From 0709c10b476f563aee07a3e285f25250e17cecf5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timoth=C3=A9e=20Ravier?= <tim@siosm.fr>
Date: Fri, 26 Jul 2024 16:52:02 +0200
Subject: [PATCH] Include systemd-pcrphase dracut module only on !ppc64le

See: https://pagure.io/workstation-ostree-config/pull-request/518
See: https://gitlab.com/fedora/ostree/sig/-/issues/44
---
 common.yaml             |  8 ++++++++
 initramfs-tpm-luks.yaml | 18 ++++++++++++++++++
 initramfs.yaml          |  9 ---------
 3 files changed, 26 insertions(+), 9 deletions(-)
 create mode 100644 initramfs-tpm-luks.yaml

diff --git a/common.yaml b/common.yaml
index 426710e..8aa0a2c 100644
--- a/common.yaml
+++ b/common.yaml
@@ -16,6 +16,14 @@ include:
   # Read only sysroot
   - sysroot-ro.yaml
 
+# systemd-pcrphase module fails on ppc64le:
+# https://gitlab.com/fedora/ostree/sig/-/issues/44
+arch-include:
+  x86_64:
+    - initramfs-tpm-luks.yaml
+  aarch64:
+    - initramfs-tpm-luks.yaml
+
 conditional-include:
   # Manifests included only for classic ostree variants
   - if: bootable_container == false
diff --git a/initramfs-tpm-luks.yaml b/initramfs-tpm-luks.yaml
new file mode 100644
index 0000000..8039854
--- /dev/null
+++ b/initramfs-tpm-luks.yaml
@@ -0,0 +1,18 @@
+# Set dracut configuration for the initramfs
+# See: https://gitlab.com/fedora/bootc/base-images/-/blob/main/tier-0/initramfs.yaml
+# See: https://github.com/coreos/fedora-coreos-config/tree/testing-devel/overlay.d/05core/usr/lib/dracut/dracut.conf.d
+postprocess:
+  - |
+    #!/usr/bin/env bash
+    set -xeuo pipefail
+
+    install -dm 0755 -o 0 -g 0 /usr/lib/dracut/dracut.conf.d
+
+  - |
+    #!/usr/bin/env bash
+    set -xeuo pipefail
+
+    cat > /usr/lib/dracut/dracut.conf.d/20-atomic-tpm-luks.conf << 'EOF'
+    # Add support for systemd-cryptsetup and tpm2-tss LUKS locking
+    add_dracutmodules+=" tpm2-tss systemd-pcrphase "
+    EOF
diff --git a/initramfs.yaml b/initramfs.yaml
index a1c7972..2aff840 100644
--- a/initramfs.yaml
+++ b/initramfs.yaml
@@ -26,12 +26,3 @@ postprocess:
     # save much space. So let's disable it to avoid the error-looking message.
     do_strip=no
     EOF
-
-  - |
-    #!/usr/bin/env bash
-    set -xeuo pipefail
-
-    cat > /usr/lib/dracut/dracut.conf.d/20-atomic-tpm-luks.conf << 'EOF'
-    # Add support for systemd-cryptsetup and tpm2-tss LUKS locking
-    add_dracutmodules+=" tpm2-tss systemd-pcrphase "
-    EOF