diff options
| author |  sommerfeld <sommerfeld@sommerfeld.dev> | 2026-05-13 13:43:16 +0100 |
|---|---|---|
| committer | sommerfeld <sommerfeld@sommerfeld.dev> | 2026-05-13 13:43:16 +0100 |
| commit | 208877d1e682536aa737748fffe4560956d3908a (patch) | |
| tree | bbc2e909a312f8052bf9457b1521e8b0ef80ec4c /run_onchange_after_deploy-etc.sh.tmpl | |
| parent | d7cca9eca321a7986605c2842cf23cef18727452 (diff) | |
| download | dotfiles-208877d1e682536aa737748fffe4560956d3908a.tar.gz dotfiles-208877d1e682536aa737748fffe4560956d3908a.tar.bz2 dotfiles-208877d1e682536aa737748fffe4560956d3908a.zip | |
feat(etc): template kernel cmdline, derive LUKS UUID from partition name
Prompt once at 'chezmoi init' time for the LUKS root partition (e.g.
nvme0n1p2) and store it under [data].luksRootPartition in the per-machine
chezmoi config. etc/kernel/cmdline.tmpl resolves the UUID at apply time
via lsblk, so reinstalls only require re-entering the partition name.
The etc deploy script now renders *.tmpl sources through
'chezmoi execute-template' and installs them without the suffix. The
resolved UUID is folded into the onchange hash so the script re-runs
when the UUID changes even if etc/ content is unchanged.
just etc-status/diff transparently handle .tmpl sources (strip suffix
for the live-path mapping, render before diffing). etc-re-add skips
.tmpl files since template sources can't be reverse-rendered from the
live file.
Diffstat (limited to 'run_onchange_after_deploy-etc.sh.tmpl')
| -rwxr-xr-x | run_onchange_after_deploy-etc.sh.tmpl | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/run_onchange_after_deploy-etc.sh.tmpl b/run_onchange_after_deploy-etc.sh.tmpl index 04f72c1..e72b374 100755 --- a/run_onchange_after_deploy-etc.sh.tmpl +++ b/run_onchange_after_deploy-etc.sh.tmpl @@ -2,12 +2,24 @@ # Deploy system-level configs from etc/ to /etc/. # chezmoi re-runs this script whenever any file under etc/ changes. # etc/ content hash: {{ output "sh" "-c" (printf "cd %q && find etc -type f ! -name .ignore -exec sha256sum {} + | LC_ALL=C sort" .chezmoi.sourceDir) | sha256sum }} +# luks root uuid: {{ output "lsblk" "-no" "UUID" (printf "/dev/%s" .luksRootPartition) | trim }} set -eu cd "$CHEZMOI_SOURCE_DIR" find etc -type f ! -name .ignore | while IFS= read -r src; do - dest="/${src}" - doas install -D -m 0644 -o root -g root "$src" "$dest" + case "$src" in + *.tmpl) + dest="/${src%.tmpl}" + tmp=$(mktemp) + chezmoi execute-template <"$src" >"$tmp" + doas install -D -m 0644 -o root -g root "$tmp" "$dest" + rm -f "$tmp" + ;; + *) + dest="/${src}" + doas install -D -m 0644 -o root -g root "$src" "$dest" + ;; + esac done # doas refuses to parse /etc/doas.conf unless it's 0400 root:root |