diff options
| author | Alyssa Ross <hi@alyssa.is> | 2021-08-04 10:43:07 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2021-08-04 10:43:07 +0000 |
| commit | 62614cbef7da005c1eda8c9400160f6bcd6546b8 (patch) | |
| tree | c2630f69080637987b68acb1ee8676d2681fe304 /nixos/modules/installer | |
| parent | d9c82ed3044c72cecf01c6ea042489d30914577c (diff) | |
| parent | e24069138dfec3ef94f211f1da005bb5395adc11 (diff) | |
| download | nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.gz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.bz2 nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.lz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.xz nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.tar.zst nixpkgs-62614cbef7da005c1eda8c9400160f6bcd6546b8.zip | |
Merge branch 'nixpkgs-update' into master
Diffstat (limited to 'nixos/modules/installer')
35 files changed, 833 insertions, 1767 deletions
diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index 6c7ea293e8a..aecb65b8c57 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -30,5 +30,16 @@ with lib; # Add Memtest86+ to the CD. boot.loader.grub.memtest86.enable = true; + boot.postBootCommands = '' + for o in $(</proc/cmdline); do + case "$o" in + live.nixos.passwd=*) + set -- $(IFS==; echo $o) + echo "nixos:$2" | ${pkgs.shadow}/bin/chpasswd + ;; + esac + done + ''; + system.stateVersion = mkDefault "18.03"; } diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix index 8c98691116d..12ad8a4ae00 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix @@ -9,7 +9,14 @@ with lib; isoImage.edition = "gnome"; - services.xserver.desktopManager.gnome3.enable = true; + services.xserver.desktopManager.gnome = { + # Add firefox to favorite-apps + favoriteAppsOverride = '' + [org.gnome.shell] + favorite-apps=[ 'firefox.desktop', 'org.gnome.Geary.desktop', 'org.gnome.Calendar.desktop', 'org.gnome.Music.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop' ] + ''; + enable = true; + }; services.xserver.displayManager = { gdm = { diff --git a/nixos/modules/installer/cd-dvd/iso-image.nix b/nixos/modules/installer/cd-dvd/iso-image.nix index 405fbfa10db..d94af0b5bf7 100644 --- a/nixos/modules/installer/cd-dvd/iso-image.nix +++ b/nixos/modules/installer/cd-dvd/iso-image.nix @@ -143,6 +143,13 @@ let LINUX /boot/${config.system.boot.loader.kernelFile} APPEND init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} loglevel=7 INITRD /boot/${config.system.boot.loader.initrdFile} + + # A variant to boot with a serial console enabled + LABEL boot-serial + MENU LABEL NixOS ${config.system.nixos.label}${config.isoImage.appendToMenuLabel} (serial console=ttyS0,115200n8) + LINUX /boot/${config.system.boot.loader.kernelFile} + APPEND init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} console=ttyS0,115200n8 + INITRD /boot/${config.system.boot.loader.initrdFile} ''; isolinuxMemtest86Entry = '' @@ -155,12 +162,14 @@ let isolinuxCfg = concatStringsSep "\n" ([ baseIsolinuxCfg ] ++ optional config.boot.loader.grub.memtest86.enable isolinuxMemtest86Entry); + refindBinary = if targetArch == "x64" || targetArch == "aa64" then "refind_${targetArch}.efi" else null; + # Setup instructions for rEFInd. refind = - if targetArch == "x64" then + if refindBinary != null then '' # Adds rEFInd to the ISO. - cp -v ${pkgs.refind}/share/refind/refind_x64.efi $out/EFI/boot/ + cp -v ${pkgs.refind}/share/refind/${refindBinary} $out/EFI/boot/ '' else "# No refind for ${targetArch}" @@ -173,13 +182,32 @@ let # Menu configuration # + # Search using a "marker file" + search --set=root --file /EFI/nixos-installer-image + insmod gfxterm insmod png set gfxpayload=keep + set gfxmode=${concatStringsSep "," [ + # GRUB will use the first valid mode listed here. + # `auto` will sometimes choose the smallest valid mode it detects. + # So instead we'll list a lot of possibly valid modes :/ + #"3840x2160" + #"2560x1440" + "1920x1080" + "1366x768" + "1280x720" + "1024x768" + "800x600" + "auto" + ]} # Fonts can be loaded? # (This font is assumed to always be provided as a fallback by NixOS) - if loadfont (hd0)/EFI/boot/unicode.pf2; then + if loadfont (\$root)/EFI/boot/unicode.pf2; then + set with_fonts=true + fi + if [ "\$textmode" != "true" -a "\$with_fonts" == "true" ]; then # Use graphical term, it can be either with background image or a theme. # input is "console", while output is "gfxterm". # This enables "serial" input and output only when possible. @@ -200,11 +228,11 @@ let ${ # When there is a theme configured, use it, otherwise use the background image. if config.isoImage.grubTheme != null then '' # Sets theme. - set theme=(hd0)/EFI/boot/grub-theme/theme.txt + set theme=(\$root)/EFI/boot/grub-theme/theme.txt # Load theme fonts - $(find ${config.isoImage.grubTheme} -iname '*.pf2' -printf "loadfont (hd0)/EFI/boot/grub-theme/%P\n") + $(find ${config.isoImage.grubTheme} -iname '*.pf2' -printf "loadfont (\$root)/EFI/boot/grub-theme/%P\n") '' else '' - if background_image (hd0)/EFI/boot/efi-background.png; then + if background_image (\$root)/EFI/boot/efi-background.png; then # Black background means transparent background when there # is a background image set... This seems undocumented :( set color_normal=black/black @@ -221,9 +249,15 @@ let # Notes about grub: # * Yes, the grubMenuCfg has to be repeated in all submenus. Otherwise you # will get white-on-black console-like text on sub-menus. *sigh* - efiDir = pkgs.runCommand "efi-directory" {} '' + efiDir = pkgs.runCommand "efi-directory" { + nativeBuildInputs = [ pkgs.buildPackages.grub2_efi ]; + strictDeps = true; + } '' mkdir -p $out/EFI/boot/ + # Add a marker so GRUB can find the filesystem. + touch $out/EFI/nixos-installer-image + # ALWAYS required modules. MODULES="fat iso9660 part_gpt part_msdos \ normal boot linux configfile loopback chain halt \ @@ -251,12 +285,14 @@ let # Make our own efi program, we can't rely on "grub-install" since it seems to # probe for devices, even with --skip-fs-probe. - ${grubPkgs.grub2_efi}/bin/grub-mkimage -o $out/EFI/boot/boot${targetArch}.efi -p /EFI/boot -O ${grubPkgs.grub2_efi.grubTarget} \ + grub-mkimage --directory=${grubPkgs.grub2_efi}/lib/grub/${grubPkgs.grub2_efi.grubTarget} -o $out/EFI/boot/boot${targetArch}.efi -p /EFI/boot -O ${grubPkgs.grub2_efi.grubTarget} \ $MODULES cp ${grubPkgs.grub2_efi}/share/grub/unicode.pf2 $out/EFI/boot/ cat <<EOF > $out/EFI/boot/grub.cfg + set with_fonts=false + set textmode=false # If you want to use serial for "terminal_*" commands, you need to set one up: # Example manual configuration: # → serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1 @@ -266,8 +302,28 @@ let export with_serial clear set timeout=10 + + # This message will only be viewable when "gfxterm" is not used. + echo "" + echo "Loading graphical boot menu..." + echo "" + echo "Press 't' to use the text boot menu on this console..." + echo "" + ${grubMenuCfg} + hiddenentry 'Text mode' --hotkey 't' { + loadfont (\$root)/EFI/boot/unicode.pf2 + set textmode=true + terminal_output gfxterm console + } + hiddenentry 'GUI mode' --hotkey 'g' { + $(find ${config.isoImage.grubTheme} -iname '*.pf2' -printf "loadfont (\$root)/EFI/boot/grub-theme/%P\n") + set textmode=false + terminal_output gfxterm + } + + # If the parameter iso_path is set, append the findiso parameter to the kernel # line. We need this to allow the nixos iso to be booted from grub directly. if [ \''${iso_path} ] ; then @@ -330,11 +386,17 @@ let } } - menuentry 'rEFInd' --class refind { - # UUID is hard-coded in the derivation. + ${lib.optionalString (refindBinary != null) '' + # GRUB apparently cannot do "chainloader" operations on "CD". + if [ "\$root" != "cd0" ]; then + # Force root to be the FAT partition + # Otherwise it breaks rEFInd's boot search --set=root --no-floppy --fs-uuid 1234-5678 - chainloader (\$root)/EFI/boot/refind_x64.efi - } + menuentry 'rEFInd' --class refind { + chainloader (\$root)/EFI/boot/${refindBinary} + } + fi + ''} menuentry 'Firmware Setup' --class settings { fwsetup clear @@ -350,7 +412,10 @@ let ${refind} ''; - efiImg = pkgs.runCommand "efi-image_eltorito" { buildInputs = [ pkgs.mtools pkgs.libfaketime ]; } + efiImg = pkgs.runCommand "efi-image_eltorito" { + nativeBuildInputs = [ pkgs.buildPackages.mtools pkgs.buildPackages.libfaketime pkgs.buildPackages.dosfstools ]; + strictDeps = true; + } # Be careful about determinism: du --apparent-size, # dates (cp -p, touch, mcopy -m, faketime for label), IDs (mkfs.vfat -i) '' @@ -359,9 +424,12 @@ let mkdir ./boot cp -p "${config.boot.kernelPackages.kernel}/${config.system.boot.loader.kernelFile}" \ "${config.system.build.initialRamdisk}/${config.system.boot.loader.initrdFile}" ./boot/ - touch --date=@0 ./EFI ./boot - usage_size=$(du -sb --apparent-size . | tr -cd '[:digit:]') + # Rewrite dates for everything in the FS + find . -exec touch --date=2000-01-01 {} + + + # Round up to the nearest multiple of 1MB, for more deterministic du output + usage_size=$(( $(du -s --block-size=1M --apparent-size . | tr -cd '[:digit:]') * 1024 * 1024 )) # Make the image 110% as big as the files need to make up for FAT overhead image_size=$(( ($usage_size * 110) / 100 )) # Make the image fit blocks of 1M @@ -370,10 +438,19 @@ let echo "Usage size: $usage_size" echo "Image size: $image_size" truncate --size=$image_size "$out" - ${pkgs.libfaketime}/bin/faketime "2000-01-01 00:00:00" ${pkgs.dosfstools}/sbin/mkfs.vfat -i 12345678 -n EFIBOOT "$out" - mcopy -psvm -i "$out" ./EFI ./boot :: + faketime "2000-01-01 00:00:00" mkfs.vfat -i 12345678 -n EFIBOOT "$out" + + # Force a fixed order in mcopy for better determinism, and avoid file globbing + for d in $(find EFI boot -type d | sort); do + faketime "2000-01-01 00:00:00" mmd -i "$out" "::/$d" + done + + for f in $(find EFI boot -type f | sort); do + mcopy -pvm -i "$out" "$f" "::/$f" + done + # Verify the FAT partition. - ${pkgs.dosfstools}/sbin/fsck.vfat -vn "$out" + fsck.vfat -vn "$out" ''; # */ # Name used by UEFI for architectures. @@ -382,6 +459,8 @@ let "ia32" else if pkgs.stdenv.isx86_64 then "x64" + else if pkgs.stdenv.isAarch32 then + "arm" else if pkgs.stdenv.isAarch64 then "aa64" else @@ -418,7 +497,12 @@ in }; isoImage.squashfsCompression = mkOption { - default = "xz -Xdict-size 100%"; + default = with pkgs.stdenv.targetPlatform; "xz -Xdict-size 100% " + + lib.optionalString (isx86_32 || isx86_64) "-Xbcj x86" + # Untested but should also reduce size for these platforms + + lib.optionalString (isAarch32 || isAarch64) "-Xbcj arm" + + lib.optionalString (isPowerPC) "-Xbcj powerpc" + + lib.optionalString (isSparc) "-Xbcj sparc"; description = '' Compression settings to use for the squashfs nix store. ''; @@ -606,6 +690,12 @@ in "upperdir=/nix/.rw-store/store" "workdir=/nix/.rw-store/work" ]; + + depends = [ + "/nix/.ro-store" + "/nix/.rw-store/store" + "/nix/.rw-store/work" + ]; }; boot.initrd.availableKernelModules = [ "squashfs" "iso9660" "uas" "overlay" ]; diff --git a/nixos/modules/installer/cd-dvd/sd-image-aarch64-new-kernel.nix b/nixos/modules/installer/cd-dvd/sd-image-aarch64-new-kernel.nix index 2882fbcc730..a669d61571f 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-aarch64-new-kernel.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-aarch64-new-kernel.nix @@ -1,7 +1,14 @@ -{ pkgs, ... }: - +{ config, ... }: { - imports = [ ./sd-image-aarch64.nix ]; - - boot.kernelPackages = pkgs.linuxPackages_latest; + imports = [ + ../sd-card/sd-image-aarch64-new-kernel-installer.nix + ]; + config = { + warnings = [ + '' + .../cd-dvd/sd-image-aarch64-new-kernel.nix is deprecated and will eventually be removed. + Please switch to .../sd-card/sd-image-aarch64-new-kernel-installer.nix, instead. + '' + ]; + }; } diff --git a/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix b/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix index bef6cd2fb5a..76c1509b8f7 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix @@ -1,60 +1,14 @@ -# To build, use: -# nix-build nixos -I nixos-config=nixos/modules/installer/cd-dvd/sd-image-aarch64.nix -A config.system.build.sdImage -{ config, lib, pkgs, ... }: - +{ config, ... }: { imports = [ - ../../profiles/base.nix - ../../profiles/installation-device.nix - ./sd-image.nix + ../sd-card/sd-image-aarch64-installer.nix ]; - - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - - boot.consoleLogLevel = lib.mkDefault 7; - - # The serial ports listed here are: - # - ttyS0: for Tegra (Jetson TX1) - # - ttyAMA0: for QEMU's -machine virt - # Also increase the amount of CMA to ensure the virtual console on the RPi3 works. - boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"]; - - boot.initrd.availableKernelModules = [ - # Allows early (earlier) modesetting for the Raspberry Pi - "vc4" "bcm2835_dma" "i2c_bcm2835" - # Allows early (earlier) modesetting for Allwinner SoCs - "sun4i_drm" "sun8i_drm_hdmi" "sun8i_mixer" - ]; - - sdImage = { - populateFirmwareCommands = let - configTxt = pkgs.writeText "config.txt" '' - kernel=u-boot-rpi3.bin - - # Boot in 64-bit mode. - arm_control=0x200 - - # U-Boot used to need this to work, regardless of whether UART is actually used or not. - # TODO: check when/if this can be removed. - enable_uart=1 - - # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel - # when attempting to show low-voltage or overtemperature warnings. - avoid_warnings=1 - ''; - in '' - (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) - cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin - cp ${configTxt} firmware/config.txt - ''; - populateRootCommands = '' - mkdir -p ./files/boot - ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot - ''; + config = { + warnings = [ + '' + .../cd-dvd/sd-image-aarch64.nix is deprecated and will eventually be removed. + Please switch to .../sd-card/sd-image-aarch64-installer.nix, instead. + '' + ]; }; - - # the installation media is also the installation target, - # so we don't want to provide the installation configuration.nix. - installer.cloneConfig = false; } diff --git a/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix b/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix index d2ba611532e..6ee0eb9e9b8 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix @@ -1,57 +1,14 @@ -# To build, use: -# nix-build nixos -I nixos-config=nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix -A config.system.build.sdImage -{ config, lib, pkgs, ... }: - +{ config, ... }: { imports = [ - ../../profiles/base.nix - ../../profiles/installation-device.nix - ./sd-image.nix + ../sd-card/sd-image-armv7l-multiplatform-installer.nix ]; - - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - - boot.consoleLogLevel = lib.mkDefault 7; - boot.kernelPackages = pkgs.linuxPackages_latest; - # The serial ports listed here are: - # - ttyS0: for Tegra (Jetson TK1) - # - ttymxc0: for i.MX6 (Wandboard) - # - ttyAMA0: for Allwinner (pcDuino3 Nano) and QEMU's -machine virt - # - ttyO0: for OMAP (BeagleBone Black) - # - ttySAC2: for Exynos (ODROID-XU3) - boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"]; - - sdImage = { - populateFirmwareCommands = let - configTxt = pkgs.writeText "config.txt" '' - # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel - # when attempting to show low-voltage or overtemperature warnings. - avoid_warnings=1 - - [pi2] - kernel=u-boot-rpi2.bin - - [pi3] - kernel=u-boot-rpi3.bin - - # U-Boot used to need this to work, regardless of whether UART is actually used or not. - # TODO: check when/if this can be removed. - enable_uart=1 - ''; - in '' - (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) - cp ${pkgs.ubootRaspberryPi2}/u-boot.bin firmware/u-boot-rpi2.bin - cp ${pkgs.ubootRaspberryPi3_32bit}/u-boot.bin firmware/u-boot-rpi3.bin - cp ${configTxt} firmware/config.txt - ''; - populateRootCommands = '' - mkdir -p ./files/boot - ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot - ''; + config = { + warnings = [ + '' + .../cd-dvd/sd-image-armv7l-multiplatform.nix is deprecated and will eventually be removed. + Please switch to .../sd-card/sd-image-armv7l-multiplatform-installer.nix, instead. + '' + ]; }; - - # the installation media is also the installation target, - # so we don't want to provide the installation configuration.nix. - installer.cloneConfig = false; } diff --git a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix b/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix index 40a01f96177..747440ba9c6 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix @@ -1,46 +1,14 @@ -# To build, use: -# nix-build nixos -I nixos-config=nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix -A config.system.build.sdImage -{ config, lib, pkgs, ... }: - +{ config, ... }: { imports = [ - ../../profiles/base.nix - ../../profiles/installation-device.nix - ./sd-image.nix + ../sd-card/sd-image-raspberrypi-installer.nix ]; - - boot.loader.grub.enable = false; - boot.loader.generic-extlinux-compatible.enable = true; - - boot.consoleLogLevel = lib.mkDefault 7; - boot.kernelPackages = pkgs.linuxPackages_rpi1; - - sdImage = { - populateFirmwareCommands = let - configTxt = pkgs.writeText "config.txt" '' - # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel - # when attempting to show low-voltage or overtemperature warnings. - avoid_warnings=1 - - [pi0] - kernel=u-boot-rpi0.bin - - [pi1] - kernel=u-boot-rpi1.bin - ''; - in '' - (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) - cp ${pkgs.ubootRaspberryPiZero}/u-boot.bin firmware/u-boot-rpi0.bin - cp ${pkgs.ubootRaspberryPi}/u-boot.bin firmware/u-boot-rpi1.bin - cp ${configTxt} firmware/config.txt - ''; - populateRootCommands = '' - mkdir -p ./files/boot - ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot - ''; + config = { + warnings = [ + '' + .../cd-dvd/sd-image-raspberrypi.nix is deprecated and will eventually be removed. + Please switch to .../sd-card/sd-image-raspberrypi-installer.nix, instead. + '' + ]; }; - - # the installation media is also the installation target, - # so we don't want to provide the installation configuration.nix. - installer.cloneConfig = false; } diff --git a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi4.nix b/nixos/modules/installer/cd-dvd/sd-image-raspberrypi4.nix deleted file mode 100644 index 79c835dc390..00000000000 --- a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi4.nix +++ /dev/null @@ -1,38 +0,0 @@ -# To build, use: -# nix-build nixos -I nixos-config=nixos/modules/installer/cd-dvd/sd-image-raspberrypi4.nix -A config.system.build.sdImage -{ config, lib, pkgs, ... }: - -{ - imports = [ - ../../profiles/base.nix - ../../profiles/installation-device.nix - ./sd-image.nix - ]; - - boot.loader.grub.enable = false; - boot.loader.raspberryPi.enable = true; - boot.loader.raspberryPi.version = 4; - boot.kernelPackages = pkgs.linuxPackages_rpi4; - - boot.consoleLogLevel = lib.mkDefault 7; - - sdImage = { - firmwareSize = 128; - firmwarePartitionName = "NIXOS_BOOT"; - # This is a hack to avoid replicating config.txt from boot.loader.raspberryPi - populateFirmwareCommands = - "${config.system.build.installBootLoader} ${config.system.build.toplevel} -d ./firmware"; - # As the boot process is done entirely in the firmware partition. - populateRootCommands = ""; - }; - - fileSystems."/boot/firmware" = { - # This effectively "renames" the loaOf entry set in sd-image.nix - mountPoint = "/boot"; - neededForBoot = true; - }; - - # the installation media is also the installation target, - # so we don't want to provide the installation configuration.nix. - installer.cloneConfig = false; -} diff --git a/nixos/modules/installer/cd-dvd/sd-image.nix b/nixos/modules/installer/cd-dvd/sd-image.nix index ddad1116c94..e2d6dcb3fe3 100644 --- a/nixos/modules/installer/cd-dvd/sd-image.nix +++ b/nixos/modules/installer/cd-dvd/sd-image.nix @@ -1,232 +1,14 @@ -# This module creates a bootable SD card image containing the given NixOS -# configuration. The generated image is MBR partitioned, with a FAT -# /boot/firmware partition, and ext4 root partition. The generated image -# is sized to fit its contents, and a boot script automatically resizes -# the root partition to fit the device on the first boot. -# -# The firmware partition is built with expectation to hold the Raspberry -# Pi firmware and bootloader, and be removed and replaced with a firmware -# build for the target SoC for other board families. -# -# The derivation for the SD image will be placed in -# config.system.build.sdImage - -{ config, lib, pkgs, ... }: - -with lib; - -let - rootfsImage = pkgs.callPackage ../../../lib/make-ext4-fs.nix ({ - inherit (config.sdImage) storePaths; - compressImage = true; - populateImageCommands = config.sdImage.populateRootCommands; - volumeLabel = "NIXOS_SD"; - } // optionalAttrs (config.sdImage.rootPartitionUUID != null) { - uuid = config.sdImage.rootPartitionUUID; - }); -in +{ config, ... }: { imports = [ - (mkRemovedOptionModule [ "sdImage" "bootPartitionID" ] "The FAT partition for SD image now only holds the Raspberry Pi firmware files. Use firmwarePartitionID to configure that partition's ID.") - (mkRemovedOptionModule [ "sdImage" "bootSize" ] "The boot files for SD image have been moved to the main ext4 partition. The FAT partition now only holds the Raspberry Pi firmware files. Changing its size may not be required.") + ../sd-card/sd-image.nix ]; - - options.sdImage = { - imageName = mkOption { - default = "${config.sdImage.imageBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.img"; - description = '' - Name of the generated image file. - ''; - }; - - imageBaseName = mkOption { - default = "nixos-sd-image"; - description = '' - Prefix of the name of the generated image file. - ''; - }; - - storePaths = mkOption { - type = with types; listOf package; - example = literalExample "[ pkgs.stdenv ]"; - description = '' - Derivations to be included in the Nix store in the generated SD image. - ''; - }; - - firmwarePartitionID = mkOption { - type = types.str; - default = "0x2178694e"; - description = '' - Volume ID for the /boot/firmware partition on the SD card. This value - must be a 32-bit hexadecimal number. - ''; - }; - - firmwarePartitionName = mkOption { - type = types.str; - default = "FIRMWARE"; - description = '' - Name of the filesystem which holds the boot firmware. - ''; - }; - - rootPartitionUUID = mkOption { - type = types.nullOr types.str; - default = null; - example = "14e19a7b-0ae0-484d-9d54-43bd6fdc20c7"; - description = '' - UUID for the filesystem on the main NixOS partition on the SD card. - ''; - }; - - firmwareSize = mkOption { - type = types.int; - # As of 2019-08-18 the Raspberry pi firmware + u-boot takes ~18MiB - default = 30; - description = '' - Size of the /boot/firmware partition, in megabytes. - ''; - }; - - populateFirmwareCommands = mkOption { - example = literalExample "'' cp \${pkgs.myBootLoader}/u-boot.bin firmware/ ''"; - description = '' - Shell commands to populate the ./firmware directory. - All files in that directory are copied to the - /boot/firmware partition on the SD image. - ''; - }; - - populateRootCommands = mkOption { - example = literalExample "''\${config.boot.loader.generic-extlinux-compatible.populateCmd} -c \${config.system.build.toplevel} -d ./files/boot''"; - description = '' - Shell commands to populate the ./files directory. - All files in that directory are copied to the - root (/) partition on the SD image. Use this to - populate the ./files/boot (/boot) directory. - ''; - }; - - compressImage = mkOption { - type = types.bool; - default = true; - description = '' - Whether the SD image should be compressed using - <command>zstd</command>. - ''; - }; - - }; - config = { - fileSystems = { - "/boot/firmware" = { - device = "/dev/disk/by-label/${config.sdImage.firmwarePartitionName}"; - fsType = "vfat"; - # Alternatively, this could be removed from the configuration. - # The filesystem is not needed at runtime, it could be treated - # as an opaque blob instead of a discrete FAT32 filesystem. - options = [ "nofail" "noauto" ]; - }; - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - }; - }; - - sdImage.storePaths = [ config.system.build.toplevel ]; - - system.build.sdImage = pkgs.callPackage ({ stdenv, dosfstools, e2fsprogs, - mtools, libfaketime, utillinux, zstd }: stdenv.mkDerivation { - name = config.sdImage.imageName; - - nativeBuildInputs = [ dosfstools e2fsprogs mtools libfaketime utillinux zstd ]; - - inherit (config.sdImage) compressImage; - - buildCommand = '' - mkdir -p $out/nix-support $out/sd-image - export img=$out/sd-image/${config.sdImage.imageName} - - echo "${pkgs.stdenv.buildPlatform.system}" > $out/nix-support/system - if test -n "$compressImage"; then - echo "file sd-image $img.zst" >> $out/nix-support/hydra-build-products - else - echo "file sd-image $img" >> $out/nix-support/hydra-build-products - fi - - echo "Decompressing rootfs image" - zstd -d --no-progress "${rootfsImage}" -o ./root-fs.img - - # Gap in front of the first partition, in MiB - gap=8 - - # Create the image file sized to fit /boot/firmware and /, plus slack for the gap. - rootSizeBlocks=$(du -B 512 --apparent-size ./root-fs.img | awk '{ print $1 }') - firmwareSizeBlocks=$((${toString config.sdImage.firmwareSize} * 1024 * 1024 / 512)) - imageSize=$((rootSizeBlocks * 512 + firmwareSizeBlocks * 512 + gap * 1024 * 1024)) - truncate -s $imageSize $img - - # type=b is 'W95 FAT32', type=83 is 'Linux'. - # The "bootable" partition is where u-boot will look file for the bootloader - # information (dtbs, extlinux.conf file). - sfdisk $img <<EOF - label: dos - label-id: ${config.sdImage.firmwarePartitionID} - - start=''${gap}M, size=$firmwareSizeBlocks, type=b - start=$((gap + ${toString config.sdImage.firmwareSize}))M, type=83, bootable - EOF - - # Copy the rootfs into the SD image - eval $(partx $img -o START,SECTORS --nr 2 --pairs) - dd conv=notrunc if=./root-fs.img of=$img seek=$START count=$SECTORS - - # Create a FAT32 /boot/firmware partition of suitable size into firmware_part.img - eval $(partx $img -o START,SECTORS --nr 1 --pairs) - truncate -s $((SECTORS * 512)) firmware_part.img - faketime "1970-01-01 00:00:00" mkfs.vfat -i ${config.sdImage.firmwarePartitionID} -n ${config.sdImage.firmwarePartitionName} firmware_part.img - - # Populate the files intended for /boot/firmware - mkdir firmware - ${config.sdImage.populateFirmwareCommands} - - # Copy the populated /boot/firmware into the SD image - (cd firmware; mcopy -psvm -i ../firmware_part.img ./* ::) - # Verify the FAT partition before copying it. - fsck.vfat -vn firmware_part.img - dd conv=notrunc if=firmware_part.img of=$img seek=$START count=$SECTORS - if test -n "$compressImage"; then - zstd -T$NIX_BUILD_CORES --rm $img - fi - ''; - }) {}; - - boot.postBootCommands = '' - # On the first boot do some maintenance tasks - if [ -f /nix-path-registration ]; then - set -euo pipefail - set -x - # Figure out device names for the boot device and root filesystem. - rootPart=$(${pkgs.utillinux}/bin/findmnt -n -o SOURCE /) - bootDevice=$(lsblk -npo PKNAME $rootPart) - - # Resize the root partition and the filesystem to fit the disk - echo ",+," | sfdisk -N2 --no-reread $bootDevice - ${pkgs.parted}/bin/partprobe - ${pkgs.e2fsprogs}/bin/resize2fs $rootPart - - # Register the contents of the initial Nix store - ${config.nix.package.out}/bin/nix-store --load-db < /nix-path-registration - - # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag. - touch /etc/NIXOS - ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system - - # Prevents this from running on later boots. - rm -f /nix-path-registration - fi - ''; + warnings = [ + '' + .../cd-dvd/sd-image.nix is deprecated and will eventually be removed. + Please switch to .../sd-card/sd-image.nix, instead. + '' + ]; }; } diff --git a/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix b/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix index 6d4ba96dba0..123f487baf9 100644 --- a/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix +++ b/nixos/modules/installer/cd-dvd/system-tarball-fuloong2f.nix @@ -26,7 +26,7 @@ let # A clue for the kernel loading kernelParams = pkgs.writeText "kernel-params.txt" '' Kernel Parameters: - init=/boot/init systemConfig=/boot/init ${toString config.boot.kernelParams} + init=/boot/init ${toString config.boot.kernelParams} ''; # System wide nixpkgs config @@ -104,7 +104,7 @@ in ''; # Some more help text. - services.mingetty.helpLine = + services.getty.helpLine = '' Log in as "root" with an empty password. ${ diff --git a/nixos/modules/installer/cd-dvd/system-tarball-pc.nix b/nixos/modules/installer/cd-dvd/system-tarball-pc.nix index f2af7dcde3d..a79209d7dfe 100644 --- a/nixos/modules/installer/cd-dvd/system-tarball-pc.nix +++ b/nixos/modules/installer/cd-dvd/system-tarball-pc.nix @@ -23,13 +23,13 @@ let label nixos MENU LABEL ^NixOS using nfsroot KERNEL bzImage - append ip=dhcp nfsroot=/home/pcroot systemConfig=${config.system.build.toplevel} init=${config.system.build.toplevel}/init rw + append ip=dhcp nfsroot=/home/pcroot init=${config.system.build.toplevel}/init rw # I don't know how to make this boot with nfsroot (using the initrd) label nixos_initrd MENU LABEL NixOS booting the poor ^initrd. KERNEL bzImage - append initrd=initrd ip=dhcp nfsroot=/home/pcroot systemConfig=${config.system.build.toplevel} init=${config.system.build.toplevel}/init rw + append initrd=initrd ip=dhcp nfsroot=/home/pcroot init=${config.system.build.toplevel}/init rw label memtest MENU LABEL ^${pkgs.memtest86.name} diff --git a/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix b/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix index 8408f56f94f..95579f3ca06 100644 --- a/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix +++ b/nixos/modules/installer/cd-dvd/system-tarball-sheevaplug.nix @@ -96,7 +96,7 @@ in boot.initrd.extraUtilsCommands = '' - copy_bin_and_libs ${pkgs.utillinux}/sbin/hwclock + copy_bin_and_libs ${pkgs.util-linux}/sbin/hwclock ''; boot.initrd.postDeviceCommands = @@ -122,7 +122,7 @@ in device = "/dev/something"; }; - services.mingetty = { + services.getty = { # Some more help text. helpLine = '' Log in as "root" with an empty password. ${ diff --git a/nixos/modules/installer/netboot/netboot.nix b/nixos/modules/installer/netboot/netboot.nix index 95eba86bcb6..238ab6d0617 100644 --- a/nixos/modules/installer/netboot/netboot.nix +++ b/nixos/modules/installer/netboot/netboot.nix @@ -57,6 +57,12 @@ with lib; "upperdir=/nix/.rw-store/store" "workdir=/nix/.rw-store/work" ]; + + depends = [ + "/nix/.ro-store" + "/nix/.rw-store/store" + "/nix/.rw-store/work" + ]; }; boot.initrd.availableKernelModules = [ "squashfs" "overlay" ]; @@ -88,7 +94,7 @@ with lib; system.build.netbootIpxeScript = pkgs.writeTextDir "netboot.ipxe" '' #!ipxe - kernel ${pkgs.stdenv.hostPlatform.platform.kernelTarget} init=${config.system.build.toplevel}/init initrd=initrd ${toString config.boot.kernelParams} + kernel ${pkgs.stdenv.hostPlatform.linux-kernel.target} init=${config.system.build.toplevel}/init initrd=initrd ${toString config.boot.kernelParams} initrd initrd boot ''; diff --git a/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix b/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix new file mode 100644 index 00000000000..2a6b6abdf91 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../profiles/installation-device.nix + ./sd-image-aarch64.nix + ]; + + # the installation media is also the installation target, + # so we don't want to provide the installation configuration.nix. + installer.cloneConfig = false; +} diff --git a/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel-installer.nix b/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel-installer.nix new file mode 100644 index 00000000000..1b6b55ff291 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel-installer.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../profiles/installation-device.nix + ./sd-image-aarch64-new-kernel.nix + ]; + + # the installation media is also the installation target, + # so we don't want to provide the installation configuration.nix. + installer.cloneConfig = false; +} diff --git a/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel.nix b/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel.nix new file mode 100644 index 00000000000..2882fbcc730 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-aarch64-new-kernel.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: + +{ + imports = [ ./sd-image-aarch64.nix ]; + + boot.kernelPackages = pkgs.linuxPackages_latest; +} diff --git a/nixos/modules/installer/sd-card/sd-image-aarch64.nix b/nixos/modules/installer/sd-card/sd-image-aarch64.nix new file mode 100644 index 00000000000..165e2aac27b --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-aarch64.nix @@ -0,0 +1,68 @@ +# To build, use: +# nix-build nixos -I nixos-config=nixos/modules/installer/sd-card/sd-image-aarch64.nix -A config.system.build.sdImage +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../profiles/base.nix + ./sd-image.nix + ]; + + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + boot.consoleLogLevel = lib.mkDefault 7; + + # The serial ports listed here are: + # - ttyS0: for Tegra (Jetson TX1) + # - ttyAMA0: for QEMU's -machine virt + boot.kernelParams = ["console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"]; + + sdImage = { + populateFirmwareCommands = let + configTxt = pkgs.writeText "config.txt" '' + [pi3] + kernel=u-boot-rpi3.bin + + [pi4] + kernel=u-boot-rpi4.bin + enable_gic=1 + armstub=armstub8-gic.bin + + # Otherwise the resolution will be weird in most cases, compared to + # what the pi3 firmware does by default. + disable_overscan=1 + + [all] + # Boot in 64-bit mode. + arm_64bit=1 + + # U-Boot needs this to work, regardless of whether UART is actually used or not. + # Look in arch/arm/mach-bcm283x/Kconfig in the U-Boot tree to see if this is still + # a requirement in the future. + enable_uart=1 + + # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel + # when attempting to show low-voltage or overtemperature warnings. + avoid_warnings=1 + ''; + in '' + (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) + + # Add the config + cp ${configTxt} firmware/config.txt + + # Add pi3 specific files + cp ${pkgs.ubootRaspberryPi3_64bit}/u-boot.bin firmware/u-boot-rpi3.bin + + # Add pi4 specific files + cp ${pkgs.ubootRaspberryPi4_64bit}/u-boot.bin firmware/u-boot-rpi4.bin + cp ${pkgs.raspberrypi-armstubs}/armstub8-gic.bin firmware/armstub8-gic.bin + cp ${pkgs.raspberrypifw}/share/raspberrypi/boot/bcm2711-rpi-4-b.dtb firmware/ + ''; + populateRootCommands = '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + }; +} diff --git a/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform-installer.nix b/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform-installer.nix new file mode 100644 index 00000000000..fbe04377d50 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform-installer.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../profiles/installation-device.nix + ./sd-image-armv7l-multiplatform.nix + ]; + + # the installation media is also the installation target, + # so we don't want to provide the installation configuration.nix. + installer.cloneConfig = false; +} diff --git a/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform.nix b/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform.nix new file mode 100644 index 00000000000..23ed9285129 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform.nix @@ -0,0 +1,52 @@ +# To build, use: +# nix-build nixos -I nixos-config=nixos/modules/installer/sd-card/sd-image-armv7l-multiplatform.nix -A config.system.build.sdImage +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../profiles/base.nix + ./sd-image.nix + ]; + + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + boot.consoleLogLevel = lib.mkDefault 7; + boot.kernelPackages = pkgs.linuxPackages_latest; + # The serial ports listed here are: + # - ttyS0: for Tegra (Jetson TK1) + # - ttymxc0: for i.MX6 (Wandboard) + # - ttyAMA0: for Allwinner (pcDuino3 Nano) and QEMU's -machine virt + # - ttyO0: for OMAP (BeagleBone Black) + # - ttySAC2: for Exynos (ODROID-XU3) + boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"]; + + sdImage = { + populateFirmwareCommands = let + configTxt = pkgs.writeText "config.txt" '' + # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel + # when attempting to show low-voltage or overtemperature warnings. + avoid_warnings=1 + + [pi2] + kernel=u-boot-rpi2.bin + + [pi3] + kernel=u-boot-rpi3.bin + + # U-Boot used to need this to work, regardless of whether UART is actually used or not. + # TODO: check when/if this can be removed. + enable_uart=1 + ''; + in '' + (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) + cp ${pkgs.ubootRaspberryPi2}/u-boot.bin firmware/u-boot-rpi2.bin + cp ${pkgs.ubootRaspberryPi3_32bit}/u-boot.bin firmware/u-boot-rpi3.bin + cp ${configTxt} firmware/config.txt + ''; + populateRootCommands = '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + }; +} diff --git a/nixos/modules/installer/sd-card/sd-image-raspberrypi-installer.nix b/nixos/modules/installer/sd-card/sd-image-raspberrypi-installer.nix new file mode 100644 index 00000000000..72ec7485b52 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-raspberrypi-installer.nix @@ -0,0 +1,10 @@ +{ + imports = [ + ../../profiles/installation-device.nix + ./sd-image-raspberrypi.nix + ]; + + # the installation media is also the installation target, + # so we don't want to provide the installation configuration.nix. + installer.cloneConfig = false; +} diff --git a/nixos/modules/installer/sd-card/sd-image-raspberrypi.nix b/nixos/modules/installer/sd-card/sd-image-raspberrypi.nix new file mode 100644 index 00000000000..83850f4c115 --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image-raspberrypi.nix @@ -0,0 +1,41 @@ +# To build, use: +# nix-build nixos -I nixos-config=nixos/modules/installer/sd-card/sd-image-raspberrypi.nix -A config.system.build.sdImage +{ config, lib, pkgs, ... }: + +{ + imports = [ + ../../profiles/base.nix + ./sd-image.nix + ]; + + boot.loader.grub.enable = false; + boot.loader.generic-extlinux-compatible.enable = true; + + boot.consoleLogLevel = lib.mkDefault 7; + boot.kernelPackages = pkgs.linuxPackages_rpi1; + + sdImage = { + populateFirmwareCommands = let + configTxt = pkgs.writeText "config.txt" '' + # Prevent the firmware from smashing the framebuffer setup done by the mainline kernel + # when attempting to show low-voltage or overtemperature warnings. + avoid_warnings=1 + + [pi0] + kernel=u-boot-rpi0.bin + + [pi1] + kernel=u-boot-rpi1.bin + ''; + in '' + (cd ${pkgs.raspberrypifw}/share/raspberrypi/boot && cp bootcode.bin fixup*.dat start*.elf $NIX_BUILD_TOP/firmware/) + cp ${pkgs.ubootRaspberryPiZero}/u-boot.bin firmware/u-boot-rpi0.bin + cp ${pkgs.ubootRaspberryPi}/u-boot.bin firmware/u-boot-rpi1.bin + cp ${configTxt} firmware/config.txt + ''; + populateRootCommands = '' + mkdir -p ./files/boot + ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot + ''; + }; +} diff --git a/nixos/modules/installer/sd-card/sd-image.nix b/nixos/modules/installer/sd-card/sd-image.nix new file mode 100644 index 00000000000..2a10a77300e --- /dev/null +++ b/nixos/modules/installer/sd-card/sd-image.nix @@ -0,0 +1,269 @@ +# This module creates a bootable SD card image containing the given NixOS +# configuration. The generated image is MBR partitioned, with a FAT +# /boot/firmware partition, and ext4 root partition. The generated image +# is sized to fit its contents, and a boot script automatically resizes +# the root partition to fit the device on the first boot. +# +# The firmware partition is built with expectation to hold the Raspberry +# Pi firmware and bootloader, and be removed and replaced with a firmware +# build for the target SoC for other board families. +# +# The derivation for the SD image will be placed in +# config.system.build.sdImage + +{ config, lib, pkgs, ... }: + +with lib; + +let + rootfsImage = pkgs.callPackage ../../../lib/make-ext4-fs.nix ({ + inherit (config.sdImage) storePaths; + compressImage = true; + populateImageCommands = config.sdImage.populateRootCommands; + volumeLabel = "NIXOS_SD"; + } // optionalAttrs (config.sdImage.rootPartitionUUID != null) { + uuid = config.sdImage.rootPartitionUUID; + }); +in +{ + imports = [ + (mkRemovedOptionModule [ "sdImage" "bootPartitionID" ] "The FAT partition for SD image now only holds the Raspberry Pi firmware files. Use firmwarePartitionID to configure that partition's ID.") + (mkRemovedOptionModule [ "sdImage" "bootSize" ] "The boot files for SD image have been moved to the main ext4 partition. The FAT partition now only holds the Raspberry Pi firmware files. Changing its size may not be required.") + ../../profiles/all-hardware.nix + ]; + + options.sdImage = { + imageName = mkOption { + default = "${config.sdImage.imageBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.img"; + description = '' + Name of the generated image file. + ''; + }; + + imageBaseName = mkOption { + default = "nixos-sd-image"; + description = '' + Prefix of the name of the generated image file. + ''; + }; + + storePaths = mkOption { + type = with types; listOf package; + example = literalExample "[ pkgs.stdenv ]"; + description = '' + Derivations to be included in the Nix store in the generated SD image. + ''; + }; + + firmwarePartitionOffset = mkOption { + type = types.int; + default = 8; + description = '' + Gap in front of the /boot/firmware partition, in mebibytes (1024×1024 + bytes). + Can be increased to make more space for boards requiring to dd u-boot + SPL before actual partitions. + + Unless you are building your own images pre-configured with an + installed U-Boot, you can instead opt to delete the existing `FIRMWARE` + partition, which is used **only** for the Raspberry Pi family of + hardware. + ''; + }; + + firmwarePartitionID = mkOption { + type = types.str; + default = "0x2178694e"; + description = '' + Volume ID for the /boot/firmware partition on the SD card. This value + must be a 32-bit hexadecimal number. + ''; + }; + + firmwarePartitionName = mkOption { + type = types.str; + default = "FIRMWARE"; + description = '' + Name of the filesystem which holds the boot firmware. + ''; + }; + + rootPartitionUUID = mkOption { + type = types.nullOr types.str; + default = null; + example = "14e19a7b-0ae0-484d-9d54-43bd6fdc20c7"; + description = '' + UUID for the filesystem on the main NixOS partition on the SD card. + ''; + }; + + firmwareSize = mkOption { + type = types.int; + # As of 2019-08-18 the Raspberry pi firmware + u-boot takes ~18MiB + default = 30; + description = '' + Size of the /boot/firmware partition, in megabytes. + ''; + }; + + populateFirmwareCommands = mkOption { + example = literalExample "'' cp \${pkgs.myBootLoader}/u-boot.bin firmware/ ''"; + description = '' + Shell commands to populate the ./firmware directory. + All files in that directory are copied to the + /boot/firmware partition on the SD image. + ''; + }; + + populateRootCommands = mkOption { + example = literalExample "''\${config.boot.loader.generic-extlinux-compatible.populateCmd} -c \${config.system.build.toplevel} -d ./files/boot''"; + description = '' + Shell commands to populate the ./files directory. + All files in that directory are copied to the + root (/) partition on the SD image. Use this to + populate the ./files/boot (/boot) directory. + ''; + }; + + postBuildCommands = mkOption { + example = literalExample "'' dd if=\${pkgs.myBootLoader}/SPL of=$img bs=1024 seek=1 conv=notrunc ''"; + default = ""; + description = '' + Shell commands to run after the image is built. + Can be used for boards requiring to dd u-boot SPL before actual partitions. + ''; + }; + + compressImage = mkOption { + type = types.bool; + default = true; + description = '' + Whether the SD image should be compressed using + <command>zstd</command>. + ''; + }; + + expandOnBoot = mkOption { + type = types.bool; + default = true; + description = '' + Whether to configure the sd image to expand it's partition on boot. + ''; + }; + }; + + config = { + fileSystems = { + "/boot/firmware" = { + device = "/dev/disk/by-label/${config.sdImage.firmwarePartitionName}"; + fsType = "vfat"; + # Alternatively, this could be removed from the configuration. + # The filesystem is not needed at runtime, it could be treated + # as an opaque blob instead of a discrete FAT32 filesystem. + options = [ "nofail" "noauto" ]; + }; + "/" = { + device = "/dev/disk/by-label/NIXOS_SD"; + fsType = "ext4"; + }; + }; + + sdImage.storePaths = [ config.system.build.toplevel ]; + + system.build.sdImage = pkgs.callPackage ({ stdenv, dosfstools, e2fsprogs, + mtools, libfaketime, util-linux, zstd }: stdenv.mkDerivation { + name = config.sdImage.imageName; + + nativeBuildInputs = [ dosfstools e2fsprogs mtools libfaketime util-linux zstd ]; + + inherit (config.sdImage) compressImage; + + buildCommand = '' + mkdir -p $out/nix-support $out/sd-image + export img=$out/sd-image/${config.sdImage.imageName} + + echo "${pkgs.stdenv.buildPlatform.system}" > $out/nix-support/system + if test -n "$compressImage"; then + echo "file sd-image $img.zst" >> $out/nix-support/hydra-build-products + else + echo "file sd-image $img" >> $out/nix-support/hydra-build-products + fi + + echo "Decompressing rootfs image" + zstd -d --no-progress "${rootfsImage}" -o ./root-fs.img + + # Gap in front of the first partition, in MiB + gap=${toString config.sdImage.firmwarePartitionOffset} + + # Create the image file sized to fit /boot/firmware and /, plus slack for the gap. + rootSizeBlocks=$(du -B 512 --apparent-size ./root-fs.img | awk '{ print $1 }') + firmwareSizeBlocks=$((${toString config.sdImage.firmwareSize} * 1024 * 1024 / 512)) + imageSize=$((rootSizeBlocks * 512 + firmwareSizeBlocks * 512 + gap * 1024 * 1024)) + truncate -s $imageSize $img + + # type=b is 'W95 FAT32', type=83 is 'Linux'. + # The "bootable" partition is where u-boot will look file for the bootloader + # information (dtbs, extlinux.conf file). + sfdisk $img <<EOF + label: dos + label-id: ${config.sdImage.firmwarePartitionID} + + start=''${gap}M, size=$firmwareSizeBlocks, type=b + start=$((gap + ${toString config.sdImage.firmwareSize}))M, type=83, bootable + EOF + + # Copy the rootfs into the SD image + eval $(partx $img -o START,SECTORS --nr 2 --pairs) + dd conv=notrunc if=./root-fs.img of=$img seek=$START count=$SECTORS + + # Create a FAT32 /boot/firmware partition of suitable size into firmware_part.img + eval $(partx $img -o START,SECTORS --nr 1 --pairs) + truncate -s $((SECTORS * 512)) firmware_part.img + faketime "1970-01-01 00:00:00" mkfs.vfat -i ${config.sdImage.firmwarePartitionID} -n ${config.sdImage.firmwarePartitionName} firmware_part.img + + # Populate the files intended for /boot/firmware + mkdir firmware + ${config.sdImage.populateFirmwareCommands} + + # Copy the populated /boot/firmware into the SD image + (cd firmware; mcopy -psvm -i ../firmware_part.img ./* ::) + # Verify the FAT partition before copying it. + fsck.vfat -vn firmware_part.img + dd conv=notrunc if=firmware_part.img of=$img seek=$START count=$SECTORS + + ${config.sdImage.postBuildCommands} + + if test -n "$compressImage"; then + zstd -T$NIX_BUILD_CORES --rm $img + fi + ''; + }) {}; + + boot.postBootCommands = lib.mkIf config.sdImage.expandOnBoot '' + # On the first boot do some maintenance tasks + if [ -f /nix-path-registration ]; then + set -euo pipefail + set -x + # Figure out device names for the boot device and root filesystem. + rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /) + bootDevice=$(lsblk -npo PKNAME $rootPart) + partNum=$(lsblk -npo MAJ:MIN $rootPart | ${pkgs.gawk}/bin/awk -F: '{print $2}') + + # Resize the root partition and the filesystem to fit the disk + echo ",+," | sfdisk -N$partNum --no-reread $bootDevice + ${pkgs.parted}/bin/partprobe + ${pkgs.e2fsprogs}/bin/resize2fs $rootPart + + # Register the contents of the initial Nix store + ${config.nix.package.out}/bin/nix-store --load-db < /nix-path-registration + + # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag. + touch /etc/NIXOS + ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system + + # Prevents this from running on later boots. + rm -f /nix-path-registration + fi + ''; + }; +} diff --git a/nixos/modules/installer/tools/nix-fallback-paths.nix b/nixos/modules/installer/tools/nix-fallback-paths.nix index a15a2dbadb8..e3576074a5b 100644 --- a/nixos/modules/installer/tools/nix-fallback-paths.nix +++ b/nixos/modules/installer/tools/nix-fallback-paths.nix @@ -1,6 +1,7 @@ { - x86_64-linux = "/nix/store/4vz8sh9ngx34ivi0bw5hlycxdhvy5hvz-nix-2.3.7"; - i686-linux = "/nix/store/dzxkg9lpp60bjmzvagns42vqlz3yq5kx-nix-2.3.7"; - aarch64-linux = "/nix/store/cfvf8nl8mwyw817by5y8zd3s8pnf5m9f-nix-2.3.7"; - x86_64-darwin = "/nix/store/5ira7xgs92inqz1x8l0n1wci4r79hnd0-nix-2.3.7"; + x86_64-linux = "/nix/store/qsgz2hhn6mzlzp53a7pwf9z2pq3l5z6h-nix-2.3.14"; + i686-linux = "/nix/store/1yw40bj04lykisw2jilq06lir3k9ga4a-nix-2.3.14"; + aarch64-linux = "/nix/store/32yzwmynmjxfrkb6y6l55liaqdrgkj4a-nix-2.3.14"; + x86_64-darwin = "/nix/store/06j0vi2d13w4l0p3jsigq7lk4x6gkycj-nix-2.3.14"; + aarch64-darwin = "/nix/store/77wi7vpbrghw5rgws25w30bwb8yggnk9-nix-2.3.14"; } diff --git a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix index 0c9f8522cc1..e49ceba2424 100644 --- a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix +++ b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix @@ -15,4 +15,4 @@ with import ../../../../lib/testing-python.nix { pkgs = import ../../../../.. { inherit system config; }; }; -(makeTest { inherit nodes; testScript = ""; }).driver +(makeTest { inherit nodes; testScript = ""; }).driverInteractive diff --git a/nixos/modules/installer/tools/nixos-enter.sh b/nixos/modules/installer/tools/nixos-enter.sh index c72ef6e9c28..450d7761814 100644 --- a/nixos/modules/installer/tools/nixos-enter.sh +++ b/nixos/modules/installer/tools/nixos-enter.sh @@ -69,6 +69,9 @@ mount --rbind /sys "$mountPoint/sys" # Run the activation script. Set $LOCALE_ARCHIVE to supress some Perl locale warnings. LOCALE_ARCHIVE="$system/sw/lib/locale/locale-archive" chroot "$mountPoint" "$system/activate" 1>&2 || true + + # Create /tmp + chroot "$mountPoint" systemd-tmpfiles --create --remove --exclude-prefix=/dev 1>&2 || true ) exec chroot "$mountPoint" "${command[@]}" diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index c8303a6eb60..7bc55e67134 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -183,6 +183,11 @@ sub pciCheck { push @imports, "(modulesPath + \"/hardware/network/broadcom-43xx.nix\")"; } + # In case this is a virtio scsi device, we need to explicitly make this available. + if ($vendor eq "0x1af4" && $device eq "0x1004") { + push @initrdAvailableKernelModules, "virtio_scsi"; + } + # Can't rely on $module here, since the module may not be loaded # due to missing firmware. Ideally we would check modules.pcimap # here. @@ -580,6 +585,22 @@ EOF return $config; } +sub generateXserverConfig { + my $xserverEnabled = "@xserverEnabled@"; + + my $config = ""; + if ($xserverEnabled eq "1") { + $config = <<EOF; + # Enable the X11 windowing system. + services.xserver.enable = true; +EOF + } else { + $config = <<EOF; + # Enable the X11 windowing system. + # services.xserver.enable = true; +EOF + } +} if ($showHardwareConfig) { print STDOUT $hwConfig; @@ -625,10 +646,16 @@ EOF my $networkingDhcpConfig = generateNetworkingDhcpConfig(); + my $xserverConfig = generateXserverConfig(); + + (my $desktopConfiguration = <<EOF)=~s/^/ /gm; +@desktopConfiguration@ +EOF + write_file($fn, <<EOF); @configuration@ EOF - print STDERR "For more hardware-specific settings, see https://github.com/NixOS/nixos-hardware" + print STDERR "For more hardware-specific settings, see https://github.com/NixOS/nixos-hardware.\n" } else { print STDERR "warning: not overwriting existing $fn\n"; } diff --git a/nixos/modules/installer/tools/nixos-install.sh b/nixos/modules/installer/tools/nixos-install.sh index e0252befdfd..ea9667995e1 100644 --- a/nixos/modules/installer/tools/nixos-install.sh +++ b/nixos/modules/installer/tools/nixos-install.sh @@ -10,6 +10,7 @@ umask 0022 # Parse the command line for the -I flag extraBuildFlags=() +flakeFlags=() mountPoint=/mnt channelPath= @@ -34,6 +35,23 @@ while [ "$#" -gt 0 ]; do --system|--closure) system="$1"; shift 1 ;; + --flake) + flake="$1" + flakeFlags=(--experimental-features 'nix-command flakes') + shift 1 + ;; + --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) + lockFlags+=("$i") + ;; + --update-input) + j="$1"; shift 1 + lockFlags+=("$i" "$j") + ;; + --override-input) + j="$1"; shift 1 + k="$1"; shift 1 + lockFlags+=("$i" "$j" "$k") + ;; --channel) channelPath="$1"; shift 1 ;; @@ -46,7 +64,7 @@ while [ "$#" -gt 0 ]; do --no-bootloader) noBootLoader=1 ;; - --show-trace) + --show-trace|--impure|--keep-going) extraBuildFlags+=("$i") ;; --help) @@ -92,14 +110,32 @@ if [[ ${NIXOS_CONFIG:0:1} != / ]]; then exit 1 fi -if [[ ! -e $NIXOS_CONFIG && -z $system ]]; then +if [[ -n $flake ]]; then + if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then + flake="${BASH_REMATCH[1]}" + flakeAttr="${BASH_REMATCH[2]}" + fi + if [[ -z "$flakeAttr" ]]; then + echo "Please specify the name of the NixOS configuration to be installed, as a URI fragment in the flake-uri." + echo "For example, to use the output nixosConfigurations.foo from the flake.nix, append \"#foo\" to the flake-uri." + exit 1 + fi + flakeAttr="nixosConfigurations.\"$flakeAttr\"" +fi + +# Resolve the flake. +if [[ -n $flake ]]; then + flake=$(nix "${flakeFlags[@]}" flake metadata --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) +fi + +if [[ ! -e $NIXOS_CONFIG && -z $system && -z $flake ]]; then echo "configuration file $NIXOS_CONFIG doesn't exist" exit 1 fi # A place to drop temporary stuff. -tmpdir="$(mktemp -d -p $mountPoint)" -trap "rm -rf $tmpdir" EXIT +tmpdir="$(mktemp -d -p "$mountPoint")" +trap 'rm -rf $tmpdir' EXIT # store temporary files on target filesystem by default export TMPDIR=${TMPDIR:-$tmpdir} @@ -108,12 +144,19 @@ sub="auto?trusted=1" # Build the system configuration in the target filesystem. if [[ -z $system ]]; then - echo "building the configuration in $NIXOS_CONFIG..." outLink="$tmpdir/system" - nix-build --out-link "$outLink" --store "$mountPoint" "${extraBuildFlags[@]}" \ - --extra-substituters "$sub" \ - '<nixpkgs/nixos>' -A system -I "nixos-config=$NIXOS_CONFIG" ${verbosity[@]} - system=$(readlink -f $outLink) + if [[ -z $flake ]]; then + echo "building the configuration in $NIXOS_CONFIG..." + nix-build --out-link "$outLink" --store "$mountPoint" "${extraBuildFlags[@]}" \ + --extra-substituters "$sub" \ + '<nixpkgs/nixos>' -A system -I "nixos-config=$NIXOS_CONFIG" "${verbosity[@]}" + else + echo "building the flake in $flake..." + nix "${flakeFlags[@]}" build "$flake#$flakeAttr.config.system.build.toplevel" \ + --store "$mountPoint" --extra-substituters "$sub" "${verbosity[@]}" \ + "${extraBuildFlags[@]}" "${lockFlags[@]}" --out-link "$outLink" + fi + system=$(readlink -f "$outLink") fi # Set the system profile to point to the configuration. TODO: combine @@ -121,7 +164,7 @@ fi # a progress bar. nix-env --store "$mountPoint" "${extraBuildFlags[@]}" \ --extra-substituters "$sub" \ - -p $mountPoint/nix/var/nix/profiles/system --set "$system" ${verbosity[@]} + -p "$mountPoint"/nix/var/nix/profiles/system --set "$system" "${verbosity[@]}" # Copy the NixOS/Nixpkgs sources to the target as the initial contents # of the NixOS channel. @@ -131,12 +174,12 @@ if [[ -z $noChannelCopy ]]; then fi if [[ -n $channelPath ]]; then echo "copying channel..." - mkdir -p $mountPoint/nix/var/nix/profiles/per-user/root + mkdir -p "$mountPoint"/nix/var/nix/profiles/per-user/root nix-env --store "$mountPoint" "${extraBuildFlags[@]}" --extra-substituters "$sub" \ - -p $mountPoint/nix/var/nix/profiles/per-user/root/channels --set "$channelPath" --quiet \ - ${verbosity[@]} - install -m 0700 -d $mountPoint/root/.nix-defexpr - ln -sfn /nix/var/nix/profiles/per-user/root/channels $mountPoint/root/.nix-defexpr/channels + -p "$mountPoint"/nix/var/nix/profiles/per-user/root/channels --set "$channelPath" --quiet \ + "${verbosity[@]}" + install -m 0700 -d "$mountPoint"/root/.nix-defexpr + ln -sfn /nix/var/nix/profiles/per-user/root/channels "$mountPoint"/root/.nix-defexpr/channels fi fi @@ -150,7 +193,7 @@ touch "$mountPoint/etc/NIXOS" if [[ -z $noBootLoader ]]; then echo "installing the boot loader..." # Grub needs an mtab. - ln -sfn /proc/mounts $mountPoint/etc/mtab + ln -sfn /proc/mounts "$mountPoint"/etc/mtab NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot fi diff --git a/nixos/modules/installer/tools/nixos-option/CMakeLists.txt b/nixos/modules/installer/tools/nixos-option/CMakeLists.txt deleted file mode 100644 index e5834598c4f..00000000000 --- a/nixos/modules/installer/tools/nixos-option/CMakeLists.txt +++ /dev/null @@ -1,8 +0,0 @@ -cmake_minimum_required (VERSION 2.6) -project (nixos-option) - -add_executable(nixos-option nixos-option.cc libnix-copy-paste.cc) -target_link_libraries(nixos-option PRIVATE -lnixmain -lnixexpr -lnixstore -lnixutil) -target_compile_features(nixos-option PRIVATE cxx_std_17) - -install (TARGETS nixos-option DESTINATION bin) diff --git a/nixos/modules/installer/tools/nixos-option/default.nix b/nixos/modules/installer/tools/nixos-option/default.nix index 753fd92c7bb..061460f38a3 100644 --- a/nixos/modules/installer/tools/nixos-option/default.nix +++ b/nixos/modules/installer/tools/nixos-option/default.nix @@ -1,11 +1 @@ -{lib, stdenv, boost, cmake, pkgconfig, nix, ... }: -stdenv.mkDerivation rec { - name = "nixos-option"; - src = ./.; - nativeBuildInputs = [ cmake pkgconfig ]; - buildInputs = [ boost nix ]; - meta = { - license = stdenv.lib.licenses.lgpl2Plus; - maintainers = with lib.maintainers; [ chkno ]; - }; -} +{ pkgs, ... }: pkgs.nixos-option diff --git a/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.cc b/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.cc deleted file mode 100644 index 875c07da639..00000000000 --- a/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.cc +++ /dev/null @@ -1,83 +0,0 @@ -// These are useful methods inside the nix library that ought to be exported. -// Since they are not, copy/paste them here. -// TODO: Delete these and use the ones in the library as they become available. - -#include <nix/config.h> // for nix/globals.hh's reference to SYSTEM - -#include "libnix-copy-paste.hh" -#include <boost/format/alt_sstream.hpp> // for basic_altstringbuf... -#include <boost/format/alt_sstream_impl.hpp> // for basic_altstringbuf... -#include <boost/format/format_class.hpp> // for basic_format -#include <boost/format/format_fwd.hpp> // for format -#include <boost/format/format_implementation.hpp> // for basic_format::basi... -#include <boost/optional/optional.hpp> // for get_pointer -#include <iostream> // for operator<<, basic_... -#include <nix/types.hh> // for Strings, Error -#include <string> // for string, basic_string - -using boost::format; -using nix::Error; -using nix::Strings; -using std::string; - -// From nix/src/libexpr/attr-path.cc -Strings parseAttrPath(const string & s) -{ - Strings res; - string cur; - string::const_iterator i = s.begin(); - while (i != s.end()) { - if (*i == '.') { - res.push_back(cur); - cur.clear(); - } else if (*i == '"') { - ++i; - while (1) { - if (i == s.end()) - throw Error(format("missing closing quote in selection path '%1%'") % s); - if (*i == '"') - break; - cur.push_back(*i++); - } - } else - cur.push_back(*i); - ++i; - } - if (!cur.empty()) - res.push_back(cur); - return res; -} - -// From nix/src/nix/repl.cc -bool isVarName(const string & s) -{ - if (s.size() == 0) - return false; - char c = s[0]; - if ((c >= '0' && c <= '9') || c == '-' || c == '\'') - return false; - for (auto & i : s) - if (!((i >= 'a' && i <= 'z') || (i >= 'A' && i <= 'Z') || (i >= '0' && i <= '9') || i == '_' || i == '-' || - i == '\'')) - return false; - return true; -} - -// From nix/src/nix/repl.cc -std::ostream & printStringValue(std::ostream & str, const char * string) -{ - str << "\""; - for (const char * i = string; *i; i++) - if (*i == '\"' || *i == '\\') - str << "\\" << *i; - else if (*i == '\n') - str << "\\n"; - else if (*i == '\r') - str << "\\r"; - else if (*i == '\t') - str << "\\t"; - else - str << *i; - str << "\""; - return str; -} diff --git a/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.hh b/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.hh deleted file mode 100644 index 2274e9a0f85..00000000000 --- a/nixos/modules/installer/tools/nixos-option/libnix-copy-paste.hh +++ /dev/null @@ -1,9 +0,0 @@ -#pragma once - -#include <iostream> -#include <nix/types.hh> -#include <string> - -nix::Strings parseAttrPath(const std::string & s); -bool isVarName(const std::string & s); -std::ostream & printStringValue(std::ostream & str, const char * string); diff --git a/nixos/modules/installer/tools/nixos-option/nixos-option.cc b/nixos/modules/installer/tools/nixos-option/nixos-option.cc deleted file mode 100644 index 1a7b07a74f8..00000000000 --- a/nixos/modules/installer/tools/nixos-option/nixos-option.cc +++ /dev/null @@ -1,643 +0,0 @@ -#include <nix/config.h> // for nix/globals.hh's reference to SYSTEM - -#include <exception> // for exception_ptr, current_exception -#include <functional> // for function -#include <iostream> // for operator<<, basic_ostream, ostrin... -#include <iterator> // for next -#include <list> // for _List_iterator -#include <memory> // for allocator, unique_ptr, make_unique -#include <new> // for operator new -#include <nix/args.hh> // for argvToStrings, UsageError -#include <nix/attr-path.hh> // for findAlongAttrPath -#include <nix/attr-set.hh> // for Attr, Bindings, Bindings::iterator -#include <nix/common-eval-args.hh> // for MixEvalArgs -#include <nix/eval-inline.hh> // for EvalState::forceValue -#include <nix/eval.hh> // for EvalState, initGC, operator<< -#include <nix/globals.hh> // for initPlugins, Settings, settings -#include <nix/nixexpr.hh> // for Pos -#include <nix/shared.hh> // for getArg, LegacyArgs, printVersion -#include <nix/store-api.hh> // for openStore -#include <nix/symbol-table.hh> // for Symbol, SymbolTable -#include <nix/types.hh> // for Error, Path, Strings, PathSet -#include <nix/util.hh> // for absPath, baseNameOf -#include <nix/value.hh> // for Value, Value::(anonymous), Value:... -#include <string> // for string, operator+, operator== -#include <utility> // for move -#include <variant> // for get, holds_alternative, variant -#include <vector> // for vector<>::iterator, vector - -#include "libnix-copy-paste.hh" - -using nix::absPath; -using nix::Bindings; -using nix::Error; -using nix::EvalError; -using nix::EvalState; -using nix::Path; -using nix::PathSet; -using nix::Strings; -using nix::Symbol; -using nix::tAttrs; -using nix::ThrownError; -using nix::tLambda; -using nix::tString; -using nix::UsageError; -using nix::Value; - -// An ostream wrapper to handle nested indentation -class Out -{ - public: - class Separator - {}; - const static Separator sep; - enum LinePolicy - { - ONE_LINE, - MULTI_LINE - }; - explicit Out(std::ostream & ostream) : ostream(ostream), policy(ONE_LINE), writeSinceSep(true) {} - Out(Out & o, const std::string & start, const std::string & end, LinePolicy policy); - Out(Out & o, const std::string & start, const std::string & end, int count) - : Out(o, start, end, count < 2 ? ONE_LINE : MULTI_LINE) - {} - Out(const Out &) = delete; - Out(Out &&) = default; - Out & operator=(const Out &) = delete; - Out & operator=(Out &&) = delete; - ~Out() { ostream << end; } - - private: - std::ostream & ostream; - std::string indentation; - std::string end; - LinePolicy policy; - bool writeSinceSep; - template <typename T> friend Out & operator<<(Out & o, T thing); -}; - -template <typename T> Out & operator<<(Out & o, T thing) -{ - if (!o.writeSinceSep && o.policy == Out::MULTI_LINE) { - o.ostream << o.indentation; - } - o.writeSinceSep = true; - o.ostream << thing; - return o; -} - -template <> Out & operator<<<Out::Separator>(Out & o, Out::Separator /* thing */) -{ - o.ostream << (o.policy == Out::ONE_LINE ? " " : "\n"); - o.writeSinceSep = false; - return o; -} - -Out::Out(Out & o, const std::string & start, const std::string & end, LinePolicy policy) - : ostream(o.ostream), indentation(policy == ONE_LINE ? o.indentation : o.indentation + " "), - end(policy == ONE_LINE ? end : o.indentation + end), policy(policy), writeSinceSep(true) -{ - o << start; - *this << Out::sep; -} - -// Stuff needed for evaluation -struct Context -{ - Context(EvalState & state, Bindings & autoArgs, Value optionsRoot, Value configRoot) - : state(state), autoArgs(autoArgs), optionsRoot(optionsRoot), configRoot(configRoot), - underscoreType(state.symbols.create("_type")) - {} - EvalState & state; - Bindings & autoArgs; - Value optionsRoot; - Value configRoot; - Symbol underscoreType; -}; - -Value evaluateValue(Context & ctx, Value & v) -{ - ctx.state.forceValue(v); - if (ctx.autoArgs.empty()) { - return v; - } - Value called{}; - ctx.state.autoCallFunction(ctx.autoArgs, v, called); - return called; -} - -bool isOption(Context & ctx, const Value & v) -{ - if (v.type != tAttrs) { - return false; - } - const auto & actualType = v.attrs->find(ctx.underscoreType); - if (actualType == v.attrs->end()) { - return false; - } - try { - Value evaluatedType = evaluateValue(ctx, *actualType->value); - if (evaluatedType.type != tString) { - return false; - } - return static_cast<std::string>(evaluatedType.string.s) == "option"; - } catch (Error &) { - return false; - } -} - -// Add quotes to a component of a path. -// These are needed for paths like: -// fileSystems."/".fsType -// systemd.units."dbus.service".text -std::string quoteAttribute(const std::string & attribute) -{ - if (isVarName(attribute)) { - return attribute; - } - std::ostringstream buf; - printStringValue(buf, attribute.c_str()); - return buf.str(); -} - -const std::string appendPath(const std::string & prefix, const std::string & suffix) -{ - if (prefix.empty()) { - return quoteAttribute(suffix); - } - return prefix + "." + quoteAttribute(suffix); -} - -bool forbiddenRecursionName(std::string name) { return (!name.empty() && name[0] == '_') || name == "haskellPackages"; } - -void recurse(const std::function<bool(const std::string & path, std::variant<Value, std::exception_ptr>)> & f, - Context & ctx, Value v, const std::string & path) -{ - std::variant<Value, std::exception_ptr> evaluated; - try { - evaluated = evaluateValue(ctx, v); - } catch (Error &) { - evaluated = std::current_exception(); - } - if (!f(path, evaluated)) { - return; - } - if (std::holds_alternative<std::exception_ptr>(evaluated)) { - return; - } - const Value & evaluated_value = std::get<Value>(evaluated); - if (evaluated_value.type != tAttrs) { - return; - } - for (const auto & child : evaluated_value.attrs->lexicographicOrder()) { - if (forbiddenRecursionName(child->name)) { - continue; - } - recurse(f, ctx, *child->value, appendPath(path, child->name)); - } -} - -bool optionTypeIs(Context & ctx, Value & v, const std::string & soughtType) -{ - try { - const auto & typeLookup = v.attrs->find(ctx.state.sType); - if (typeLookup == v.attrs->end()) { - return false; - } - Value type = evaluateValue(ctx, *typeLookup->value); - if (type.type != tAttrs) { - return false; - } - const auto & nameLookup = type.attrs->find(ctx.state.sName); - if (nameLookup == type.attrs->end()) { - return false; - } - Value name = evaluateValue(ctx, *nameLookup->value); - if (name.type != tString) { - return false; - } - return name.string.s == soughtType; - } catch (Error &) { - return false; - } -} - -bool isAggregateOptionType(Context & ctx, Value & v) -{ - return optionTypeIs(ctx, v, "attrsOf") || optionTypeIs(ctx, v, "listOf") || optionTypeIs(ctx, v, "loaOf"); -} - -MakeError(OptionPathError, EvalError); - -Value getSubOptions(Context & ctx, Value & option) -{ - Value getSubOptions = evaluateValue(ctx, *findAlongAttrPath(ctx.state, "type.getSubOptions", ctx.autoArgs, option)); - if (getSubOptions.type != tLambda) { - throw OptionPathError("Option's type.getSubOptions isn't a function"); - } - Value emptyString{}; - nix::mkString(emptyString, ""); - Value v; - ctx.state.callFunction(getSubOptions, emptyString, v, nix::Pos{}); - return v; -} - -// Carefully walk an option path, looking for sub-options when a path walks past -// an option value. -struct FindAlongOptionPathRet -{ - Value option; - std::string path; -}; -FindAlongOptionPathRet findAlongOptionPath(Context & ctx, const std::string & path) -{ - Strings tokens = parseAttrPath(path); - Value v = ctx.optionsRoot; - std::string processedPath; - for (auto i = tokens.begin(); i != tokens.end(); i++) { - const auto & attr = *i; - try { - bool lastAttribute = std::next(i) == tokens.end(); - v = evaluateValue(ctx, v); - if (attr.empty()) { - throw OptionPathError("empty attribute name"); - } - if (isOption(ctx, v) && optionTypeIs(ctx, v, "submodule")) { - v = getSubOptions(ctx, v); - } - if (isOption(ctx, v) && isAggregateOptionType(ctx, v)) { - auto subOptions = getSubOptions(ctx, v); - if (lastAttribute && subOptions.attrs->empty()) { - break; - } - v = subOptions; - // Note that we've consumed attr, but didn't actually use it. This is the path component that's looked - // up in the list or attribute set that doesn't name an option -- the "root" in "users.users.root.name". - } else if (v.type != tAttrs) { - throw OptionPathError("Value is %s while a set was expected", showType(v)); - } else { - const auto & next = v.attrs->find(ctx.state.symbols.create(attr)); - if (next == v.attrs->end()) { - throw OptionPathError("Attribute not found", attr, path); - } - v = *next->value; - } - processedPath = appendPath(processedPath, attr); - } catch (OptionPathError & e) { - throw OptionPathError("At '%s' in path '%s': %s", attr, path, e.msg()); - } - } - return {v, processedPath}; -} - -// Calls f on all the option names at or below the option described by `path`. -// Note that "the option described by `path`" is not trivial -- if path describes a value inside an aggregate -// option (such as users.users.root), the *option* described by that path is one path component shorter -// (eg: users.users), which results in f being called on sibling-paths (eg: users.users.nixbld1). If f -// doesn't want these, it must do its own filtering. -void mapOptions(const std::function<void(const std::string & path)> & f, Context & ctx, const std::string & path) -{ - auto root = findAlongOptionPath(ctx, path); - recurse( - [f, &ctx](const std::string & path, std::variant<Value, std::exception_ptr> v) { - bool isOpt = std::holds_alternative<std::exception_ptr>(v) || isOption(ctx, std::get<Value>(v)); - if (isOpt) { - f(path); - } - return !isOpt; - }, - ctx, root.option, root.path); -} - -// Calls f on all the config values inside one option. -// Simple options have one config value inside, like sound.enable = true. -// Compound options have multiple config values. For example, the option -// "users.users" has about 1000 config values inside it: -// users.users.avahi.createHome = false; -// users.users.avahi.cryptHomeLuks = null; -// users.users.avahi.description = "`avahi-daemon' privilege separation user"; -// ... -// users.users.avahi.openssh.authorizedKeys.keyFiles = [ ]; -// users.users.avahi.openssh.authorizedKeys.keys = [ ]; -// ... -// users.users.avahi.uid = 10; -// users.users.avahi.useDefaultShell = false; -// users.users.cups.createHome = false; -// ... -// users.users.cups.useDefaultShell = false; -// users.users.gdm = ... ... ... -// users.users.messagebus = ... .. ... -// users.users.nixbld1 = ... .. ... -// ... -// users.users.systemd-timesync = ... .. ... -void mapConfigValuesInOption( - const std::function<void(const std::string & path, std::variant<Value, std::exception_ptr> v)> & f, - const std::string & path, Context & ctx) -{ - Value * option; - try { - option = findAlongAttrPath(ctx.state, path, ctx.autoArgs, ctx.configRoot); - } catch (Error &) { - f(path, std::current_exception()); - return; - } - recurse( - [f, ctx](const std::string & path, std::variant<Value, std::exception_ptr> v) { - bool leaf = std::holds_alternative<std::exception_ptr>(v) || std::get<Value>(v).type != tAttrs || - ctx.state.isDerivation(std::get<Value>(v)); - if (!leaf) { - return true; // Keep digging - } - f(path, v); - return false; - }, - ctx, *option, path); -} - -std::string describeError(const Error & e) { return "«error: " + e.msg() + "»"; } - -void describeDerivation(Context & ctx, Out & out, Value v) -{ - // Copy-pasted from nix/src/nix/repl.cc :( - Bindings::iterator i = v.attrs->find(ctx.state.sDrvPath); - PathSet pathset; - try { - Path drvPath = i != v.attrs->end() ? ctx.state.coerceToPath(*i->pos, *i->value, pathset) : "???"; - out << "«derivation " << drvPath << "»"; - } catch (Error & e) { - out << describeError(e); - } -} - -Value parseAndEval(EvalState & state, const std::string & expression, const std::string & path) -{ - Value v{}; - state.eval(state.parseExprFromString(expression, absPath(path)), v); - return v; -} - -void printValue(Context & ctx, Out & out, std::variant<Value, std::exception_ptr> maybeValue, const std::string & path); - -void printList(Context & ctx, Out & out, Value & v) -{ - Out listOut(out, "[", "]", v.listSize()); - for (unsigned int n = 0; n < v.listSize(); ++n) { - printValue(ctx, listOut, *v.listElems()[n], ""); - listOut << Out::sep; - } -} - -void printAttrs(Context & ctx, Out & out, Value & v, const std::string & path) -{ - Out attrsOut(out, "{", "}", v.attrs->size()); - for (const auto & a : v.attrs->lexicographicOrder()) { - std::string name = a->name; - if (!forbiddenRecursionName(name)) { - attrsOut << name << " = "; - printValue(ctx, attrsOut, *a->value, appendPath(path, name)); - attrsOut << ";" << Out::sep; - } - } -} - -void multiLineStringEscape(Out & out, const std::string & s) -{ - int i; - for (i = 1; i < s.size(); i++) { - if (s[i - 1] == '$' && s[i] == '{') { - out << "''${"; - i++; - } else if (s[i - 1] == '\'' && s[i] == '\'') { - out << "'''"; - i++; - } else { - out << s[i - 1]; - } - } - if (i == s.size()) { - out << s[i - 1]; - } -} - -void printMultiLineString(Out & out, const Value & v) -{ - std::string s = v.string.s; - Out strOut(out, "''", "''", Out::MULTI_LINE); - std::string::size_type begin = 0; - while (begin < s.size()) { - std::string::size_type end = s.find('\n', begin); - if (end == std::string::npos) { - multiLineStringEscape(strOut, s.substr(begin, s.size() - begin)); - break; - } - multiLineStringEscape(strOut, s.substr(begin, end - begin)); - strOut << Out::sep; - begin = end + 1; - } -} - -void printValue(Context & ctx, Out & out, std::variant<Value, std::exception_ptr> maybeValue, const std::string & path) -{ - try { - if (auto ex = std::get_if<std::exception_ptr>(&maybeValue)) { - std::rethrow_exception(*ex); - } - Value v = evaluateValue(ctx, std::get<Value>(maybeValue)); - if (ctx.state.isDerivation(v)) { - describeDerivation(ctx, out, v); - } else if (v.isList()) { - printList(ctx, out, v); - } else if (v.type == tAttrs) { - printAttrs(ctx, out, v, path); - } else if (v.type == tString && std::string(v.string.s).find('\n') != std::string::npos) { - printMultiLineString(out, v); - } else { - ctx.state.forceValueDeep(v); - out << v; - } - } catch (ThrownError & e) { - if (e.msg() == "The option `" + path + "' is used but not defined.") { - // 93% of errors are this, and just letting this message through would be - // misleading. These values may or may not actually be "used" in the - // config. The thing throwing the error message assumes that if anything - // ever looks at this value, it is a "use" of this value. But here in - // nixos-option, we are looking at this value only to print it. - // In order to avoid implying that this undefined value is actually - // referenced, eat the underlying error message and emit "«not defined»". - out << "«not defined»"; - } else { - out << describeError(e); - } - } catch (Error & e) { - out << describeError(e); - } -} - -void printConfigValue(Context & ctx, Out & out, const std::string & path, std::variant<Value, std::exception_ptr> v) -{ - out << path << " = "; - printValue(ctx, out, std::move(v), path); - out << ";\n"; -} - -// Replace with std::starts_with when C++20 is available -bool starts_with(const std::string & s, const std::string & prefix) -{ - return s.size() >= prefix.size() && - std::equal(s.begin(), std::next(s.begin(), prefix.size()), prefix.begin(), prefix.end()); -} - -void printRecursive(Context & ctx, Out & out, const std::string & path) -{ - mapOptions( - [&ctx, &out, &path](const std::string & optionPath) { - mapConfigValuesInOption( - [&ctx, &out, &path](const std::string & configPath, std::variant<Value, std::exception_ptr> v) { - if (starts_with(configPath, path)) { - printConfigValue(ctx, out, configPath, v); - } - }, - optionPath, ctx); - }, - ctx, path); -} - -void printAttr(Context & ctx, Out & out, const std::string & path, Value & root) -{ - try { - printValue(ctx, out, *findAlongAttrPath(ctx.state, path, ctx.autoArgs, root), path); - } catch (Error & e) { - out << describeError(e); - } -} - -bool hasExample(Context & ctx, Value & option) -{ - try { - findAlongAttrPath(ctx.state, "example", ctx.autoArgs, option); - return true; - } catch (Error &) { - return false; - } -} - -void printOption(Context & ctx, Out & out, const std::string & path, Value & option) -{ - out << "Value:\n"; - printAttr(ctx, out, path, ctx.configRoot); - - out << "\n\nDefault:\n"; - printAttr(ctx, out, "default", option); - - out << "\n\nType:\n"; - printAttr(ctx, out, "type.description", option); - - if (hasExample(ctx, option)) { - out << "\n\nExample:\n"; - printAttr(ctx, out, "example", option); - } - - out << "\n\nDescription:\n"; - printAttr(ctx, out, "description", option); - - out << "\n\nDeclared by:\n"; - printAttr(ctx, out, "declarations", option); - - out << "\n\nDefined by:\n"; - printAttr(ctx, out, "files", option); - out << "\n"; -} - -void printListing(Out & out, Value & v) -{ - out << "This attribute set contains:\n"; - for (const auto & a : v.attrs->lexicographicOrder()) { - std::string name = a->name; - if (!name.empty() && name[0] != '_') { - out << name << "\n"; - } - } -} - -void printOne(Context & ctx, Out & out, const std::string & path) -{ - try { - auto result = findAlongOptionPath(ctx, path); - Value & option = result.option; - option = evaluateValue(ctx, option); - if (path != result.path) { - out << "Note: showing " << result.path << " instead of " << path << "\n"; - } - if (isOption(ctx, option)) { - printOption(ctx, out, result.path, option); - } else { - printListing(out, option); - } - } catch (Error & e) { - std::cerr << "error: " << e.msg() - << "\nAn error occurred while looking for attribute names. Are " - "you sure that '" - << path << "' exists?\n"; - } -} - -int main(int argc, char ** argv) -{ - bool recursive = false; - std::string path = "."; - std::string optionsExpr = "(import <nixpkgs/nixos> {}).options"; - std::string configExpr = "(import <nixpkgs/nixos> {}).config"; - std::vector<std::string> args; - - struct MyArgs : nix::LegacyArgs, nix::MixEvalArgs - { - using nix::LegacyArgs::LegacyArgs; - }; - - MyArgs myArgs(nix::baseNameOf(argv[0]), [&](Strings::iterator & arg, const Strings::iterator & end) { - if (*arg == "--help") { - nix::showManPage("nixos-option"); - } else if (*arg == "--version") { - nix::printVersion("nixos-option"); - } else if (*arg == "-r" || *arg == "--recursive") { - recursive = true; - } else if (*arg == "--path") { - path = nix::getArg(*arg, arg, end); - } else if (*arg == "--options_expr") { - optionsExpr = nix::getArg(*arg, arg, end); - } else if (*arg == "--config_expr") { - configExpr = nix::getArg(*arg, arg, end); - } else if (!arg->empty() && arg->at(0) == '-') { - return false; - } else { - args.push_back(*arg); - } - return true; - }); - - myArgs.parseCmdline(nix::argvToStrings(argc, argv)); - - nix::initPlugins(); - nix::initGC(); - nix::settings.readOnlyMode = true; - auto store = nix::openStore(); - auto state = std::make_unique<EvalState>(myArgs.searchPath, store); - - Value optionsRoot = parseAndEval(*state, optionsExpr, path); - Value configRoot = parseAndEval(*state, configExpr, path); - - Context ctx{*state, *myArgs.getAutoArgs(*state), optionsRoot, configRoot}; - Out out(std::cout); - - auto print = recursive ? printRecursive : printOne; - if (args.empty()) { - print(ctx, out, ""); - } - for (const auto & arg : args) { - print(ctx, out, arg); - } - - ctx.state.printStats(); - - return 0; -} diff --git a/nixos/modules/installer/tools/nixos-rebuild.sh b/nixos/modules/installer/tools/nixos-rebuild.sh deleted file mode 100644 index 437199bae1d..00000000000 --- a/nixos/modules/installer/tools/nixos-rebuild.sh +++ /dev/null @@ -1,487 +0,0 @@ -#! @runtimeShell@ - -if [ -x "@runtimeShell@" ]; then export SHELL="@runtimeShell@"; fi; - -set -e -set -o pipefail - -export PATH=@path@:$PATH - -showSyntax() { - exec man nixos-rebuild - exit 1 -} - - -# Parse the command line. -origArgs=("$@") -extraBuildFlags=() -lockFlags=() -action= -buildNix=1 -fast= -rollback= -upgrade= -repair= -profile=/nix/var/nix/profiles/system -buildHost= -targetHost= -maybeSudo=() - -while [ "$#" -gt 0 ]; do - i="$1"; shift 1 - case "$i" in - --help) - showSyntax - ;; - switch|boot|test|build|edit|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader) - if [ "$i" = dry-run ]; then i=dry-build; fi - action="$i" - ;; - --install-grub) - echo "$0: --install-grub deprecated, use --install-bootloader instead" >&2 - export NIXOS_INSTALL_BOOTLOADER=1 - ;; - --install-bootloader) - export NIXOS_INSTALL_BOOTLOADER=1 - ;; - --no-build-nix) - buildNix= - ;; - --rollback) - rollback=1 - ;; - --upgrade) - upgrade=1 - ;; - --repair) - repair=1 - extraBuildFlags+=("$i") - ;; - --max-jobs|-j|--cores|-I|--builders) - j="$1"; shift 1 - extraBuildFlags+=("$i" "$j") - ;; - --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|--no-build-output|-Q|-j*|-L|--refresh|--no-net) - extraBuildFlags+=("$i") - ;; - --option) - j="$1"; shift 1 - k="$1"; shift 1 - extraBuildFlags+=("$i" "$j" "$k") - ;; - --fast) - buildNix= - fast=1 - extraBuildFlags+=(--show-trace) - ;; - --profile-name|-p) - if [ -z "$1" ]; then - echo "$0: ‘--profile-name’ requires an argument" - exit 1 - fi - if [ "$1" != system ]; then - profile="/nix/var/nix/profiles/system-profiles/$1" - mkdir -p -m 0755 "$(dirname "$profile")" - fi - shift 1 - ;; - --build-host|h) - buildHost="$1" - shift 1 - ;; - --target-host|t) - targetHost="$1" - shift 1 - ;; - --use-remote-sudo) - maybeSudo=(sudo --) - ;; - --flake) - flake="$1" - shift 1 - ;; - --recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file) - lockFlags+=("$i") - ;; - --update-input) - j="$1"; shift 1 - lockFlags+=("$i" "$j") - ;; - --override-input) - j="$1"; shift 1 - k="$1"; shift 1 - lockFlags+=("$i" "$j" "$k") - ;; - *) - echo "$0: unknown option \`$i'" - exit 1 - ;; - esac -done - -if [ -n "$SUDO_USER" ]; then - maybeSudo=(sudo --) -fi - -if [ -z "$buildHost" -a -n "$targetHost" ]; then - buildHost="$targetHost" -fi -if [ "$targetHost" = localhost ]; then - targetHost= -fi -if [ "$buildHost" = localhost ]; then - buildHost= -fi - -buildHostCmd() { - if [ -z "$buildHost" ]; then - "$@" - elif [ -n "$remoteNix" ]; then - ssh $SSHOPTS "$buildHost" env PATH="$remoteNix:$PATH" "${maybeSudo[@]}" "$@" - else - ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" - fi -} - -targetHostCmd() { - if [ -z "$targetHost" ]; then - "${maybeSudo[@]}" "$@" - else - ssh $SSHOPTS "$targetHost" "${maybeSudo[@]}" "$@" - fi -} - -copyToTarget() { - if ! [ "$targetHost" = "$buildHost" ]; then - if [ -z "$targetHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --from "$buildHost" "$1" - elif [ -z "$buildHost" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$targetHost" "$1" - else - buildHostCmd nix-copy-closure --to "$targetHost" "$1" - fi - fi -} - -nixBuild() { - if [ -z "$buildHost" ]; then - nix-build "$@" - else - local instArgs=() - local buildArgs=() - - while [ "$#" -gt 0 ]; do - local i="$1"; shift 1 - case "$i" in - -o) - local out="$1"; shift 1 - buildArgs+=("--add-root" "$out" "--indirect") - ;; - -A) - local j="$1"; shift 1 - instArgs+=("$i" "$j") - ;; - -I) # We don't want this in buildArgs - shift 1 - ;; - --no-out-link) # We don't want this in buildArgs - ;; - "<"*) # nix paths - instArgs+=("$i") - ;; - *) - buildArgs+=("$i") - ;; - esac - done - - local drv="$(nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")" - if [ -a "$drv" ]; then - NIX_SSHOPTS=$SSHOPTS nix-copy-closure --to "$buildHost" "$drv" - buildHostCmd nix-store -r "$drv" "${buildArgs[@]}" - else - echo "nix-instantiate failed" - exit 1 - fi - fi -} - - -if [ -z "$action" ]; then showSyntax; fi - -# Only run shell scripts from the Nixpkgs tree if the action is -# "switch", "boot", or "test". With other actions (such as "build"), -# the user may reasonably expect that no code from the Nixpkgs tree is -# executed, so it's safe to run nixos-rebuild against a potentially -# untrusted tree. -canRun= -if [ "$action" = switch -o "$action" = boot -o "$action" = test ]; then - canRun=1 -fi - - -# If ‘--upgrade’ is given, run ‘nix-channel --update nixos’. -if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then - nix-channel --update nixos - - # If there are other channels that contain a file called - # ".update-on-nixos-rebuild", update them as well. - for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do - if [ -e "$channelpath/.update-on-nixos-rebuild" ]; then - nix-channel --update "$(basename "$channelpath")" - fi - done -fi - -# Make sure that we use the Nix package we depend on, not something -# else from the PATH for nix-{env,instantiate,build}. This is -# important, because NixOS defaults the architecture of the rebuilt -# system to the architecture of the nix-* binaries used. So if on an -# amd64 system the user has an i686 Nix package in her PATH, then we -# would silently downgrade the whole system to be i686 NixOS on the -# next reboot. -if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then - export PATH=@nix@/bin:$PATH -fi - -# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the -# actual flake. -if [[ -z $flake && -e /etc/nixos/flake.nix ]]; then - flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")" -fi - -# Re-execute nixos-rebuild from the Nixpkgs tree. -# FIXME: get nixos-rebuild from $flake. -if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast && -z $flake ]]; then - if p=$(nix-build --no-out-link --expr 'with import <nixpkgs/nixos> {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then - export _NIXOS_REBUILD_REEXEC=1 - exec $p/bin/nixos-rebuild "${origArgs[@]}" - exit 1 - fi -fi - -# For convenience, use the hostname as the default configuration to -# build from the flake. -if [[ -n $flake ]]; then - if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then - flake="${BASH_REMATCH[1]}" - flakeAttr="${BASH_REMATCH[2]}" - fi - if [[ -z $flakeAttr ]]; then - read -r hostname < /proc/sys/kernel/hostname - if [[ -z $hostname ]]; then - hostname=default - fi - flakeAttr="nixosConfigurations.\"$hostname\"" - else - flakeAttr="nixosConfigurations.\"$flakeAttr\"" - fi -fi - -# Resolve the flake. -if [[ -n $flake ]]; then - flake=$(nix flake info --json "${extraBuildFlags[@]}" "${lockFlags[@]}" -- "$flake" | jq -r .url) -fi - -# Find configuration.nix and open editor instead of building. -if [ "$action" = edit ]; then - if [[ -z $flake ]]; then - NIXOS_CONFIG=${NIXOS_CONFIG:-$(nix-instantiate --find-file nixos-config)} - exec "${EDITOR:-nano}" "$NIXOS_CONFIG" - else - exec nix edit "${lockFlags[@]}" -- "$flake#$flakeAttr" - fi - exit 1 -fi - - -tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX) -SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60" - -cleanup() { - for ctrl in "$tmpDir"/ssh-*; do - ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true - done - rm -rf "$tmpDir" -} -trap cleanup EXIT - - - -# If the Nix daemon is running, then use it. This allows us to use -# the latest Nix from Nixpkgs (below) for expression evaluation, while -# still using the old Nix (via the daemon) for actual store access. -# This matters if the new Nix in Nixpkgs has a schema change. It -# would upgrade the schema, which should only happen once we actually -# switch to the new configuration. -# If --repair is given, don't try to use the Nix daemon, because the -# flag can only be used directly. -if [ -z "$repair" ] && systemctl show nix-daemon.socket nix-daemon.service | grep -q ActiveState=active; then - export NIX_REMOTE=${NIX_REMOTE-daemon} -fi - - -# First build Nix, since NixOS may require a newer version than the -# current one. -if [ -n "$rollback" -o "$action" = dry-build ]; then - buildNix= -fi - -nixSystem() { - machine="$(uname -m)" - if [[ "$machine" =~ i.86 ]]; then - machine=i686 - fi - echo $machine-linux -} - -prebuiltNix() { - machine="$1" - if [ "$machine" = x86_64 ]; then - echo @nix_x86_64_linux@ - elif [[ "$machine" =~ i.86 ]]; then - echo @nix_i686_linux@ - else - echo "$0: unsupported platform" - exit 1 - fi -} - -remotePATH= - -if [[ -n $buildNix && -z $flake ]]; then - echo "building Nix..." >&2 - nixDrv= - if ! nixDrv="$(nix-instantiate '<nixpkgs/nixos>' --add-root $tmpDir/nix.drv --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then - if ! nixDrv="$(nix-instantiate '<nixpkgs>' --add-root $tmpDir/nix.drv --indirect -A nix "${extraBuildFlags[@]}")"; then - if ! nixStorePath="$(nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A $(nixSystem) | sed -e 's/^"//' -e 's/"$//')"; then - nixStorePath="$(prebuiltNix "$(uname -m)")" - fi - if ! nix-store -r $nixStorePath --add-root $tmpDir/nix --indirect \ - --option extra-binary-caches https://cache.nixos.org/; then - echo "warning: don't know how to get latest Nix" >&2 - fi - # Older version of nix-store -r don't support --add-root. - [ -e $tmpDir/nix ] || ln -sf $nixStorePath $tmpDir/nix - if [ -n "$buildHost" ]; then - remoteNixStorePath="$(prebuiltNix "$(buildHostCmd uname -m)")" - remoteNix="$remoteNixStorePath/bin" - if ! buildHostCmd nix-store -r $remoteNixStorePath \ - --option extra-binary-caches https://cache.nixos.org/ >/dev/null; then - remoteNix= - echo "warning: don't know how to get latest Nix" >&2 - fi - fi - fi - fi - if [ -a "$nixDrv" ]; then - nix-store -r "$nixDrv"'!'"out" --add-root $tmpDir/nix --indirect >/dev/null - if [ -n "$buildHost" ]; then - nix-copy-closure --to "$buildHost" "$nixDrv" - # The nix build produces multiple outputs, we add them all to the remote path - for p in $(buildHostCmd nix-store -r "$(readlink "$nixDrv")" "${buildArgs[@]}"); do - remoteNix="$remoteNix${remoteNix:+:}$p/bin" - done - fi - fi - PATH="$tmpDir/nix/bin:$PATH" -fi - - -# Update the version suffix if we're building from Git (so that -# nixos-version shows something useful). -if [[ -n $canRun && -z $flake ]]; then - if nixpkgs=$(nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then - suffix=$($SHELL $nixpkgs/nixos/modules/installer/tools/get-version-suffix "${extraBuildFlags[@]}" || true) - if [ -n "$suffix" ]; then - echo -n "$suffix" > "$nixpkgs/.version-suffix" || true - fi - fi -fi - - -if [ "$action" = dry-build ]; then - extraBuildFlags+=(--dry-run) -fi - - -# Either upgrade the configuration in the system profile (for "switch" -# or "boot"), or just build it and create a symlink "result" in the -# current directory (for "build" and "test"). -if [ -z "$rollback" ]; then - echo "building the system configuration..." >&2 - if [ "$action" = switch -o "$action" = boot ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")" - else - outLink=$tmpDir/result - nix build "$flake#$flakeAttr.config.system.build.toplevel" \ - "${extraBuildFlags[@]}" "${lockFlags[@]}" --out-link $outLink - pathToConfig="$(readlink -f $outLink)" - fi - copyToTarget "$pathToConfig" - targetHostCmd nix-env -p "$profile" --set "$pathToConfig" - elif [ "$action" = test -o "$action" = build -o "$action" = dry-build -o "$action" = dry-activate ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system -k "${extraBuildFlags[@]}")" - else - nix build "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}" - pathToConfig="$(readlink -f ./result)" - fi - elif [ "$action" = build-vm ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A vm -k "${extraBuildFlags[@]}")" - else - echo "$0: 'build-vm' is not supported with '--flake'" >&2 - exit 1 - fi - elif [ "$action" = build-vm-with-bootloader ]; then - if [[ -z $flake ]]; then - pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A vmWithBootLoader -k "${extraBuildFlags[@]}")" - else - echo "$0: 'build-vm-with-bootloader' is not supported with '--flake'" >&2 - exit 1 - fi - else - showSyntax - fi - # Copy build to target host if we haven't already done it - if ! [ "$action" = switch -o "$action" = boot ]; then - copyToTarget "$pathToConfig" - fi -else # [ -n "$rollback" ] - if [ "$action" = switch -o "$action" = boot ]; then - targetHostCmd nix-env --rollback -p "$profile" - pathToConfig="$profile" - elif [ "$action" = test -o "$action" = build ]; then - systemNumber=$( - targetHostCmd nix-env -p "$profile" --list-generations | - sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h' - ) - pathToConfig="$profile"-${systemNumber}-link - if [ -z "$targetHost" ]; then - ln -sT "$pathToConfig" ./result - fi - else - showSyntax - fi -fi - - -# If we're not just building, then make the new configuration the boot -# default and/or activate it now. -if [ "$action" = switch -o "$action" = boot -o "$action" = test -o "$action" = dry-activate ]; then - if ! targetHostCmd $pathToConfig/bin/switch-to-configuration "$action"; then - echo "warning: error(s) occurred while switching to the new configuration" >&2 - exit 1 - fi -fi - - -if [ "$action" = build-vm ]; then - cat >&2 <<EOF - -Done. The virtual machine can be started by running $(echo $pathToConfig/bin/run-*-vm) -EOF -fi diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 1582f049309..f79ed3493df 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -22,33 +22,27 @@ let src = ./nixos-install.sh; inherit (pkgs) runtimeShell; nix = config.nix.package.out; - path = makeBinPath [ nixos-enter ]; + path = makeBinPath [ + pkgs.jq + nixos-enter + ]; }; - nixos-rebuild = - let fallback = import ./nix-fallback-paths.nix; in - makeProg { - name = "nixos-rebuild"; - src = ./nixos-rebuild.sh; - inherit (pkgs) runtimeShell; - nix = config.nix.package.out; - nix_x86_64_linux = fallback.x86_64-linux; - nix_i686_linux = fallback.i686-linux; - path = makeBinPath [ pkgs.jq ]; - }; + nixos-rebuild = pkgs.nixos-rebuild.override { nix = config.nix.package.out; }; nixos-generate-config = makeProg { name = "nixos-generate-config"; src = ./nixos-generate-config.pl; path = lib.optionals (lib.elem "btrfs" config.boot.supportedFilesystems) [ pkgs.btrfs-progs ]; - perl = "${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix}"; - inherit (config.system.nixos-generate-config) configuration; + perl = "${pkgs.perl.withPackages (p: [ p.FileSlurp ])}/bin/perl"; + inherit (config.system.nixos-generate-config) configuration desktopConfiguration; + xserverEnabled = config.services.xserver.enable; }; nixos-option = - if lib.versionAtLeast (lib.getVersion pkgs.nix) "2.4pre" + if lib.versionAtLeast (lib.getVersion config.nix.package) "2.4pre" then null - else pkgs.callPackage ./nixos-option { }; + else pkgs.nixos-option; nixos-version = makeProg { name = "nixos-version"; @@ -75,24 +69,42 @@ in { - options.system.nixos-generate-config.configuration = mkOption { - internal = true; - type = types.str; - description = '' - The NixOS module that <literal>nixos-generate-config</literal> - saves to <literal>/etc/nixos/configuration.nix</literal>. - - This is an internal option. No backward compatibility is guaranteed. - Use at your own risk! + options.system.nixos-generate-config = { + configuration = mkOption { + internal = true; + type = types.str; + description = '' + The NixOS module that <literal>nixos-generate-config</literal> + saves to <literal>/etc/nixos/configuration.nix</literal>. + + This is an internal option. No backward compatibility is guaranteed. + Use at your own risk! + + Note that this string gets spliced into a Perl script. The perl + variable <literal>$bootLoaderConfig</literal> can be used to + splice in the boot loader configuration. + ''; + }; - Note that this string gets spliced into a Perl script. The perl - variable <literal>$bootLoaderConfig</literal> can be used to - splice in the boot loader configuration. - ''; + desktopConfiguration = mkOption { + internal = true; + type = types.listOf types.lines; + default = []; + description = '' + Text to preseed the desktop configuration that <literal>nixos-generate-config</literal> + saves to <literal>/etc/nixos/configuration.nix</literal>. + + This is an internal option. No backward compatibility is guaranteed. + Use at your own risk! + + Note that this string gets spliced into a Perl script. The perl + variable <literal>$bootLoaderConfig</literal> can be used to + splice in the boot loader configuration. + ''; + }; }; config = { - system.nixos-generate-config.configuration = mkDefault '' # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page @@ -110,6 +122,9 @@ in # networking.hostName = "nixos"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + $networkingDhcpConfig # Configure network proxy if necessary # networking.proxy.default = "http://user:password\@proxy:port/"; @@ -122,13 +137,35 @@ in # keyMap = "us"; # }; - # Set your time zone. - # time.timeZone = "Europe/Amsterdam"; + $xserverConfig + + $desktopConfiguration + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.jane = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # }; # List packages installed in system profile. To search, run: # \$ nix search wget # environment.systemPackages = with pkgs; [ - # wget vim + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # firefox # ]; # Some programs need SUID wrappers, can be configured further or are @@ -137,7 +174,6 @@ in # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; - # pinentryFlavor = "gnome3"; # }; # List services that you want to enable: @@ -151,31 +187,6 @@ in # Or disable the firewall altogether. # networking.firewall.enable = false; - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable touchpad support. - # services.xserver.libinput.enable = true; - - # Enable the KDE Desktop Environment. - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.desktopManager.plasma5.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.jane = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # }; - # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave diff --git a/nixos/modules/installer/virtualbox-demo.nix b/nixos/modules/installer/virtualbox-demo.nix index af3e1aecca7..2768e17590b 100644 --- a/nixos/modules/installer/virtualbox-demo.nix +++ b/nixos/modules/installer/virtualbox-demo.nix @@ -44,7 +44,7 @@ with lib; # Enable GDM/GNOME by uncommenting above two lines and two lines below. # services.xserver.displayManager.gdm.enable = true; - # services.xserver.desktopManager.gnome3.enable = true; + # services.xserver.desktopManager.gnome.enable = true; # Set your time zone. # time.timeZone = "Europe/Amsterdam"; |