Open dfoxfranke opened 1 week ago
Have you tried adding nofail
to your luks device's crypttabExtraOpts
?
I didn't know until just now that crypttabExtraOpts
existed, because it's declared with visible = false
so it's excluded from documentation. But anyway, that won't work, because the init script is running commands such as
wait_target "device" /dev/disk/by-uuid/b50f7a53-c56c-4050-b093-8da80be683df || die "/dev/disk/by-uuid/b50f7a53-c56c-4050-b093-8da80be683df is unavailable"
to check that the device it's trying to luksOpen exists before it ever gets to invoking cryptsetup. Also, nofail
is designed to never block and is only compatible with keyfiles, not with manual password entry; see https://github.com/systemd/systemd/issues/27321.
My system's storage is configured as dm-raid on LVM on LUKS. Each of my physical disks contains a LUKS partition whose plaintext is an LVM PV. All of these PVs are collected into a single VG, and then I use LVM RAID to create LVs (including one for the root filesystem) that span all PVs using RAID6. My
configuration.nix
looks like this:Recently one of my drives was throwing errors in dmesg, so I shut the system down, removed that drive, replaced it with an unformatted spare, and powered the system back on, expecting to be able to boot from the degraded array and then initialize the replacement drive and add it to the array. Instead, I found that the initrd script refused to continue past stage 1 on account of the missing disk. In order to unwedge my system, I had to boot from rescue media, repair the RAID array, edit my
configuration.nix
to update it to the new LUKS volume's UUID, and rebuild the initrd. None of this should have been necessary, since if the initrd script had simply continued past the error, it could have mounted the root volume without any trouble.Metadata
"x86_64-linux"
Linux 6.6.35, NixOS, 24.05 (Uakari), 24.05.2028.e4509b3a560c
yes
yes
nix-env (Nix) 2.18.2
"nixos-unstable"
/nix/var/nix/profiles/per-user/root/channels/nixos