Open surfaceflinger opened 4 months ago
Right now, encrypted pools in boot.zfs.extraPools all have separate prompts for passphrase even if all of them use the same passphrase.
boot.zfs.extraPools
If all zpools have the same passphrase then it should be enough to enter it just once during boot.
zfs load-key -a already does that. systemd-ask-password has password caching between multiple executions, I guess this would be the preferred choice.
zfs load-key -a
systemd-ask-password
As a workaround in old NixOS stage1, I've been doing
zpool import -a zfs load-key -a
in postBootCommands.
postBootCommands
I've noticed this but I think it runs between imports so it's aware of only one encrypted pool per run.
@raitobezarius @ElvishJerricco
Add a :+1: reaction to issues you find important.
We could use the --keyname argument in our systemd-ask-password call. That's how LUKS passwords are shared in systemd stage 1.
--keyname
https://github.com/NixOS/nixpkgs/pull/324918
Right now, encrypted pools in
boot.zfs.extraPools
all have separate prompts for passphrase even if all of them use the same passphrase.Expected behavior
If all zpools have the same passphrase then it should be enough to enter it just once during boot.
Additional context
zfs load-key -a
already does that.systemd-ask-password
has password caching between multiple executions, I guess this would be the preferred choice.As a workaround in old NixOS stage1, I've been doing
in
postBootCommands
.I've noticed this but I think it runs between imports so it's aware of only one encrypted pool per run.
Notify maintainers
@raitobezarius @ElvishJerricco
Add a :+1: reaction to issues you find important.