diff options
| author | Vladimír Čunát <vcunat@gmail.com> | 2018-09-01 17:37:53 +0200 |
|---|---|---|
| committer | Vladimír Čunát <vcunat@gmail.com> | 2018-09-01 17:38:18 +0200 |
| commit | 2d6179d1e8c15d341f0cade0ab55653623eb5038 (patch) | |
| tree | d69260a6e740c174c9616b2bb6d24a0e98ba8f6e /nixos | |
| parent | 2e7cb61cfbe6df23a2e223f98ae61e1a385ea747 (diff) | |
| parent | 9a56eee0b144c1e63afc0b5c9e562da9565ea7f0 (diff) | |
| download | nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar.gz nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar.bz2 nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar.lz nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar.xz nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.tar.zst nixpkgs-2d6179d1e8c15d341f0cade0ab55653623eb5038.zip | |
Merge branch 'master' into staging
A few trivial conflicts due to *Platforms mass replace.
Diffstat (limited to 'nixos')
61 files changed, 643 insertions, 80 deletions
diff --git a/nixos/doc/manual/administration/cleaning-store.xml b/nixos/doc/manual/administration/cleaning-store.xml index ee201982a40..f078b8c3ba3 100644 --- a/nixos/doc/manual/administration/cleaning-store.xml +++ b/nixos/doc/manual/administration/cleaning-store.xml @@ -50,4 +50,14 @@ $ nix-store --optimise Since this command needs to read the entire Nix store, it can take quite a while to finish. </para> + <section xml:id="sect-nixos-gc-boot-entries"> + <title>NixOS Boot Entries</title> + + <para> + If your <filename>/boot</filename> partition runs out of space, after + clearing old profiles you must rebuild your system with + <literal>nixos-rebuild</literal> to update the <filename>/boot</filename> + partition and clear space. + </para> + </section> </chapter> diff --git a/nixos/doc/manual/installation/installing-behind-a-proxy.xml b/nixos/doc/manual/installation/installing-behind-a-proxy.xml new file mode 100644 index 00000000000..c59d073c61c --- /dev/null +++ b/nixos/doc/manual/installation/installing-behind-a-proxy.xml @@ -0,0 +1,47 @@ +<section xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="sec-installing-behind-proxy"> + <title>Installing behind a proxy</title> + +<para> + To install NixOS behind a proxy, do the following before running + <literal>nixos-install</literal>. +</para> +<orderedlist numeration="arabic"> + <listitem> + <para> + Update proxy configuration in + <literal>/mnt/etc/nixos/configuration.nix</literal> to keep the + internet accessible after reboot. + </para> + <programlisting> +networking.proxy.default = "http://user:password@proxy:port/"; +networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; +</programlisting> + </listitem> + <listitem> + <para> + Setup the proxy environment variables in the shell where you are + running <literal>nixos-install</literal>. + </para> + <programlisting> +# proxy_url="http://user:password@proxy:port/" +# export http_proxy="$proxy_url" +# export HTTP_PROXY="$proxy_url" +# export https_proxy="$proxy_url" +# export HTTPS_PROXY="$proxy_url" +</programlisting> + </listitem> +</orderedlist> + +<note> +<para> + If you are switching networks with different proxy configurations, use the + <literal>nesting.clone</literal> option in + <literal>configuration.nix</literal> to switch proxies at runtime. + Refer to <xref linkend="ch-options" /> for more information. +</para> +</note> +</section> diff --git a/nixos/doc/manual/installation/installing.xml b/nixos/doc/manual/installation/installing.xml index 6f8e0f613b1..916384559e2 100644 --- a/nixos/doc/manual/installation/installing.xml +++ b/nixos/doc/manual/installation/installing.xml @@ -443,4 +443,5 @@ $ nix-env -i w3m</screen> <xi:include href="installing-pxe.xml" /> <xi:include href="installing-virtualbox-guest.xml" /> <xi:include href="installing-from-other-distro.xml" /> + <xi:include href="installing-behind-a-proxy.xml" /> </chapter> diff --git a/nixos/doc/manual/release-notes/rl-1809.xml b/nixos/doc/manual/release-notes/rl-1809.xml index db9e13da065..421208ec0f8 100644 --- a/nixos/doc/manual/release-notes/rl-1809.xml +++ b/nixos/doc/manual/release-notes/rl-1809.xml @@ -141,6 +141,50 @@ $ nix-instantiate -E '(import <nixpkgsunstable> {}).gitFull' </listitem> <listitem> <para> + The minimum version of Nix required to evaluate Nixpkgs is now 2.0. + </para> + <itemizedlist> + <listitem> + <para> + For users of NixOS 18.03, NixOS 18.03 defaulted to Nix 2.0, but + supported using Nix 1.11 by setting <literal>nix.package = + pkgs.nix1;</literal>. If this option is set to a Nix 1.11 package, you + will need to either unset the option or upgrade it to Nix 2.0. + </para> + </listitem> + <listitem> + <para> + For users of NixOS 17.09, you will first need to upgrade Nix by setting + <literal>nix.package = pkgs.nixStable2;</literal> and run + <command>nixos-rebuild switch</command> as the <literal>root</literal> + user. + </para> + </listitem> + <listitem> + <para> + For users of a daemon-less Nix installation on Linux or macOS, you can + upgrade Nix by running <command>curl https://nixos.org/nix/install | + sh</command>, or prior to doing a channel update, running + <command>nix-env -iA nix</command>. + </para> + <para> + If you have already run a channel update and Nix is no longer able to + evaluate Nixpkgs, the error message printed should provide adequate + directions for upgrading Nix. + </para> + </listitem> + <listitem> + <para> + For users of the Nix daemon on macOS, you can upgrade Nix by running + <command>sudo -i sh -c 'nix-channel --update && nix-env -iA + nixpkgs.nix'; sudo launchctl stop org.nixos.nix-daemon; sudo launchctl + start org.nixos.nix-daemon</command>. + </para> + </listitem> + </itemizedlist> + </listitem> + <listitem> + <para> <literal>lib.strict</literal> is removed. Use <literal>builtins.seq</literal> instead. </para> @@ -477,6 +521,13 @@ inherit (pkgs.nixos { all user units for each authenticated user. </para> </listitem> + <listitem> + <para> + The default display manager is now LightDM. + To use SLiM set <literal>services.xserver.displayManager.slim.enable</literal> + to <literal>true</literal>. + </para> + </listitem> </itemizedlist> </section> </section> diff --git a/nixos/lib/make-system-tarball.nix b/nixos/lib/make-system-tarball.nix index 92539235be7..846013b02d1 100644 --- a/nixos/lib/make-system-tarball.nix +++ b/nixos/lib/make-system-tarball.nix @@ -1,7 +1,7 @@ { stdenv, perl, pixz, pathsFromGraph , # The file name of the resulting tarball - fileName ? "nixos-system-${stdenv.system}" + fileName ? "nixos-system-${stdenv.hostPlatform.system}" , # The files and directories to be placed in the tarball. # This is a list of attribute sets {source, target} where `source' diff --git a/nixos/lib/qemu-flags.nix b/nixos/lib/qemu-flags.nix index f115ca5ac00..779f0377a51 100644 --- a/nixos/lib/qemu-flags.nix +++ b/nixos/lib/qemu-flags.nix @@ -14,12 +14,12 @@ in qemuSerialDevice = if pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64 then "ttyS0" else if pkgs.stdenv.isAarch32 || pkgs.stdenv.isAarch64 then "ttyAMA0" - else throw "Unknown QEMU serial device for system '${pkgs.stdenv.system}'"; + else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'"; qemuBinary = qemuPkg: { "x86_64-linux" = "${qemuPkg}/bin/qemu-kvm -cpu kvm64"; "armv7l-linux" = "${qemuPkg}/bin/qemu-system-arm -enable-kvm -machine virt -cpu host"; "aarch64-linux" = "${qemuPkg}/bin/qemu-system-aarch64 -enable-kvm -machine virt,gic-version=host -cpu host"; "x86_64-darwin" = "${qemuPkg}/bin/qemu-kvm -cpu kvm64"; - }.${pkgs.stdenv.system} or "${qemuPkg}/bin/qemu-kvm"; + }.${pkgs.stdenv.hostPlatform.system} or "${qemuPkg}/bin/qemu-kvm"; } diff --git a/nixos/modules/config/system-path.nix b/nixos/modules/config/system-path.nix index 19c7b7cabfc..3c24dab85e4 100644 --- a/nixos/modules/config/system-path.nix +++ b/nixos/modules/config/system-path.nix @@ -81,6 +81,12 @@ in description = "List of additional package outputs to be symlinked into <filename>/run/current-system/sw</filename>."; }; + extraSetup = mkOption { + type = types.lines; + default = ""; + description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out."; + }; + }; system = { @@ -107,12 +113,7 @@ in "/etc/gtk-3.0" "/lib" # FIXME: remove and update debug-info.nix "/sbin" - "/share/applications" - "/share/desktop-directories" "/share/emacs" - "/share/icons" - "/share/menus" - "/share/mime" "/share/nano" "/share/org" "/share/themes" @@ -132,10 +133,6 @@ in # outputs TODO: note that the tools will often not be linked by default postBuild = '' - if [ -x $out/bin/update-mime-database -a -w $out/share/mime ]; then - XDG_DATA_DIRS=$out/share $out/bin/update-mime-database -V $out/share/mime > /dev/null - fi - if [ -x $out/bin/gtk-update-icon-cache -a -f $out/share/icons/hicolor/index.theme ]; then $out/bin/gtk-update-icon-cache $out/share/icons/hicolor fi @@ -143,17 +140,8 @@ in if [ -x $out/bin/glib-compile-schemas -a -w $out/share/glib-2.0/schemas ]; then $out/bin/glib-compile-schemas $out/share/glib-2.0/schemas fi - - if [ -x $out/bin/update-desktop-database -a -w $out/share/applications ]; then - $out/bin/update-desktop-database $out/share/applications - fi - - if [ -x $out/bin/install-info -a -w $out/share/info ]; then - shopt -s nullglob - for i in $out/share/info/*.info $out/share/info/*.info.gz; do - $out/bin/install-info $i $out/share/info/dir - done - fi + + ${config.environment.extraSetup} ''; }; diff --git a/nixos/modules/config/xdg/autostart.nix b/nixos/modules/config/xdg/autostart.nix new file mode 100644 index 00000000000..0ee94fed818 --- /dev/null +++ b/nixos/modules/config/xdg/autostart.nix @@ -0,0 +1,22 @@ +{ config, lib, ... }: + +with lib; +{ + options = { + xdg.autostart.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install files to support the + <link xlink:href="https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.html">XDG Autostart specification</link>. + ''; + }; + }; + + config = mkIf config.xdg.autostart.enable { + environment.pathsToLink = [ + "/etc/xdg/autostart" + ]; + }; + +} diff --git a/nixos/modules/config/xdg/icons.nix b/nixos/modules/config/xdg/icons.nix new file mode 100644 index 00000000000..8268a3771a0 --- /dev/null +++ b/nixos/modules/config/xdg/icons.nix @@ -0,0 +1,27 @@ +{ config, lib, ... }: + +with lib; +{ + options = { + xdg.icons.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install files to support the + <link xlink:href="https://specifications.freedesktop.org/icon-theme-spec/icon-theme-spec-latest.html">XDG Icon Theme specification</link>. + ''; + }; + }; + + config = mkIf config.xdg.icons.enable { + environment.pathsToLink = [ + "/share/icons" + "/share/pixmaps" + ]; + + environment.profileRelativeEnvVars = { + XCURSOR_PATH = [ "/share/icons" ]; + }; + }; + +} diff --git a/nixos/modules/config/xdg/menus.nix b/nixos/modules/config/xdg/menus.nix new file mode 100644 index 00000000000..c172692df5d --- /dev/null +++ b/nixos/modules/config/xdg/menus.nix @@ -0,0 +1,25 @@ +{ config, lib, ... }: + +with lib; +{ + options = { + xdg.menus.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install files to support the + <link xlink:href="https://specifications.freedesktop.org/menu-spec/menu-spec-latest.html">XDG Desktop Menu specification</link>. + ''; + }; + }; + + config = mkIf config.xdg.menus.enable { + environment.pathsToLink = [ + "/share/applications" + "/share/desktop-directories" + "/etc/xdg/menus" + "/etc/xdg/menus/applications-merged" + ]; + }; + +} diff --git a/nixos/modules/config/xdg/mime.nix b/nixos/modules/config/xdg/mime.nix new file mode 100644 index 00000000000..f1b672234a3 --- /dev/null +++ b/nixos/modules/config/xdg/mime.nix @@ -0,0 +1,36 @@ +{ config, lib, pkgs, ... }: + +with lib; +{ + options = { + xdg.mime.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install files to support the + <link xlink:href="https://specifications.freedesktop.org/shared-mime-info-spec/shared-mime-info-spec-latest.html">XDG Shared MIME-info specification</link> and the + <link xlink:href="https://specifications.freedesktop.org/mime-apps-spec/mime-apps-spec-latest.html">XDG MIME Applications specification</link>. + ''; + }; + }; + + config = mkIf config.xdg.mime.enable { + environment.pathsToLink = [ "/share/mime" ]; + + environment.systemPackages = [ + # this package also installs some useful data, as well as its utilities + pkgs.shared-mime-info + ]; + + environment.extraSetup = '' + if [ -w $out/share/mime ]; then + XDG_DATA_DIRS=$out/share ${pkgs.shared-mime-info}/bin/update-mime-database -V $out/share/mime > /dev/null + fi + + if [ -w $out/share/applications ]; then + ${pkgs.desktop-file-utils}/bin/update-desktop-database $out/share/applications + fi + ''; + }; + +} diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index 1453e8082b0..24070a78694 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -16,7 +16,7 @@ with lib; ]; # ISO naming. - isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.system}.iso"; + isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso"; isoImage.volumeID = substring 0 11 "NIXOS_ISO"; diff --git a/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix b/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix index bd6cf029967..86e19f3da56 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-aarch64.nix @@ -16,7 +16,8 @@ in ]; assertions = lib.singleton { - assertion = pkgs.stdenv.system == "aarch64-linux"; + assertion = pkgs.stdenv.hostPlatform.system == "aarch64-linux" + && pkgs.stdenv.hostPlatform.system == pkgs.stdenv.buildPlatform.system; message = "sd-image-aarch64.nix can be only built natively on Aarch64 / ARM64; " + "it cannot be cross compiled"; }; diff --git a/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix b/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix index 0c89eb53335..695c79ca170 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix @@ -16,7 +16,8 @@ in ]; assertions = lib.singleton { - assertion = pkgs.stdenv.system == "armv7l-linux"; + assertion = pkgs.stdenv.hostPlatform.system == "armv7l-linux" + && pkgs.stdenv.hostPlatform.system == pkgs.stdenv.buildPlatform.system; message = "sd-image-armv7l-multiplatform.nix can be only built natively on ARMv7; " + "it cannot be cross compiled"; }; diff --git a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix b/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix index 78ea3f1a205..e395b265d15 100644 --- a/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix +++ b/nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix @@ -16,7 +16,8 @@ in ]; assertions = lib.singleton { - assertion = pkgs.stdenv.system == "armv6l-linux"; + assertion = pkgs.stdenv.hostPlatform.system == "armv6l-linux" + && pkgs.stdenv.hostPlatform.system == pkgs.stdenv.buildPlatform.system; message = "sd-image-raspberrypi.nix can be only built natively on ARMv6; " + "it cannot be cross compiled"; }; diff --git a/nixos/modules/installer/cd-dvd/sd-image.nix b/nixos/modules/installer/cd-dvd/sd-image.nix index 2371be9d89a..b6e1d11c2b5 100644 --- a/nixos/modules/installer/cd-dvd/sd-image.nix +++ b/nixos/modules/installer/cd-dvd/sd-image.nix @@ -22,7 +22,7 @@ in { options.sdImage = { imageName = mkOption { - default = "${config.sdImage.imageBaseName}-${config.system.nixos.label}-${pkgs.stdenv.system}.img"; + default = "${config.sdImage.imageBaseName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.img"; description = '' Name of the generated image file. ''; @@ -102,7 +102,7 @@ in mkdir -p $out/nix-support $out/sd-image export img=$out/sd-image/${config.sdImage.imageName} - echo "${pkgs.stdenv.system}" > $out/nix-support/system + echo "${pkgs.stdenv.buildPlatform.system}" > $out/nix-support/system echo "file sd-image $img" >> $out/nix-support/hydra-build-products # Create the image file sized to fit /boot and /, plus 20M of slack diff --git a/nixos/modules/installer/netboot/netboot.nix b/nixos/modules/installer/netboot/netboot.nix index ea640173c6d..303d9fce3f9 100644 --- a/nixos/modules/installer/netboot/netboot.nix +++ b/nixos/modules/installer/netboot/netboot.nix @@ -25,7 +25,7 @@ with lib; # !!! Hack - attributes expected by other modules. environment.systemPackages = [ pkgs.grub2_efi ] - ++ (if pkgs.stdenv.system == "aarch64-linux" + ++ (if pkgs.stdenv.hostPlatform.system == "aarch64-linux" then [] else [ pkgs.grub2 pkgs.syslinux ]); diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index bb201d97ded..04678c919c2 100644..100755 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -574,6 +574,10 @@ $bootLoaderConfig # networking.hostName = "nixos"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + # Select internationalisation properties. # i18n = { # consoleFont = "Lat2-Terminus16"; diff --git a/nixos/modules/misc/documentation.nix b/nixos/modules/misc/documentation.nix index b482a5a6752..e6ccda5d7f4 100644 --- a/nixos/modules/misc/documentation.nix +++ b/nixos/modules/misc/documentation.nix @@ -82,6 +82,14 @@ let cfg = config.documentation; in environment.systemPackages = [ pkgs.texinfoInteractive ]; environment.pathsToLink = [ "/share/info" ]; environment.extraOutputsToInstall = [ "info" ] ++ optional cfg.dev.enable "devinfo"; + environment.extraSetup = '' + if [ -w $out/share/info ]; then + shopt -s nullglob + for i in $out/share/info/*.info $out/share/info/*.info.gz; do + ${pkgs.texinfo}/bin/install-info $i $out/share/info/dir + done + fi + ''; }) (mkIf cfg.doc.enable { diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 0928e368d80..8292cdc995e 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -328,6 +328,7 @@ qemu-libvirtd = 301; # kvm = 302; # unused # render = 303; # unused + zeronet = 304; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -616,6 +617,7 @@ qemu-libvirtd = 301; kvm = 302; # default udev rules from systemd requires these render = 303; # default udev rules from systemd requires these + zeronet = 304; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 12944857af4..4795922abcf 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -7,6 +7,10 @@ ./config/fonts/fontdir.nix ./config/fonts/fonts.nix ./config/fonts/ghostscript.nix + ./config/xdg/autostart.nix + ./config/xdg/icons.nix + ./config/xdg/menus.nix + ./config/xdg/mime.nix ./config/gnu.nix ./config/i18n.nix ./config/iproute2.nix @@ -417,6 +421,7 @@ ./services/monitoring/graphite.nix ./services/monitoring/hdaps.nix ./services/monitoring/heapster.nix + ./services/monitoring/incron.nix ./services/monitoring/longview.nix ./services/monitoring/monit.nix ./services/monitoring/munin.nix @@ -615,6 +620,7 @@ ./services/networking/xl2tpd.nix ./services/networking/xrdp.nix ./services/networking/zerobin.nix + ./services/networking/zeronet.nix ./services/networking/zerotierone.nix ./services/networking/znc.nix ./services/printing/cupsd.nix diff --git a/nixos/modules/programs/environment.nix b/nixos/modules/programs/environment.nix index 3bac8d98990..3c6d356ef99 100644 --- a/nixos/modules/programs/environment.nix +++ b/nixos/modules/programs/environment.nix @@ -40,7 +40,6 @@ in GTK_PATH = [ "/lib/gtk-2.0" "/lib/gtk-3.0" ]; XDG_CONFIG_DIRS = [ "/etc/xdg" ]; XDG_DATA_DIRS = [ "/share" ]; - XCURSOR_PATH = [ "/share/icons" ]; MOZ_PLUGIN_PATH = [ "/lib/mozilla/plugins" ]; LIBEXEC_PATH = [ "/lib/libexec" ]; }; diff --git a/nixos/modules/services/misc/gitea.nix b/nixos/modules/services/misc/gitea.nix index dc63f1a6c05..a222325579f 100644 --- a/nixos/modules/services/misc/gitea.nix +++ b/nixos/modules/services/misc/gitea.nix @@ -283,7 +283,7 @@ in mkdir -p ${cfg.repositoryRoot} # update all hooks' binary paths - HOOKS=$(find ${cfg.repositoryRoot} -mindepth 4 -maxdepth 5 -type f -wholename "*git/hooks/*") + HOOKS=$(find ${cfg.repositoryRoot} -mindepth 4 -maxdepth 6 -type f -wholename "*git/hooks/*") if [ "$HOOKS" ] then sed -ri 's,/nix/store/[a-z0-9.-]+/bin/gitea,${gitea.bin}/bin/gitea,g' $HOOKS diff --git a/nixos/modules/services/misc/gitit.nix b/nixos/modules/services/misc/gitit.nix index 0025d96bd37..1ec030549f9 100644 --- a/nixos/modules/services/misc/gitit.nix +++ b/nixos/modules/services/misc/gitit.nix @@ -10,7 +10,7 @@ let toYesNo = b: if b then "yes" else "no"; - gititShared = with cfg.haskellPackages; gitit + "/share/" + pkgs.stdenv.system + "-" + ghc.name + "/" + gitit.pname + "-" + gitit.version; + gititShared = with cfg.haskellPackages; gitit + "/share/" + pkgs.stdenv.hostPlatform.system + "-" + ghc.name + "/" + gitit.pname + "-" + gitit.version; gititWithPkgs = hsPkgs: extras: hsPkgs.ghcWithPackages (self: with self; [ gitit ] ++ (extras self)); diff --git a/nixos/modules/services/monitoring/incron.nix b/nixos/modules/services/monitoring/incron.nix new file mode 100644 index 00000000000..1789fd9f205 --- /dev/null +++ b/nixos/modules/services/monitoring/incron.nix @@ -0,0 +1,98 @@ + +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.incron; + +in + +{ + options = { + + services.incron = { + + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable the incron daemon. + + Note that commands run under incrontab only support common Nix profiles for the <envar>PATH</envar> provided variable. + ''; + }; + + allow = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = '' + Users allowed to use incrontab. + + If empty then no user will be allowed to have their own incrontab. + If <literal>null</literal> then will defer to <option>deny</option>. + If both <option>allow</option> and <option>deny</option> are null + then all users will be allowed to have their own incrontab. + ''; + }; + + deny = mkOption { + type = types.nullOr (types.listOf types.str); + default = null; + description = "Users forbidden from using incrontab."; + }; + + systab = mkOption { + type = types.lines; + default = ""; + description = "The system incrontab contents."; + example = '' + /var/mail IN_CLOSE_WRITE abc $@/$# + /tmp IN_ALL_EVENTS efg $@/$# $& + ''; + }; + + extraPackages = mkOption { + type = types.listOf types.package; + default = []; + example = literalExample "[ pkgs.rsync ]"; + description = "Extra packages available to the system incrontab."; + }; + + }; + + }; + + config = mkIf cfg.enable { + + warnings = optional (cfg.allow != null && cfg.deny != null) + ''If `services.incron.allow` is set then `services.incron.deny` will be ignored.''; + + environment.systemPackages = [ pkgs.incron ]; + + security.wrappers.incrontab.source = "${pkgs.incron}/bin/incrontab"; + + # incron won't read symlinks + environment.etc."incron.d/system" = { + mode = "0444"; + text = cfg.systab; + }; + environment.etc."incron.allow" = mkIf (cfg.allow != null) { + text = concatStringsSep "\n" cfg.allow; + }; + environment.etc."incron.deny" = mkIf (cfg.deny != null) { + text = concatStringsSep "\n" cfg.deny; + }; + + systemd.services.incron = { + description = "File System Events Scheduler"; + wantedBy = [ "multi-user.target" ]; + path = cfg.extraPackages; + serviceConfig.PIDFile = "/run/incrond.pid"; + serviceConfig.ExecStartPre = "${pkgs.coreutils}/bin/mkdir -m 710 -p /var/spool/incron"; + serviceConfig.ExecStart = "${pkgs.incron}/bin/incrond --foreground"; + }; + }; + +} diff --git a/nixos/modules/services/networking/vsftpd.nix b/nixos/modules/services/networking/vsftpd.nix index 1f9107c3ce9..31e1e65fa9c 100644 --- a/nixos/modules/services/networking/vsftpd.nix +++ b/nixos/modules/services/networking/vsftpd.nix @@ -99,7 +99,7 @@ let nopriv_user=vsftpd secure_chroot_dir=/var/empty syslog_enable=YES - ${optionalString (pkgs.stdenv.system == "x86_64-linux") '' + ${optionalString (pkgs.stdenv.hostPlatform.system == "x86_64-linux") '' seccomp_sandbox=NO ''} anon_umask=${cfg.anonymousUmask} diff --git a/nixos/modules/services/networking/xrdp.nix b/nixos/modules/services/networking/xrdp.nix index 0e882873b4b..61f22a366a0 100644 --- a/nixos/modules/services/networking/xrdp.nix +++ b/nixos/modules/services/networking/xrdp.nix @@ -93,10 +93,14 @@ in config = mkIf cfg.enable { - # copied from <nixos/modules/services/x11/xserver.nix> # xrdp can run X11 program even if "services.xserver.enable = false" - environment.pathsToLink = - [ "/etc/xdg" "/share/xdg" "/share/applications" "/share/icons" "/share/pixmaps" ]; + xdg = { + autostart.enable = true; + menus.enable = true; + mime.enable = true; + icons.enable = true; + }; + fonts.enableDefaultFonts = mkDefault true; systemd = { diff --git a/nixos/modules/services/networking/zeronet.nix b/nixos/modules/services/networking/zeronet.nix new file mode 100644 index 00000000000..2377cb2c8f1 --- /dev/null +++ b/nixos/modules/services/networking/zeronet.nix @@ -0,0 +1,102 @@ +{ config, lib, pkgs, ... }: + +let + cfg = config.services.zeronet; + + zConfFile = pkgs.writeTextFile { + name = "zeronet.conf"; + + text = '' + [global] + data_dir = ${cfg.dataDir} + log_dir = ${cfg.logDir} + '' + lib.optionalString (cfg.port != null) '' + ui_port = ${toString cfg.port} + '' + cfg.extraConfig; + }; +in with lib; { + options.services.zeronet = { + enable = mkEnableOption "zeronet"; + + dataDir = mkOption { + type = types.path; + default = "/var/lib/zeronet"; + example = "/home/okina/zeronet"; + description = "Path to the zeronet data directory."; + }; + + logDir = mkOption { + type = types.path; + default = "/var/log/zeronet"; + example = "/home/okina/zeronet/log"; + description = "Path to the zeronet log directory."; + }; + + port = mkOption { + type = types.nullOr types.int; + default = null; + example = 15441; + description = "Optional zeronet port."; + }; + + tor = mkOption { + type = types.bool; + default = false; + description = "Use TOR for all zeronet traffic."; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + + description = '' + Extra configuration. Contents will be added verbatim to the + configuration file at the end. + ''; + }; + }; + + config = mkIf cfg.enable { + services.tor = mkIf cfg.tor { + enable = true; + controlPort = 9051; + extraConfig = "CookieAuthentication 1"; + }; + + systemd.services.zeronet = { + description = "zeronet"; + after = [ "network.target" (optionalString cfg.tor "tor.service") ]; + wantedBy = [ "multi-user.target" ]; + + preStart = '' + # Ensure folder exists or create it and permissions are correct + mkdir -p ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir} + chmod 750 ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir} + chown zeronet:zeronet ${escapeShellArg cfg.dataDir} ${escapeShellArg cfg.logDir} + ''; + + serviceConfig = { + PermissionsStartOnly = true; + PrivateTmp = "yes"; + User = "zeronet"; + Group = "zeronet"; + ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}"; + }; + }; + + users = { + groups.zeronet.gid = config.ids.gids.zeronet; + + users.zeronet = { + description = "zeronet service user"; + home = cfg.dataDir; + createHome = true; + group = "zeronet"; + extraGroups = mkIf cfg.tor [ "tor" ]; + uid = config.ids.uids.zeronet; + }; + }; + }; + + meta.maintainers = with maintainers; [ chiiruno ]; +} diff --git a/nixos/modules/services/security/usbguard.nix b/nixos/modules/services/security/usbguard.nix index 5d469cabe2c..88d2f69db57 100644 --- a/nixos/modules/services/security/usbguard.nix +++ b/nixos/modules/services/security/usbguard.nix @@ -188,11 +188,14 @@ in { wants = [ "systemd-udevd.service" "local-fs.target" ]; # make sure an empty rule file and required directories exist - preStart = ''mkdir -p $(dirname "${cfg.ruleFile}") "${cfg.IPCAccessControlFiles}" && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile})''; + preStart = '' + mkdir -p $(dirname "${cfg.ruleFile}") $(dirname "${cfg.auditFilePath}") "${cfg.IPCAccessControlFiles}" \ + && ([ -f "${cfg.ruleFile}" ] || touch ${cfg.ruleFile}) + ''; serviceConfig = { Type = "simple"; - ExecStart = ''${pkgs.usbguard}/bin/usbguard-daemon -P -d -k -c ${daemonConfFile}''; + ExecStart = ''${pkgs.usbguard}/bin/usbguard-daemon -P -k -c ${daemonConfFile}''; Restart = "on-failure"; }; }; diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix index 96413d2dd56..719eb76f42c 100644 --- a/nixos/modules/services/torrent/transmission.nix +++ b/nixos/modules/services/torrent/transmission.nix @@ -142,6 +142,7 @@ in ${getLib pkgs.attr}/lib/libattr*.so* mr, ${getLib pkgs.lz4}/lib/liblz4*.so* mr, ${getLib pkgs.libkrb5}/lib/lib*.so* mr, + ${getLib pkgs.keyutils}/lib/libkeyutils*.so* mr, @{PROC}/sys/kernel/random/uuid r, @{PROC}/sys/vm/overcommit_memory r, diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 17b169f7c69..b231ee5a3f0 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -16,9 +16,11 @@ let } // (optionalAttrs vhostConfig.enableACME { sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem"; sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem"; + sslTrustedCertificate = "${acmeDirectory}/${serverName}/full.pem"; }) // (optionalAttrs (vhostConfig.useACMEHost != null) { sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem"; sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem"; + sslTrustedCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/full.pem"; }) ) cfg.virtualHosts; enableIPv6 = config.networking.enableIPv6; @@ -228,6 +230,9 @@ let ssl_certificate ${vhost.sslCertificate}; ssl_certificate_key ${vhost.sslCertificateKey}; ''} + ${optionalString (hasSSL && vhost.sslTrustedCertificate != null) '' + ssl_trusted_certificate ${vhost.sslTrustedCertificate}; + ''} ${optionalString (vhost.basicAuthFile != null || vhost.basicAuth != {}) '' auth_basic secured; diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 1075b00768f..6954d932eed 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -129,6 +129,13 @@ with lib; description = "Path to server SSL certificate key."; }; + sslTrustedCertificate = mkOption { + type = types.path; + default = null; + example = "/var/root.cert"; + description = "Path to root SSL certificate for stapling and client certificates."; + }; + http2 = mkOption { type = types.bool; default = true; diff --git a/nixos/modules/services/x11/desktop-managers/enlightenment.nix b/nixos/modules/services/x11/desktop-managers/enlightenment.nix index da3287aaea6..6fa3ec3b925 100644 --- a/nixos/modules/services/x11/desktop-managers/enlightenment.nix +++ b/nixos/modules/services/x11/desktop-managers/enlightenment.nix @@ -33,12 +33,17 @@ in pkgs.xorg.xauth # used by kdesu pkgs.gtk2 # To get GTK+'s themes. pkgs.tango-icon-theme - pkgs.shared-mime-info + pkgs.gnome2.gnomeicontheme pkgs.xorg.xcursorthemes ]; - environment.pathsToLink = [ "/etc/enlightenment" "/etc/xdg" "/share/enlightenment" "/share/elementary" "/share/applications" "/share/locale" "/share/icons" "/share/themes" "/share/mime" "/share/desktop-directories" ]; + environment.pathsToLink = [ + "/etc/enlightenment" + "/share/enlightenment" + "/share/elementary" + "/share/locale" + ]; services.xserver.desktopManager.session = [ { name = "Enlightenment"; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index c339d24b098..faf5214130d 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -33,10 +33,10 @@ let chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF [org.gnome.desktop.background] - picture-uri='${pkgs.nixos-artwork.wallpapers.gnome-dark}/share/artwork/gnome/Gnome_Dark.png' + picture-uri='${pkgs.nixos-artwork.wallpapers.simple-dark-gray}/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' [org.gnome.desktop.screensaver] - picture-uri='${pkgs.nixos-artwork.wallpapers.gnome-dark}/share/artwork/gnome/Gnome_Dark.png' + picture-uri='${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png' ${cfg.extraGSettingsOverrides} EOF @@ -132,6 +132,7 @@ in { fonts.fonts = [ pkgs.dejavu_fonts pkgs.cantarell-fonts ]; + services.xserver.displayManager.gdm.enable = mkDefault true; services.xserver.displayManager.extraSessionFilePackages = [ pkgs.gnome3.gnome-session ]; services.xserver.displayManager.sessionCommands = '' @@ -161,6 +162,8 @@ in { # TODO: Create nautilus-with-extensions package environment.variables.NAUTILUS_EXTENSION_DIR = "${config.system.path}/lib/nautilus/extensions-3.0"; + services.xserver.updateDbusEnvironment = true; + environment.variables.GIO_EXTRA_MODULES = [ "${lib.getLib pkgs.gnome3.dconf}/lib/gio/modules" "${pkgs.gnome3.glib-networking.out}/lib/gio/modules" "${pkgs.gnome3.gvfs}/lib/gio/modules" ]; diff --git a/nixos/modules/services/x11/desktop-managers/lumina.nix b/nixos/modules/services/x11/desktop-managers/lumina.nix index 5fe84cfb82e..43fed2572b5 100644 --- a/nixos/modules/services/x11/desktop-managers/lumina.nix +++ b/nixos/modules/services/x11/desktop-managers/lumina.nix @@ -41,9 +41,8 @@ in # Link some extra directories in /run/current-system/software/share environment.pathsToLink = [ - "/share/desktop-directories" - "/share/icons" "/share/lumina" + # FIXME: modules should link subdirs of `/share` rather than relying on this "/share" ]; diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index 83d1957a646..d1cb962f6ff 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -174,7 +174,10 @@ in ++ lib.optional config.services.colord.enable colord-kde ++ lib.optionals config.services.samba.enable [ kdenetwork-filesharing pkgs.samba ]; - environment.pathsToLink = [ "/share" ]; + environment.pathsToLink = [ + # FIXME: modules should link subdirs of `/share` rather than relying on this + "/share" + ]; environment.etc = singleton { source = xcfg.xkbDir; diff --git a/nixos/modules/services/x11/desktop-managers/xfce.nix b/nixos/modules/services/x11/desktop-managers/xfce.nix index ae155470419..75b9a76e192 100644 --- a/nixos/modules/services/x11/desktop-managers/xfce.nix +++ b/nixos/modules/services/x11/desktop-managers/xfce.nix @@ -59,9 +59,6 @@ in tango-icon-theme xfce4-icon-theme - desktop-file-utils - shared-mime-info - # Needed by Xfce's xinitrc script # TODO: replace with command -v which @@ -100,8 +97,6 @@ in environment.pathsToLink = [ "/share/xfce4" "/share/themes" - "/share/mime" - "/share/desktop-directories" "/share/gtksourceview-2.0" ]; diff --git a/nixos/modules/services/x11/display-managers/auto.nix b/nixos/modules/services/x11/display-managers/auto.nix index d2aae64bf22..ec419eea067 100644 --- a/nixos/modules/services/x11/display-managers/auto.nix +++ b/nixos/modules/services/x11/display-managers/auto.nix @@ -41,10 +41,12 @@ in config = mkIf cfg.enable { - services.xserver.displayManager.slim = { + services.xserver.displayManager.lightdm = { enable = true; - autoLogin = true; - defaultUser = cfg.user; + autoLogin = { + enable = true; + user = cfg.user; + }; }; }; diff --git a/nixos/modules/services/x11/display-managers/gdm.nix b/nixos/modules/services/x11/display-managers/gdm.nix index 78dc39f7f62..a775dd0f0e0 100644 --- a/nixos/modules/services/x11/display-managers/gdm.nix +++ b/nixos/modules/services/x11/display-managers/gdm.nix @@ -87,7 +87,7 @@ in } ]; - services.xserver.displayManager.slim.enable = false; + services.xserver.displayManager.lightdm.enable = false; users.users.gdm = { name = "gdm"; diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix index dc82f7086c8..cd9c3d81a0f 100644 --- a/nixos/modules/services/x11/display-managers/lightdm.nix +++ b/nixos/modules/services/x11/display-managers/lightdm.nix @@ -115,7 +115,7 @@ in background = mkOption { type = types.str; - default = "${pkgs.nixos-artwork.wallpapers.gnome-dark}/share/artwork/gnome/Gnome_Dark.png"; + default = "${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png"; description = '' The background image or color to use. ''; @@ -191,8 +191,6 @@ in } ]; - services.xserver.displayManager.slim.enable = false; - services.xserver.displayManager.job = { logToFile = true; diff --git a/nixos/modules/services/x11/display-managers/sddm.nix b/nixos/modules/services/x11/display-managers/sddm.nix index 2b03ed81b5e..1635c0f9acc 100644 --- a/nixos/modules/services/x11/display-managers/sddm.nix +++ b/nixos/modules/services/x11/display-managers/sddm.nix @@ -206,8 +206,6 @@ in } ]; - services.xserver.displayManager.slim.enable = false; - services.xserver.displayManager.job = { logToFile = true; diff --git a/nixos/modules/services/x11/display-managers/slim.nix b/nixos/modules/services/x11/display-managers/slim.nix index 51ce5f4e243..4e411c8ceb0 100644 --- a/nixos/modules/services/x11/display-managers/slim.nix +++ b/nixos/modules/services/x11/display-managers/slim.nix @@ -49,7 +49,7 @@ in enable = mkOption { type = types.bool; - default = config.services.xserver.enable; + default = false; description = '' Whether to enable SLiM as the display manager. ''; diff --git a/nixos/modules/services/x11/xserver.nix b/nixos/modules/services/x11/xserver.nix index b45e510f6b8..75bfeaac1fa 100644 --- a/nixos/modules/services/x11/xserver.nix +++ b/nixos/modules/services/x11/xserver.nix @@ -535,6 +535,15 @@ in config = mkIf cfg.enable { + services.xserver.displayManager.lightdm.enable = + let dmconf = cfg.displayManager; + default = !( dmconf.auto.enable + || dmconf.gdm.enable + || dmconf.sddm.enable + || dmconf.slim.enable + || dmconf.xpra.enable ); + in mkIf (default) true; + hardware.opengl.enable = mkDefault true; services.xserver.videoDrivers = mkIf (cfg.videoDriver != null) [ cfg.videoDriver ]; @@ -616,8 +625,12 @@ in ] ++ optional (elem "virtualbox" cfg.videoDrivers) xorg.xrefresh; - environment.pathsToLink = - [ "/etc/xdg" "/share/xdg" "/share/applications" "/share/icons" "/share/pixmaps" ]; + xdg = { + autostart.enable = true; + menus.enable = true; + mime.enable = true; + icons.enable = true; + }; # The default max inotify watches is 8192. # Nowadays most apps require a good number of inotify watches, diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index 9d410a8b9ca..fff88e2c2bf 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -162,6 +162,13 @@ in description = '' Additional configurations to build based on the current configuration which then has a lower priority. + + To switch to a cloned configuration (e.g. <literal>child-1</literal>) + at runtime, run + + <programlisting> + # sudo /run/current-system/fine-tune/child-1/bin/switch-to-configuration test + </programlisting> ''; }; diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index 42da6585722..3a33b3f65d3 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -38,6 +38,8 @@ let in pkgs.writeText "grub-config.xml" (builtins.toXML { splashImage = f cfg.splashImage; + splashMode = f cfg.splashMode; + backgroundColor = f cfg.backgroundColor; grub = f grub; grubTarget = f (grub.grubTarget or ""); shell = "${pkgs.runtimeShell}"; @@ -80,6 +82,8 @@ let "--output" "$out" ] ++ (optional (cfg.fontSize!=null) "--size ${toString cfg.fontSize}"))) ); + + defaultSplash = "${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bootloader}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bootloader.png"; in { @@ -328,6 +332,31 @@ in ''; }; + backgroundColor = mkOption { + type = types.nullOr types.string; + example = "#7EBAE4"; + default = null; + description = '' + Background color to be used for GRUB to fill the areas the image isn't filling. + + <note><para> + This options has no effect for GRUB 1. + </para></note> + ''; + }; + + splashMode = mkOption { + type = types.enum [ "normal" "stretch" ]; + default = "stretch"; + description = '' + Whether to stretch the image or show the image in the top-left corner unstretched. + + <note><para> + This options has no effect for GRUB 1. + </para></note> + ''; + }; + font = mkOption { type = types.nullOr types.path; default = "${realGrub}/share/grub/unicode.pf2"; @@ -531,9 +560,14 @@ in sha256 = "14kqdx2lfqvh40h6fjjzqgff1mwk74dmbjvmqphi6azzra7z8d59"; } # GRUB 1.97 doesn't support gzipped XPMs. - else "${pkgs.nixos-artwork.wallpapers.gnome-dark}/share/artwork/gnome/Gnome_Dark.png"); + else defaultSplash); } + (mkIf (cfg.splashImage == defaultSplash) { + boot.loader.grub.backgroundColor = mkDefault "#2F302F"; + boot.loader.grub.splashMode = mkDefault "normal"; + }) + (mkIf cfg.enable { boot.loader.grub.devices = optional (cfg.device != "") cfg.device; diff --git a/nixos/modules/system/boot/loader/grub/install-grub.pl b/nixos/modules/system/boot/loader/grub/install-grub.pl index d1ff6e6bf52..ea6e56892cb 100644 --- a/nixos/modules/system/boot/loader/grub/install-grub.pl +++ b/nixos/modules/system/boot/loader/grub/install-grub.pl @@ -51,6 +51,8 @@ my $extraEntries = get("extraEntries"); my $extraEntriesBeforeNixOS = get("extraEntriesBeforeNixOS") eq "true"; my $extraInitrd = get("extraInitrd"); my $splashImage = get("splashImage"); +my $splashMode = get("splashMode"); +my $backgroundColor = get("backgroundColor"); my $configurationLimit = int(get("configurationLimit")); my $copyKernels = get("copyKernels") eq "true"; my $timeout = int(get("timeout")); @@ -307,10 +309,15 @@ else { if ($suffix eq ".jpg") { $suffix = ".jpeg"; } + if ($backgroundColor) { + $conf .= " + background_color '$backgroundColor' + "; + } copy $splashImage, "$bootPath/background$suffix" or die "cannot copy $splashImage to $bootPath\n"; $conf .= " insmod " . substr($suffix, 1) . " - if background_image " . $grubBoot->path . "/background$suffix; then + if background_image --mode '$splashMode' " . $grubBoot->path . "/background$suffix; then set color_normal=white/black set color_highlight=black/white else diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index 27c1f891f48..ed8b9f01e27 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -324,7 +324,7 @@ in [ "aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" - (if pkgs.stdenv.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") + (if pkgs.stdenv.hostPlatform.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") ]; description = '' A list of cryptographic kernel modules needed to decrypt the root device(s). diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index de8451bbe31..3bc33a20a09 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -263,6 +263,13 @@ checkFS() { return 0 fi + # Device might be already mounted manually + # e.g. NBD-device or the host filesystem of the file which contains encrypted root fs + if mount | grep -q "^$device on "; then + echo "skip checking already mounted $device" + return 0 + fi + # Optionally, skip fsck on journaling filesystems. This option is # a hack - it's mostly because e2fsck on ext3 takes much longer to # recover the journal than the ext3 implementation in the kernel diff --git a/nixos/modules/virtualisation/azure-agent.nix b/nixos/modules/virtualisation/azure-agent.nix index b7ab54aab7e..770cefbcd51 100644 --- a/nixos/modules/virtualisation/azure-agent.nix +++ b/nixos/modules/virtualisation/azure-agent.nix @@ -77,7 +77,7 @@ in config = mkIf cfg.enable { assertions = [ { assertion = pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64; - message = "Azure not currently supported on ${pkgs.stdenv.system}"; + message = "Azure not currently supported on ${pkgs.stdenv.hostPlatform.system}"; } { assertion = config.networking.networkmanager.enable == false; message = "Windows Azure Linux Agent is not compatible with NetworkManager"; diff --git a/nixos/modules/virtualisation/brightbox-image.nix b/nixos/modules/virtualisation/brightbox-image.nix index 39a655b4c10..e716982c510 100644 --- a/nixos/modules/virtualisation/brightbox-image.nix +++ b/nixos/modules/virtualisation/brightbox-image.nix @@ -26,7 +26,7 @@ in rm $diskImageBase popd ''; - diskImageBase = "nixos-image-${config.system.nixos.label}-${pkgs.stdenv.system}.raw"; + diskImageBase = "nixos-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.raw"; buildInputs = [ pkgs.utillinux pkgs.perl ]; exportReferencesGraph = [ "closure" config.system.build.toplevel ]; diff --git a/nixos/modules/virtualisation/google-compute-image.nix b/nixos/modules/virtualisation/google-compute-image.nix index de2c43b8a40..4c7cffcf455 100644 --- a/nixos/modules/virtualisation/google-compute-image.nix +++ b/nixos/modules/virtualisation/google-compute-image.nix @@ -14,7 +14,7 @@ in PATH=$PATH:${pkgs.stdenv.lib.makeBinPath [ pkgs.gnutar pkgs.gzip ]} pushd $out mv $diskImage disk.raw - tar -Szcf nixos-image-${config.system.nixos.label}-${pkgs.stdenv.system}.raw.tar.gz disk.raw + tar -Szcf nixos-image-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.raw.tar.gz disk.raw rm $out/disk.raw popd ''; diff --git a/nixos/modules/virtualisation/virtualbox-guest.nix b/nixos/modules/virtualisation/virtualbox-guest.nix index 78c6f740788..834b994e92d 100644 --- a/nixos/modules/virtualisation/virtualbox-guest.nix +++ b/nixos/modules/virtualisation/virtualbox-guest.nix @@ -34,7 +34,7 @@ in config = mkIf cfg.enable (mkMerge [{ assertions = [{ assertion = pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64; - message = "Virtualbox not currently supported on ${pkgs.stdenv.system}"; + message = "Virtualbox not currently supported on ${pkgs.stdenv.hostPlatform.system}"; }]; environment.systemPackages = [ kernel.virtualboxGuestAdditions ]; diff --git a/nixos/modules/virtualisation/virtualbox-image.nix b/nixos/modules/virtualisation/virtualbox-image.nix index 475852d1546..60048911658 100644 --- a/nixos/modules/virtualisation/virtualbox-image.nix +++ b/nixos/modules/virtualisation/virtualbox-image.nix @@ -26,21 +26,21 @@ in { }; vmDerivationName = mkOption { type = types.str; - default = "nixos-ova-${config.system.nixos.label}-${pkgs.stdenv.system}"; + default = "nixos-ova-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}"; description = '' The name of the derivation for the VirtualBox appliance. ''; }; vmName = mkOption { type = types.str; - default = "NixOS ${config.system.nixos.label} (${pkgs.stdenv.system})"; + default = "NixOS ${config.system.nixos.label} (${pkgs.stdenv.hostPlatform.system})"; description = '' The name of the VirtualBox appliance. ''; }; vmFileName = mkOption { type = types.str; - default = "nixos-${config.system.nixos.label}-${pkgs.stdenv.system}.ova"; + default = "nixos-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.ova"; description = '' The file name of the VirtualBox appliance. ''; @@ -67,10 +67,10 @@ in { echo "creating VirtualBox VM..." vmName="${cfg.vmName}"; VBoxManage createvm --name "$vmName" --register \ - --ostype ${if pkgs.stdenv.system == "x86_64-linux" then "Linux26_64" else "Linux26"} + --ostype ${if pkgs.stdenv.hostPlatform.system == "x86_64-linux" then "Linux26_64" else "Linux26"} VBoxManage modifyvm "$vmName" \ --memory ${toString cfg.memorySize} --acpi on --vram 32 \ - ${optionalString (pkgs.stdenv.system == "i686-linux") "--pae on"} \ + ${optionalString (pkgs.stdenv.hostPlatform.system == "i686-linux") "--pae on"} \ --nictype1 virtio --nic1 nat \ --audiocontroller ac97 --audio alsa \ --rtcuseutc on \ diff --git a/nixos/modules/virtualisation/vmware-guest.nix b/nixos/modules/virtualisation/vmware-guest.nix index 68930a0e325..15c78f14c52 100644 --- a/nixos/modules/virtualisation/vmware-guest.nix +++ b/nixos/modules/virtualisation/vmware-guest.nix @@ -22,7 +22,7 @@ in config = mkIf cfg.enable { assertions = [ { assertion = pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64; - message = "VMWare guest is not currently supported on ${pkgs.stdenv.system}"; + message = "VMWare guest is not currently supported on ${pkgs.stdenv.hostPlatform.system}"; } ]; environment.systemPackages = [ open-vm-tools ]; diff --git a/nixos/modules/virtualisation/xen-dom0.nix b/nixos/modules/virtualisation/xen-dom0.nix index cf57868acef..70e575b6c0d 100644 --- a/nixos/modules/virtualisation/xen-dom0.nix +++ b/nixos/modules/virtualisation/xen-dom0.nix @@ -146,7 +146,7 @@ in config = mkIf cfg.enable { assertions = [ { assertion = pkgs.stdenv.isx86_64; - message = "Xen currently not supported on ${pkgs.stdenv.system}"; + message = "Xen currently not supported on ${pkgs.stdenv.hostPlatform.system}"; } { assertion = config.boot.loader.grub.enable && (config.boot.loader.grub.efiSupport == false); message = "Xen currently does not support EFI boot"; diff --git a/nixos/release.nix b/nixos/release.nix index b80ab44eced..a91dda5fa74 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -422,6 +422,7 @@ in rec { tests.yabar = callTest tests/yabar.nix {}; tests.zookeeper = callTest tests/zookeeper.nix {}; tests.morty = callTest tests/morty.nix { }; + tests.bcachefs = callTest tests/bcachefs.nix { }; /* Build a bunch of typical closures so that Hydra can keep track of the evolution of closure sizes. */ diff --git a/nixos/tests/bcachefs.nix b/nixos/tests/bcachefs.nix new file mode 100644 index 00000000000..658676ef0ab --- /dev/null +++ b/nixos/tests/bcachefs.nix @@ -0,0 +1,38 @@ +import ./make-test.nix ({ pkgs, ... }: { + name = "bcachefs"; + meta.maintainers = with pkgs.stdenv.lib.maintainers; [ chiiruno ]; + + machine = { pkgs, ... }: { + virtualisation.emptyDiskImages = [ 4096 ]; + networking.hostId = "deadbeef"; + boot.supportedFilesystems = [ "bcachefs" ]; + environment.systemPackages = with pkgs; [ parted ]; + }; + + testScript = '' + $machine->succeed("modprobe bcachefs"); + $machine->succeed("bcachefs version"); + $machine->succeed("ls /dev"); + + $machine->succeed( + "mkdir /tmp/mnt", + + "udevadm settle", + "parted --script /dev/vdb mklabel msdos", + "parted --script /dev/vdb -- mkpart primary 1024M -1s", + "udevadm settle", + + # Due to #32279, we cannot use encryption for this test yet + # "echo password | bcachefs format --encrypted /dev/vdb1", + # "echo password | bcachefs unlock /dev/vdb1", + "bcachefs format /dev/vdb1", + "mount -t bcachefs /dev/vdb1 /tmp/mnt", + "udevadm settle", + + "bcachefs fs usage /tmp/mnt", + + "umount /tmp/mnt", + "udevadm settle" + ); + ''; +}) diff --git a/nixos/tests/gnome3-gdm.nix b/nixos/tests/gnome3-gdm.nix index 1f590f337fd..959030d5988 100644 --- a/nixos/tests/gnome3-gdm.nix +++ b/nixos/tests/gnome3-gdm.nix @@ -11,7 +11,6 @@ import ./make-test.nix ({ pkgs, ...} : { services.xserver.enable = true; - services.xserver.displayManager.slim.enable = false; services.xserver.displayManager.gdm = { enable = true; autoLogin = { diff --git a/nixos/tests/gnome3.nix b/nixos/tests/gnome3.nix index af2404bf530..3f0368592b8 100644 --- a/nixos/tests/gnome3.nix +++ b/nixos/tests/gnome3.nix @@ -11,6 +11,7 @@ import ./make-test.nix ({ pkgs, ...} : { services.xserver.enable = true; + services.xserver.displayManager.gdm.enable = false; services.xserver.displayManager.lightdm.enable = true; services.xserver.displayManager.lightdm.autoLogin.enable = true; services.xserver.displayManager.lightdm.autoLogin.user = "alice"; diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 507665190a2..3d31c8dc445 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -233,13 +233,16 @@ let [ sudo libxml2.bin libxslt.bin + desktop-file-utils docbook5 docbook_xsl_ns unionfs-fuse ntp - nixos-artwork.wallpapers.gnome-dark + nixos-artwork.wallpapers.simple-dark-gray-bottom perlPackages.XMLLibXML perlPackages.ListCompare + shared-mime-info + texinfo xorg.lndir # add curl so that rather than seeing the test attempt to download diff --git a/nixos/tests/nfs.nix b/nixos/tests/nfs.nix index 1992f240e7b..0ef44f1a489 100644 --- a/nixos/tests/nfs.nix +++ b/nixos/tests/nfs.nix @@ -6,7 +6,8 @@ let { pkgs, ... }: { fileSystems = pkgs.lib.mkVMOverride [ { mountPoint = "/data"; - device = "server:/data"; + # nfs4 exports the export with fsid=0 as a virtual root directory + device = if (version == 4) then "server:/" else "server:/data"; fsType = "nfs"; options = [ "vers=${toString version}" ]; } |