Merge pull request #194343 from oxalica/fix/swap-btrfs

nixos/swap: fix creation on BTRFS and refactor assertions
This commit is contained in:
Nick Cao 2023-01-17 08:35:15 +08:00 committed by GitHub
commit 8f34f01185
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 74 additions and 9 deletions

View File

@ -66,7 +66,7 @@ let
device = mkOption {
example = "/dev/sda3";
type = types.str;
type = types.nonEmptyStr;
description = lib.mdDoc "Path of the device or swap file.";
};
@ -197,6 +197,21 @@ in
};
config = mkIf ((length config.swapDevices) != 0) {
assertions = map (sw: {
assertion = sw.randomEncryption.enable -> builtins.match "/dev/disk/by-(uuid|label)/.*" sw.device == null;
message = ''
You cannot use swap device "${sw.device}" with randomEncryption enabled.
The UUIDs and labels will get erased on every boot when the partition is encrypted.
Use /dev/disk/by-partuuid/ instead.
'';
}) config.swapDevices;
warnings =
concatMap (sw:
if sw.size != null && hasPrefix "/dev/" sw.device
then [ "Setting the swap size of block device ${sw.device} has no effect" ]
else [ ])
config.swapDevices;
system.requiredKernelConfig = with config.lib.kernelConfig; [
(isYes "SWAP")
@ -205,24 +220,27 @@ in
# Create missing swapfiles.
systemd.services =
let
createSwapDevice = sw:
assert sw.device != "";
assert !(sw.randomEncryption.enable && lib.hasPrefix "/dev/disk/by-uuid" sw.device);
assert !(sw.randomEncryption.enable && lib.hasPrefix "/dev/disk/by-label" sw.device);
let realDevice' = escapeSystemdPath sw.realDevice;
in nameValuePair "mkswap-${sw.deviceName}"
{ description = "Initialisation of swap device ${sw.device}";
wantedBy = [ "${realDevice'}.swap" ];
before = [ "${realDevice'}.swap" ];
path = [ pkgs.util-linux ] ++ optional sw.randomEncryption.enable pkgs.cryptsetup;
path = [ pkgs.util-linux pkgs.e2fsprogs ]
++ optional sw.randomEncryption.enable pkgs.cryptsetup;
environment.DEVICE = sw.device;
script =
''
${optionalString (sw.size != null) ''
currentSize=$(( $(stat -c "%s" "${sw.device}" 2>/dev/null || echo 0) / 1024 / 1024 ))
if [ "${toString sw.size}" != "$currentSize" ]; then
dd if=/dev/zero of="${sw.device}" bs=1M count=${toString sw.size}
currentSize=$(( $(stat -c "%s" "$DEVICE" 2>/dev/null || echo 0) / 1024 / 1024 ))
if [[ ! -b "$DEVICE" && "${toString sw.size}" != "$currentSize" ]]; then
# Disable CoW for CoW based filesystems like BTRFS.
truncate --size 0 "$DEVICE"
chattr +C "$DEVICE" 2>/dev/null || true
dd if=/dev/zero of="$DEVICE" bs=1M count=${toString sw.size}
chmod 0600 ${sw.device}
${optionalString (!sw.randomEncryption.enable) "mkswap ${sw.realDevice}"}
fi

View File

@ -619,6 +619,7 @@ in {
strongswan-swanctl = handleTest ./strongswan-swanctl.nix {};
stunnel = handleTest ./stunnel.nix {};
sudo = handleTest ./sudo.nix {};
swap-file-btrfs = handleTest ./swap-file-btrfs.nix {};
swap-partition = handleTest ./swap-partition.nix {};
sway = handleTest ./sway.nix {};
switchTest = handleTest ./switch-test.nix {};

View File

@ -0,0 +1,46 @@
import ./make-test-python.nix ({ lib, ... }:
{
name = "swap-file-btrfs";
meta.maintainers = with lib.maintainers; [ oxalica ];
nodes.machine =
{ pkgs, ... }:
{
virtualisation.useDefaultFilesystems = false;
virtualisation.bootDevice = "/dev/vda";
boot.initrd.postDeviceCommands = ''
${pkgs.btrfs-progs}/bin/mkfs.btrfs --label root /dev/vda
'';
virtualisation.fileSystems = {
"/" = {
device = "/dev/disk/by-label/root";
fsType = "btrfs";
};
};
swapDevices = [
{
device = "/var/swapfile";
size = 1; # 1MiB.
}
];
};
testScript = ''
machine.wait_for_unit('var-swapfile.swap')
machine.succeed("stat --file-system --format=%T /var/swapfile | grep btrfs")
# First run. Auto creation.
machine.succeed("swapon --show | grep /var/swapfile")
machine.shutdown()
machine.start()
# Second run. Use it as-is.
machine.wait_for_unit('var-swapfile.swap')
machine.succeed("swapon --show | grep /var/swapfile")
'';
})