-1.nix @@ -8,6 +8,8 @@ # them when fixed. inherit (import ./installer.nix { inherit system config pkgs; systemdStage1 = true; }) # bcache + bcachefsSimple + bcachefsEncrypted btrfsSimple btrfsSubvolDefault btrfsSubvolEscape diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 590988d95986..027153ed31ec 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -916,7 +916,7 @@ in { enableOCR = true; preBootCommands = '' machine.start() - machine.wait_for_text("enter passphrase for ") + machine.wait_for_text("passphrase for ") machine.send_chars("password\n") '';