Commit 63d6a703 authored by Alois Wohlschlager's avatar Alois Wohlschlager Committed by Yureka
Browse files

nixos/top-level: wire up cutoffPackages for replaceDependencies 

Move replaceRuntimeDependencies to the replaceDependencies namespace,
where the structure is more consistent with the replaceDependencies
function. This makes space for wiring up cutoffPackages as an option
too.

By default, the system's initrd is excluded. The replacement process does not
work properly anyway due to the structure of the initrd (the files being copied
into it, and it being compressed). In the worst case (which has been observed
to actually occur in practice), a store path makes it into the incompressible
parts of the archive, checksums are broken, and the system won't boot.
parent d3abae8d

nixos/modules/system/activation/top-level.nix

+44 −27
Original line number Diff line number Diff line
@@ -68,7 +68,7 @@ let 
    else showWarnings config.warnings baseSystem;



  # Replace runtime dependencies

  system = let replacements = config.system.replaceRuntimeDependencies; in

  system = let inherit (config.system.replaceDependencies) replacements cutoffPackages; in

    if replacements == [] then

      # Avoid IFD if possible, by sidestepping replaceDependencies if no replacements are specified.

      baseSystemAssertWarn
@@ -77,7 +77,7 @@ let 
        nix = config.nix.package;

      }) {

        drv = baseSystemAssertWarn;

        inherit replacements;

        inherit replacements cutoffPackages;

      };



  systemWithBuildDeps = system.overrideAttrs (o: {
@@ -95,6 +95,7 @@ in 
    (mkRemovedOptionModule [ "nesting" "clone" ] "Use `specialisation.«name» = { inheritParentConfig = true; configuration = { ... }; }` instead.")

    (mkRemovedOptionModule [ "nesting" "children" ] "Use `specialisation.«name».configuration = { ... }` instead.")

    (mkRenamedOptionModule [ "system" "forbiddenDependenciesRegex" ] [ "system" "forbiddenDependenciesRegexes" ])

    (mkRenamedOptionModule [ "system" "replaceRuntimeDependencies" ] [ "system" "replaceDependencies" "replacements" ])

  ];



  options = {
@@ -213,25 +214,30 @@ in 
      '';

    };



    system.replaceRuntimeDependencies = mkOption {

    system.replaceDependencies = {

      replacements = mkOption {

        default = [];

      example = lib.literalExpression "[ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { }; }) ]";

        example = lib.literalExpression "[ ({ oldDependency = pkgs.openssl; newDependency = pkgs.callPackage /path/to/openssl { }; }) ]";

        type = types.listOf (types.submodule (

          { ... }: {

          options.original = mkOption {

            imports = [

              (mkRenamedOptionModule [ "original" ] [ "oldDependency" ])

              (mkRenamedOptionModule [ "replacement" ] [ "newDependency" ])

            ];



            options.oldDependency = mkOption {

              type = types.package;

              description = "The original package to override.";

            };



          options.replacement = mkOption {

            options.newDependency = mkOption {

              type = types.package;

              description = "The replacement package.";

            };

          })

        );

      apply = map ({ original, replacement, ... }: {

        oldDependency = original;

        newDependency = replacement;

        apply = map ({ oldDependency, newDependency, ... }: {

          inherit oldDependency newDependency;

        });

        description = ''

          List of packages to override without doing a full rebuild.
@@ -240,6 +246,17 @@ in 
        '';

      };



      cutoffPackages = mkOption {

        default = [ config.system.build.initialRamdisk ];

        defaultText = literalExpression "[ config.system.build.initialRamdisk ]";

        type = types.listOf types.package;

        description = ''

          Packages to which no replacements should be applied.

          The initrd is matched by default, because its structure renders the replacement process ineffective and prone to breakage.

        '';

      };

    };



    system.name = mkOption {

      type = types.str;

      default =