Merge pull request #183314 from DeterminateSystems/optional-swraid

- The Caddy module gained a new option named `services.caddy.enableReload` which is enabled by default. It allows reloading the service instead of restarting it, if only a config file has changed. This option must be disabled if you have turned off the [Caddy admin API](https://caddyserver.com/docs/caddyfile/options#admin). If you keep this option enabled, you should consider setting [`grace_period`](https://caddyserver.com/docs/caddyfile/options#grace-period) to a non-infinite value to prevent Caddy from delaying the reload indefinitely.

- mdraid support is now optional. This reduces initramfs size and prevents the potentially undesired automatic detection and activation of software RAID pools. It is disabled by default in new configurations (determined by `stateVersion`), but the appropriate settings will be generated by `nixos-generate-config` when installing to a software RAID device, so the standard installation procedure should be unaffected. If you have custom configs relying on mdraid, ensure that you use `stateVersion` correctly or set `boot.swraid.enable` manually.

## Other Notable Changes {#sec-release-23.11-notable-changes}

- The Cinnamon module now enables XDG desktop integration by default. If you are experiencing collisions related to xdg-desktop-portal-gtk you can safely remove `xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];` from your NixOS configuration.

my $fileSystems;

my %fsByDev;

my $useSwraid = 0;

foreach my $fs (read_file("/proc/self/mountinfo")) {

    chomp $fs;

    my @fields = split / /, $fs;

    # boot.initrd.luks.devices entry.

    if (-e $device) {

        my $deviceName = basename(abs_path($device));

        if (-e "/sys/class/block/$deviceName"

            && read_file("/sys/class/block/$deviceName/dm/uuid",  err_mode => 'quiet') =~ /^CRYPT-LUKS/)

        my $dmUuid = read_file("/sys/class/block/$deviceName/dm/uuid",  err_mode => 'quiet');

        if ($dmUuid =~ /^CRYPT-LUKS/)

        {

            my @slaves = glob("/sys/class/block/$deviceName/slaves/*");

            if (scalar @slaves == 1) {

                }

            }

        }

        if (-e "/sys/class/block/$deviceName/md/uuid") {

            $useSwraid = 1;

        }

    }

}

if ($useSwraid) {

    push @attrs, "boot.swraid.enable = true;\n\n";

}

# Generate the hardware configuration file.

        systemdStage1Network

      ];

    boot.swraid.enable = true;

    # Show all debug messages from the kernel but don't log refused packets

    # because we have the firewall enabled. This makes installs from the

    # console less cumbersome if the machine has a public IP.

      copy_bin_and_libs ${getBin pkgs.lvm2}/bin/dmsetup

      copy_bin_and_libs ${getBin pkgs.lvm2}/bin/lvm

      # Add RAID mdadm tool.

      copy_bin_and_libs ${pkgs.mdadm}/sbin/mdadm

      copy_bin_and_libs ${pkgs.mdadm}/sbin/mdmon

      # Copy udev.

      copy_bin_and_libs ${udev}/bin/udevadm

      copy_bin_and_libs ${udev}/lib/systemd/systemd-sysctl

      $out/bin/udevadm --version

      $out/bin/dmsetup --version 2>&1 | tee -a log | grep -q "version:"

      LVM_SYSTEM_DIR=$out $out/bin/lvm version 2>&1 | tee -a log | grep -q "LVM"

      $out/bin/mdadm --version

      ${optionalString config.services.multipath.enable ''

        ($out/bin/multipath || true) 2>&1 | grep -q 'need to be root'

        ($out/bin/multipathd || true) 2>&1 | grep -q 'need to be root'

      [ { object = bootStage1;

          symlink = "/init";

        }

        { object = pkgs.writeText "mdadm.conf" config.boot.initrd.services.swraid.mdadmConf;

          symlink = "/etc/mdadm.conf";

        }

        { object = pkgs.runCommand "initrd-kmod-blacklist-ubuntu" {

              src = "${pkgs.kmod-blacklist-ubuntu}/modprobe.conf";

              preferLocalBuild = true;

  };

  imports = [

    (mkRenamedOptionModule [ "boot" "initrd" "mdadmConf" ] [ "boot" "initrd" "services" "swraid" "mdadmConf" ])

    (mkRenamedOptionModule [ "boot" "initrd" "mdadmConf" ] [ "boot" "swraid" "mdadmConf" ])

  ];

}

{ config, pkgs, lib, ... }: let

  cfg = config.boot.initrd.services.swraid;

  cfg = config.boot.swraid;

in {

  options.boot.initrd.services.swraid = {

  options.boot.swraid = {

    enable = lib.mkEnableOption (lib.mdDoc "swraid support using mdadm") // {

      description = ''

        *This will only be used when systemd is used in stage 1.*

      description = lib.mdDoc ''

        Whether to enable support for Linux MD RAID arrays.

        Whether to enable swraid support using mdadm.

        When this is enabled, mdadm will be added to the system path,

        and MD RAID arrays will be detected and activated

        automatically, both in stage-1 (initramfs) and in stage-2 (the

        final NixOS system).

        This should be enabled if you want to be able to access and/or

        boot from MD RAID arrays. {command}`nixos-generate-config`

        should detect it correctly in the standard installation

        procedure.

      '';

      default = lib.versionOlder config.system.stateVersion "23.11";

      defaultText = lib.mdDoc "`true` if stateVersion is older than 23.11";

    };

    mdadmConf = lib.mkOption {

      description = lib.mdDoc "Contents of {file}`/etc/mdadm.conf` in initrd.";

      description = lib.mdDoc "Contents of {file}`/etc/mdadm.conf`.";

      type = lib.types.lines;

      default = "";

    };

  };

  config = {

  config = lib.mkIf cfg.enable {

    environment.systemPackages = [ pkgs.mdadm ];

    services.udev.packages = [ pkgs.mdadm ];

    systemd.packages = [ pkgs.mdadm ];

    boot.initrd.availableKernelModules = lib.mkIf (config.boot.initrd.systemd.enable -> cfg.enable) [ "md_mod" "raid0" "raid1" "raid10" "raid456" ];

    boot.initrd = {

      availableKernelModules = [ "md_mod" "raid0" "raid1" "raid10" "raid456" ];

    boot.initrd.extraUdevRulesCommands = lib.mkIf (!config.boot.initrd.systemd.enable) ''

      extraUdevRulesCommands = lib.mkIf (!config.boot.initrd.systemd.enable) ''

        cp -v ${pkgs.mdadm}/lib/udev/rules.d/*.rules $out/

      '';

    boot.initrd.systemd = lib.mkIf cfg.enable {

      extraUtilsCommands = ''

        # Add RAID mdadm tool.

        copy_bin_and_libs ${pkgs.mdadm}/sbin/mdadm

        copy_bin_and_libs ${pkgs.mdadm}/sbin/mdmon

      '';

      extraUtilsCommandsTest = ''

        $out/bin/mdadm --version

      '';

      extraFiles."/etc/mdadm.conf".source = pkgs.writeText "mdadm.conf" config.boot.swraid.mdadmConf;

      systemd = {

        contents."/etc/mdadm.conf" = lib.mkIf (cfg.mdadmConf != "") {

          text = cfg.mdadmConf;

        };

        initrdBin = [ pkgs.mdadm ];

      };

    boot.initrd.services.udev.packages = lib.mkIf cfg.enable [ pkgs.mdadm ];

      services.udev.packages = [ pkgs.mdadm ];

    };

  };

}