Hello,
I would love to have a set of partitions which are compressed, such that some of them are encrypted (and decryptable with multiple keys), and such that I can easily add new partitions if I have that requirement later. So I decided to go for a partitionning which is LVM(LUKS(ZFS)), i.e. I will put in a LVM volume a LUKS encrypted partition that contains a ZFS partition (which contains my home and root partition).
The problem is that when I install my system, the ZFS code runs before the LUKS decryption… Which fails of course.
So I tried to look at the code to understand the reason behind that, and I saw that both ZFS and LUKS edit a variable boot.initrd.postDeviceCommands
that is executed in stage 1, after devices are loaded. However, the problem is that the strings are not concatenated in the right order, so ZFS is loaded before the actual decryption…
People told me that I could use lib.mkBefore
to change the order of the strings… but I don’t know how I could modify the string boot.initrd.postDeviceCommands
defined in in /nixos/modules/system/boot/luksroot.nix without maintaining a parallel version of the nixpkgs repository. Ideally, I’d love a syntax like:
overrideModule "/nixos/modules/system/boot/luksroot" "boot.initrd.postDeviceCommands" = lib.mkBefore (getOldModuleValue "/nixos/modules/system/boot/luksroot" "boot.initrd.postDeviceCommands");
What solution do I have?
Thanks!