diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2015-11-20 14:32:58 +0100 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2015-11-20 14:32:58 +0100 |
| commit | 333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb (patch) | |
| tree | 0f4757ddd2bb3d73b438eea85828d8e01c049583 /nixos/modules/config | |
| parent | bdbbfa0d4247e203ffe3171621b614374da05f70 (diff) | |
| parent | b809f886c0bdbd4665fc65a4c308d38a30c368d8 (diff) | |
| download | nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar.gz nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar.bz2 nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar.lz nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar.xz nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.tar.zst nixpkgs-333d69a5f0e7ccfe7b8c0bdb14ebd3934b3f77fb.zip | |
Merge staging into closure-size
The most complex problems were from dealing with switches reverted in the meantime (gcc5, gmp6, ncurses6). It's likely that darwin is (still) broken nontrivially.
Diffstat (limited to 'nixos/modules/config')
| -rw-r--r-- | nixos/modules/config/debug-info.nix | 46 | ||||
| -rw-r--r-- | nixos/modules/config/i18n.nix | 17 | ||||
| -rw-r--r-- | nixos/modules/config/power-management.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/config/swap.nix | 167 | ||||
| -rw-r--r-- | nixos/modules/config/system-path.nix | 27 | ||||
| -rw-r--r-- | nixos/modules/config/users-groups.nix | 4 |
6 files changed, 182 insertions, 80 deletions
diff --git a/nixos/modules/config/debug-info.nix b/nixos/modules/config/debug-info.nix new file mode 100644 index 00000000000..a096a9809ce --- /dev/null +++ b/nixos/modules/config/debug-info.nix @@ -0,0 +1,46 @@ +{ config, lib, ... }: + +with lib; + +{ + + options = { + + environment.enableDebugInfo = mkOption { + type = types.bool; + default = false; + description = '' + Some NixOS packages provide debug symbols. However, these are + not included in the system closure by default to save disk + space. Enabling this option causes the debug symbols to appear + in <filename>/run/current-system/sw/lib/debug/.build-id</filename>, + where tools such as <command>gdb</command> can find them. + If you need debug symbols for a package that doesn't + provide them by default, you can enable them as follows: + <!-- FIXME: ugly, see #10721 --> + <programlisting> + nixpkgs.config.packageOverrides = pkgs: { + hello = overrideDerivation pkgs.hello (attrs: { + outputs = attrs.outputs or ["out"] ++ ["debug"]; + buildInputs = attrs.buildInputs ++ [<nixpkgs/pkgs/build-support/setup-hooks/separate-debug-info.sh>]; + }); + }; + </programlisting> + ''; + }; + + }; + + + config = { + + # FIXME: currently disabled because /lib is already in + # environment.pathsToLink, and we can't have both. + #environment.pathsToLink = [ "/lib/debug/.build-id" ]; + + environment.outputsToLink = + optional config.environment.enableDebugInfo "debug"; + + }; + +} diff --git a/nixos/modules/config/i18n.nix b/nixos/modules/config/i18n.nix index f58e540a6e5..b20fac6ad3e 100644 --- a/nixos/modules/config/i18n.nix +++ b/nixos/modules/config/i18n.nix @@ -74,6 +74,23 @@ in ''; }; + consoleColors = mkOption { + type = types.listOf types.str; + default = []; + example = [ + "002b36" "dc322f" "859900" "b58900" + "268bd2" "d33682" "2aa198" "eee8d5" + "002b36" "cb4b16" "586e75" "657b83" + "839496" "6c71c4" "93a1a1" "fdf6e3" + ]; + description = '' + The 16 colors palette used by the virtual consoles. + Leave empty to use the default colors. + Colors must be in hexadecimal format and listed in + order from color 0 to color 15. + ''; + }; + }; }; diff --git a/nixos/modules/config/power-management.nix b/nixos/modules/config/power-management.nix index 32a7987617a..dedc8a3f679 100644 --- a/nixos/modules/config/power-management.nix +++ b/nixos/modules/config/power-management.nix @@ -98,6 +98,7 @@ in after = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" ]; script = '' + ${config.systemd.package}/bin/systemctl try-restart post-resume.target ${cfg.resumeCommands} ${cfg.powerUpCommands} ''; diff --git a/nixos/modules/config/swap.nix b/nixos/modules/config/swap.nix index 1dc7ebb96af..9a5d6a9fc33 100644 --- a/nixos/modules/config/swap.nix +++ b/nixos/modules/config/swap.nix @@ -3,6 +3,84 @@ with utils; with lib; +let + + swapCfg = {config, options, ...}: { + + options = { + + device = mkOption { + example = "/dev/sda3"; + type = types.str; + description = "Path of the device."; + }; + + label = mkOption { + example = "swap"; + type = types.str; + description = '' + Label of the device. Can be used instead of <varname>device</varname>. + ''; + }; + + size = mkOption { + default = null; + example = 2048; + type = types.nullOr types.int; + description = '' + If this option is set, ‘device’ is interpreted as the + path of a swapfile that will be created automatically + with the indicated size (in megabytes) if it doesn't + exist. + ''; + }; + + priority = mkOption { + default = null; + example = 2048; + type = types.nullOr types.int; + description = '' + Specify the priority of the swap device. Priority is a value between 0 and 32767. + Higher numbers indicate higher priority. + null lets the kernel choose a priority, which will show up as a negative value. + ''; + }; + + randomEncryption = mkOption { + default = false; + type = types.bool; + description = '' + Encrypt swap device with a random key. This way you won't have a persistent swap device. + + WARNING: Don't try to hibernate when you have at least one swap partition with + this option enabled! We have no way to set the partition into which hibernation image + is saved, so if your image ends up on an encrypted one you would lose it! + ''; + }; + + deviceName = mkOption { + type = types.str; + internal = true; + }; + + realDevice = mkOption { + type = types.path; + internal = true; + }; + + }; + + config = rec { + device = mkIf options.label.isDefined + "/dev/disk/by-label/${config.label}"; + deviceName = escapeSystemdPath config.device; + realDevice = if config.randomEncryption then "/dev/mapper/${deviceName}" else config.device; + }; + + }; + +in + { ###### interface @@ -26,58 +104,7 @@ with lib; recommended. ''; - type = types.listOf types.optionSet; - - options = {config, options, ...}: { - - options = { - - device = mkOption { - example = "/dev/sda3"; - type = types.str; - description = "Path of the device."; - }; - - label = mkOption { - example = "swap"; - type = types.str; - description = '' - Label of the device. Can be used instead of <varname>device</varname>. - ''; - }; - - size = mkOption { - default = null; - example = 2048; - type = types.nullOr types.int; - description = '' - If this option is set, ‘device’ is interpreted as the - path of a swapfile that will be created automatically - with the indicated size (in megabytes) if it doesn't - exist. - ''; - }; - - priority = mkOption { - default = null; - example = 2048; - type = types.nullOr types.int; - description = '' - Specify the priority of the swap device. Priority is a value between 0 and 32767. - Higher numbers indicate higher priority. - null lets the kernel choose a priority, which will show up as a negative value. - ''; - }; - - }; - - config = { - device = mkIf options.label.isDefined - "/dev/disk/by-label/${config.label}"; - }; - - }; - + type = types.listOf (types.submodule swapCfg); }; }; @@ -95,27 +122,37 @@ with lib; createSwapDevice = sw: assert sw.device != ""; - let device' = escapeSystemdPath sw.device; in - nameValuePair "mkswap-${escapeSystemdPath sw.device}" - { description = "Initialisation of Swapfile ${sw.device}"; - wantedBy = [ "${device'}.swap" ]; - before = [ "${device'}.swap" ]; - path = [ pkgs.utillinux ]; + let realDevice' = escapeSystemdPath sw.realDevice; + in nameValuePair "mkswap-${sw.deviceName}" + { description = "Initialisation of swap device ${sw.device}"; + wantedBy = [ "${realDevice'}.swap" ]; + before = [ "${realDevice'}.swap" ]; + path = [ pkgs.utillinux ] ++ optional sw.randomEncryption pkgs.cryptsetup; script = '' - if [ ! -e "${sw.device}" ]; then - fallocate -l ${toString sw.size}M "${sw.device}" || - dd if=/dev/zero of="${sw.device}" bs=1M count=${toString sw.size} - chmod 0600 ${sw.device} - mkswap ${sw.device} - fi + ${optionalString (sw.size != null) '' + if [ ! -e "${sw.device}" ]; then + fallocate -l ${toString sw.size}M "${sw.device}" || + dd if=/dev/zero of="${sw.device}" bs=1M count=${toString sw.size} + chmod 0600 ${sw.device} + ${optionalString (!sw.randomEncryption) "mkswap ${sw.realDevice}"} + fi + ''} + ${optionalString sw.randomEncryption '' + echo "secretkey" | cryptsetup luksFormat --batch-mode ${sw.device} + echo "secretkey" | cryptsetup luksOpen ${sw.device} ${sw.deviceName} + cryptsetup luksErase --batch-mode ${sw.device} + mkswap ${sw.realDevice} + ''} ''; unitConfig.RequiresMountsFor = [ "${dirOf sw.device}" ]; unitConfig.DefaultDependencies = false; # needed to prevent a cycle serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = sw.randomEncryption; + serviceConfig.ExecStop = optionalString sw.randomEncryption "cryptsetup luksClose ${sw.deviceName}"; }; - in listToAttrs (map createSwapDevice (filter (sw: sw.size != null) config.swapDevices)); + in listToAttrs (map createSwapDevice (filter (sw: sw.size != null || sw.randomEncryption) config.swapDevices)); }; diff --git a/nixos/modules/config/system-path.nix b/nixos/modules/config/system-path.nix index 26f4ba5fd70..da558a25d99 100644 --- a/nixos/modules/config/system-path.nix +++ b/nixos/modules/config/system-path.nix @@ -7,12 +7,6 @@ with lib; let - extraManpages = pkgs.runCommand "extra-manpages" { buildInputs = [ pkgs.help2man ]; } - '' - mkdir -p $out/share/man/man1 - help2man ${pkgs.gnutar}/bin/tar > $out/share/man/man1/tar.1 - ''; - requiredPackages = [ config.nix.package pkgs.acl @@ -34,7 +28,6 @@ let pkgs.xz pkgs.less pkgs.libcap - pkgs.man pkgs.nano pkgs.ncurses pkgs.netcat @@ -47,7 +40,6 @@ let pkgs.time pkgs.texinfoInteractive pkgs.utillinux - extraManpages ]; in @@ -78,8 +70,16 @@ in # to work. default = []; example = ["/"]; - description = "List of directories to be symlinked in `/run/current-system/sw'."; + description = "List of directories to be symlinked in <filename>/run/current-system/sw</filename>."; + }; + + outputsToLink = mkOption { + type = types.listOf types.str; + default = []; + example = [ "doc" ]; + description = "List of package outputs to be symlinked into <filename>/run/current-system/sw</filename>."; }; + }; system = { @@ -103,9 +103,7 @@ in [ "/bin" "/etc/xdg" "/info" - "/lib" # FIXME: remove - #"/lib/debug/.build-id" # enables GDB to find separated debug info - "/man" + "/lib" # FIXME: remove and update debug-info.nix "/sbin" "/share/applications" "/share/desktop-directories" @@ -113,7 +111,6 @@ in "/share/emacs" "/share/icons" "/share/info" - "/share/man" "/share/menus" "/share/mime" "/share/nano" @@ -126,7 +123,8 @@ in system.path = pkgs.buildEnv { name = "system-path"; paths = let - #outputs TODO: make it user-customizable? + inherit (config.environment) pathsToLink outputsToLink; + #outputs TODO: some code already merged by Eelco? make it user-customizable? pkgOutputFun = pkg: lib.filter (p: p!=null) [ (pkg.bin or (pkg.out or pkg)) (pkg.man or null) @@ -134,7 +132,6 @@ in (pkg.doc or null) ]; in lib.concatMap pkgOutputFun config.environment.systemPackages; - inherit (config.environment) pathsToLink; ignoreCollisions = true; # !!! Hacky, should modularise. postBuild = diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index adc014eed41..485926fb1dd 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -550,4 +550,8 @@ in { }; + imports = + [ (mkAliasOptionModule [ "users" "extraUsers" ] [ "users" "users" ]) + (mkAliasOptionModule [ "users" "extraGroups" ] [ "users" "groups" ]) + ]; } |