e907d0d3d3
fix: rootfs now with verity and A/B prep
2025-03-07 15:19:41 +01:00
3f443a9e9b
chore: autologin as root for now
2025-03-06 17:18:17 +01:00
d1e25bdddf
chore: upgrade systemd to latest stable
2025-03-06 16:26:13 +01:00
658b5af153
chore: even better erofs compression
2025-03-06 16:16:25 +01:00
62dd1ca5bf
feat: enable conf/sys ext services and make /etc read-only without overlay
2025-03-05 22:04:38 +01:00
18c8e76850
revert to static machine id for now
2025-03-05 10:08:47 +01:00
be4efca9a5
chore: temporary generate machine-id on boot until we have a confext
2025-03-05 10:00:10 +01:00
0a129b5489
chore: clean up
2025-03-05 09:13:18 +01:00
879f74befa
chore: remove unused logind and sysuser for dbus svc
2025-03-05 08:38:08 +01:00
12bacf271d
feat: generate passwd/group with systemd-sysusers
2025-03-04 23:51:08 +01:00
8e61f85f72
chore: clean up var-repart config
2025-03-04 15:42:12 +01:00
e5367bac84
chore: more clean up
2025-03-04 14:20:31 +01:00
529061df5e
chore: clean up comments
2025-03-04 14:08:53 +01:00
83bb3599a4
fix(repart): depend on sysroot-run mount
2025-03-04 13:56:18 +01:00
10090a75b0
fix(image): finally have working mount of encrypted volumes!
2025-03-04 12:10:18 +01:00
adb2e90c13
fix(image): image need to include devicemapper setup tools and udev rules
2025-03-03 16:13:30 +01:00
0a6fc3af49
chore: enable default networking and make root own erofs files
2025-02-27 16:42:11 +01:00
aa4f69d891
fix: we need to roll our own versions of tpm2-tools and tpm2-tss
2025-02-27 16:35:50 +01:00
57f83bd4ac
chore: make erofs with --all-root flag
2025-02-27 08:18:24 +01:00
7365ef8918
feat(image): install upstream kexec which now have support for UKIs
2025-02-26 14:40:06 +01:00
b784c94d42
WIP: Build image from scratch / without NixOS.
...
An experiment to see if we can minimize the PatOS project even further,
and not have to adapt NixOS packages and config for our needs.
2025-02-14 13:07:01 +01:00
4702e0dddb
feat(systemd): enabled sysupdated
2025-02-12 15:06:07 +01:00
fa55edf0de
chore: remove openssh for now
2024-11-19 12:11:21 +01:00
c59ea29957
Image building take 2
...
We want verity protected partitions as well as encrypted state/data along with verified boot.
This PR integrates Peter Marshall's awesome little Nixlet project as a starting point, especially the nice testing scaffolding will be super helpful! ✨
https://github.com/petm5/nixlet/
2024-11-14 19:52:34 +01:00
