Loading nixos/modules/security/wrappers/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -283,7 +283,7 @@ in ''; ###### wrappers consistency checks system.extraDependencies = lib.singleton (pkgs.runCommandLocal system.checks = lib.singleton (pkgs.runCommandLocal "ensure-all-wrappers-paths-exist" { } '' # make sure we produce output Loading nixos/modules/services/databases/postgresql.nix +1 −1 Original line number Diff line number Diff line Loading @@ -489,7 +489,7 @@ in "/share/postgresql" ]; system.extraDependencies = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck; system.checks = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck; systemd.services.postgresql = { description = "PostgreSQL Server"; Loading nixos/modules/services/web-servers/varnish/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -99,7 +99,7 @@ in environment.systemPackages = [ cfg.package ]; # check .vcl syntax at compile time (e.g. before nixops deployment) system.extraDependencies = mkIf cfg.enableConfigCheck [ system.checks = mkIf cfg.enableConfigCheck [ (pkgs.runCommand "check-varnish-syntax" {} '' ${cfg.package}/bin/varnishd -C ${commandLine} 2> $out || (cat $out; exit 1) '') Loading nixos/modules/services/x11/xserver.nix +1 −1 Original line number Diff line number Diff line Loading @@ -776,7 +776,7 @@ in xorg.xf86inputevdev.out ]; system.extraDependencies = singleton (pkgs.runCommand "xkb-validated" { system.checks = singleton (pkgs.runCommand "xkb-validated" { inherit (cfg) xkbModel layout xkbVariant xkbOptions; nativeBuildInputs = with pkgs.buildPackages; [ xkbvalidate ]; preferLocalBuild = true; Loading nixos/modules/system/activation/top-level.nix +29 −3 Original line number Diff line number Diff line Loading @@ -263,8 +263,23 @@ in default = []; description = lib.mdDoc '' A list of packages that should be included in the system closure but not otherwise made available to users. This is primarily used by the installation tests. closure but generally not visible to users. This option has also been used for build-time checks, but the `system.checks` option is more appropriate for that purpose as checks should not leave a trace in the built system configuration. ''; }; system.checks = mkOption { type = types.listOf types.package; default = []; description = lib.mdDoc '' Packages that are added as dependencies of the system's build, usually for the purpose of validating some part of the configuration. Unlike `system.extraDependencies`, these store paths do not become part of the built system configuration. ''; }; Loading Loading @@ -363,7 +378,17 @@ in fi ''; system.systemBuilderArgs = lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { system.systemBuilderArgs = { # Not actually used in the builder. `passedChecks` is just here to create # the build dependencies. Checks are similar to build dependencies in the # sense that if they fail, the system build fails. However, checks do not # produce any output of value, so they are not used by the system builder. # In fact, using them runs the risk of accidentally adding unneeded paths # to the system closure, which defeats the purpose of the `system.checks` # option, as opposed to `system.extraDependencies`. passedChecks = concatStringsSep " " config.system.checks; } // lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { inherit (config.system) forbiddenDependenciesRegex; closureInfo = pkgs.closureInfo { rootPaths = [ # override to avoid infinite recursion (and to allow using extraDependencies to add forbidden dependencies) Loading @@ -371,6 +396,7 @@ in ]; }; }; system.build.toplevel = if config.system.includeBuildDependencies then systemWithBuildDeps else system; }; Loading Loading
nixos/modules/security/wrappers/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -283,7 +283,7 @@ in ''; ###### wrappers consistency checks system.extraDependencies = lib.singleton (pkgs.runCommandLocal system.checks = lib.singleton (pkgs.runCommandLocal "ensure-all-wrappers-paths-exist" { } '' # make sure we produce output Loading
nixos/modules/services/databases/postgresql.nix +1 −1 Original line number Diff line number Diff line Loading @@ -489,7 +489,7 @@ in "/share/postgresql" ]; system.extraDependencies = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck; system.checks = lib.optional (cfg.checkConfig && pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) configFileCheck; systemd.services.postgresql = { description = "PostgreSQL Server"; Loading
nixos/modules/services/web-servers/varnish/default.nix +1 −1 Original line number Diff line number Diff line Loading @@ -99,7 +99,7 @@ in environment.systemPackages = [ cfg.package ]; # check .vcl syntax at compile time (e.g. before nixops deployment) system.extraDependencies = mkIf cfg.enableConfigCheck [ system.checks = mkIf cfg.enableConfigCheck [ (pkgs.runCommand "check-varnish-syntax" {} '' ${cfg.package}/bin/varnishd -C ${commandLine} 2> $out || (cat $out; exit 1) '') Loading
nixos/modules/services/x11/xserver.nix +1 −1 Original line number Diff line number Diff line Loading @@ -776,7 +776,7 @@ in xorg.xf86inputevdev.out ]; system.extraDependencies = singleton (pkgs.runCommand "xkb-validated" { system.checks = singleton (pkgs.runCommand "xkb-validated" { inherit (cfg) xkbModel layout xkbVariant xkbOptions; nativeBuildInputs = with pkgs.buildPackages; [ xkbvalidate ]; preferLocalBuild = true; Loading
nixos/modules/system/activation/top-level.nix +29 −3 Original line number Diff line number Diff line Loading @@ -263,8 +263,23 @@ in default = []; description = lib.mdDoc '' A list of packages that should be included in the system closure but not otherwise made available to users. This is primarily used by the installation tests. closure but generally not visible to users. This option has also been used for build-time checks, but the `system.checks` option is more appropriate for that purpose as checks should not leave a trace in the built system configuration. ''; }; system.checks = mkOption { type = types.listOf types.package; default = []; description = lib.mdDoc '' Packages that are added as dependencies of the system's build, usually for the purpose of validating some part of the configuration. Unlike `system.extraDependencies`, these store paths do not become part of the built system configuration. ''; }; Loading Loading @@ -363,7 +378,17 @@ in fi ''; system.systemBuilderArgs = lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { system.systemBuilderArgs = { # Not actually used in the builder. `passedChecks` is just here to create # the build dependencies. Checks are similar to build dependencies in the # sense that if they fail, the system build fails. However, checks do not # produce any output of value, so they are not used by the system builder. # In fact, using them runs the risk of accidentally adding unneeded paths # to the system closure, which defeats the purpose of the `system.checks` # option, as opposed to `system.extraDependencies`. passedChecks = concatStringsSep " " config.system.checks; } // lib.optionalAttrs (config.system.forbiddenDependenciesRegex != "") { inherit (config.system) forbiddenDependenciesRegex; closureInfo = pkgs.closureInfo { rootPaths = [ # override to avoid infinite recursion (and to allow using extraDependencies to add forbidden dependencies) Loading @@ -371,6 +396,7 @@ in ]; }; }; system.build.toplevel = if config.system.includeBuildDependencies then systemWithBuildDeps else system; }; Loading
