Disk encryption supported?

[jfrederickson]

Hi - I tried installing NixOS on my Reform using this repo recently, and the partition I installed to was LUKS-encrypted. I know NixOS supports FDE, and I know it's possible to get FDE going on the Reform, but when I attempted to boot the machine after installation the screen just stayed black. Is this something that you'd expect to work right now (and therefore I did something wrong that I should troubleshoot), or would you not expect this to work at this point?

[ehmry]

I don't have my reform anymore, but I seem to remember that in the early days I was entering the luks passord before the screen came up, or through the serial console. I would try entering the password after the nvme led stops blinking.

[jollheef]

Hello,

I have a working installation with encrypted root (boot partition is unencrypted). No fancy tricks were required.

[jfrederickson]

Thanks both for the responses - I must have messed something up during the installation. Hooked a cable up to the serial console and saw this on boot:

Enter choice: 1:        NixOS - Default
Retrieving file: /extlinux/../nixos/chb3ypq4390cr3db20qlvfnnvg9nczk6-initrd-linux-5.10.45-initrd
8960994 bytes read in 399 ms (21.4 MiB/s)
Retrieving file: /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-Image
43661824 bytes read in 1854 ms (22.5 MiB/s)
append: init=/nix/store/iiz9q86cgfwwhdgdjvp26361b1ilcyhr-nixos-system-nixos-21.05.20210624.0b8b127/init loglevel=4
Retrieving file: /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-dtbs/imx8mq-nitrogen8m_som.dtb
** File not found /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-dtbs/imx8mq-nitrogen8m_som.dtb **
Skipping nixos-default for failure retrieving fdt
2:      NixOS - Configuration 1 (2022-04-13 03:21 - 21.05.20210624.0b8b127)
Retrieving file: /extlinux/../nixos/chb3ypq4390cr3db20qlvfnnvg9nczk6-initrd-linux-5.10.45-initrd
8960994 bytes read in 387 ms (22.1 MiB/s)
Retrieving file: /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-Image
43661824 bytes read in 1855 ms (22.4 MiB/s)
append: init=/nix/store/iiz9q86cgfwwhdgdjvp26361b1ilcyhr-nixos-system-nixos-21.05.20210624.0b8b127/init loglevel=4
Retrieving file: /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-dtbs/imx8mq-nitrogen8m_som.dtb
** File not found /extlinux/../nixos/sv441g6yclg7c8yvzyx2i1y02jrvvjkx-linux-5.10.45-dtbs/imx8mq-nitrogen8m_som.dtb **
Skipping nixos-1 for failure retrieving fdt
SCRIPT FAILED: continuing...

...and indeed the DTB does not seem to be at that path, though I'm not yet sure why. Will do some more troubleshooting.

[jollheef]

Have you tried the default kernel in the repo (v5.7.19)? It's the old one but works for sure.

Link to the latest image with #4 applied in case it'll be useful.

[dmorn]

Hey @jfrederickson just follow @jollheef instructions at https://dumpstack.io/1650956090_nixos_on_mnt_reform.html, the setup worked for me 😉

[jollheef]

I've written a new readme and set up populating the binary cache. So, the installation should be quite smooth now.

Make a pull request in case anything will not be obvious or there are any mistakes.

[jfrederickson]

Thanks, I’ve been a bit delayed trying to go through this again (among other things the SSD I was installing onto went kaput so I had to wait for a new one to arrive). I didn’t know about the binary cache, I actually left it building the kernel when I left for work - if that hasn’t finished or has failed the cache will be very helpful!

In any case, planning to give it another shot tonight/tomorrow and will let you know if anything’s unclear.

[jfrederickson]

Circling back here, I managed to get it working! The new instructions and that other page clarified things quite a bit. Thanks for the help. :)