nixos/modules/system/boot/plymouth-tpm2-totp.nix at master · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

nixpkgs / nixos / modules / system / boot / plymouth-tpm2-totp.nix

at master 1.6 kB view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7
 8let
 9  cfg = config.boot.plymouth.tpm2-totp;
10in
11{
12  options.boot.plymouth.tpm2-totp = {
13    enable = lib.mkEnableOption "tpm2-totp using Plymouth" // {
14      description = "Whether to display a TOTP during boot using tpm2-totp and Plymouth.";
15    };
16
17    package = lib.mkPackageOption pkgs "tpm2-totp" { default = "tpm2-totp-with-plymouth"; };
18  };
19
20  meta = {
21    maintainers = with lib.maintainers; [ majiir ];
22    doc = ./plymouth-tpm2-totp.md;
23  };
24
25  config = lib.mkIf cfg.enable {
26    assertions = [
27      {
28        assertion = config.boot.initrd.systemd.enable;
29        message = "boot.plymouth.tpm2-totp is only supported with boot.initrd.systemd.";
30      }
31    ];
32
33    environment.systemPackages = [
34      cfg.package
35    ];
36
37    boot.initrd.systemd.storePaths = [
38      "${cfg.package}/libexec/tpm2-totp/plymouth-tpm2-totp"
39      "${cfg.package}/lib/libtpm2-totp.so.0"
40      "${cfg.package}/lib/libtpm2-totp.so.0.0.0"
41    ];
42
43    # Based on https://github.com/tpm2-software/tpm2-totp/blob/9bcfdcbfdd42e0b2e1d7769852009608f889631c/dist/plymouth-tpm2-totp.service.in
44    boot.initrd.systemd.services.plymouth-tpm2-totp = {
45      description = "Display a TOTP during boot using Plymouth";
46      requires = [ "plymouth-start.service" ];
47      after = [
48        "plymouth-start.service"
49        "tpm2.target"
50      ];
51      wantedBy = [ "sysinit.target" ];
52      unitConfig.DefaultDependencies = false;
53      serviceConfig = {
54        Type = "exec";
55        ExecStart = "${cfg.package}/libexec/tpm2-totp/plymouth-tpm2-totp";
56      };
57    };
58  };
59}