Loading nixos/modules/system/boot/systemd.nix +25 −0 Original line number Diff line number Diff line Loading @@ -807,6 +807,31 @@ in # Don't bother with certain units in containers. systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container"; # When using the classic /etc mechanism, we set certain paths in /etc to # /etc/static so that systemd cannot change them (as they are symlinks to # the read-only Nix Store). This is only done so that these services cannot # change the values. All other parts of systemd should read them from their # canonical locations. # # If you use the overlay mechanism to manage /etc, this is unnecessary # because either the overlay is mutable (and users can legitimately change # values without them being overridden) or it is immutable and systemd will # suggest to only make runtime changes. systemd.services."systemd-localed".environment = lib.mkIf (!config.system.etc.overlay.enable) { SYSTEMD_ETC_LOCALE_CONF = "/etc/static/locale.conf"; SYSTEMD_ETC_VCONSOLE_CONF = "/etc/static/vconsole.conf"; }; systemd.services."systemd-timedated".environment = lib.mkIf (!config.system.etc.overlay.enable && config.time.timeZone != null) { SYSTEMD_ETC_LOCALTIME = "/etc/static/localtime"; SYSTEMD_ETC_ADJTIME = "/etc/static/adjtime"; }; systemd.services."systemd-hostnamed".environment = lib.mkIf (!config.system.etc.overlay.enable) { SYSTEMD_ETC_HOSTNAME = "/etc/static/hostname"; SYSTEMD_ETC_MACHINE_INFO = "/etc/static/machine-info"; }; # Increase numeric PID range (set directly instead of copying a one-line file from systemd) # https://github.com/systemd/systemd/pull/12226 boot.kernel.sysctl."kernel.pid_max" = mkIf pkgs.stdenv.hostPlatform.is64bit (lib.mkDefault 4194304); Loading nixos/tests/systemd.nix +2 −2 Original line number Diff line number Diff line Loading @@ -109,10 +109,10 @@ machine.wait_for_unit("first-boot-complete.target") machine.succeed( "journalctl --system -o cat --grep 'systemd ${lib.escapeRegex pkgs.systemd.version} running'" "journalctl --system -o cat --grep 'systemd ${lib.escapeRegex nodes.machine.systemd.package.version} running'" ) assert "systemd ${lib.versions.major pkgs.systemd.version} (${pkgs.systemd.version})" in machine.succeed( assert "systemd ${lib.versions.major nodes.machine.systemd.package.version} (${nodes.machine.systemd.package.version})" in machine.succeed( "systemctl --version" ) Loading pkgs/by-name/bt/btrfs-progs/package.nix +2 −2 Original line number Diff line number Diff line Loading @@ -21,11 +21,11 @@ stdenv.mkDerivation (finalAttrs: { pname = "btrfs-progs"; version = "6.17.1"; version = "6.19"; src = fetchurl { url = "mirror://kernel/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v${finalAttrs.version}.tar.xz"; hash = "sha256-pL4Kbrs8R2Qn+12Xss8CewzNtrDFX/FjIzIMHoy3dlg="; hash = "sha256-rWt5GmDrVj0zFLwY48R/awU6AyY5SItbCbnV55Id5rY="; }; nativeBuildInputs = [ Loading pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/__init__.py +11 −12 Original line number Diff line number Diff line Loading @@ -265,22 +265,21 @@ def parse_args( if args.no_build_nix: parser_warn("--no-build-nix is deprecated, we do not build nix anymore") if args.diff and args.action not in ( # case for calling build_and_activate_system # except excluding DRY_BUILD and DRY_ACTIVATE, # in which --diff is uniquely a no-op Action.SWITCH.value, Action.BOOT.value, Action.TEST.value, Action.BUILD.value, Action.BUILD_IMAGE.value, Action.BUILD_VM.value, Action.BUILD_VM_WITH_BOOTLOADER.value, if ( args.action in ( Action.DRY_BUILD.value, # --diff breaks dry-build Action.EDIT.value, Action.LIST_GENERATIONS.value, Action.REPL.value, ) and args.diff ): parser_warn(f"--diff is a no-op with '{args.action}'") args.diff = False if args.action == Action.EDIT.value and (args.file or args.attr): parser.error("--file and --attr are not supported with 'edit'") parser.error(f"--file and --attr are not supported with '{args.action}'") if (args.target_host or args.build_host) and args.action not in ( Action.SWITCH.value, Loading pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/models.py +15 −17 Original line number Diff line number Diff line Loading @@ -63,20 +63,6 @@ class BuildAttr: return cls(Path(file or "default.nix"), attr) def _get_hostname(target_host: Remote | None) -> str | None: if target_host: try: return run_wrapper( ["uname", "-n"], capture_output=True, remote=target_host, ).stdout.strip() except (AttributeError, subprocess.CalledProcessError): return None else: return platform.node() @dataclass(frozen=True) class Flake: path: str Loading @@ -95,9 +81,7 @@ class Flake: m = cls._re.match(flake_str) assert m is not None, f"got no matches for {flake_str}" attr = m.group("attr") nixos_attr = ( f'nixosConfigurations."{attr or _get_hostname(target_host) or "default"}"' ) nixos_attr = f'nixosConfigurations."{attr or cls._get_hostname(target_host) or "default"}"' path = m.group("path") return cls(path, nixos_attr) Loading Loading @@ -126,6 +110,20 @@ class Flake: except FileNotFoundError: return self.path @staticmethod def _get_hostname(target_host: Remote | None) -> str | None: if target_host: try: return run_wrapper( ["uname", "-n"], capture_output=True, remote=target_host, ).stdout.strip() except (AttributeError, subprocess.CalledProcessError): return None else: return platform.node() @dataclass(frozen=True) class Generation: Loading Loading
nixos/modules/system/boot/systemd.nix +25 −0 Original line number Diff line number Diff line Loading @@ -807,6 +807,31 @@ in # Don't bother with certain units in containers. systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container"; # When using the classic /etc mechanism, we set certain paths in /etc to # /etc/static so that systemd cannot change them (as they are symlinks to # the read-only Nix Store). This is only done so that these services cannot # change the values. All other parts of systemd should read them from their # canonical locations. # # If you use the overlay mechanism to manage /etc, this is unnecessary # because either the overlay is mutable (and users can legitimately change # values without them being overridden) or it is immutable and systemd will # suggest to only make runtime changes. systemd.services."systemd-localed".environment = lib.mkIf (!config.system.etc.overlay.enable) { SYSTEMD_ETC_LOCALE_CONF = "/etc/static/locale.conf"; SYSTEMD_ETC_VCONSOLE_CONF = "/etc/static/vconsole.conf"; }; systemd.services."systemd-timedated".environment = lib.mkIf (!config.system.etc.overlay.enable && config.time.timeZone != null) { SYSTEMD_ETC_LOCALTIME = "/etc/static/localtime"; SYSTEMD_ETC_ADJTIME = "/etc/static/adjtime"; }; systemd.services."systemd-hostnamed".environment = lib.mkIf (!config.system.etc.overlay.enable) { SYSTEMD_ETC_HOSTNAME = "/etc/static/hostname"; SYSTEMD_ETC_MACHINE_INFO = "/etc/static/machine-info"; }; # Increase numeric PID range (set directly instead of copying a one-line file from systemd) # https://github.com/systemd/systemd/pull/12226 boot.kernel.sysctl."kernel.pid_max" = mkIf pkgs.stdenv.hostPlatform.is64bit (lib.mkDefault 4194304); Loading
nixos/tests/systemd.nix +2 −2 Original line number Diff line number Diff line Loading @@ -109,10 +109,10 @@ machine.wait_for_unit("first-boot-complete.target") machine.succeed( "journalctl --system -o cat --grep 'systemd ${lib.escapeRegex pkgs.systemd.version} running'" "journalctl --system -o cat --grep 'systemd ${lib.escapeRegex nodes.machine.systemd.package.version} running'" ) assert "systemd ${lib.versions.major pkgs.systemd.version} (${pkgs.systemd.version})" in machine.succeed( assert "systemd ${lib.versions.major nodes.machine.systemd.package.version} (${nodes.machine.systemd.package.version})" in machine.succeed( "systemctl --version" ) Loading
pkgs/by-name/bt/btrfs-progs/package.nix +2 −2 Original line number Diff line number Diff line Loading @@ -21,11 +21,11 @@ stdenv.mkDerivation (finalAttrs: { pname = "btrfs-progs"; version = "6.17.1"; version = "6.19"; src = fetchurl { url = "mirror://kernel/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v${finalAttrs.version}.tar.xz"; hash = "sha256-pL4Kbrs8R2Qn+12Xss8CewzNtrDFX/FjIzIMHoy3dlg="; hash = "sha256-rWt5GmDrVj0zFLwY48R/awU6AyY5SItbCbnV55Id5rY="; }; nativeBuildInputs = [ Loading
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/__init__.py +11 −12 Original line number Diff line number Diff line Loading @@ -265,22 +265,21 @@ def parse_args( if args.no_build_nix: parser_warn("--no-build-nix is deprecated, we do not build nix anymore") if args.diff and args.action not in ( # case for calling build_and_activate_system # except excluding DRY_BUILD and DRY_ACTIVATE, # in which --diff is uniquely a no-op Action.SWITCH.value, Action.BOOT.value, Action.TEST.value, Action.BUILD.value, Action.BUILD_IMAGE.value, Action.BUILD_VM.value, Action.BUILD_VM_WITH_BOOTLOADER.value, if ( args.action in ( Action.DRY_BUILD.value, # --diff breaks dry-build Action.EDIT.value, Action.LIST_GENERATIONS.value, Action.REPL.value, ) and args.diff ): parser_warn(f"--diff is a no-op with '{args.action}'") args.diff = False if args.action == Action.EDIT.value and (args.file or args.attr): parser.error("--file and --attr are not supported with 'edit'") parser.error(f"--file and --attr are not supported with '{args.action}'") if (args.target_host or args.build_host) and args.action not in ( Action.SWITCH.value, Loading
pkgs/by-name/ni/nixos-rebuild-ng/src/nixos_rebuild/models.py +15 −17 Original line number Diff line number Diff line Loading @@ -63,20 +63,6 @@ class BuildAttr: return cls(Path(file or "default.nix"), attr) def _get_hostname(target_host: Remote | None) -> str | None: if target_host: try: return run_wrapper( ["uname", "-n"], capture_output=True, remote=target_host, ).stdout.strip() except (AttributeError, subprocess.CalledProcessError): return None else: return platform.node() @dataclass(frozen=True) class Flake: path: str Loading @@ -95,9 +81,7 @@ class Flake: m = cls._re.match(flake_str) assert m is not None, f"got no matches for {flake_str}" attr = m.group("attr") nixos_attr = ( f'nixosConfigurations."{attr or _get_hostname(target_host) or "default"}"' ) nixos_attr = f'nixosConfigurations."{attr or cls._get_hostname(target_host) or "default"}"' path = m.group("path") return cls(path, nixos_attr) Loading Loading @@ -126,6 +110,20 @@ class Flake: except FileNotFoundError: return self.path @staticmethod def _get_hostname(target_host: Remote | None) -> str | None: if target_host: try: return run_wrapper( ["uname", "-n"], capture_output=True, remote=target_host, ).stdout.strip() except (AttributeError, subprocess.CalledProcessError): return None else: return platform.node() @dataclass(frozen=True) class Generation: Loading
