diff options
| author | Jared Baur <jaredbaur@fastmail.com> | 2024-05-03 06:27:42 -0700 |
|---|---|---|
| committer | Jared Baur <jaredbaur@fastmail.com> | 2024-05-10 16:33:06 -0700 |
| commit | 32bf051ba48d9e0c7120d335ca2f33f858e3de97 (patch) | |
| tree | 0bf002f77d9b1733f44169f7bbfab06a0162be60 /nixos/modules/system | |
| parent | e21dccc5a1e3b278e263776b052f325b26b65864 (diff) | |
nixos/switch-to-configuration: add new implementation
This adds an implementation of switch-to-configuration that allows for
closer interaction with the lifecycle of systemd units by using DBus
APIs directly instead of using systemctl. It is disabled by default, but
can be enabled by specifying `{ system.switch = { enable = false; enableNg = true; }; }`.
Diffstat (limited to 'nixos/modules/system')
| -rw-r--r-- | nixos/modules/system/activation/switchable-system.nix | 109 |
1 files changed, 75 insertions, 34 deletions
diff --git a/nixos/modules/system/activation/switchable-system.nix b/nixos/modules/system/activation/switchable-system.nix index d5bd8cc1dc115..d70fefd0920b4 100644 --- a/nixos/modules/system/activation/switchable-system.nix +++ b/nixos/modules/system/activation/switchable-system.nix @@ -4,52 +4,93 @@ let perlWrapped = pkgs.perl.withPackages (p: with p; [ ConfigIniFiles FileSlurp ]); + description = extra: '' + Whether to include the capability to switch configurations. + + Disabling this makes the system unable to be reconfigured via `nixos-rebuild`. + + ${extra} + ''; + in { - options = { - system.switch.enable = lib.mkOption { + options.system.switch = { + enable = lib.mkOption { type = lib.types.bool; default = true; - description = '' - Whether to include the capability to switch configurations. - - Disabling this makes the system unable to be reconfigured via `nixos-rebuild`. - + description = description '' This is good for image based appliances where updates are handled outside the image. Reducing features makes the image lighter and slightly more secure. ''; }; - }; - config = lib.mkIf config.system.switch.enable { - system.activatableSystemBuilderCommands = '' - mkdir $out/bin - substitute ${./switch-to-configuration.pl} $out/bin/switch-to-configuration \ - --subst-var out \ - --subst-var-by toplevel ''${!toplevelVar} \ - --subst-var-by coreutils "${pkgs.coreutils}" \ - --subst-var-by distroId ${lib.escapeShellArg config.system.nixos.distroId} \ - --subst-var-by installBootLoader ${lib.escapeShellArg config.system.build.installBootLoader} \ - --subst-var-by localeArchive "${config.i18n.glibcLocales}/lib/locale/locale-archive" \ - --subst-var-by perl "${perlWrapped}" \ - --subst-var-by shell "${pkgs.bash}/bin/sh" \ - --subst-var-by su "${pkgs.shadow.su}/bin/su" \ - --subst-var-by systemd "${config.systemd.package}" \ - --subst-var-by utillinux "${pkgs.util-linux}" \ - ; - - chmod +x $out/bin/switch-to-configuration - ${lib.optionalString (pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) '' - if ! output=$(${perlWrapped}/bin/perl -c $out/bin/switch-to-configuration 2>&1); then - echo "switch-to-configuration syntax is not valid:" - echo "$output" - exit 1 - fi - ''} - ''; + enableNg = lib.mkOption { + type = lib.types.bool; + default = false; + description = description '' + Whether to use `switch-to-configuration-ng`, an experimental + re-implementation of `switch-to-configuration` with the goal of + replacing the original. + ''; + }; }; + config = lib.mkMerge [ + { + assertions = [{ + assertion = with config.system.switch; enable -> !enableNg; + message = "Only one of system.switch.enable and system.switch.enableNg may be enabled at a time"; + }]; + } + (lib.mkIf config.system.switch.enable { + system.activatableSystemBuilderCommands = '' + mkdir $out/bin + substitute ${./switch-to-configuration.pl} $out/bin/switch-to-configuration \ + --subst-var out \ + --subst-var-by toplevel ''${!toplevelVar} \ + --subst-var-by coreutils "${pkgs.coreutils}" \ + --subst-var-by distroId ${lib.escapeShellArg config.system.nixos.distroId} \ + --subst-var-by installBootLoader ${lib.escapeShellArg config.system.build.installBootLoader} \ + --subst-var-by localeArchive "${config.i18n.glibcLocales}/lib/locale/locale-archive" \ + --subst-var-by perl "${perlWrapped}" \ + --subst-var-by shell "${pkgs.bash}/bin/sh" \ + --subst-var-by su "${pkgs.shadow.su}/bin/su" \ + --subst-var-by systemd "${config.systemd.package}" \ + --subst-var-by utillinux "${pkgs.util-linux}" \ + ; + + chmod +x $out/bin/switch-to-configuration + ${lib.optionalString (pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) '' + if ! output=$(${perlWrapped}/bin/perl -c $out/bin/switch-to-configuration 2>&1); then + echo "switch-to-configuration syntax is not valid:" + echo "$output" + exit 1 + fi + ''} + ''; + }) + (lib.mkIf config.system.switch.enableNg { + # Use a subshell so we can source makeWrapper's setup hook without + # affecting the rest of activatableSystemBuilderCommands. + system.activatableSystemBuilderCommands = '' + ( + source ${pkgs.buildPackages.makeWrapper}/nix-support/setup-hook + + mkdir $out/bin + ln -sf ${lib.getExe pkgs.switch-to-configuration-ng} $out/bin/switch-to-configuration + wrapProgram $out/bin/switch-to-configuration \ + --set OUT $out \ + --set TOPLEVEL ''${!toplevelVar} \ + --set DISTRO_ID ${lib.escapeShellArg config.system.nixos.distroId} \ + --set INSTALL_BOOTLOADER ${lib.escapeShellArg config.system.build.installBootLoader} \ + --set LOCALE_ARCHIVE ${config.i18n.glibcLocales}/lib/locale/locale-archive \ + --set SYSTEMD ${config.systemd.package} + ) + ''; + }) + ]; + } |