about summary refs log tree commit diff
path: root/nixos/modules/system
AgeCommit message (Collapse)AuthorFilesLines
2017-06-10nixos/bcache: /bin/sh -> ${bash}/bin/shBjørn Forsman1-1/+1
Or else `services.udev.packages = [ bcache-tools ]` cannot be used. To not break bcache in the initrd I'm modifying this in stage-1.nix: - --replace /bin/sh ${extraUtils}/bin/sh + --replace ${bash}/bin/sh ${extraUtils}/bin/sh Reasoning behind that change: * If not modifying the /bin/sh pattern in any way, it will also match ${bash}/bin/sh, creating a broken path like /nix/store/HASH-bash/nix/store/HASH-bash/bin/sh in the udev rule file. * The addition of /bin/sh was done in 775f381a9e34 ("stage-1: add bcache support"). It seems somewhat plausible that no new users have appeared since then and we can take this opportunity to back out of this change without much fear of regressions. If there _are_ regressions, they should be in the form of build time errors, not runtime (boot), due to how the udev rule output is checked for invalid path references. So low risk, IMHO. * An alternative approach could be to copy the /bin/sh substitute rule over to the non-initrd udev rules implementation in NixOS, but I think this way is better: - The rules file comes with a working path out of the box. - We can use more precise pattern matching when modifying the udev rules for the initrd.
2017-06-10nixos: Add support for scalable fonts in Grub menus (#26227)Benjamin Staffin2-2/+34
The default font is unreadably small on some hidpi displays. This makes it possible to specify a TrueType or OpenType font at any point size, and it will automatically be converted to the format the Grub uses.
2017-05-27systemd-nspawn: relax PrivateUsers checkJörg Thalheim1-1/+0
this options allows two colon-separated number as value, for instances which is quite difficult to check.
2017-05-27systemd-nspawn: fixes evaluation errorJörg Thalheim1-12/+13
fixes #25097
2017-05-23services.logind: add options for lid-switch behaviorMaximilian Bosch1-0/+28
2017-05-20systemd-nspawn: add NotifyRead fixupJörg Thalheim1-1/+1
2017-05-20systemd-nspawn: add NotifyRead optionJörg Thalheim1-2/+3
2017-05-16nixos/luks: Silence killall complain about non-existing cryptsetup processesRickard Nilsson1-1/+1
2017-05-10systemd-boot: document reasoning behind syncfs(2)Jörg Thalheim1-0/+4
2017-05-09systemd-boot: sync efi filesystem after updateJörg Thalheim1-0/+7
Since fat32 provides little recovery facilities after a crash, it can leave the system in an unbootable state, when a crash/outage happens shortly after an update. To decrease the likelihood of this event sync the efi filesystem after each update.
2017-04-30Merge pull request #25005 from Lassulus/copytoramJörg Thalheim1-0/+19
nixos/stage1: add copytoram support
2017-04-28nixos/stage1: add copytoram supportlassulus1-0/+19
2017-04-25nixos/grub: Add another example for extraEntriesaszlig1-0/+6
Someone on IRC wanted to boot Fedora from another disk. While I'm not too familiar with UEFI booting in conjunction with GRUB2 it took some time to get it to work. So in order to safe others from frustration I'm adding this as another example to the extraEntries option. Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-04-20nixos/systemd-boot-builder: Don't write .pyc filesaszlig1-1/+1
This has surfaced since d990aa716327abb018e8352dcf7ba2fcfb4fc34c. The "simpleUefiGummiboot" installer test fails since this commit, because that commit introduced a small check to verify whether the store was altered. While installing NixOS for the first time, the store is usually in /mnt/nix/store and without the read-only bind mount that's preventing programs from altering the store. So after nixos-install is done creating the system closure and setting it as the active system profile, the bootloader is written from the closure inside the chroot. The systemd-boot-builder is invoked during this step, which adds .pyc files for various Python modules of the Python 3 store path, which in turn invalidates the hash of the Python 3 store path itself. At the time the system is booted up again, the nix-store is verified and fails with something like this: path /nix/store/zvm545rqc4d97caqq9h7344bnd06jhzb-python3-3.5.3 was modified! expected hash b2c975f4b8d197443fbb09690fb3f6545e165dd44c9309d7d6df2fce0579ebeb, got bccca19f39c9d26d857ccf1fb72818b2b817967e6d497a25a1283e36ed0acf01 Running the interpreter with the -B argument prevents Python from writing those byte code files: https://docs.python.org/3/using/cmdline.html#cmdoption-B Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-04-18Revert "grub module: fix efiInstallAsRemovable description"Vladimír Čunát1-2/+2
This reverts commit c2b56626f1a872d06642777193b72d6473c8b97c. It broke creating the manual. I suspect the descriptions are auto-wrapped by <para> and </para>. We've been through this already in 3af715af90. /cc #24978, @zraexy, @Mic92.
2017-04-17grub module: fix efiInstallAsRemovable descriptionzraexy1-2/+2
2017-04-12nixos: escape brackets in systemd unitsDomen Kožar1-1/+1
One day we should just whitelist instead of blacklist chars. Fixes https://github.com/NixOS/nixops/issues/614
2017-04-08Merge pull request #24645 from Mic92/stage-2Jörg Thalheim3-78/+29
Stage-2 cleanup
2017-04-05stage-2: shellsheck recommendationsJörg Thalheim1-3/+3
2017-04-05stage-2: reduce mkdir commandsJörg Thalheim1-10/+3
2017-04-05luksroot: Wait for the header (device) to appearMichael Weiss1-21/+30
The LUKS header can be on another device (e.g. a USB stick). In my case it can take up to two seconds until the partition on my USB stick is available (i.e. the decryption fails without this patch). This will also remove some redundancy by providing the shell function `wait_target` and slightly improve the output (one "." per second and a success/failure indication after 10 seconds instead of always printing "ok").
2017-04-05stage-2: process options as first actionJörg Thalheim1-15/+15
this way `set -x` is set early
2017-04-05stage-2: replace readonly-mountpoint by findmntJörg Thalheim3-32/+5
2017-04-05stage-2: simplify exporting pathJörg Thalheim2-21/+6
2017-04-04Allow systemd-fsck@.service to find fsck.*Eelco Dolstra1-0/+1
Fixes "fsck.ext4 doesn't exist, not checking file system on ...".
2017-04-04Don't restart systemd-fsck@ unitsEelco Dolstra1-1/+1
Restarting them is useless since the filesystem is already checked. Worse, restarting them causes the filesystem to be unmounted. Also remove an override for systemd-rkill@.service which no longer exists.
2017-04-02initrd-ssh: Use initrd secrets for host keysShea Levy1-16/+17
2017-04-02systemd-boot: Support initrd secretsShea Levy2-1/+11
2017-04-02Add facility to append secrets to the initrdShea Levy3-3/+100
2017-03-23grub module: fix useOSProber when installing grub as EFISymphorien Gibol1-30/+32
2017-03-21nixos/treewide: systemd.time is in manvolume 7Franz Pletz1-3/+3
cc #23396
2017-03-17nixos/treewide: remove boolean examples for optionsFranz Pletz1-1/+0
They contain no useful information and increase the length of the autogenerated options documentation. See discussion in #18816.
2017-03-11ykpers: consolidate into yubikey-personalizationBenjamin Staffin1-2/+2
Looks like this accidentally got packaged twice.
2017-03-03nixos-rebuild: Sync /nix/store onlyEelco Dolstra1-1/+1
We only care about /nix/store because its contents might be out of sync with /nix/var/nix/db. Syncing other filesystems might cause unnecessary delays or hangs (e.g. I encountered a case where an NFS mount was taking a very long time to sync).
2017-02-23dhcpcd service: fix network-online.target integrationFranz Pletz1-0/+1
When dhcpcd instead of networkd is used, the network-online.target behaved the same as network.target, resulting in broken services that need a working network connectivity when being started. This commit makes dhcpcd wait for a lease and makes it wanted by network-online.target. In turn, network-online.target is now wanted by multi-user.target, so it will be activated at every boot.
2017-02-20systemd: Properly escape environment options.Kevin Cox1-1/+1
Using toJSON on a string value works because the allowed JSON escape sequences is almost a subset of the systemd allowed escape sequences. The only exception is `\/` which JSON allows but systemd doesn't. Luckily this sequence isn't required and toJSON don't produce it making the result valid for systemd consumption. Examples of things that this fixes are environment variables with double quotes or newlines.
2017-02-20Merge pull request #22941 from mayflower/systemd-tmpfilesRobin Gloster1-0/+4
systemd: setup tmpfiles on switching configuration
2017-02-20systemd-boot: Unlink loader.conf if it existsaszlig1-0/+4
Since systemd version 232 the install subcommand of bootctl opens the loader.conf with fopen() modes "wxe", where the "e" stands for exclusive, so the call will fail if the file exists. For installing the boot loader just once this is fine, but if we're using NIXOS_INSTALL_BOOTLOADER on a systemd where the bootloader is already present this will fail. Exactly this is done within the simpleUefiGummiboot installer test, where nixos-install is called twice and thus the bootloader is also installed twice, resulting in an error during the fopen call: Failed to open loader.conf for writing: File exists Removing the file prior to calling bootctl should fix this. I've tested this using the installer.simpleUefiGummiboot test and it now succeeds. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @edolstra, @shlevy, @mic92 Fixes: #22925
2017-02-20systemd-boot: Make sure /etc/machine-id existsaszlig1-7/+12
This leads to the following error when trying to install a new machine where the machine ID wasn't yet initialized during boot: Failed to get machine did: No such file or directory In addition this was also detected by the simpleUefiGummiboot installer test. So let's generate a fallback machine ID by using systemd-machine-id-setup before actually running bootctl. Tested this by running the installer.simpleUefiGummiboot test, it still fails but not because of the machine ID. Signed-off-by: aszlig <aszlig@redmoonstudios.org> Cc: @edolstra, @shlevy, @mic92 Fixes: #22561
2017-02-20Merge pull request #22969 from symphorien/extrainitrdFranz Pletz2-1/+28
grub module: add extraInitrd option
2017-02-19grub module: add extraInitrd optionSymphorien Gibol2-1/+28
2017-02-18systemd: setup tmpfiles on switching configurationRobin Gloster1-0/+4
This fixes systemd.tmpfiles.rules on switching configuration so that does not only get applied on a fresh boot. This e.g. fixes kubernetes.
2017-02-18fix comments about nixos-hardware-scanBrice Waegeneire1-1/+1
It has been renamed to nixos-generate-config in 3ed4173
2017-02-17activation-script service: add utillinux to pathNikolay Amiantov1-2/+3
2017-02-16networking.networkd: adjust autmatic mapping of bondsProfpatsch1-1/+1
Since the bonds interface changed to a lot more possible values we create a mapping of kernel bond attribute names and values to networkd attributes. Those match for the most part, but have to transformed slightly. There is also an assert that unknown options won’t slip through silently.
2017-02-13grub: fix capitalisationRobin Gloster1-1/+1
Missed this occurence while renaming the option
2017-02-13grub: add grub.useOSProber option (#22558)symphorien2-3/+20
2017-02-12nixos top-level: Add 'dtbs' symlink when kernel uses device treesTuomas Tynkkynen1-0/+3
Currently e.g. extlinux-conf-builder.sh uses `readlink -m "$toplevel/kernel/../dtbs"` to figure out the directory. That is obscenely ugly.
2017-02-12Merge pull request #22677 from grahamc/drop-kdm-kde4-modulesGraham Christensen1-2/+0
Drop kdm and kde4 modules
2017-02-12raspberryPi boot loader: don't remove xx-initrd filesRicardo M. Correia1-1/+1
The Raspberry Pi boot loader was deleting all xx-initrd text files (which simply contain the path to the actual initrd files) just after having created them. The code was actually trying to delete real, obsolete initrd files, which are named <hash>-initrd-initrd (after path cleaning), but the glob was catching the other files as well.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-08-23 20:44:06 +0000