Unverified Commit 86a34582 authored by Leona Maroni's avatar Leona Maroni Committed by GitHub
Browse files

merge staging-nixos (#507730)

parents 33d37b33 3afd2c06

nixos/doc/manual/release-notes/rl-2605.section.md

+2 −0
Original line number Diff line number Diff line
@@ -149,6 +149,8 @@ 


- `services.uptime` has been removed because the package it relies on does not exist anymore in nixpkgs.



- `post-resume.target` has been removed. See {manpage}`systemd.special(7)` about `sleep.target` for instructions on ordering a process after resume with `ExecStop=`.



- `services.kubernetes.addons.dns.coredns` has been renamed to `services.kubernetes.addons.dns.corednsImage` and now expects a

package instead of attrs. Now, by default, nixpkgs.coredns in conjunction with dockerTools.buildImage is used, instead

of pulling the upstream container image from Docker Hub. If you want the old behavior, you can set:

nixos/modules/config/power-management.nix

+15 −42
Original line number Diff line number Diff line
@@ -90,68 +90,35 @@ in 
      https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html#sleep.target

    '';



    systemd.targets.post-resume = {

      description = "Post-Resume Actions";

      requires = [ "post-resume.service" ];

      after = [ "post-resume.service" ];

      wantedBy = [ "sleep.target" ];

      unitConfig.StopWhenUnneeded = true;

    };



    systemd.services = {

      # Service executed before suspending/hibernating.

      pre-sleep = {

        description = "Pre-Sleep Actions";

      sleep-actions = {

        description = "Sleep Actions";

        wantedBy = [ "sleep.target" ];

        before = [ "sleep.target" ];

        unitConfig.StopWhenUnneeded = true;

        script = ''

          # NixOS pre-sleep script



          # config.powerManagement.powerDownCommands

          ${cfg.powerDownCommands}

        '';

        serviceConfig.Type = "oneshot";

      };



      # Service executed after resuming from suspend/hibernate

      post-resume = {

        description = "Post-Resume Actions";

        # Pulled in by post-resume.service above

        after = [ "sleep.target" ];

        script = ''

        preStop = ''

          # NixOS pre-resume script



          /run/current-system/systemd/bin/systemctl try-restart --no-block post-resume.target



          # config.powerManagement.resumeCommands

          ${cfg.resumeCommands}



          # config.powerManagement.powerUpCommands

          ${cfg.powerUpCommands}

        '';

        serviceConfig.Type = "oneshot";

        serviceConfig = {

          Type = "oneshot";

          RemainAfterExit = true;

        };



      # Service executed before shutdown

      pre-shutdown = {

        description = "Pre-Shutdown Actions";

        wantedBy = [

          "shutdown.target"

        ];

        before = [

          "shutdown.target"

        ];

        script = ''

          # NixOS pre-shutdown script



          # config.powerManagement.powerDownCommands

          ${cfg.powerDownCommands}

        '';

        serviceConfig.Type = "oneshot";

        unitConfig.DefaultDependencies = false;

      };



      # Service executed after boot

      # Service executed after boot, and stopped during shutdown

      post-boot = {

        description = "Post-Boot Actions";

        # It's not well defined at what point in the bootup sequence this should run
@@ -167,6 +134,12 @@ in 
          # config.powerManagement.powerUpCommands

          ${cfg.powerUpCommands}

        '';

        preStop = ''

          # NixOS pre-shutdown script



          # config.powerManagement.powerDownCommands

          ${cfg.powerDownCommands}

        '';

        serviceConfig = {

          Type = "oneshot";

          RemainAfterExit = true;

nixos/modules/installer/cd-dvd/channel.nix

+44 −14
Original line number Diff line number Diff line
@@ -54,12 +54,41 @@ in 
    };



    # Provide the NixOS/Nixpkgs sources in /etc/nixos.  This is required

    # for nixos-install.

    boot.postBootCommands = lib.mkAfter ''

    # for nixos-install.  We use a systemd service rather than

    # boot.postBootCommands so that ordering relative to other

    # early-boot services (e.g. register-nix-paths in QEMU VMs) is

    # explicit.

    systemd.services.nix-channel-init = {

      description = "Initialize NixOS Channel";

      # Run early so the channel is available before regular services.

      # nix-env is invoked before nix-daemon.socket is up, so it

      # accesses the store directly (we are root).

      unitConfig.DefaultDependencies = false;

      wantedBy = [ "sysinit.target" ];

      before = [

        "sysinit.target"

        "shutdown.target"

        "nix-daemon.socket"

        "nix-daemon.service"

      ];

      after = [

        "local-fs.target"

        # In QEMU VMs the store DB is populated by register-nix-paths.

        # On real hardware this unit does not exist and the dependency

        # is silently ignored by systemd.

        "register-nix-paths.service"

      ];

      conflicts = [ "shutdown.target" ];

      restartIfChanged = false;

      serviceConfig = {

        Type = "oneshot";

        RemainAfterExit = true;

      };

      script = ''

        if ! [ -e /var/lib/nixos/did-channel-init ]; then

          echo "unpacking the NixOS/Nixpkgs sources..."

          mkdir -p /nix/var/nix/profiles/per-user/root

        ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/per-user/root/channels \

          ${lib.getExe' config.nix.package.out "nix-env"} -p /nix/var/nix/profiles/per-user/root/channels \

            -i ${channelSources} --quiet --option build-use-substitutes false \

            ${lib.optionalString config.boot.initrd.systemd.enable "--option sandbox false"} # There's an issue with pivot_root

          mkdir -m 0700 -p /root/.nix-defexpr
@@ -69,4 +98,5 @@ in 
        fi

      '';

    };

  };

}

nixos/modules/installer/cd-dvd/iso-image.nix

+27 −10
Original line number Diff line number Diff line
@@ -1055,16 +1055,33 @@ in 
      }

    );



    boot.postBootCommands = ''

    systemd.services.register-nix-paths = {

      description = "Register Nix Store Paths";

      unitConfig.DefaultDependencies = false;

      wantedBy = [ "sysinit.target" ];

      before = [

        "sysinit.target"

        "shutdown.target"

        "nix-daemon.socket"

        "nix-daemon.service"

      ];

      after = [ "local-fs.target" ];

      conflicts = [ "shutdown.target" ];

      restartIfChanged = false;

      serviceConfig = {

        Type = "oneshot";

        RemainAfterExit = true;

      };

      script = ''

        # After booting, register the contents of the Nix store on the

        # CD in the Nix database in the tmpfs.

      ${config.nix.package.out}/bin/nix-store --load-db < /nix/store/nix-path-registration

        ${lib.getExe' config.nix.package.out "nix-store"} --load-db < /nix/store/nix-path-registration



      # nixos-rebuild also requires a "system" profile and an

      # /etc/NIXOS tag.

        # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag.

        touch /etc/NIXOS

      ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system

        ${lib.getExe' config.nix.package.out "nix-env"} -p /nix/var/nix/profiles/system --set /run/current-system

      '';

    };



    # Add vfat support to the initrd to enable people to copy the

    # contents of the CD to a bootable USB stick.

nixos/modules/installer/netboot/netboot.nix

+30 −11
Original line number Diff line number Diff line
@@ -166,27 +166,46 @@ with lib; 


    boot.loader.timeout = 10;



    boot.postBootCommands = ''

    systemd.services.register-nix-paths = {

      description = "Register Nix Store Paths";

      unitConfig.DefaultDependencies = false;

      wantedBy = [ "sysinit.target" ];

      before = [

        "sysinit.target"

        "shutdown.target"

        "nix-daemon.socket"

        "nix-daemon.service"

      ];

      after = [ "local-fs.target" ];

      conflicts = [ "shutdown.target" ];

      restartIfChanged = false;

      serviceConfig = {

        Type = "oneshot";

        RemainAfterExit = true;

      };

      script = ''

        # After booting, register the contents of the Nix store

        # in the Nix database in the tmpfs.

      ${config.nix.package}/bin/nix-store --load-db < /nix/store/nix-path-registration

        ${lib.getExe' config.nix.package "nix-store"} --load-db < /nix/store/nix-path-registration



      # nixos-rebuild also requires a "system" profile and an

      # /etc/NIXOS tag.

        # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag.

        touch /etc/NIXOS

      ${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system

        ${lib.getExe' config.nix.package "nix-env"} -p /nix/var/nix/profiles/system --set /run/current-system

      '';

    };



    boot.postBootCommands = ''

      # Set password for user nixos if specified on cmdline

      # Allows using nixos-anywhere in headless environments

      for o in $(</proc/cmdline); do

        case "$o" in

          live.nixos.passwordHash=*)

            set -- $(IFS==; echo $o)

            ${pkgs.gnugrep}/bin/grep -q "root::" /etc/shadow && ${pkgs.shadow}/bin/usermod -p "$2" root

            ${lib.getExe pkgs.gnugrep} -q "root::" /etc/shadow && ${lib.getExe' pkgs.shadow "usermod"} -p "$2" root

            ;;

          live.nixos.password=*)

            set -- $(IFS==; echo $o)

            ${pkgs.gnugrep}/bin/grep -q "root::" /etc/shadow && echo "root:$2" | ${pkgs.shadow}/bin/chpasswd

            ${lib.getExe pkgs.gnugrep} -q "root::" /etc/shadow && echo "root:$2" | ${lib.getExe' pkgs.shadow "chpasswd"}

            ;;

        esac

      done