From 756a6f617319b69a8ed5cfc1e7abef9f8cadfcd6 Mon Sep 17 00:00:00 2001
From: Ryan Schanzenbacher <ryan@rschanz.org>
Date: Wed, 24 Dec 2025 13:09:11 -0500
Subject: initial systemd-cryptsetup testing for fido2 unlocking

---
 modules/ryan-packages/bootloaders.scm | 38 +++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

(limited to 'modules')

diff --git a/modules/ryan-packages/bootloaders.scm b/modules/ryan-packages/bootloaders.scm
index 4cbb8da..dad3743 100644
--- a/modules/ryan-packages/bootloaders.scm
+++ b/modules/ryan-packages/bootloaders.scm
@@ -9,6 +9,13 @@
   #:use-module (gnu packages python-xyz)
   #:use-module (gnu packages python-crypto)
   #:use-module (gnu packages pkg-config)
+  ;below for cryptsetup
+  #:use-module (gnu packages password-utils)
+  #:use-module (gnu packages cryptsetup)
+  #:use-module (gnu packages security-token)
+  #:use-module (gnu packages web)
+  #:use-module (gnu packages gnupg)
+  #:use-module (gnu packages tls)
   #:use-module (guix gexp)
   #:use-module (guix utils)
   #:use-module (guix modules)
@@ -108,3 +115,34 @@ kernel arguments, and optional secure boot signatures into a single, UEFI-bootab
 image.")
     (license license:lgpl2.1+)))
 
+(define-public systemd-cryptsetup
+  (package
+    (name "systemd-cryptsetup")
+    (version systemd-version)
+    (source systemd-source)
+    (build-system meson-build-system)
+    (arguments
+      (list
+        #:build-type "release"
+        #:configure-flags
+        `(list "-Dlibcryptsetup=true" "-Dlibfido2=true"
+               "-Dopenssl=true")
+        #:phases
+        #~(modify-phases %standard-phases
+            (replace 'build
+              (lambda* (#:key parallel-build? #:allow-other-keys)
+                       (invoke "ninja" "systemd-cryptsetup"
+                       "-j" (if parallel-build?
+                              (number->string (parallel-job-count)) "1"))))
+            (replace 'install
+              (lambda _
+                (install-file "systemd-cryptsetup" (string-append #$output "/libexec"))
+                (install-file "src/shared/libsystemd-shared-258.so" (string-append #$output "/lib"))))
+            (delete 'check))))
+    (native-inputs (list `(,util-linux "lib") eudev lvm2 cryptsetup libfido2 libxcrypt gperf pkg-config python-3 python-jinja2 libcap argon2 json-c libgcrypt openssl))
+    (home-page "test")
+    (synopsis "test")
+    (description "test")
+    (license license:lgpl2.1+)))
+
+systemd-cryptsetup
-- 
cgit v1.2.3