Merge remote-tracking branch 'NixOS/master' into staging

This commit is contained in:
Matthew Bauer 2019-02-24 18:54:32 -05:00
commit 73061742af
472 changed files with 7750 additions and 2673 deletions

View File

@ -16,6 +16,7 @@
<xi:include href="functions/fhs-environments.xml" />
<xi:include href="functions/shell.xml" />
<xi:include href="functions/dockertools.xml" />
<xi:include href="functions/appimagetools.xml" />
<xi:include href="functions/prefer-remote-fetch.xml" />
<xi:include href="functions/nix-gitignore.xml" />
</chapter>

View File

@ -0,0 +1,121 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xml:id="sec-pkgs-appimageTools">
<title>pkgs.appimageTools</title>
<para>
<varname>pkgs.appimageTools</varname> is a set of functions for extracting and wrapping
<link xlink:href="https://appimage.org/">AppImage</link> files.
They are meant to be used if traditional packaging from source is infeasible, or it would take too long.
To quickly run an AppImage file, <literal>pkgs.appimage-run</literal> can be used as well.
</para>
<warning>
<para>
The <varname>appimageTools</varname> API is unstable and may be subject to
backwards-incompatible changes in the future.
</para>
</warning>
<section xml:id="ssec-pkgs-appimageTools-formats">
<title>AppImage formats</title>
<para>
There are different formats for AppImages, see
<link xlink:href="https://github.com/AppImage/AppImageSpec/blob/74ad9ca2f94bf864a4a0dac1f369dd4f00bd1c28/draft.md#image-format">the specification</link> for details.
</para>
<itemizedlist>
<listitem>
<para>
Type 1 images are ISO 9660 files that are also ELF executables.
</para>
</listitem>
<listitem>
<para>
Type 2 images are ELF executables with an appended filesystem.
</para>
</listitem>
</itemizedlist>
<para>
They can be told apart with <command>file -k</command>:
</para>
<screen>
<prompt>$ </prompt>file -k type1.AppImage
type1.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) ISO 9660 CD-ROM filesystem data 'AppImage' (Lepton 3.x), scale 0-0,
spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 0.000000, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=d629f6099d2344ad82818172add1d38c5e11bc6d, stripped\012- data
<prompt>$ </prompt>file -k type2.AppImage
type2.AppImage: ELF 64-bit LSB executable, x86-64, version 1 (SYSV) (Lepton 3.x), scale 232-60668, spot sensor temperature -4.187500, color scheme 15, show scale bar, calibration: offset -0.000000, slope 0.000000 (Lepton 2.x), scale 4111-45000, spot sensor temperature 412442.250000, color scheme 3, minimum point enabled, calibration: offset -75402534979642766821519867692934234112.000000, slope 5815371847733706829839455140374904832.000000, dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=79dcc4e55a61c293c5e19edbd8d65b202842579f, stripped\012- data
</screen>
<para>
Note how the type 1 AppImage is described as an <literal>ISO 9660 CD-ROM filesystem</literal>, and the type 2 AppImage is not.
</para>
</section>
<section xml:id="ssec-pkgs-appimageTools-wrapping">
<title>Wrapping</title>
<para>
Depending on the type of AppImage you're wrapping, you'll have to use
<varname>wrapType1</varname> or <varname>wrapType2</varname>.
</para>
<programlisting>
appimageTools.wrapType2 { # or wrapType1
name = "patchwork"; <co xml:id='ex-appimageTools-wrapping-1' />
src = fetchurl { <co xml:id='ex-appimageTools-wrapping-2' />
url = https://github.com/ssbc/patchwork/releases/download/v3.11.4/Patchwork-3.11.4-linux-x86_64.AppImage;
sha256 = "1blsprpkvm0ws9b96gb36f0rbf8f5jgmw4x6dsb1kswr4ysf591s";
};
extraPkgs = pkgs: with pkgs; [ ]; <co xml:id='ex-appimageTools-wrapping-3' />
}</programlisting>
<calloutlist>
<callout arearefs='ex-appimageTools-wrapping-1'>
<para>
<varname>name</varname> specifies the name of the resulting image.
</para>
</callout>
<callout arearefs='ex-appimageTools-wrapping-2'>
<para>
<varname>src</varname> specifies the AppImage file to extract.
</para>
</callout>
<callout arearefs='ex-appimageTools-wrapping-2'>
<para>
<varname>extraPkgs</varname> allows you to pass a function to include additional packages
inside the FHS environment your AppImage is going to run in.
There are a few ways to learn which dependencies an application needs:
<itemizedlist>
<listitem>
<para>
Looking through the extracted AppImage files, reading its scripts and running <command>patchelf</command> and <command>ldd</command> on its executables.
This can also be done in <command>appimage-run</command>, by setting <command>APPIMAGE_DEBUG_EXEC=bash</command>.
</para>
</listitem>
<listitem>
<para>
Running <command>strace -vfefile</command> on the wrapped executable, looking for libraries that can't be found.
</para>
</listitem>
</itemizedlist>
</para>
</callout>
</calloutlist>
</section>
</section>

View File

@ -109,7 +109,7 @@ let
mkFixStrictness mkOrder mkBefore mkAfter mkAliasDefinitions
mkAliasAndWrapDefinitions fixMergeModules mkRemovedOptionModule
mkRenamedOptionModule mkMergedOptionModule mkChangedOptionModule
mkAliasOptionModule mkAliasOptionModuleWithPriority doRename filterModules;
mkAliasOptionModule doRename filterModules;
inherit (options) isOption mkEnableOption mkSinkUndeclaredOptions
mergeDefaultOption mergeOneOption mergeEqualOption getValues
getFiles optionAttrSetToDocList optionAttrSetToDocList'

View File

@ -561,6 +561,11 @@ lib.mapAttrs (n: v: v // { shortName = n; }) rec {
fullName = "OpenSSL License";
};
osl2 = spdx {
spdxId = "OSL-2.0";
fullName = "Open Software License 2.0";
};
osl21 = spdx {
spdxId = "OSL-2.1";
fullName = "Open Software License 2.1";

View File

@ -596,6 +596,9 @@ rec {
forwards any definitions of boot.copyKernels to
boot.loader.grub.copyKernels while printing a warning.
This also copies over the priority from the aliased option to the
non-aliased option.
*/
mkRenamedOptionModule = from: to: doRename {
inherit from to;
@ -690,16 +693,7 @@ rec {
use = id;
};
/* Like mkAliasOptionModule, but copy over the priority of the option as well. */
mkAliasOptionModuleWithPriority = from: to: doRename {
inherit from to;
visible = true;
warn = false;
use = id;
withPriority = true;
};
doRename = { from, to, visible, warn, use, withPriority ? false }:
doRename = { from, to, visible, warn, use, withPriority ? true }:
{ config, options, ... }:
let
fromOpt = getAttrFromPath from options;

View File

@ -149,7 +149,7 @@ checkConfigOutput "1 2 3 4 5 6 7 8 9 10" config.result ./loaOf-with-long-list.ni
# Check loaOf with many merges of lists.
checkConfigOutput "1 2 3 4 5 6 7 8 9 10" config.result ./loaOf-with-many-list-merges.nix
# Check mkAliasOptionModuleWithPriority.
# Check mkAliasOptionModule.
checkConfigOutput "true" config.enable ./alias-with-priority.nix
checkConfigOutput "true" config.enableAlias ./alias-with-priority.nix
checkConfigOutput "false" config.enable ./alias-with-priority-can-override.nix

View File

@ -1,5 +1,8 @@
# This is a test to show that mkAliasOptionModule sets the priority correctly
# for aliased options.
#
# This test shows that an alias with a high priority is able to override
# a non-aliased option.
{ config, lib, ... }:
@ -32,10 +35,10 @@ with lib;
imports = [
# Create an alias for the "enable" option.
(mkAliasOptionModuleWithPriority [ "enableAlias" ] [ "enable" ])
(mkAliasOptionModule [ "enableAlias" ] [ "enable" ])
# Disable the aliased option, but with a default (low) priority so it
# should be able to be overridden by the next import.
# Disable the aliased option with a high priority so it
# should override the next import.
( { config, lib, ... }:
{
enableAlias = lib.mkForce false;

View File

@ -1,5 +1,8 @@
# This is a test to show that mkAliasOptionModule sets the priority correctly
# for aliased options.
#
# This test shows that an alias with a low priority is able to be overridden
# with a non-aliased option.
{ config, lib, ... }:
@ -32,7 +35,7 @@ with lib;
imports = [
# Create an alias for the "enable" option.
(mkAliasOptionModuleWithPriority [ "enableAlias" ] [ "enable" ])
(mkAliasOptionModule [ "enableAlias" ] [ "enable" ])
# Disable the aliased option, but with a default (low) priority so it
# should be able to be overridden by the next import.

View File

@ -817,6 +817,11 @@
github = "cdepillabout";
name = "Dennis Gosnell";
};
ceedubs = {
email = "ceedubs@gmail.com";
github = "ceedubs";
name = "Cody Allen";
};
cfouche = {
email = "chaddai.fouche@gmail.com";
github = "Chaddai";
@ -4308,6 +4313,15 @@
github = "sleexyz";
name = "Sean Lee";
};
smakarov = {
email = "setser200018@gmail.com";
github = "setser";
name = "Sergey Makarov";
keys = [{
longkeyid = "rsa2048/6AA23A1193B7064B";
fingerprint = "6F8A 18AE 4101 103F 3C54 24B9 6AA2 3A11 93B7 064B";
}];
};
smaret = {
email = "sebastien.maret@icloud.com";
github = "smaret";
@ -4881,9 +4895,13 @@
name = "Vincent Bernardoff";
};
vcunat = {
email = "vcunat@gmail.com";
github = "vcunat";
name = "Vladimír Čunát";
email = "v@cunat.cz"; # vcunat@gmail.com predominated in commits before 2019/03
github = "vcunat";
keys = [{
longkeyid = "rsa4096/0xE747DF1F9575A3AA";
fingerprint = "B600 6460 B60A 80E7 8206 2449 E747 DF1F 9575 A3AA";
}];
};
vdemeester = {
email = "vincent@sbr.pm";
@ -5006,6 +5024,11 @@
email = "windenntw@gmail.com";
name = "Antonio Vargas Gonzalez";
};
winpat = {
email = "patrickwinter@posteo.ch";
github = "winpat";
name = "Patrick Winter";
};
wizeman = {
email = "rcorreia@wizy.org";
github = "wizeman";

View File

@ -54,6 +54,8 @@
</itemizedlist>
<para>to <literal>false</literal> and enable your preferred display manager.</para>
</note>
</listitem>
<listitem>
<para>
A major refactoring of the Kubernetes module has been completed.
Refactorings primarily focus on decoupling components and enhancing
@ -91,6 +93,18 @@
in <literal>nixos/modules/virtualisation/google-compute-config.nix</literal>.
</para>
</listitem>
<listitem>
<para>
<literal>./services/misc/beanstalkd.nix</literal>
</para>
</listitem>
<listitem>
<para>
There is a new <varname>services.cockroachdb</varname> module for running
CockroachDB databases. NixOS now ships with CockroachDB 2.1.x as well, available
on <literal>x86_64-linux</literal> and <literal>aarch64-linux</literal>.
</para>
</listitem>
</itemizedlist>
</section>
@ -543,6 +557,20 @@
use <literal>nixos-rebuild boot; reboot</literal>.
</para>
</listitem>
<listitem>
<para>
Symlinks in <filename>/etc</filename> (except <filename>/etc/static</filename>)
are now relative instead of absolute. This makes possible to examine
NixOS container's <filename>/etc</filename> directory from host system
(previously it pointed to host <filename>/etc</filename> when viewed from host,
and to container <filename>/etc</filename> when viewed from container chroot).
</para>
<para>
This also makes <filename>/etc/os-release</filename> adhere to
<link xlink:href="https://www.freedesktop.org/software/systemd/man/os-release.html">the standard</link>
for NixOS containers.
</para>
</listitem>
<listitem>
<para>
Flat volumes are now disabled by default in <literal>hardware.pulseaudio</literal>.
@ -613,6 +641,29 @@
<varname>environment.systemPackages</varname> implicitly.
</para>
</listitem>
<listitem>
<para>
The <literal>intel</literal> driver has been removed from the default list of
<link linkend="opt-services.xserver.videoDrivers">X.org video drivers</link>.
The <literal>modesetting</literal> driver should take over automatically,
it is better maintained upstream and has less problems with advanced X11 features.
This can lead to a change in the output names used by <literal>xrandr</literal>.
Some performance regressions on some GPU models might happen.
Some OpenCL and VA-API applications might also break
(Beignet seems to provide OpenCL support with
<literal>modesetting</literal> driver, too).
Users who need this functionality more than multi-output XRandR are advised
to add `intel` to `videoDrivers` and report an issue (or provide additional
details in an existing one)
</para>
</listitem>
<listitem>
<para>
Openmpi has been updated to version 4.0.0, which removes some deprecated MPI-1 symbols.
This may break some older applications that still rely on those symbols.
An upgrade guide can be found <link xlink:href="https://www.open-mpi.org/faq/?category=mpi-removed">here</link>.
</para>
</listitem>
</itemizedlist>
</section>
</section>

View File

@ -0,0 +1,23 @@
# nix-build '<nixpkgs/nixos>' -A config.system.build.cloudstackImage --arg configuration "{ imports = [ ./nixos/maintainers/scripts/cloudstack/cloudstack-image.nix ]; }"
{ config, lib, pkgs, ... }:
with lib;
{
imports =
[ ../../../modules/virtualisation/cloudstack-config.nix ];
system.build.cloudstackImage = import ../../../lib/make-disk-image.nix {
inherit lib config pkgs;
diskSize = 8192;
format = "qcow2";
configFile = pkgs.writeText "configuration.nix"
''
{
imports = [ <nixpkgs/nixos/modules/virtualisation/cloudstack-config.nix> ];
}
'';
};
}

View File

@ -55,7 +55,9 @@ let
localConf = pkgs.writeText "fc-local.conf" cfg.localConf;
# The configuration to be included in /etc/font/
penultimateConf = pkgs.runCommand "font-penultimate-conf" {} ''
penultimateConf = pkgs.runCommand "font-penultimate-conf" {
preferLocalBuild = true;
} ''
support_folder=$out/etc/fonts/conf.d
latest_folder=$out/etc/fonts/${latestVersion}/conf.d

View File

@ -7,7 +7,7 @@ let cfg = config.fonts.fontconfig.ultimate;
latestVersion = pkgs.fontconfig.configVersion;
# The configuration to be included in /etc/font/
confPkg = pkgs.runCommand "font-ultimate-conf" {} ''
confPkg = pkgs.runCommand "font-ultimate-conf" { preferLocalBuild = true; } ''
support_folder=$out/etc/fonts/conf.d
latest_folder=$out/etc/fonts/${latestVersion}/conf.d

View File

@ -190,7 +190,7 @@ let cfg = config.fonts.fontconfig;
'';
# fontconfig configuration package
confPkg = pkgs.runCommand "fontconfig-conf" {} ''
confPkg = pkgs.runCommand "fontconfig-conf" { preferLocalBuild = true; } ''
support_folder=$out/etc/fonts
latest_folder=$out/etc/fonts/${latestVersion}

View File

@ -4,7 +4,7 @@ with lib;
let
x11Fonts = pkgs.runCommand "X11-fonts" { } ''
x11Fonts = pkgs.runCommand "X11-fonts" { preferLocalBuild = true; } ''
mkdir -p "$out/share/X11-fonts"
find ${toString config.fonts.fonts} \
\( -name fonts.dir -o -name '*.ttf' -o -name '*.otf' \) \

View File

@ -61,6 +61,15 @@ in {
};
};
system.nssHosts = mkOption {
type = types.listOf types.str;
default = [];
example = [ "mdns" ];
description = ''
List of host entries to configure in <filename>/etc/nsswitch.conf</filename>.
'';
};
};
config = {
@ -85,7 +94,7 @@ in {
group: ${concatStringsSep " " passwdArray}
shadow: ${concatStringsSep " " shadowArray}
hosts: ${concatStringsSep " " hostArray}
hosts: ${concatStringsSep " " config.system.nssHosts}
networks: files
ethers: files
@ -94,6 +103,8 @@ in {
rpc: files
'';
system.nssHosts = hostArray;
# Systemd provides nss-myhostname to ensure that our hostname
# always resolves to a valid IP address. It returns all locally
# configured IP addresses, or ::1 and 127.0.0.2 as

View File

@ -0,0 +1,24 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hardware.acpilight;
in
{
options = {
hardware.acpilight = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Enable acpilight.
This will allow brightness control via xbacklight from users in the video group
'';
};
};
};
config = mkIf cfg.enable {
services.udev.packages = with pkgs; [ acpilight ];
};
}

View File

@ -0,0 +1,14 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.hardware.ledger;
in {
options.hardware.ledger.enable = mkEnableOption "udev rules for Ledger devices";
config = mkIf cfg.enable {
services.udev.packages = [ pkgs.ledger-udev-rules ];
};
}

View File

@ -29,6 +29,7 @@ runCommand "uvcdynctrl-udev-rules-${version}"
];
dontPatchELF = true;
dontStrip = true;
preferLocalBuild = true;
}
''
mkdir -p "$out/lib/udev"

View File

@ -13,7 +13,7 @@ let
# user, as expected by nixos-rebuild/nixos-install. FIXME: merge
# with make-channel.nix.
channelSources = pkgs.runCommand "nixos-${config.system.nixos.version}"
{ }
{ preferLocalBuild = true; }
''
mkdir -p $out
cp -prd ${nixpkgs.outPath} $out/nixos

View File

@ -31,6 +31,10 @@ with lib;
# there is no power management backend such as upower).
powerManagement.enable = true;
# Enable sound in graphical iso's.
hardware.pulseaudio.enable = true;
hardware.pulseaudio.systemWide = true; # Needed since we run plasma as root.
environment.systemPackages = [
# Include gparted for partitioning disks.
pkgs.gparted

View File

@ -272,7 +272,7 @@
nzbget = 245;
mosquitto = 246;
toxvpn = 247;
squeezelite = 248;
# squeezelite = 248; # DynamicUser = true
turnserver = 249;
smokeping = 250;
gocd-agent = 251;

View File

@ -44,6 +44,7 @@
./hardware/digitalbitbox.nix
./hardware/sensor/iio.nix
./hardware/ksm.nix
./hardware/ledger.nix
./hardware/mcelog.nix
./hardware/network/b43.nix
./hardware/nitrokey.nix
@ -361,6 +362,7 @@
./services/misc/apache-kafka.nix
./services/misc/autofs.nix
./services/misc/autorandr.nix
./services/misc/beanstalkd.nix
./services/misc/bees.nix
./services/misc/bepasty.nix
./services/misc/canto-daemon.nix

View File

@ -14,5 +14,9 @@
libinput.enable = true; # for touchpad support on many laptops
};
# Enable sound in virtualbox appliances.
hardware.pulseaudio.enable = true;
hardware.pulseaudio.systemWide = true; # Needed since we run plasma as root.
environment.systemPackages = [ pkgs.glxinfo pkgs.firefox ];
}

View File

@ -25,7 +25,7 @@ let
'';
lessKey = pkgs.runCommand "lesskey"
{ src = pkgs.writeText "lessconfig" configText; }
{ src = pkgs.writeText "lessconfig" configText; preferLocalBuild = true; }
"${pkgs.less}/bin/lesskey -o $out $src";
in

View File

@ -14,6 +14,7 @@ let
{ files =
cfg.certificateFiles ++
[ (builtins.toFile "extra.crt" (concatStringsSep "\n" cfg.certificates)) ];
preferLocalBuild = true;
}
''
cat $files > $out

View File

@ -215,7 +215,10 @@ in
environment.etc = singleton
{ source =
pkgs.runCommand "sudoers"
{ src = pkgs.writeText "sudoers-in" cfg.configFile; }
{
src = pkgs.writeText "sudoers-in" cfg.configFile;
preferLocalBuild = true;
}
# Make sure that the sudoers file is syntactically valid.
# (currently disabled - NIXOS-66)
"${pkgs.buildPackages.sudo}/sbin/visudo -f $src -c && cp $src $out";

View File

@ -3,8 +3,7 @@
with lib;
let
uid = config.ids.uids.squeezelite;
dataDir = "/var/lib/squeezelite";
cfg = config.services.squeezelite;
in {
@ -17,14 +16,6 @@ in {
enable = mkEnableOption "Squeezelite, a software Squeezebox emulator";
dataDir = mkOption {
default = "/var/lib/squeezelite";
type = types.str;
description = ''
The directory where Squeezelite stores its name file.
'';
};
extraArguments = mkOption {
default = "";
type = types.str;
@ -46,22 +37,14 @@ in {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "sound.target" ];
description = "Software Squeezebox emulator";
preStart = "mkdir -p ${cfg.dataDir} && chown -R squeezelite ${cfg.dataDir}";
serviceConfig = {
ExecStart = "${pkgs.squeezelite}/bin/squeezelite -N ${cfg.dataDir}/player-name ${cfg.extraArguments}";
User = "squeezelite";
PermissionsStartOnly = true;
DynamicUser = true;
ExecStart = "${pkgs.squeezelite}/bin/squeezelite -N ${dataDir}/player-name ${cfg.extraArguments}";
StateDirectory = builtins.baseNameOf dataDir;
SupplementaryGroups = "audio";
};
};
users.users.squeezelite= {
inherit uid;
group = "nogroup";
extraGroups = [ "audio" ];
description = "Squeezelite user";
home = "${cfg.dataDir}";
};
};
}

View File

@ -64,6 +64,8 @@ in
${cfg.extraOpts}
'';
WorkingDirectory = top.dataDir;
Restart = "on-failure";
RestartSec = 5;
};
};

View File

@ -76,6 +76,8 @@ in
WorkingDirectory = top.dataDir;
User = "kubernetes";
Group = "kubernetes";
Restart = "on-failure";
RestartSec = 5;
};
};

View File

@ -24,7 +24,7 @@ let
EOF
chmod 755 $out/${name}
'';
in pkgs.runCommand "buildkite-agent-hooks" {} ''
in pkgs.runCommand "buildkite-agent-hooks" { preferLocalBuild = true; } ''
mkdir $out
${concatStringsSep "\n" (mapAttrsToList mkHookEntry (filterAttrs (n: v: v != null) cfg.hooks))}
'';

View File

@ -8,6 +8,7 @@ let
if (cfg.configFile == null) then
(pkgs.runCommand "config.toml" {
buildInputs = [ pkgs.remarshal ];
preferLocalBuild = true;
} ''
remarshal -if json -of toml \
< ${pkgs.writeText "config.json" (builtins.toJSON cfg.configOptions)} \

View File

@ -18,7 +18,7 @@ let
</configuration>
'';
configDir = pkgs.runCommand "hbase-config-dir" {} ''
configDir = pkgs.runCommand "hbase-config-dir" { preferLocalBuild = true; } ''
mkdir -p $out
cp ${cfg.package}/conf/* $out/
rm $out/hbase-site.xml

View File

@ -98,6 +98,7 @@ let
configFile = pkgs.runCommand "config.toml" {
buildInputs = [ pkgs.remarshal ];
preferLocalBuild = true;
} ''
remarshal -if json -of toml \
< ${pkgs.writeText "config.json" (builtins.toJSON configOptions)} \

View File

@ -21,7 +21,7 @@ let
};
};
acpiConfDir = pkgs.runCommand "acpi-events" {}
acpiConfDir = pkgs.runCommand "acpi-events" { preferLocalBuild = true; }
''
mkdir -p $out
${

View File

@ -17,6 +17,7 @@ tlp = pkgs.tlp.override {
confFile = pkgs.runCommand "tlp"
{ config = cfg.extraConfig;
passAsFile = [ "config" ];
preferLocalBuild = true;
}
''
cat ${tlp}/etc/default/tlp > $out

View File

@ -5,7 +5,7 @@ with lib;
let
cfg = config.services.logcheck;
defaultRules = pkgs.runCommand "logcheck-default-rules" {} ''
defaultRules = pkgs.runCommand "logcheck-default-rules" { preferLocalBuild = true; } ''
cp -prd ${pkgs.logcheck}/etc/logcheck $out
chmod u+w $out
rm -r $out/logcheck.*

View File

@ -27,7 +27,10 @@ let
logstashSettingsYml = pkgs.writeText "logstash.yml" cfg.extraSettings;
logstashSettingsDir = pkgs.runCommand "logstash-settings" {inherit logstashSettingsYml;} ''
logstashSettingsDir = pkgs.runCommand "logstash-settings" {
inherit logstashSettingsYml;
preferLocalBuild = true;
} ''
mkdir -p $out
ln -s $logstashSettingsYml $out/logstash.yml
'';

View File

@ -8,7 +8,7 @@ let
conf = pkgs.writeText "smtpd.conf" cfg.serverConfiguration;
args = concatStringsSep " " cfg.extraServerArgs;
sendmail = pkgs.runCommand "opensmtpd-sendmail" {} ''
sendmail = pkgs.runCommand "opensmtpd-sendmail" { preferLocalBuild = true; } ''
mkdir -p $out/bin
ln -s ${cfg.package}/sbin/smtpctl $out/bin/sendmail
'';

View File

@ -0,0 +1,52 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.beanstalkd;
pkg = pkgs.beanstalkd;
in
{
# interface
options = {
services.beanstalkd = {
enable = mkEnableOption "Enable the Beanstalk work queue.";
listen = {
port = mkOption {
type = types.int;
description = "TCP port that will be used to accept client connections.";
default = 11300;
};
address = mkOption {
type = types.str;
description = "IP address to listen on.";
default = "127.0.0.1";
example = "0.0.0.0";
};
};
};
};
# implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkg ];
systemd.services.beanstalkd = {
description = "Beanstalk Work Queue";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = true;
Restart = "always";
ExecStart = "${pkg}/bin/beanstalkd -l ${cfg.listen.address} -p ${toString cfg.listen.port}";
};
};
};
}

View File

@ -110,7 +110,7 @@ in
config = mkIf cfg.enable (
let
manageGitoliteRc = cfg.extraGitoliteRc != "";
rcDir = pkgs.runCommand "gitolite-rc" { } rcDirScript;
rcDir = pkgs.runCommand "gitolite-rc" { preferLocalBuild = true; } rcDirScript;
rcDirScript =
''
mkdir "$out"

View File

@ -19,7 +19,7 @@ let
${pkgs.remarshal}/bin/json2yaml -i ${lovelaceConfigJSON} -o $out
'';
availableComponents = pkgs.home-assistant.availableComponents;
availableComponents = cfg.package.availableComponents;
# Given component "parentConfig.platform", returns whether config.parentConfig
# is a list containing a set with set.platform == "platform".

View File

@ -651,16 +651,12 @@ in {
services.postgresql.enable = mkIf usePostgresql (mkDefault true);
systemd.services.matrix-synapse =
let
python = (pkgs.python3.withPackages (ps: with ps; [ (ps.toPythonModule cfg.package) ]));
in
{
systemd.services.matrix-synapse = {
description = "Synapse Matrix homeserver";
after = [ "network.target" "postgresql.service" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
${python.interpreter} -m synapse.app.homeserver \
${cfg.package}/bin/homeserver \
--config-path ${configFile} \
--keys-directory ${cfg.dataDir} \
--generate-keys
@ -691,7 +687,7 @@ in {
WorkingDirectory = cfg.dataDir;
PermissionsStartOnly = true;
ExecStart = ''
${python.interpreter} -m synapse.app.homeserver \
${cfg.package}/bin/homeserver \
${ concatMapStringsSep "\n " (x: "--config-path ${x} \\") ([ configFile ] ++ cfg.extraConfigFiles) }
--keys-directory ${cfg.dataDir}
'';

View File

@ -33,7 +33,7 @@ let
sh = pkgs.runtimeShell;
binshDeps = pkgs.writeReferencesToFile sh;
in
pkgs.runCommand "nix.conf" { extraOptions = cfg.extraOptions; } (''
pkgs.runCommand "nix.conf" { preferLocalBuild = true; extraOptions = cfg.extraOptions; } (''
${optionalString (!isNix20) ''
extraPaths=$(for i in $(cat ${binshDeps}); do if test -d $i; then echo $i; fi; done)
''}

View File

@ -109,7 +109,7 @@ let
nixos-taskserver = pkgs.pythonPackages.buildPythonApplication {
name = "nixos-taskserver";
src = pkgs.runCommand "nixos-taskserver-src" {} ''
src = pkgs.runCommand "nixos-taskserver-src" { preferLocalBuild = true; } ''
mkdir -p "$out"
cat "${pkgs.substituteAll {
src = ./helper-tool.py;

View File

@ -45,7 +45,7 @@ let
eventToShellCmds = event: if builtins.hasAttr event cfg.hooks then (shellCmdsForEventScript event (builtins.getAttr event cfg.hooks)) else "";
scriptDir = pkgs.runCommand "apcupsd-scriptdir" {} (''
scriptDir = pkgs.runCommand "apcupsd-scriptdir" { preferLocalBuild = true; } (''
mkdir "$out"
# Copy SCRIPTDIR from apcupsd package
cp -r ${pkgs.apcupsd}/etc/apcupsd/* "$out"/

View File

@ -9,8 +9,10 @@ let
dataDir = cfg.dataDir;
staticDir = cfg.dataDir + "/static";
graphiteLocalSettingsDir = pkgs.runCommand "graphite_local_settings"
{inherit graphiteLocalSettings;} ''
graphiteLocalSettingsDir = pkgs.runCommand "graphite_local_settings" {
inherit graphiteLocalSettings;
preferLocalBuild = true;
} ''
mkdir -p $out
ln -s $graphiteLocalSettings $out/graphite_local_settings.py
'';

View File

@ -11,8 +11,10 @@ let
nagiosObjectDefs = cfg.objectDefs;
nagiosObjectDefsDir = pkgs.runCommand "nagios-objects" {inherit nagiosObjectDefs;}
"mkdir -p $out; ln -s $nagiosObjectDefs $out/";
nagiosObjectDefsDir = pkgs.runCommand "nagios-objects" {
inherit nagiosObjectDefs;
preferLocalBuild = true;
} "mkdir -p $out; ln -s $nagiosObjectDefs $out/";
nagiosCfgFile = pkgs.writeText "nagios.cfg"
''

View File

@ -5,7 +5,7 @@ with lib;
let
cfg = config.services.netdata;
wrappedPlugins = pkgs.runCommand "wrapped-plugins" {} ''
wrappedPlugins = pkgs.runCommand "wrapped-plugins" { preferLocalBuild = true; } ''
mkdir -p $out/libexec/netdata/plugins.d
ln -s /run/wrappers/bin/apps.plugin $out/libexec/netdata/plugins.d/apps.plugin
'';

View File

@ -19,7 +19,7 @@ let
# Pretty-print JSON to a file
writePrettyJSON = name: x:
pkgs.runCommand name { } ''
pkgs.runCommand name { preferLocalBuild = true; } ''
echo '${builtins.toJSON x}' | ${pkgs.jq}/bin/jq . > $out
'';

View File

@ -5,7 +5,7 @@ with lib;
let
cfg = config.services.scollector;
collectors = pkgs.runCommand "collectors" {}
collectors = pkgs.runCommand "collectors" { preferLocalBuild = true; }
''
mkdir -p $out
${lib.concatStringsSep

View File

@ -7,6 +7,7 @@ let
configFile = pkgs.runCommand "config.toml" {
buildInputs = [ pkgs.remarshal ];
preferLocalBuild = true;
} ''
remarshal -if json -of toml \
< ${pkgs.writeText "config.json" (builtins.toJSON cfg.extraConfig)} \

View File

@ -4,7 +4,8 @@ let
cfg = config.services.uptime;
configDir = pkgs.runCommand "config" {} (if cfg.configFile != null then ''
configDir = pkgs.runCommand "config" { preferLocalBuild = true; }
(if cfg.configFile != null then ''
mkdir $out
ext=`echo ${cfg.configFile} | grep -o \\..*`
ln -sv ${cfg.configFile} $out/default$ext

View File

@ -102,7 +102,10 @@ let
# wrappers to beegfs tools. Avoid typing path of config files
utilWrappers = mapAttrsToList ( name: cfg:
( pkgs.runCommand "beegfs-utils-${name}" { nativeBuildInputs = [ pkgs.makeWrapper ]; } ''
( pkgs.runCommand "beegfs-utils-${name}" {
nativeBuildInputs = [ pkgs.makeWrapper ];
preferLocalBuild = true;
} ''
mkdir -p $out/bin
makeWrapper ${pkgs.beegfs}/bin/beegfs-check-servers \

View File

@ -19,7 +19,7 @@ let
"/var/lib/ipfs/.ipfs";
# Wrapping the ipfs binary with the environment variable IPFS_PATH set to dataDir because we can't set it in the user environment
wrapped = runCommand "ipfs" { buildInputs = [ makeWrapper ]; } ''
wrapped = runCommand "ipfs" { buildInputs = [ makeWrapper ]; preferLocalBuild = true; } ''
mkdir -p "$out/bin"
makeWrapper "${ipfs}/bin/ipfs" "$out/bin/ipfs" \
--set IPFS_PATH ${cfg.dataDir} \

View File

@ -15,7 +15,7 @@ let
clientServDB = pkgs.writeText "client-cellServDB-${cfg.cellName}" (mkCellServDB cfg.cellName cfg.cellServDB);
afsConfig = pkgs.runCommand "afsconfig" {} ''
afsConfig = pkgs.runCommand "afsconfig" { preferLocalBuild = true; } ''
mkdir -p $out
echo ${cfg.cellName} > $out/ThisCell
cat ${cellServDB} ${clientServDB} > $out/CellServDB
@ -198,7 +198,7 @@ in
environment.etc = {
clientCellServDB = {
source = pkgs.runCommand "CellServDB" {} ''
source = pkgs.runCommand "CellServDB" { preferLocalBuild = true; } ''
cat ${cellServDB} ${clientServDB} > $out
'';
target = "openafs/CellServDB";

View File

@ -5,7 +5,7 @@ with lib;
let
cfg = config.services.dnscache;
dnscache-root = pkgs.runCommand "dnscache-root" {} ''
dnscache-root = pkgs.runCommand "dnscache-root" { preferLocalBuild = true; } ''
mkdir -p $out/{servers,ip}
${concatMapStrings (ip: ''

View File

@ -41,7 +41,7 @@ let
"$out/config.${name}"
'';
in
pkgs.runCommand "hylafax-config-modems" {}
pkgs.runCommand "hylafax-config-modems" { preferLocalBuild = true; }
''mkdir --parents "$out/" ${concatStringsSep "\n" (mapModems mkLine)}'';
setupSpoolScript = pkgs.substituteAll {

View File

@ -31,6 +31,15 @@ in
default = null;
description = ''
The path to the file used for signing derivation data.
Generate with:
```
nix-store --generate-binary-cache-key key-name secret-key-file public-key-file
```
Make sure user `nix-serve` has read access to the private key file.
For more details see <citerefentry><refentrytitle>nix-store</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
'';
};

View File

@ -25,7 +25,7 @@ let
${cfg.extraConfig}
'';
prayerCfg = pkgs.runCommand "prayer.cf" { } ''
prayerCfg = pkgs.runCommand "prayer.cf" { preferLocalBuild = true; } ''
# We have to remove the http_port 80, or it will start a server there
cat ${prayer}/etc/prayer.cf | grep -v http_port > $out
cat ${prayerExtraCfg} >> $out

View File

@ -6,7 +6,7 @@ let
cfg = config.services.shout;
shoutHome = "/var/lib/shout";
defaultConfig = pkgs.runCommand "config.js" {} ''
defaultConfig = pkgs.runCommand "config.js" { preferLocalBuild = true; } ''
EDITOR=true ${pkgs.shout}/bin/shout config --home $PWD
mv config.js $out
'';

View File

@ -4,7 +4,7 @@ with lib;
let
cfg = config.services.xrdp;
confDir = pkgs.runCommand "xrdp.conf" { } ''
confDir = pkgs.runCommand "xrdp.conf" { preferLocalBuild = true; } ''
mkdir $out
cp ${cfg.package}/etc/xrdp/{km-*,xrdp,sesman,xrdp_keyboard}.ini $out

View File

@ -11,8 +11,9 @@ let
avahiEnabled = config.services.avahi.enable;
polkitEnabled = config.security.polkit.enable;
additionalBackends = pkgs.runCommand "additional-cups-backends" { }
''
additionalBackends = pkgs.runCommand "additional-cups-backends" {
preferLocalBuild = true;
} ''
mkdir -p $out
if [ ! -e ${cups.out}/lib/cups/backend/smb ]; then
mkdir -p $out/lib/cups/backend

View File

@ -82,7 +82,7 @@ in {
X-RestartIfChanged=false
'';
systemd.units."autovt@.service".unit = pkgs.runCommand "unit" { }
systemd.units."autovt@.service".unit = pkgs.runCommand "unit" { preferLocalBuild = true; }
''
mkdir -p $out
ln -s ${config.systemd.units."kmsconvt@.service".unit}/kmsconvt@.service $out/autovt@.service

View File

@ -6,7 +6,7 @@ let
cfg = config.services.codimd;
prettyJSON = conf:
pkgs.runCommand "codimd-config.json" { } ''
pkgs.runCommand "codimd-config.json" { preferLocalBuild = true; } ''
echo '${builtins.toJSON conf}' | ${pkgs.jq}/bin/jq \
'{production:del(.[]|nulls)|del(.[][]?|nulls)}' > $out
'';

View File

@ -217,7 +217,7 @@ let
) null ([ cfg ] ++ subservices);
documentRoot = if maybeDocumentRoot != null then maybeDocumentRoot else
pkgs.runCommand "empty" {} "mkdir -p $out";
pkgs.runCommand "empty" { preferLocalBuild = true; } "mkdir -p $out";
documentRootConf = ''
DocumentRoot "${documentRoot}"
@ -426,6 +426,7 @@ let
phpIni = pkgs.runCommand "php.ini"
{ options = concatStringsSep "\n"
([ mainCfg.phpOptions ] ++ (map (svc: svc.phpOptions) allSubservices));
preferLocalBuild = true;
}
''
cat ${php}/etc/php.ini > $out

View File

@ -116,9 +116,10 @@ let
'';
};
mediawikiScripts = pkgs.runCommand "mediawiki-${config.id}-scripts"
{ buildInputs = [ pkgs.makeWrapper ]; }
''
mediawikiScripts = pkgs.runCommand "mediawiki-${config.id}-scripts" {
buildInputs = [ pkgs.makeWrapper ];
preferLocalBuild = true;
} ''
mkdir -p $out/bin
for i in changePassword.php createAndPromote.php userOptions.php edit.php nukePage.php update.php; do
makeWrapper ${php}/bin/php $out/bin/mediawiki-${config.id}-$(basename $i .php) \

View File

@ -44,7 +44,25 @@ let
}
''));
configFile = pkgs.writeText "nginx.conf" ''
awkFormat = pkgs.writeText "awkFormat-nginx.awk" ''
awk -f
{sub(/^[ \t]+/,"");idx=0}
/\{/{ctx++;idx=1}
/\}/{ctx--}
{id="";for(i=idx;i<ctx;i++)id=sprintf("%s%s", id, "\t");printf "%s%s\n", id, $0}
'';
configFile = pkgs.stdenv.mkDerivation {
name = "nginx-config";
src = "";
phases = [ "installPhase" ];
installPhase = ''
mkdir $out
awk -f ${awkFormat} ${pre-configFile} | sed '/^\s*$/d' > $out/nginx.conf
'';
};
pre-configFile = pkgs.writeText "pre-nginx.conf" ''
user ${cfg.user} ${cfg.group};
error_log ${cfg.logError};
daemon off;
@ -638,10 +656,10 @@ in
preStart =
''
${cfg.preStart}
${cfg.package}/bin/nginx -c ${configFile} -p ${cfg.stateDir} -t
${cfg.package}/bin/nginx -c ${configFile}/nginx.conf -p ${cfg.stateDir} -t
'';
serviceConfig = {
ExecStart = "${cfg.package}/bin/nginx -c ${configFile} -p ${cfg.stateDir}";
ExecStart = "${cfg.package}/bin/nginx -c ${configFile}/nginx.conf -p ${cfg.stateDir}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "always";
RestartSec = "10s";

View File

@ -39,6 +39,7 @@ let
phpIni = pool: pkgs.runCommand "php.ini" {
inherit (pool) phpPackage phpOptions;
preferLocalBuild = true;
nixDefaults = ''
sendmail_path = "/run/wrappers/bin/sendmail -t -i"
'';

View File

@ -8,6 +8,7 @@ let
if cfg.configFile == null then
pkgs.runCommand "config.toml" {
buildInputs = [ pkgs.remarshal ];
preferLocalBuild = true;
} ''
remarshal -if json -of toml \
< ${pkgs.writeText "config.json" (builtins.toJSON cfg.configOptions)} \

View File

@ -15,7 +15,7 @@ let
'';
};
nixos-gsettings-desktop-schemas = pkgs.runCommand "nixos-gsettings-desktop-schemas" {}
nixos-gsettings-desktop-schemas = pkgs.runCommand "nixos-gsettings-desktop-schemas" { preferLocalBuild = true; }
''
mkdir -p $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas
cp -rf ${pkgs.gnome3.gsettings-desktop-schemas}/share/gsettings-schemas/gsettings-desktop-schemas*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas

View File

@ -12,9 +12,10 @@ let
# We need a few things in the environment for the greeter to run with
# fonts/icons.
wrappedEnsoGreeter = pkgs.runCommand "lightdm-enso-os-greeter"
{ buildInputs = [ pkgs.makeWrapper ]; }
''
wrappedEnsoGreeter = pkgs.runCommand "lightdm-enso-os-greeter" {
buildInputs = [ pkgs.makeWrapper ];
preferLocalBuild = true;
} ''
# This wrapper ensures that we actually get themes
makeWrapper ${pkgs.lightdm-enso-os-greeter}/bin/pantheon-greeter \
$out/greeter \

View File

@ -18,9 +18,10 @@ let
# The default greeter provided with this expression is the GTK greeter.
# Again, we need a few things in the environment for the greeter to run with
# fonts/icons.
wrappedGtkGreeter = pkgs.runCommand "lightdm-gtk-greeter"
{ buildInputs = [ pkgs.makeWrapper ]; }
''
wrappedGtkGreeter = pkgs.runCommand "lightdm-gtk-greeter" {
buildInputs = [ pkgs.makeWrapper ];
preferLocalBuild = true;
} ''
# This wrapper ensures that we actually get themes
makeWrapper ${pkgs.lightdm_gtk_greeter}/sbin/lightdm-gtk-greeter \
$out/greeter \

View File

@ -28,7 +28,7 @@ let
# Unpack the SLiM theme, or use the default.
slimThemesDir =
let
unpackedTheme = pkgs.runCommand "slim-theme" {}
unpackedTheme = pkgs.runCommand "slim-theme" { preferLocalBuild = true; }
''
mkdir -p $out
cd $out

View File

@ -10,7 +10,7 @@ let
# Generate the cache file by running gdk-pixbuf-query-loaders for each
# package and concatenating the results.
loadersCache = pkgs.runCommand "gdk-pixbuf-loaders.cache" {} ''
loadersCache = pkgs.runCommand "gdk-pixbuf-loaders.cache" { preferLocalBuild = true; } ''
(
for package in ${concatStringsSep " " effectivePackages}; do
module_dir="$package/${pkgs.gdk_pixbuf.moduleDir}"

View File

@ -113,6 +113,7 @@ let
{ xfs = optionalString (cfg.useXFS != false)
''FontPath "${toString cfg.useXFS}"'';
inherit (cfg) config;
preferLocalBuild = true;
}
''
echo 'Section "Files"' >> $out
@ -240,7 +241,7 @@ in
videoDrivers = mkOption {
type = types.listOf types.str;
# !!! We'd like "nv" here, but it segfaults the X server.
default = [ "ati" "cirrus" "intel" "vesa" "vmware" "modesetting" ];
default = [ "ati" "cirrus" "vesa" "vmware" "modesetting" ];
example = [
"ati_unfree" "amdgpu" "amdgpu-pro"
"nv" "nvidia" "nvidiaLegacy340" "nvidiaLegacy304"
@ -705,6 +706,7 @@ in
system.extraDependencies = singleton (pkgs.runCommand "xkb-validated" {
inherit (cfg) xkbModel layout xkbVariant xkbOptions;
nativeBuildInputs = [ pkgs.xkbvalidate ];
preferLocalBuild = true;
} ''
validate "$xkbModel" "$layout" "$xkbVariant" "$xkbOptions"
touch "$out"

View File

@ -196,9 +196,10 @@ let
''; # */
udevRules = pkgs.runCommand "udev-rules"
{ allowedReferences = [ extraUtils ]; }
''
udevRules = pkgs.runCommand "udev-rules" {
allowedReferences = [ extraUtils ];
preferLocalBuild = true;
} ''
mkdir -p $out
echo 'ENV{LD_LIBRARY_PATH}="${extraUtils}/lib"' > $out/00-env.rules
@ -298,9 +299,10 @@ let
{ object = pkgs.writeText "mdadm.conf" config.boot.initrd.mdadmConf;
symlink = "/etc/mdadm.conf";
}
{ object = pkgs.runCommand "initrd-kmod-blacklist-ubuntu"
{ src = "${pkgs.kmod-blacklist-ubuntu}/modprobe.conf"; }
''
{ object = pkgs.runCommand "initrd-kmod-blacklist-ubuntu" {
src = "${pkgs.kmod-blacklist-ubuntu}/modprobe.conf";
preferLocalBuild = true;
} ''
target=$out
${pkgs.buildPackages.perl}/bin/perl -0pe 's/## file: iwlwifi.conf(.+?)##/##/s;' $src > $out
'';

View File

@ -593,7 +593,7 @@ in
services.journald.forwardToSyslog = mkOption {
default = config.services.rsyslogd.enable || config.services.syslog-ng.enable;
defaultText = "config.services.rsyslogd.enable || config.services.syslog-ng.enable";
defaultText = "services.rsyslogd.enable || services.syslog-ng.enable";
type = types.bool;
description = ''
Whether to forward log messages to syslog.
@ -652,6 +652,7 @@ in
services.logind.lidSwitchExternalPower = mkOption {
default = config.services.logind.lidSwitch;
defaultText = "services.logind.lidSwitch";
example = "ignore";
type = logindHandlerType;
@ -759,7 +760,10 @@ in
environment.etc = let
# generate contents for /etc/systemd/system-generators from
# systemd.generators and systemd.generator-packages
generators = pkgs.runCommand "system-generators" { packages = cfg.generator-packages; } ''
generators = pkgs.runCommand "system-generators" {
preferLocalBuild = true;
packages = cfg.generator-packages;
} ''
mkdir -p $out
for package in $packages
do

View File

@ -10,6 +10,11 @@ users_=($users)
groups_=($groups)
set +f
# Create relative symlinks, so that the links can be followed if
# the NixOS installation is not mounted as filesystem root.
# Absolute symlinks violate the os-release format
# at https://www.freedesktop.org/software/systemd/man/os-release.html
# and break e.g. systemd-nspawn and os-prober.
for ((i = 0; i < ${#targets_[@]}; i++)); do
source="${sources_[$i]}"
target="${targets_[$i]}"
@ -19,14 +24,14 @@ for ((i = 0; i < ${#targets_[@]}; i++)); do
# If the source name contains '*', perform globbing.
mkdir -p $out/etc/$target
for fn in $source; do
ln -s "$fn" $out/etc/$target/
ln -s --relative "$fn" $out/etc/$target/
done
else
mkdir -p $out/etc/$(dirname $target)
if ! [ -e $out/etc/$target ]; then
ln -s $source $out/etc/$target
ln -s --relative $source $out/etc/$target
else
echo "duplicate entry $target -> $source"
if test "$(readlink $out/etc/$target)" != "$source"; then
@ -34,13 +39,13 @@ for ((i = 0; i < ${#targets_[@]}; i++)); do
exit 1
fi
fi
if test "${modes_[$i]}" != symlink; then
echo "${modes_[$i]}" > $out/etc/$target.mode
echo "${users_[$i]}" > $out/etc/$target.uid
echo "${groups_[$i]}" > $out/etc/$target.gid
fi
fi
done

View File

@ -4,6 +4,7 @@ use File::Copy;
use File::Path;
use File::Basename;
use File::Slurp;
use File::Spec;
my $etc = $ARGV[0] or die;
my $static = "/etc/static";
@ -17,6 +18,20 @@ sub atomicSymlink {
return 1;
}
# Create relative symlinks, so that the links can be followed if
# the NixOS installation is not mounted as filesystem root.
# Absolute symlinks violate the os-release format
# at https://www.freedesktop.org/software/systemd/man/os-release.html
# and break e.g. systemd-nspawn and os-prober.
sub atomicRelativeSymlink {
my ($source, $target) = @_;
my $tmp = "$target.tmp";
unlink $tmp;
my $rel = File::Spec->abs2rel($source, dirname $target);
symlink $rel, $tmp or return 0;
rename $tmp, $target or return 0;
return 1;
}
# Atomically update /etc/static to point at the etc files of the
# current configuration.
@ -103,7 +118,7 @@ sub link {
if (-e "$_.mode") {
my $mode = read_file("$_.mode"); chomp $mode;
if ($mode eq "direct-symlink") {
atomicSymlink readlink("$static/$fn"), $target or warn;
atomicRelativeSymlink readlink("$static/$fn"), $target or warn;
} else {
my $uid = read_file("$_.uid"); chomp $uid;
my $gid = read_file("$_.gid"); chomp $gid;
@ -117,7 +132,7 @@ sub link {
push @copied, $fn;
print CLEAN "$fn\n";
} elsif (-l "$_") {
atomicSymlink "$static/$fn", $target or warn;
atomicRelativeSymlink "$static/$fn", $target or warn;
}
}

View File

@ -6,7 +6,7 @@ let
inInitrd = any (fs: fs == "vboxsf") config.boot.initrd.supportedFilesystems;
package = pkgs.runCommand "mount.vboxsf" {} ''
package = pkgs.runCommand "mount.vboxsf" { preferLocalBuild = true; } ''
mkdir -p $out/bin
cp ${pkgs.linuxPackages.virtualboxGuestAdditions}/bin/mount.vboxsf $out/bin
'';

View File

@ -15,6 +15,7 @@ let
optimizedKeymap = pkgs.runCommand "keymap" {
nativeBuildInputs = [ pkgs.buildPackages.kbd ];
LOADKEYS_KEYMAP_PATH = "${kbdEnv}/share/keymaps/**";
preferLocalBuild = true;
} ''
loadkeys -b ${optionalString isUnicode "-u"} "${config.i18n.consoleKeyMap}" > $out
'';

View File

@ -995,7 +995,7 @@ in
'';
environment.etc."hostid" = mkIf (cfg.hostId != null)
{ source = pkgs.runCommand "gen-hostid" {} ''
{ source = pkgs.runCommand "gen-hostid" { preferLocalBuild = true; } ''
hi="${cfg.hostId}"
${if pkgs.stdenv.isBigEndian then ''
echo -ne "\x''${hi:0:2}\x''${hi:2:2}\x''${hi:4:2}\x''${hi:6:2}" > $out

View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
../profiles/qemu-guest.nix
];
config = {
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
};
boot.growPartition = true;
boot.kernelParams = [ "console=tty0" ];
boot.loader.grub.device = "/dev/vda";
boot.loader.timeout = 0;
# Allow root logins
services.openssh = {
enable = true;
permitRootLogin = "prohibit-password";
};
# Cloud-init configuration.
services.cloud-init.enable = true;
# Wget is needed for setting password. This is of little use as
# root password login is disabled above.
environment.systemPackages = [ pkgs.wget ];
# Only enable CloudStack datasource for faster boot speed.
environment.etc."cloud/cloud.cfg.d/99_cloudstack.cfg".text = ''
datasource:
CloudStack: {}
None: {}
datasource_list: ["CloudStack"]
'';
};
}

View File

@ -25,6 +25,7 @@ in
atd = handleTest ./atd.nix {};
avahi = handleTest ./avahi.nix {};
bcachefs = handleTestOn ["x86_64-linux"] ./bcachefs.nix {}; # linux-4.18.2018.10.12 is unsupported on aarch64
beanstalkd = handleTest ./beanstalkd.nix {};
beegfs = handleTestOn ["x86_64-linux"] ./beegfs.nix {}; # beegfs is unsupported on aarch64
bind = handleTest ./bind.nix {};
bittorrent = handleTest ./bittorrent.nix {};

View File

@ -2,7 +2,7 @@
import ./make-test.nix ({ pkgs, ... } : {
name = "avahi";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco chaoflow ];
maintainers = [ eelco ];
};
nodes = let

View File

@ -0,0 +1,45 @@
import ./make-test.nix ({ pkgs, lib, ... }:
let
pythonEnv = pkgs.python3.withPackages (p: [p.beanstalkc]);
produce = pkgs.writeScript "produce.py" ''
#!${pythonEnv.interpreter}
import beanstalkc
queue = beanstalkc.Connection(host='localhost', port=11300, parse_yaml=False);
queue.put(b'this is a job')
queue.put(b'this is another job')
'';
consume = pkgs.writeScript "consume.py" ''
#!${pythonEnv.interpreter}
import beanstalkc
queue = beanstalkc.Connection(host='localhost', port=11300, parse_yaml=False);
job = queue.reserve(timeout=0)
print(job.body.decode('utf-8'))
job.delete()
'';
in
{
name = "beanstalkd";
meta.maintainers = [ lib.maintainers.aanderse ];
machine =
{ ... }:
{ services.beanstalkd.enable = true;
};
testScript = ''
startAll;
$machine->waitForUnit('beanstalkd.service');
$machine->succeed("${produce}");
$machine->succeed("${consume}") eq "this is a job\n" or die;
$machine->succeed("${consume}") eq "this is another job\n" or die;
'';
})

View File

@ -23,7 +23,7 @@ in
{
name = "bittorrent";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ domenkozar eelco chaoflow rob bobvanderlinden ];
maintainers = [ domenkozar eelco rob bobvanderlinden ];
};
nodes =

View File

@ -10,7 +10,7 @@ in
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-bridge";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow kampfschlaefer ];
maintainers = [ aristid aszlig eelco kampfschlaefer ];
};
machine =

View File

@ -3,7 +3,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-imperative";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow kampfschlaefer ];
maintainers = [ aristid aszlig eelco kampfschlaefer ];
};
machine =

View File

@ -3,7 +3,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-ipv4";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow kampfschlaefer ];
maintainers = [ aristid aszlig eelco kampfschlaefer ];
};
machine =

View File

@ -8,7 +8,7 @@ in
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-ipv6";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow kampfschlaefer ];
maintainers = [ aristid aszlig eelco kampfschlaefer ];
};
machine =

View File

@ -10,7 +10,7 @@ in
import ./make-test.nix ({ pkgs, ...} : {
name = "containers-portforward";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ aristid aszlig eelco chaoflow kampfschlaefer ianwookim ];
maintainers = [ aristid aszlig eelco kampfschlaefer ianwookim ];
};
machine =

View File

@ -13,7 +13,7 @@ let
mkElkTest = name : elk : makeTest {
inherit name;
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco chaoflow offline basvandijk ];
maintainers = [ eelco offline basvandijk ];
};
nodes = {
one =

View File

@ -1,7 +1,7 @@
import ./make-test.nix ({ pkgs, ... }: {
name = "firefox";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco chaoflow shlevy ];
maintainers = [ eelco shlevy ];
};
machine =

View File

@ -3,7 +3,7 @@
import ./make-test.nix ( { pkgs, ... } : {
name = "firewall";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco chaoflow ];
maintainers = [ eelco ];
};
nodes =

View File

@ -1,7 +1,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "gnome3";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ domenkozar eelco chaoflow lethalman ];
maintainers = [ domenkozar eelco lethalman ];
};
machine =

View File

@ -87,8 +87,8 @@ in {
$hass->succeed("curl http://localhost:8123/api/states/binary_sensor.mqtt_binary_sensor -H 'x-ha-access: ${apiPassword}' | grep -qF '\"state\": \"on\"'");
# Toggle a binary sensor using hass-cli
$hass->succeed("${hassCli} --output json entity get binary_sensor.mqtt_binary_sensor | grep -qF '\"state\": \"on\"'");
$hass->succeed("${hassCli} entity edit binary_sensor.mqtt_binary_sensor --json='{\"state\": \"off\"}'");
$hass->succeed("${hassCli} --output json state get binary_sensor.mqtt_binary_sensor | grep -qF '\"state\": \"on\"'");
$hass->succeed("${hassCli} state edit binary_sensor.mqtt_binary_sensor --json='{\"state\": \"off\"}'");
$hass->succeed("curl http://localhost:8123/api/states/binary_sensor.mqtt_binary_sensor -H 'x-ha-access: ${apiPassword}' | grep -qF '\"state\": \"off\"'");
# Print log to ease debugging

View File

@ -3,7 +3,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "influxdb";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ chaoflow offline ];
maintainers = [ offline ];
};
nodes = {

View File

@ -4,7 +4,7 @@
import ./make-test.nix ({ pkgs, ...} : {
name = "ipv6";
meta = with pkgs.stdenv.lib.maintainers; {
maintainers = [ eelco chaoflow ];
maintainers = [ eelco ];
};
nodes =

Some files were not shown because too many files have changed in this diff Show More