| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
This reverts commit 66967ec7521d065f605795d64ddbbbd4fcd448c3, reversing
changes made to fb6595eafdb90ef0bc7a31c2bfc9204e4cad11d9.
Fixes #70442; discussion: https://github.com/NixOS/nixpkgs/pull/70027
|
| |\
| |
| |
| |
| | |
joachifm/feat/containers-private-networking-lockKernelModules-compat
nixos/containers: explicitly load kernel modules for networking
|
| | |
| |
| |
| |
| |
| |
| | |
List all modules that *may* be required depending on individual container
configurations; don't expect that further modules can be loaded after boot.
Fixes https://github.com/NixOS/nixpkgs/issues/38676
|
| |\ \
| | |
| | | |
nixos/nix-optimise: be smarter about when we run the store optimiser
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We might be inside a NixOS container on a non-NixOS host, so instead of not
running at all inside a container, check if the nix-daemon socket is writable as
it will tell us if the store is managed from here or outside.
Fixes #63578
|
| |\ \ \
| |_|/
|/| | |
machinectl compliant NixOS installation
|
| | | |
| | |
| | |
| | |
| | | |
Avoid assertion in nixos/modules/system/boot/resolved.nix
if service systemd-resolved is enabled.
|
| |/ /
| |
| | |
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes the warning being emitted by nixos-rebuild switch:
building Nix...
building the system configuration...
trace: warning: types.string is deprecated because it quietly concatenates strings
It started emitting a warning in #66346.
|
| |\| |
| | |
| | |
| | | |
Fixed trivial conflicts caused by removing rec.
|
| | |\ \ |
|
| | | | |
| | | |
| | | |
| | | | |
GTK was renamed.
|
| | | | | |
|
| | | | | |
|
| | |/ / |
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since https://github.com/NixOS/nixpkgs/pull/61321, local-fs.target is
part of sysinit.target again, meaning units without
DefaultDependencies=no will automatically depend on it, and the manual
set dependencies can be dropped.
|
| | |\ \
| | | |
| | | | |
google-compute-config.nix: fix comments, update google-*.service units, fix paths in gce
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
We make them available at ${gce}/sysctl.d and add them to
environments.etc, like we do with the systemd ones.
|
| | | | |
| | | |
| | | |
| | | | |
It executes bin/google_set_multiqueue which will execute basename
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
With local-fs.target part of sysinit.target
(https://github.com/NixOS/nixpkgs/pull/61321), we don't need to add it
explicitly to certain units anymore, and can change dependencies like
they are in other distros (I picked from Google's official CentOS 7
image here).
Like them, use StandardOutput=journal+console to pipe google-*.service
output to the serial console as well.
|
| | | | |
| | | |
| | | |
| | | | |
also move OS Login next to it, for better understandability
|
| | | | | |
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
And replace them with a more appropriate type
Also fix up some minor module problems along the way
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Default is now 1m instead of global default of 15sec. It is also
configurable.
Fixes issue where start of many containers (40+) fail
https://github.com/NixOS/nixpkgs/issues/65001
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adds a new ``onBoot`` option that allows specifying the action taken on
guests when the host boots. Specifying "start" ensures all guests that were
running prior to shutdown are started, regardless of their autostart settings.
Specifying "ignore" will make libvirtd ignore such guests. Any guest marked as
autostart will still be automatically started by libvirtd.
|
| | | | |
|
| | |\ \
| | | |
| | | | |
nixos/containers: add unprivileged option
|
| | | | |
| | | |
| | | |
| | | | |
Fixes #57083.
|
| | |/ /
| | |
| | |
| | | |
Fixes #67174.
|
| | |\ \
| | | |
| | | | |
nixos/containers: add 'ephemeral' option
|
| | | | | |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
systemd provides two sysctl snippets, 50-coredump.conf and
50-default.conf.
These enable:
- Loose reverse path filtering
- Source route filtering
- `fq_codel` as a packet scheduler (this helps to fight bufferbloat)
This also configures the kernel to pass coredumps to `systemd-coredump`.
These sysctl snippets can be found in `/etc/sysctl.d/50-*.conf`,
and overridden via `boot.kernel.sysctl`
(which will place the parameters in `/etc/sysctl.d/60-nixos.conf`.
Let's start using these, like other distros already do for quite some
time, and remove those duplicate `boot.kernel.sysctl` options we
previously did set.
In the case of rp_filter (which systemd would set to 2 (loose)), make
our overrides to "1" more explicit.
|
| |/ / |
|
| | | |
|
| |\ \
| | |
| | | |
nixos: Don't set LD_LIBRARY_PATH for graphics drivers that don't need it.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A new internal option `hardware.opengl.setLdLibraryPath` is added which controls if `LD_LIBRARY_PATH` should be set to `/run/opengl-driver(-32)/lib`. It is false by default and is meant to be set to true by any driver which requires it. If this option is false, then `opengl.nix` and `xserver.nix` will not set `LD_LIBRARY_PATH`.
Currently Mesa and NVidia drivers don't set `setLdLibraryPath` because they work with libglvnd and do not override libraries, while `amdgpu-pro`, `ati` and `parallels-guest` set it to true (the former two really need it, the last one doesn't build so is presumed to).
Additionally, the `libPath` attribute within entries of `services.xserver.drivers` is removed. This made `xserver.nix` add the driver path directly to the `LD_LIBRARY_PATH` for the display manager (including X server). Not only is it redundant when the driver is added to `hardware.opengl.package` (assuming that `hardware.opengl.enable` is true), in fact all current drivers except `ati` set it incorrectly to the package path instead of package/lib.
This removal of `LD_LIBRARY_PATH` could break certain packages using CUDA, but only those that themselves load `libcuda` or other NVidia driver libraries using `dlopen` (not if they just use `cudatoolkit`). A few have already been fixed but it is practically impossible to test all because most packages using CUDA are libraries/frameworks without a simple way to test.
Fixes #11434 if only Mesa or NVidia graphics drivers are used.
|
| |\ \ \ |
|
| | | | | |
|
| |\| | | |
|
| | |\ \ \
| | | | |
| | | | | |
libvirt: support proper networking in user session
|
| | | | | | |
|
| |/ / / / |
|
| | |_|/
|/| | |
|
| |\ \ \
| | | |
| | | | |
nixos/kvmgt: fix starting condition
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* treewide: remove unused variables
* making ofborg happy
|