diff --git a/nixos/modules/config/nix-channel.nix b/nixos/modules/config/nix-channel.nix index 557f17d8b3b7..8f6caaabde86 100644 --- a/nixos/modules/config/nix-channel.nix +++ b/nixos/modules/config/nix-channel.nix @@ -9,6 +9,7 @@ { config, lib, ... }: let inherit (lib) + mkDefault mkIf mkOption stringAfter @@ -21,13 +22,42 @@ in { options = { nix = { + channel = { + enable = mkOption { + description = lib.mdDoc '' + Whether the `nix-channel` command and state files are made available on the machine. + + The following files are initialized when enabled: + - `/nix/var/nix/profiles/per-user/root/channels` + - `/root/.nix-channels` + - `$HOME/.nix-defexpr/channels` (on login) + + Disabling this option will not remove the state files from the system. + ''; + type = types.bool; + default = true; + }; + }; + nixPath = mkOption { type = types.listOf types.str; - default = [ - "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" - "nixos-config=/etc/nixos/configuration.nix" - "/nix/var/nix/profiles/per-user/root/channels" - ]; + default = + if cfg.channel.enable + then [ + "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" + "nixos-config=/etc/nixos/configuration.nix" + "/nix/var/nix/profiles/per-user/root/channels" + ] + else []; + defaultText = '' + if nix.channel.enable + then [ + "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos" + "nixos-config=/etc/nixos/configuration.nix" + "/nix/var/nix/profiles/per-user/root/channels" + ] + else []; + ''; description = lib.mdDoc '' The default Nix expression search path, used by the Nix evaluator to look up paths enclosed in angle brackets @@ -49,22 +79,30 @@ in config = mkIf cfg.enable { environment.extraInit = - '' + mkIf cfg.channel.enable '' if [ -e "$HOME/.nix-defexpr/channels" ]; then export NIX_PATH="$HOME/.nix-defexpr/channels''${NIX_PATH:+:$NIX_PATH}" fi ''; + environment.extraSetup = mkIf (!cfg.channel.enable) '' + rm $out/bin/nix-channel + ''; + + # NIX_PATH has a non-empty default according to Nix docs, so we don't unset + # it when empty. environment.sessionVariables = { NIX_PATH = cfg.nixPath; }; - system.activationScripts.nix-channel = stringAfter [ "etc" "users" ] - '' + nix.settings.nix-path = mkIf (! cfg.channel.enable) (mkDefault ""); + + system.activationScripts.nix-channel = mkIf cfg.channel.enable + (stringAfter [ "etc" "users" ] '' # Subscribe the root user to the NixOS channel by default. if [ ! -e "/root/.nix-channels" ]; then echo "${config.system.defaultChannel} nixos" > "/root/.nix-channels" fi - ''; + ''); }; } diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 4f4b91518845..4941eb9a6eba 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -11,16 +11,20 @@ let # The configuration to install. makeConfig = { bootLoader, grubDevice, grubIdentifier, grubUseEfi - , extraConfig, forceGrubReinstallCount ? 0 + , extraConfig, forceGrubReinstallCount ? 0, flake ? false }: pkgs.writeText "configuration.nix" '' { config, lib, pkgs, modulesPath, ... }: { imports = [ ./hardware-configuration.nix - + ${if flake + then "" # Still included, but via installer/flake.nix + else ""} ]; + networking.hostName = "thatworked"; + documentation.enable = false; # To ensure that we can rebuild the grub configuration on the nixos-rebuild @@ -67,7 +71,7 @@ let # partitions and filesystems. testScriptFun = { bootLoader, createPartitions, grubDevice, grubUseEfi , grubIdentifier, preBootCommands, postBootCommands, extraConfig - , testSpecialisationConfig + , testSpecialisationConfig, testFlakeSwitch }: let iface = "virtio"; isEfi = bootLoader == "systemd-boot" || (bootLoader == "grub" && grubUseEfi); @@ -86,9 +90,14 @@ let qemu_flags = {"qemuFlags": assemble_qemu_flags()} + import os + + image_dir = machine.state_dir + disk_image = os.path.join(image_dir, "machine.qcow2") + hd_flags = { "hdaInterface": "${iface}", - "hda": "vm-state-machine/machine.qcow2", + "hda": disk_image, } ${optionalString isEfi '' hd_flags.update( @@ -232,6 +241,11 @@ let machine = create_machine_named("boot-after-rebuild-switch") ${preBootCommands} machine.wait_for_unit("network.target") + + # Sanity check, is it the configuration.nix we generated? + hostname = machine.succeed("hostname").strip() + assert hostname == "thatworked" + ${postBootCommands} machine.shutdown() @@ -270,6 +284,84 @@ let with subtest("We should find a file named /etc/gitconfig"): machine.succeed("test -e /etc/gitconfig") + ${postBootCommands} + machine.shutdown() + '' + + optionalString testFlakeSwitch '' + ${preBootCommands} + machine.start() + + with subtest("Configure system with flake"): + # TODO: evaluate as user? + machine.succeed(""" + mkdir /root/my-config + mv /etc/nixos/hardware-configuration.nix /root/my-config/ + mv /etc/nixos/secret /root/my-config/ + rm /etc/nixos/configuration.nix + """) + machine.copy_from_host_via_shell( + "${makeConfig { + inherit bootLoader grubDevice grubIdentifier grubUseEfi extraConfig; + forceGrubReinstallCount = 1; + flake = true; + }}", + "/root/my-config/configuration.nix", + ) + machine.copy_from_host_via_shell( + "${./installer/flake.nix}", + "/root/my-config/flake.nix", + ) + machine.succeed(""" + # for some reason the image does not have `pkgs.path`, so + # we use readlink to find a Nixpkgs source. + pkgs=$(readlink -f /nix/var/nix/profiles/per-user/root/channels)/nixos + if ! [[ -e $pkgs/pkgs/top-level/default.nix ]]; then + echo 1>&2 "$pkgs does not seem to be a nixpkgs source. Please fix the test so that pkgs points to a nixpkgs source."; + exit 1; + fi + sed -e s^@nixpkgs@^$pkgs^ -i /root/my-config/flake.nix + """) + + with subtest("Switch to flake based config"): + machine.succeed("nixos-rebuild switch --flake /root/my-config#xyz") + + ${postBootCommands} + machine.shutdown() + + ${preBootCommands} + machine.start() + + machine.wait_for_unit("multi-user.target") + + with subtest("nix-channel command is not available anymore"): + machine.succeed("! which nix-channel") + + # Note that the channel profile is still present on disk, but configured + # not to be used. + with subtest("builtins.nixPath is now empty"): + machine.succeed(""" + [[ "[ ]" == "$(nix-instantiate builtins.nixPath --eval --expr)" ]] + """) + + with subtest(" does not resolve"): + machine.succeed(""" + ! nix-instantiate '' --eval --expr + """) + + with subtest("Evaluate flake config in fresh env without nix-channel"): + machine.succeed("nixos-rebuild switch --flake /root/my-config#xyz") + + with subtest("Evaluate flake config in fresh env without channel profiles"): + machine.succeed(""" + ( + exec 1>&2 + rm -v /root/.nix-channels + rm -vrf ~/.nix-defexpr + rm -vrf /nix/var/nix/profiles/per-user/root/channels* + ) + """) + machine.succeed("nixos-rebuild switch --flake /root/my-config#xyz") + ${postBootCommands} machine.shutdown() ''; @@ -282,6 +374,7 @@ let , grubDevice ? "/dev/vda", grubIdentifier ? "uuid", grubUseEfi ? false , enableOCR ? false, meta ? {} , testSpecialisationConfig ? false + , testFlakeSwitch ? false }: makeTest { inherit enableOCR; @@ -387,7 +480,7 @@ let testScript = testScriptFun { inherit bootLoader createPartitions preBootCommands postBootCommands grubDevice grubIdentifier grubUseEfi extraConfig - testSpecialisationConfig; + testSpecialisationConfig testFlakeSwitch; }; }; @@ -439,6 +532,10 @@ let ''; }; + simple-test-config-flake = simple-test-config // { + testFlakeSwitch = true; + }; + simple-uefi-grub-config = { createPartitions = '' machine.succeed( @@ -493,6 +590,8 @@ in { # one big filesystem partition. simple = makeInstallerTest "simple" simple-test-config; + switchToFlake = makeInstallerTest "switch-to-flake" simple-test-config-flake; + # Test cloned configurations with the simple grub configuration simpleSpecialised = makeInstallerTest "simpleSpecialised" (simple-test-config // specialisation-test-extraconfig); diff --git a/nixos/tests/installer/flake.nix b/nixos/tests/installer/flake.nix new file mode 100644 index 000000000000..4bbef44e34fc --- /dev/null +++ b/nixos/tests/installer/flake.nix @@ -0,0 +1,20 @@ +# This file gets copied into the installation + +{ + # To keep things simple, we'll use an absolute path dependency here. + inputs.nixpkgs.url = "@nixpkgs@"; + + outputs = { nixpkgs, ... }: { + + nixosConfigurations.xyz = nixpkgs.lib.nixosSystem { + modules = [ + ./configuration.nix + ( nixpkgs + "/nixos/modules/testing/test-instrumentation.nix" ) + { + # We don't need nix-channel anymore + nix.channel.enable = false; + } + ]; + }; + }; +}