diff options
| author | Vladimír Čunát <v@cunat.cz> | 2023-11-16 22:06:22 +0100 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2023-11-16 22:06:22 +0100 |
| commit | a7a8f8253db3f32cc15baf527d36ef7171425eba (patch) | |
| tree | 5de25f1c82e7892f6aec7b3e5ddb718ff0c50df2 /nixos | |
| parent | f31242fcfd14e870eb6898fc8849bc4dee883054 (diff) | |
| parent | 391aafc3d6b17ed5517795eb8b9c41ed7c6082e3 (diff) | |
| download | nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar.gz nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar.bz2 nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar.lz nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar.xz nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.tar.zst nixpkgs-a7a8f8253db3f32cc15baf527d36ef7171425eba.zip | |
Merge #263535: staging-next 2023-10-26
Diffstat (limited to 'nixos')
6 files changed, 71 insertions, 27 deletions
diff --git a/nixos/doc/manual/release-notes/rl-2311.section.md b/nixos/doc/manual/release-notes/rl-2311.section.md index 76ed62e4878..5cb5fec2305 100644 --- a/nixos/doc/manual/release-notes/rl-2311.section.md +++ b/nixos/doc/manual/release-notes/rl-2311.section.md @@ -270,6 +270,18 @@ - `fileSystems.<name>.autoResize` now uses `systemd-growfs` to resize the file system online in stage 2. This means that `f2fs` and `ext2` can no longer be auto resized, while `xfs` and `btrfs` now can be. +- `fuse3` has been updated from 3.11.0 to 3.16.2; see [ChangeLog.rst](https://github.com/libfuse/libfuse/blob/fuse-3.16.2/ChangeLog.rst#libfuse-3162-2023-10-10) for an overview of the changes. + + Unsupported mount options are no longer silently accepted [(since 3.15.0)](https://github.com/libfuse/libfuse/blob/fuse-3.16.2/ChangeLog.rst#libfuse-3150-2023-06-09). The [affected mount options](https://github.com/libfuse/libfuse/commit/dba6b3983af34f30de01cf532dff0b66f0ed6045) are: `atime`, `diratime`, `lazytime`, `nolazytime`, `relatime`, `norelatime`, `strictatime`. + + For example, + + ```bash + $ sshfs 127.0.0.1:/home/test/testdir /home/test/sshfs_mnt -o atime` + ``` + + would previously terminate successfully with the mount point established, now it outputs the error message ``fuse: unknown option(s): `-o atime'`` and terminates with exit status 1. + - `nixos-rebuild {switch,boot,test,dry-activate}` now runs the system activation inside `systemd-run`, creating an ephemeral systemd service and protecting the system switch against issues like network disconnections during remote (e.g. SSH) sessions. This has the side effect of running the switch in an isolated environment, that could possible break post-switch scripts that depends on things like environment variables being set. If you want to opt-out from this behavior for now, you may set the `NIXOS_SWITCH_USE_DIRTY_ENV` environment variable before running `nixos-rebuild`. However, keep in mind that this option will be removed in the future. - The `services.vaultwarden.config` option default value was changed to make Vaultwarden only listen on localhost, following the [secure defaults for most NixOS services](https://github.com/NixOS/nixpkgs/issues/100192). diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index 71737cd8ebc..2f9edba4f0c 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -257,6 +257,7 @@ foreach my $path (glob "/sys/class/{block,mmc_host}/*") { # Add bcache module, if needed. my @bcacheDevices = glob("/dev/bcache*"); +@bcacheDevices = grep(!qr#dev/bcachefs.*#, @bcacheDevices); if (scalar @bcacheDevices > 0) { push @initrdAvailableKernelModules, "bcache"; } @@ -467,6 +468,19 @@ EOF # boot.tmp.useTmpfs option in configuration.nix (managed declaratively). next if ($mountPoint eq "/tmp" && $fsType eq "tmpfs"); + # This should work for single and multi-device systems. + # still needs subvolume support + if ($fsType eq "bcachefs") { + my ($status, @info) = runCommand("bcachefs fs usage $rootDir$mountPoint"); + my $UUID = $info[0]; + + if ($status == 0 && $UUID =~ /^Filesystem:[ \t\n]*([0-9a-z-]+)/) { + $stableDevPath = "UUID=$1"; + } else { + print STDERR "warning: can't find bcachefs mount UUID falling back to device-path"; + } + } + # Emit the filesystem. $fileSystems .= <<EOF; fileSystems.\"$mountPoint\" = diff --git a/nixos/modules/services/desktops/pipewire/pipewire.nix b/nixos/modules/services/desktops/pipewire/pipewire.nix index ae695baf42c..07ca2727cf4 100644 --- a/nixos/modules/services/desktops/pipewire/pipewire.nix +++ b/nixos/modules/services/desktops/pipewire/pipewire.nix @@ -115,8 +115,7 @@ in { environment.systemPackages = [ cfg.package ] ++ lib.optional cfg.jack.enable jack-libs; - systemd.packages = [ cfg.package ] - ++ lib.optional cfg.pulse.enable cfg.package.pulse; + systemd.packages = [ cfg.package ]; # PipeWire depends on DBUS but doesn't list it. Without this booting # into a terminal results in the service crashing with an error. @@ -130,9 +129,13 @@ in { systemd.user.sockets.pipewire.enable = !cfg.systemWide; systemd.user.services.pipewire.enable = !cfg.systemWide; + # Mask pw-pulse if it's not wanted + systemd.user.services.pipewire-pulse.enable = cfg.pulse.enable; + systemd.user.sockets.pipewire-pulse.enable = cfg.pulse.enable; + systemd.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ]; systemd.user.sockets.pipewire.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ]; - systemd.user.sockets.pipewire-pulse.wantedBy = lib.mkIf (cfg.socketActivation && cfg.pulse.enable) ["sockets.target"]; + systemd.user.sockets.pipewire-pulse.wantedBy = lib.mkIf cfg.socketActivation [ "sockets.target" ]; services.udev.packages = [ cfg.package ]; @@ -140,14 +143,14 @@ in { environment.etc."alsa/conf.d/49-pipewire-modules.conf" = mkIf cfg.alsa.enable { text = '' pcm_type.pipewire { - libs.native = ${cfg.package.lib}/lib/alsa-lib/libasound_module_pcm_pipewire.so ; + libs.native = ${cfg.package}/lib/alsa-lib/libasound_module_pcm_pipewire.so ; ${optionalString enable32BitAlsaPlugins - "libs.32Bit = ${pkgs.pkgsi686Linux.pipewire.lib}/lib/alsa-lib/libasound_module_pcm_pipewire.so ;"} + "libs.32Bit = ${pkgs.pkgsi686Linux.pipewire}/lib/alsa-lib/libasound_module_pcm_pipewire.so ;"} } ctl_type.pipewire { - libs.native = ${cfg.package.lib}/lib/alsa-lib/libasound_module_ctl_pipewire.so ; + libs.native = ${cfg.package}/lib/alsa-lib/libasound_module_ctl_pipewire.so ; ${optionalString enable32BitAlsaPlugins - "libs.32Bit = ${pkgs.pkgsi686Linux.pipewire.lib}/lib/alsa-lib/libasound_module_ctl_pipewire.so ;"} + "libs.32Bit = ${pkgs.pkgsi686Linux.pipewire}/lib/alsa-lib/libasound_module_ctl_pipewire.so ;"} } ''; }; diff --git a/nixos/modules/services/networking/ircd-hybrid/builder.sh b/nixos/modules/services/networking/ircd-hybrid/builder.sh index d9d2e4264df..07a3788abf7 100644 --- a/nixos/modules/services/networking/ircd-hybrid/builder.sh +++ b/nixos/modules/services/networking/ircd-hybrid/builder.sh @@ -1,4 +1,4 @@ -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup doSub() { diff --git a/nixos/modules/services/web-servers/jboss/builder.sh b/nixos/modules/services/web-servers/jboss/builder.sh index ac573089cd5..8c49b87db06 100644 --- a/nixos/modules/services/web-servers/jboss/builder.sh +++ b/nixos/modules/services/web-servers/jboss/builder.sh @@ -1,6 +1,6 @@ set -e -if [ -e .attrs.sh ]; then source .attrs.sh; fi +if [ -e "$NIX_ATTRS_SH_FILE" ]; then . "$NIX_ATTRS_SH_FILE"; elif [ -f .attrs.sh ]; then . .attrs.sh; fi source $stdenv/setup mkdir -p $out/bin diff --git a/nixos/modules/tasks/filesystems/bcachefs.nix b/nixos/modules/tasks/filesystems/bcachefs.nix index 4eadec239e6..af7ba7aa6a0 100644 --- a/nixos/modules/tasks/filesystems/bcachefs.nix +++ b/nixos/modules/tasks/filesystems/bcachefs.nix @@ -6,23 +6,39 @@ let bootFs = filterAttrs (n: fs: (fs.fsType == "bcachefs") && (utils.fsNeededForBoot fs)) config.fileSystems; - mountCommand = pkgs.runCommand "mount.bcachefs" {} '' - mkdir -p $out/bin - cat > $out/bin/mount.bcachefs <<EOF - #!/bin/sh - exec "/bin/bcachefs" mount "\$@" - EOF - chmod +x $out/bin/mount.bcachefs - ''; - commonFunctions = '' prompt() { local name="$1" printf "enter passphrase for $name: " } + tryUnlock() { local name="$1" local path="$2" + local success=false + local target + local uuid=$(echo -n $path | sed -e 's,UUID=\(.*\),\1,g') + + printf "waiting for device to appear $path" + for try in $(seq 10); do + if [ -e $path ]; then + success=true + break + else + target=$(blkid --uuid $uuid) + if [ $? == 0 ]; then + success=true + break + fi + fi + echo -n "." + sleep 1 + done + printf "\n" + if [ $success == true ]; then + path=$target + fi + if bcachefs unlock -c $path > /dev/null 2> /dev/null; then # test for encryption prompt $name until bcachefs unlock $path 2> /dev/null; do # repeat until successfully unlocked @@ -30,6 +46,8 @@ let prompt $name done printf "unlocking successful.\n" + else + echo "Cannot unlock device $uuid with path $path" >&2 fi } ''; @@ -77,13 +95,11 @@ in { config = mkIf (elem "bcachefs" config.boot.supportedFilesystems) (mkMerge [ { - # We do not want to include bachefs in the fsPackages for systemd-initrd - # because we provide the unwrapped version of mount.bcachefs - # through the extraBin option, which will make it available for use. - system.fsPackages = lib.optional (!config.boot.initrd.systemd.enable) pkgs.bcachefs-tools; - environment.systemPackages = lib.optional (config.boot.initrd.systemd.enable) pkgs.bcachefs-tools; + # needed for systemd-remount-fs + system.fsPackages = [ pkgs.bcachefs-tools ]; # use kernel package with bcachefs support until it's in mainline + # TODO replace with requireKernelConfig boot.kernelPackages = pkgs.linuxPackages_testing_bcachefs; systemd.services = lib.mapAttrs' (mkUnits "") (lib.filterAttrs (n: fs: (fs.fsType == "bcachefs") && (!utils.fsNeededForBoot fs)) config.fileSystems); @@ -92,15 +108,14 @@ in (mkIf ((elem "bcachefs" config.boot.initrd.supportedFilesystems) || (bootFs != {})) { # chacha20 and poly1305 are required only for decryption attempts boot.initrd.availableKernelModules = [ "bcachefs" "sha256" "chacha20" "poly1305" ]; - boot.initrd.systemd.extraBin = { + # do we need this? boot/systemd.nix:566 & boot/systemd/initrd.nix:357 "bcachefs" = "${pkgs.bcachefs-tools}/bin/bcachefs"; - "mount.bcachefs" = "${mountCommand}/bin/mount.bcachefs"; + "mount.bcachefs" = "${pkgs.bcachefs-tools}/bin/mount.bcachefs"; }; - boot.initrd.extraUtilsCommands = lib.mkIf (!config.boot.initrd.systemd.enable) '' copy_bin_and_libs ${pkgs.bcachefs-tools}/bin/bcachefs - copy_bin_and_libs ${mountCommand}/bin/mount.bcachefs + copy_bin_and_libs ${pkgs.bcachefs-tools}/bin/mount.bcachefs ''; boot.initrd.extraUtilsCommandsTest = lib.mkIf (!config.boot.initrd.systemd.enable) '' $out/bin/bcachefs version |