| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
to ext4 for now
Fix #61859.
Assertion fails when a Google Compute Engine image is built, because
now choices of filesystem types are restricted to `f2fs` and `ext` family if
auto-resizing is enabled.
This change will pin the filesystem used on such an image to be `ext4` for now.
|
| | |
|
| |\
| |
| | |
treewide: Remove usage of isNull
|
| | |
| |
| |
| | |
isNull "is deprecated; just write e == null instead" says the Nix manual
|
| | |
| |
| |
| |
| | |
E.g. these were using "<para>" at the *end* of a description. The real
WTF is that this is possible at all...
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Quite some fixing was needed to get this to work.
Changes in VirtualBox and additions:
- VirtualBox is no longer officially supported on 32-bit hosts so i686-linux is removed from platforms
for VirtualBox and the extension pack. 32-bit additions still work.
- There was a refactoring of kernel module makefiles and two resulting bugs affected us which had to be patched.
These bugs were reported to the bug tracker (see comments near patches).
- The Qt5X11Extras makefile patch broke. Fixed it to apply again, making the libraries logic simpler
and more correct (it just uses a different base path instead of always linking to Qt5X11Extras).
- Added a patch to remove "test1" and "test2" kernel messages due to forgotten debugging code.
- virtualbox-host NixOS module: the VirtualBoxVM executable should be setuid not VirtualBox.
This matches how the official installer sets it up.
- Additions: replaced a for loop for installing kernel modules with just a "make install",
which seems to work without any of the things done in the previous code.
- Additions: The package defined buildCommand which resulted in phases not running, including RUNPATH
stripping in fixupPhase, and installPhase was defined which was not even run. Fixed this by
refactoring using phases. Had to set dontStrip otherwise binaries were broken by stripping.
The libdbus path had to be added later in fixupPhase because it is used via dlopen not directly linked.
- Additions: Added zlib and libc to patchelf, otherwise runtime library errors result from some binaries.
For some reason the missing libc only manifested itself for mount.vboxsf when included in the initrd.
Changes in nixos/tests/virtualbox:
- Update the simple-gui test to send the right keys to start the VM. With VirtualBox 5
it was enough to just send "return", but with 6 the Tools thing may be selected by
default. Send "home" to reliably select Tools, "down" to move to the VM and "return"
to start it.
- Disable the VirtualBox UART by default because it causes a crash due to a regression
in VirtualBox (specific to software virtualization and serial port usage). It can
still be enabled using an option but there is an assert that KVM nested virtualization
is enabled, which works around the problem (see below).
- Add an option to enable nested KVM virtualization, allowing VirtualBox to use hardware
virtualization. This works around the UART problem and also allows using 64-bit
guests, but requires a kernel module parameter.
- Add an option to run 64-bit guests. Tested that the tests pass with that. As mentioned
this requires KVM nested virtualization.
|
| |
|
|
| |
Fixes issue introduced by #57557
|
| |\
| |
| | |
nixos/virtualbox: add swap file
|
| | |
| |
| |
| |
| |
| |
| | |
Puts 2G swap in /var/swap of OVA. This serves as backup when you hit
the memory cap for the image.
Fixes #57171 and fixes #22696
|
| | | |
|
| |\ \
| | |
| | | |
tree-wide: nixos: /var/run -> /run
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Regression introduced by c94005358c185d8262814a5b59b2b4185183bd95.
The commit introduced declarative docker containers and subsequently
enables docker whenever any declarative docker containers are defined.
This is done via an option with type "attrsOf somesubmodule" and a check
on whether the attribute set is empty.
Unfortunately, the check was whether a *list* is empty rather than
wether an attribute set is empty, so "mkIf (cfg != [])" *always*
evaluates to true and thus subsequently enables docker by default:
$ nix-instantiate --eval nixos --arg configuration {} \
-A config.virtualisation.docker.enable
true
Fixing this is simply done by changing the check to "mkIf (cfg != {})".
Tested this by running the "docker-containers" NixOS test and it still
passes.
Signed-off-by: aszlig <aszlig@nix.build>
Cc: @benley, @danbst, @Infinisil, @nlewo
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This otherwise does not eval `:tested` any more, which means no nixos
channel updates.
Regression comes from 0eb6d0735f599fa84e99b727c93681bcae96c845 (#57751)
which added an assertion stopping the use of `autoResize` when the
filesystem cannot be resized automatically.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* WIP: Run Docker containers as declarative systemd services
* PR feedback round 1
* docker-containers: add environment, ports, user, workdir options
* docker-containers: log-driver, string->str, line wrapping
* ExecStart instead of script wrapper, %n for container name
* PR feedback: better description and example formatting
* Fix docbook formatting (oops)
* Use a list of strings for ports, expand documentation
* docker-continers: add a simple nixos test
* waitUntilSucceeds to avoid potential weird async issues
* Don't enable docker daemon unless we actually need it
* PR feedback: leave ExecReload undefined
|
| |\ \ \
| | | |
| | | | |
nixos/containers: create veths if only IPv6 is configured
|
| | |/ /
| | |
| | |
| | | |
This fixes the failing nixos.tests.containers-ipv6 test. Thanks to andir.
|
| |\ \ \
| | | |
| | | | |
anbox: init at 2019-03-07
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Co-authored-by: Luke Adams <luke.adams@belljar.io>
Co-authored-by: Volth <volth@webmaster.ms>
Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
Co-authored-by: Edward Tjörnhammar <ed@cflags.cc>
Co-authored-by: Gabriel Ebner <gebner@gebner.org>
|
| |/ /
| |
| |
| |
| |
| | |
Since 34234dcb511066dd1e4fe75d80ee89519a8c8001, the reisizefs tool is
embeded only if the `fsType` starts with `ext`. The default `fsType`
value is `auto`.
|
| |/
|
|
|
|
| |
Since 34234dcb511, for resize2fs to be automatically included in
initrd, a filesystem needed for boot must be explicitly defined as an
ext* type filesystem.
|
| | |
|
| |\
| |
| | |
virtualbox: add warning for ineffective nixpkgs config
|
| | |
| |
| |
| |
| | |
nixpkgs.config.virtualbox.enableExtensionPack doesn't do anything, but
used to. Add a warning for the unsuspecting.
|
| |/ |
|
| |\
| |
| | |
nixos/cloudstack-image: initial import
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cloudstack images are simply using cloud-init. They are not headless
as a user usually have access to a console. Otherwise, the difference
with Openstack are mostly handled by cloud-init.
This is still some minor issues. Notably, there is no non-root user.
Other cloud images usually come with a user named after the
distribution and with sudo. Would it make sense for NixOS?
Cloudstack gives the user the ability to change the password.
Cloud-init support for this is imperfect and the set-passwords module
should be declared as `- [set-passwords, always]` for this to work. I
don't know if there is an easy way to "patch" default cloud-init
configuration. However, without a non-root user, this is of no use.
Similarly, hostname is usually set through cloud-init using
`set_hostname` and `update_hostname` modules. While the patch to
declare nixos to cloud-init contains some code to set hostname, the
previously mentioned modules are not enabled.
|
| |\ \
| | |
| | | |
vmware: move from services to virtualisation and add support for paravirtual controller
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
nixos/dockerPreloader: guard the entire implemetation with mkIf on image list
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
Remove cloud-init from the Openstack image configuration
|
| | | | |
| | | |
| | | |
| | | | |
To share the metadata fetcher script between ec2 and Openstack images.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
This is to let the `ec2-data.nix` module sets the hostname from the
metadata API value.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
People don't necessary know `nova` is related to Openstack (it is a
component of Openstack). So, it is more explicit to call it
`openstackImage`.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This allows the VM to provide a `configuration.nix` file to the VM.
The test doesn't work in sandbox because it needs Internet (however it
works interactively).
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The Openstack metadata service exposes the EC2 API. We use the
existing `ec2.nix` module to configure the hostname and ssh keys of an
Openstack Instance.
A test checks the ssh server is well configured.
This is mainly to reduce the size of the image (700MB). Also,
declarative features provided by cloud-init are not really useful
since we would prefer to use our `configuration.nix` file instead.
|
| |\ \ \ \
| |/ / /
|/| | | |
nixos/containers: add bridge without address specified
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
According to systemd-nspawn(1), --network-bridge implies --network-veth,
and --port option is supported only when private networking is enabled.
Fixes #52417.
|
| |\ \ \ \
| | | | |
| | | | | |
nixos/containers: explicitly set link up on host for extraVeths
|
| | |/ / / |
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
The option is `false` by default since
e349ccc77febd45abbd14be14f7de123ec4a4da2, so we don’t need to mention
it explicitely in these minimal configs.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
google-accounts-daemon
Use googleOsLogin for login instead.
This allows setting users.mutableUsers back to false, and to strip the
security.sudo.extraConfig.
security.sudo.enable is default anyhow, so we can remove that as well.
|
| |\ \ \
| | | |
| | | | |
nixos/containers: Add assertion for container name length
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When privateNetwork is enabled, currently the container's interface name
is derived from the container name. However, there's a hard limit
on the size of interface names. To avoid conflicts and other issues,
we set a limit on the container name when privateNetwork is enabled.
Fixes #38509
|
| |\ \ \ \
| |/ / /
|/| | | |
nixos/containers: don't create veths if not configured
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, setting "privateNetwork = true" without specifying host and
local addresses would create unconfigured interfaces: ve-$INSTANCE on the host
and eth0 inside the container.
These changes is rebased part of the original PR #3021.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Also clear up the misleading comment: This env var isn't
root-specific, it's needed for all users.
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
* move GCE system configuration to `google-compute-config.nix`
* remove `fetch-ssh-keys` service (disabled in comment)
|