dvzrv
commented
2 years ago Ping @Andrei-Pozolotin
Open dvzrv opened 2 years ago
dvzrv
commented
2 years ago Ping @Andrei-Pozolotin
ShapeShifter499
commented
2 years ago Maybe the mkinitcpio group might need to fork the project soon? If that even is a possibility?
dvzrv
commented
2 years ago @ShapeShifter499 yes it is.
After conversing with @grazzolini and @eworm-de on this topic it seemed more reasonable to port the functionality of this project over into mkinitcpio itself though.
When looking at Arch Linux's systemd package it also becomes clear that its mkinitcpio integration would need to be consolidated with this as well. The first step is likely to move the systemd package's mkinitcpio integration to the mkinitcpio project and then starting to extend it.
wolegis
commented
1 year ago @dvzrv @grazzolini @eworm-de
I recently started an alternative project: mkinitcpio-systemd-extras. It's just a collection of mkinitcpio install hooks for systemd based initramfs.
It is more straight forward than Andrei's approach, taking advantage of the existing mkinitcpio infrastructure. No need to re-invent the wheel - no matter how crafty Andrei's provisioner appears to be.
So far it only covers my use case: basic networking, DNS resolution and tinyssh. I can log into my machine after reboot and unlock LUKS encrypted devices. I can also escape to a shell and perform backup of the unlocked device (with the help of restic).
I'm willing to implement additional hooks: sd-dropbear and sd-nftables are on my list. Andrei has also implemented an elaborated systemd password agent. (see src/initrd-shell.sh). I see no real benefit in it compared to systemd-tty-ask-password-agent, but if you prefer I can integrate it into my project.
I'm also willing to collaborate in the above mentioned effort in getting things straight - systemd and mkinitcpio wise.
You may get back to me here or via personal email.
danyer
commented
1 year ago @wolegis
I've just started using mkinitcpio-systemd-extras, it is amazing! So simple to use, it just monitors the systemd passwords prompts and forwards them over ssh connection. Almost no configuration at all! Many thanks!
dvzrv
commented
1 year ago @wolegis please consolidate this with mkinitcpio upstream! We'll be moving the systemd integration (which currently lives in the systemd package sources) to mkinitcpio very soon. If you're interested in helping with this, please join #archlinux-projects on libera.chat! :)
@Andrei-Pozolotin I was contemplating the possibility of adding this project to the mkinitcpio group on Arch Linux's gitlab. I think the benefits would be, that we could work on a testing framework for all the different mkinitcpio extensions and mkinitcpio itself using gitlab CI, which would help us get more coverage for the existing tooling and this project as well.
Would you be interested in helping with this? :)