diff --git a/flake.nix b/flake.nix index 7c17fff..9e92cc8 100644 --- a/flake.nix +++ b/flake.nix @@ -18,7 +18,7 @@ pkgs = import nixpkgs { inherit system; }; patosPkgs = self.packages.${system}; version = "0.0.1"; - updateUrl = "http://10.0.2.2:8000"; + updateUrl = "http://10.0.2.2:8000/"; in { packages = { diff --git a/pkgs/image/default.nix b/pkgs/image/default.nix index 8f3acbf..e0a4a24 100644 --- a/pkgs/image/default.nix +++ b/pkgs/image/default.nix @@ -93,7 +93,7 @@ Type=regular-file Verify=no EOF -cat <<EOF > rootfs/etc/sysupdate.d/20-root.transfer +cat <<EOF > rootfs/etc/sysupdate.d/20-root-verity.transfer [Source] Type=url-file Path=${updateUrl} @@ -159,7 +159,7 @@ ${patosPkgs.systemd}/usr/bin/systemd-repart \ --split=true \ --json=pretty \ --root=$out \ - patos-$version.raw > init-repart-output.json && rm -f patos-$version.raw + patos_$version.raw > init-repart-output.json && rm -f patos_$version.raw roothash=$(jq -r '.[0].roothash' init-repart-output.json) rootPart=$(jq -r '.[0].split_path' init-repart-output.json) @@ -168,6 +168,9 @@ rootUuid=$(jq -r '.[0].uuid' init-repart-output.json) verityPart=$(jq -r '.[1].split_path' init-repart-output.json) verityUuid=$(jq -r '.[1].uuid' init-repart-output.json) +ln -sf patos_$version.verity.raw patos_${version}_$verityUuid.verity +ln -sf patos_$version.root.raw patos_${version}_$rootUuid.root + ${patosPkgs.systemd}/usr/bin/ukify build \ --linux ${patosPkgs.kernel}/bzImage \ --initrd ${patosPkgs.initrd}/initrd.xz \ @@ -238,9 +241,10 @@ ${patosPkgs.systemd}/usr/bin/systemd-repart \ --size=auto \ --definitions=./final.repart.d \ --root=$out \ - patos-${version}.raw > final-repart-output.json + patos_${version}.img > final-repart-output.json rm -rf rootfs +sha256sum *.root *.verity *.efi > SHA256SUMS popd ''