Merge pull request #206 from nix-community/generic-lzbt

lzbt: abstraction for multiple backends

README.md

@@ -53,7 +53,7 @@ Boot effective:
 
 These steps will not be covered here.
 
-### `lzbt`, the Lanzaboote tool
+### `lzbt-*`, the Lanzaboote tool
 
 At the moment, boot loaders, kernels and initrds on NixOS are signed
 on the current system. These then need to be prepared as [Unified
@@ -68,7 +68,13 @@ installs the UKI along with other required files to the
 ESP. `lzbt` is also aware of multiple NixOS generations and will
 sign all configurations that should be bootable.
 
-`lzbt` lives in [`rust/tool`](rust/tool).
+We have multiple backends for `lzbt`:
+
+- `lzbt-systemd` lives in [`rust/tool/systemd`](rust/tool/systemd)
+
+In the future, `lzbt` may support more backends.
+
+Shared code lives in [`rust/tool/shared`](rust/tool/shared).
 
 ### Stub
 

flake.nix

@@ -165,8 +165,10 @@
           stub = stubCrane.package;
           fatStub = fatStubCrane.package;
 
+          # TODO: when we will have more backends
+          # let's generalize this properly.
           toolCrane = buildRustApp {
-            pname = "lanzaboote-tool";
+            pname = "lzbt-systemd";
             src = ./rust/tool;
             extraArgs = {
               TEST_SYSTEMD = pkgs.systemd;
@@ -187,7 +189,7 @@
 
             # Clean PATH to only contain what we need to do objcopy. Also
             # tell lanzatool where to find our UEFI binaries.
-            makeWrapper ${tool}/bin/lzbt $out/bin/lzbt \
+            makeWrapper ${tool}/bin/lzbt-systemd $out/bin/lzbt \
               --set PATH ${lib.makeBinPath [ pkgs.binutils-unwrapped pkgs.sbsigntool ]} \
               --set LANZABOOTE_STUB ${stub}/bin/lanzaboote_stub.efi
           '';