public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:NixOS/nixos into systemd 

Conflicts:
	modules/config/networking.nix
	modules/services/networking/ssh/sshd.nix
	modules/services/ttys/agetty.nix
	modules/system/boot/stage-2-init.sh
	modules/system/upstart-events/shutdown.nix
This commit is contained in:
Eelco Dolstra 2012-07-16 17:27:11 -04:00
parent bf15293b1e 1d57489427
commit 44d091674b
38 changed files with 544 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/config/networking.nix
View File

@ -68,6 +68,9 @@ in
# Invalidate the nscd cache whenever resolv.conf is
# regenerated.
libc_restart='${pkgs.systemd}/bin/systemctl start invalidate-nscd.service'
'' + optionalString config.services.bind.enable ''
# This hosts runs a full-blown DNS resolver.
name_servers='127.0.0.1'
'' );
target = "resolvconf.conf";
}

1
modules/config/shells.nix
View File

@ -13,6 +13,7 @@ with pkgs.lib;
{ target = "shells";
source = pkgs.writeText "shells"
''
/run/current-system/sw/bin/bash
/var/run/current-system/sw/bin/bash
/bin/sh
'';

6
modules/config/system-path.nix
View File

@ -1,5 +1,5 @@
# This module defines the packages that appear in
# /var/run/current-system/sw.
# /run/current-system/sw.
{ config, pkgs, ... }:
@ -64,7 +64,7 @@ let
example = "[ pkgs.icecat3 pkgs.thunderbird ]";
description = ''
The set of packages that appear in
/var/run/current-system/sw. These packages are
/run/current-system/sw. These packages are
automatically available to all users, and are
automatically updated every time you rebuild the system
configuration. (The latter is the main difference with
@ -79,7 +79,7 @@ let
default = [];
example = ["/"];
description = "
Lists directories to be symlinked in `/var/run/current-system/sw'.
Lists directories to be symlinked in `/run/current-system/sw'.
";
};
};

20
modules/config/timezone.nix
View File

@ -5,13 +5,21 @@ with pkgs.lib;
{
options = {
time.timeZone = mkOption {
default = "CET";
type = with types; uniq string;
example = "America/New_York";
description = "The time zone used when displaying times and dates.";
};
time = {
timeZone = mkOption {
default = "CET";
type = with types; uniq string;
example = "America/New_York";
description = "The time zone used when displaying times and dates.";
};
hardwareClockInLocalTime = mkOption {
default = false;
description = "If set, keep the hardware clock in local time instead of UTC.";
};
};
};
config = {

2
modules/config/users-groups.nix
View File

@ -48,7 +48,7 @@ let
shell = mkOption {
type = with types; uniq string;
default = "/var/run/current-system/sw/sbin/nologin";
default = "/run/current-system/sw/sbin/nologin";
description = "The path to the user's shell.";
};

30
modules/hardware/network/b43.nix Normal file
View File

@ -0,0 +1,30 @@
{pkgs, config, ...}:
let kernelVersion = config.boot.kernelPackages.kernel.version; in
{
###### interface
options = {
networking.enableB43Firmware = pkgs.lib.mkOption {
default = false;
type = pkgs.lib.types.bool;
description = ''
Turn on this option if you want firmware for the NICs supported by the b43 module.
'';
};
};
###### implementation
config = pkgs.lib.mkIf config.networking.enableB43Firmware {
hardware.firmware = if builtins.lessThan (builtins.compareVersions kernelVersion "3.2") 0 then
throw "b43 firmware for kernels older than 3.2 not packaged yet!" else
[ pkgs.b43Firmware_5_1_138 ];
};
}

6
modules/installer/cd-dvd/iso-image.nix
View File

@ -122,12 +122,12 @@ let
efiShell = if pkgs.stdenv.isi686 then
pkgs.fetchurl {
url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/Ia32/Shell_Full.efi";
sha256 = "0ymm3mbbwx9f6cq0bp2nr7ikyagxgsg4sjs5q1s4xbnms27slwjq";
sha256 = "1gv6kyaspczdp7x8qnx5x76ilriaygkfs99ay7ihhdi6riclkhfl";
}
else
pkgs.fetchurl {
url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/X64/Shell_Full.efi";
sha256 = "1xchy8a05mgqzr82mmahdni0jbxsz6xf6vm2bg1bch9i6l72qgmh";
sha256 = "1g18z84rlavxr5gsrh2g942rfr6znv9fs3fqww5m7dhmnysgyv8p";
};
# The efi boot image
@ -312,7 +312,7 @@ in
# nixos-rebuild also requires a "system" profile and an
# /etc/NIXOS tag.
touch /etc/NIXOS
${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /var/run/current-system
${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
'';
# Add vfat support to the initrd to enable people to copy the

4
modules/installer/cd-dvd/system-tarball.nix
View File

@ -50,7 +50,7 @@ in
# script and the top-level system configuration directory.
tarball.storeContents =
[ { object = config.system.build.toplevel;
symlink = "/var/run/current-system";
symlink = "/run/current-system";
}
];
@ -87,6 +87,6 @@ in
# nixos-rebuild also requires a "system" profile and an
# /etc/NIXOS tag.
touch /etc/NIXOS
${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /var/run/current-system
${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
'';
}

4
modules/installer/efi-boot-stub/efi-boot-stub.nix
View File

@ -90,12 +90,12 @@ let
if pkgs.stdenv.isi686 then
pkgs.fetchurl {
url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/Ia32/Shell_Full.efi";
sha256 = "0ymm3mbbwx9f6cq0bp2nr7ikyagxgsg4sjs5q1s4xbnms27slwjq";
sha256 = "1gv6kyaspczdp7x8qnx5x76ilriaygkfs99ay7ihhdi6riclkhfl";
}
else
pkgs.fetchurl {
url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/X64/Shell_Full.efi";
sha256 = "1xchy8a05mgqzr82mmahdni0jbxsz6xf6vm2bg1bch9i6l72qgmh";
sha256 = "1g18z84rlavxr5gsrh2g942rfr6znv9fs3fqww5m7dhmnysgyv8p";
}
else
null;

3
modules/installer/tools/nixos-rebuild.sh
View File

@ -128,8 +128,7 @@ if [ -n "$pullManifest" -o "$action" = pull ]; then
set -o pipefail
manifests=$(nix-instantiate --eval-only --xml --strict '<nixos>' -A manifests \
| grep '<string' | sed 's^.*"\(.*\)".*^\1^g')
set -o nopipefail
set +o pipefail
if [ $? -ne 0 ]; then exit 1; fi
mkdir -p /nix/var/nix/channel-cache

6
modules/misc/crashdump.nix
View File

@ -48,9 +48,9 @@ in
config = mkIf crashdump.enable {
boot = {
postBootCommands = ''
${pkgs.kexectools}/sbin/kexec -p /var/run/current-system/kernel \
--initrd=/var/run/current-system/initrd \
--append="init=$(readlink -f /var/run/current-system/init) system=$(readlink -f /var/run/current-system) irqpoll maxcpus=1 reset_devices ${kernelParams}" --reset-vga --console-vga
${pkgs.kexectools}/sbin/kexec -p /run/current-system/kernel \
--initrd=/run/current-system/initrd \
--append="init=$(readlink -f /run/current-system/init) system=$(readlink -f /run/current-system) irqpoll maxcpus=1 reset_devices ${kernelParams}" --reset-vga --console-vga
'';
kernelParams = [
"crashkernel=64M"

15
modules/misc/lib.nix Normal file
View File

@ -0,0 +1,15 @@
{ config, pkgs, ... }:
{
options = {
lib = pkgs.lib.mkOption {
default = {};
type = pkgs.lib.types.attrsOf pkgs.lib.types.attrs;
description = ''
This option allows modules to define helper functions, constants, etc.
'';
};
};
}

3
modules/module-list.nix
View File

@ -15,6 +15,7 @@
./config/unix-odbc-drivers.nix
./config/users-groups.nix
./hardware/cpu/intel-microcode.nix
./hardware/network/b43.nix
./hardware/network/intel-2100bg.nix
./hardware/network/intel-2200bg.nix
./hardware/network/intel-3945abg.nix
@ -34,6 +35,7 @@
./misc/crashdump.nix
./misc/ids.nix
./misc/locate.nix
./misc/lib.nix
./misc/nixpkgs.nix
./misc/passthru.nix
./misc/version.nix
@ -82,6 +84,7 @@
./services/hardware/upower.nix
#./services/logging/klogd.nix
./services/logging/logrotate.nix
./services/logging/logstash.nix
./services/logging/syslogd.nix
./services/mail/dovecot.nix
./services/mail/dovecot2.nix

6
modules/programs/bash/profile.sh
View File

@ -12,8 +12,8 @@ __ETC_PROFILE_SOURCED=1
export __ETC_PROFILE_DONE=1
# Initialise a bunch of environment variables.
export LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive
export LD_LIBRARY_PATH=/var/run/opengl-driver/lib:/var/run/opengl-driver-32/lib # !!! only set if needed
export LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive
export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib # !!! only set if needed
export NIXPKGS_CONFIG=/etc/nix/nixpkgs-config.nix
export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixpkgs=/etc/nixos/nixpkgs:nixos=/etc/nixos/nixos:nixos-config=/etc/nixos/configuration.nix:services=/etc/nixos/services
export PAGER="less -R"
@ -22,7 +22,7 @@ export LOCATE_PATH=/var/cache/locatedb
# Include the various profiles in the appropriate environment variables.
export NIX_USER_PROFILE_DIR=/nix/var/nix/profiles/per-user/$USER
export NIX_PROFILES="/var/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile"
export NIX_PROFILES="/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile"
unset PATH INFOPATH PKG_CONFIG_PATH PERL5LIB ALSA_PLUGIN_DIRS GST_PLUGIN_PATH KDEDIRS
unset QT_PLUGIN_PATH QTWEBKIT_PLUGIN_PATH STRIGI_PLUGIN_PATH XDG_CONFIG_DIRS XDG_DATA_DIRS

5
modules/programs/shadow.nix
View File

@ -21,6 +21,9 @@ let
TTYGROUP tty
TTYPERM 0620
# Ensure privacy for newly created home directories.
UMASK 077
# Uncomment this to allow non-root users to change their account
#information. This should be made configurable.
#CHFN_RESTRICT frwh
@ -35,7 +38,7 @@ in
options = {
users.defaultUserShell = pkgs.lib.mkOption {
default = "/var/run/current-system/sw/bin/bash";
default = "/run/current-system/sw/bin/bash";
description = ''
This option defines the default shell assigned to user
accounts. This must not be a store path, since the path is

2
modules/services/logging/klogd.nix
View File

@ -13,7 +13,7 @@
exec =
"klogd -c 1 -2 -n " +
"-k $(dirname $(readlink -f /var/run/booted-system/kernel))/System.map";
"-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map";
};
}

162
modules/services/logging/logstash.nix Normal file
View File

@ -0,0 +1,162 @@
{ config, pkgs, ... }:
with pkgs.lib;
let
cfg = config.services.logstash;
listToConfig = list: "[ " + (concatStringsSep ", " (map exprToConfig list)) + " ]";
hashToConfig = attrs:
let
attrNameToConfigList = name:
[ (exprToConfig name) (exprToConfig (getAttr name attrs)) ];
in
"[ " +
(concatStringsSep ", " (map attrNameToConfigList (attrNames attrs))) +
" ]";
valueToConfig = nvpair: let name = nvpair.name; value = nvpair.value; in
if (isAttrs value) && ((!(value ? __type)) || value.__type == "repeated")
then ''
${name} {
${exprToConfig value}
}
''
else "${name} => ${exprToConfig value}";
repeatedAttrsToConfig = values:
concatStringsSep "\n" (map valueToConfig values);
attrsToConfig = attrs:
let
attrToConfig = name: valueToConfig {
inherit name;
value = (getAttr name attrs);
};
in
concatStringsSep "\n" (map attrToConfig (attrNames attrs));
exprToConfig = expr:
let
isCustomType = expr: (isAttrs expr) && (expr ? __type);
isFloat = expr: (isCustomType expr) && (expr.__type == "float");
isHash = expr: (isCustomType expr) && (expr.__type == "hash");
isRepeatedAttrs = expr: (isCustomType expr) && (expr.__type == "repeated");
in
if builtins.isBool expr then (if expr then "true" else "false") else
if builtins.isString expr then ''"${expr}"'' else
if builtins.isInt expr then toString expr else
if isFloat expr then expr.value else
if isList expr then listToConfig expr else
if isHash expr then hashToConfig expr.value else
if isRepeatedAttrs expr then repeatedAttrsToConfig expr.values
else attrsToConfig expr;
mergeConfigs = configs:
let
op = attrs: newAttrs:
let
isRepeated = newAttrs ? __type && newAttrs.__type == "repeated";
in {
values = attrs.values ++ (if isRepeated then newAttrs.values else
map (name: { inherit name; value = getAttr name newAttrs; })
(attrNames newAttrs));
};
in (foldl op { values = []; } configs) // { __type = "repeated"; };
in
{
###### interface
options = {
services.logstash = {
enable = mkOption {
default = false;
description = ''
Enable logstash.
'';
};
inputConfig = mkOption {
default = {};
description = ''
An attribute set (or an expression generated by mkNameValuePairs)
representing a logstash configuration's input section.
Logstash configs are name-value pairs, where values can be bools,
strings, numbers, arrays, hashes, or other name-value pairs,
and names are strings that can be repeated. Name-value pairs with no
repeats are represented by attr sets. Bools, strings, ints, and
arrays are mapped directly. Name-value pairs with repeats can be
generated by the config.lib.logstash.mkNameValuePairs function, which
takes a list of attrsets and combines them while preserving attribute
name duplicates if they occur. Similarly, there are the mkFloat and
mkHash functions, which take a string representation of a float and an
attrset, respectively.
'';
merge = mergeConfigs;
};
filterConfig = mkOption {
default = {};
description = ''
An attribute set (or an expression generated by mkNameValuePairs)
representing a logstash configuration's filter section.
See inputConfig description for details.
'';
merge = mergeConfigs;
};
outputConfig = mkOption {
default = {};
description = ''
An attribute set (or an expression generated by mkNameValuePairs)
representing a logstash configuration's output section.
See inputConfig description for details.
'';
merge = mergeConfigs;
};
};
};
###### implementation
config = mkMerge [ {
lib.logstash = {
mkFloat = stringRep: { __type = "float"; value = stringRep; };
mkHash = attrs: { __type = "hash"; value = attrs; };
mkNameValuePairs = mergeConfigs;
};
} ( mkIf cfg.enable {
# Always log to stdout
services.logstash.outputConfig = { stdout = {}; };
jobs.logstash = with pkgs; {
description = "Logstash daemon";
path = [ jre ];
script = "cd /tmp && exec java -jar ${logstash} agent -f ${writeText "logstash.conf" ''
input {
${exprToConfig cfg.inputConfig}
}
filter {
${exprToConfig cfg.filterConfig}
}
output {
${exprToConfig cfg.outputConfig}
}
''}";
};
})];
}

2
modules/services/misc/disnix.nix
View File

@ -130,7 +130,7 @@ in
script =
''
export PATH=/var/run/current-system/sw/bin:/var/run/current-system/sw/sbin
export PATH=/run/current-system/sw/bin:/run/current-system/sw/sbin
export HOME=/root
${pkgs.disnix}/bin/disnix-service --activation-modules-dir=${disnix_activation_scripts}/libexec/disnix/activation-scripts

4
modules/services/monitoring/systemhealth.nix
View File

@ -86,8 +86,8 @@ in
[paths]
rrdtool = ${pkgs.rrdtool}/bin/rrdtool
loadavg_rrd = loadavg
ps = /var/run/current-system/sw/bin/ps
df = /var/run/current-system/sw/bin/df
ps = /run/current-system/sw/bin/ps
df = /run/current-system/sw/bin/df
meminfo_rrd = meminfo
uptime_rrd = uptime
rrd_path = ${rrdDir}

2
modules/services/network-filesystems/drbd.nix
View File

@ -44,7 +44,7 @@ let cfg = config.services.drbd; in
boot.extraModprobeConfig =
''
options drbd usermode_helper=/var/run/current-system/sw/sbin/drbdadm
options drbd usermode_helper=/run/current-system/sw/sbin/drbdadm
'';
environment.etc = singleton

2
modules/services/network-filesystems/samba.nix
View File

@ -70,7 +70,7 @@ let
environment = {
LD_LIBRARY_PATH = nssModulesPath;
TZ = config.time.timeZone;
LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive";
LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
};
daemonType = "fork";

29
modules/services/networking/ssh/sshd.nix
View File

@ -92,7 +92,7 @@ let
userLoop = flip concatMapStrings usersWithKeys (u:
let
authKeys = concatStringsSep "," u.openssh.authorizedKeys.keys;
authKeyFiles = concatStringsSep " " u.openssh.authorizedKeys.keyFiles;
authKeyFiles = concatStrings (map (x: " ${x}") u.openssh.authorizedKeys.keyFiles);
preserveExisting = if u.openssh.authorizedKeys.preserveExistingKeys then "true" else "false";
in ''
mkAuthKeysFile "${u.name}" "${authKeys}" "${authKeyFiles}" "${preserveExisting}"
@ -105,25 +105,34 @@ let
local authKeyFiles="$3"
local preserveExisting="$4"
eval authfile=~$userName/.ssh/authorized_keys
mkdir -p "$(dirname $authfile)"
touch "$authfile"
eval homeDir=~$userName
if ! [ -d "$homeDir" ]; then
echo "User $userName does not exist"
return
fi
if ! [ -d "$homeDir/.ssh" ]; then
mkdir -v -m 700 "$homeDir/.ssh"
chown "$userName":users "$homeDir/.ssh"
fi
local authKeysFile="$homeDir/.ssh/authorized_keys"
touch "$authKeysFile"
if [ "$preserveExisting" == false ]; then
rm -f "$authfile"
echo "${marker2}" > "$authfile"
rm -f "$authKeysFile"
echo "${marker2}" > "$authKeysFile"
else
sed -i '/${marker1}/ d' "$authfile"
sed -i '/${marker1}/ d' "$authKeysFile"
fi
IFS=,
for f in $authKeys; do
echo "$f ${marker1}" >> "$authfile"
echo "$f ${marker1}" >> "$authKeysFile"
done
unset IFS
for f in $authKeyFiles; do
if [ -f "$f" ]; then
echo "$(cat "$f") ${marker1}" >> "$authfile"
echo "$(cat "$f") ${marker1}" >> "$authKeysFile"
fi
done
chown "$userName" "$authKeysFile"
}
${userLoop}
@ -329,7 +338,7 @@ in
path = [ pkgs.openssh ];
environment.LD_LIBRARY_PATH = nssModulesPath;
environment.LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive";
environment.LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
preStart =
''

14
modules/services/networking/wpa_supplicant.nix
View File

@ -18,7 +18,7 @@ in
###### interface
options = {
networking.WLANInterface = mkOption {
default = "";
description = "Obsolete. Use <option>networking.wireless.interfaces</option> instead.";
@ -44,7 +44,9 @@ in
example = [ "wlan0" "wlan1" ];
description = ''
The interfaces <command>wpa_supplicant</command> will use. If empty, it will
automatically use all wireless interfaces.
automatically use all wireless interfaces. (Note that auto-detection is currently
broken on Linux 3.4.x kernels. See http://github.com/NixOS/nixos/issues/10 for
further details.)
'';
};
@ -80,14 +82,14 @@ in
###### implementation
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.wpa_supplicant ];
services.dbus.packages = [ pkgs.wpa_supplicant ];
jobs.wpa_supplicant =
jobs.wpa_supplicant =
{ startOn = "started network-interfaces";
stopOn = "stopping network-interfaces";
@ -117,13 +119,13 @@ in
exec wpa_supplicant -s -u ${optionalString (cfg.driver != "") "-D${cfg.driver}"} -c ${configFile} $ifaces
'';
};
powerManagement.resumeCommands =
''
${config.system.build.upstart}/sbin/restart wpa_supplicant
'';
assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != [];
assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != [];
message = "user controlled wpa_supplicant needs explicit networking.wireless.interfaces";}];
};

4
modules/services/scheduling/fcron.nix
View File

@ -87,7 +87,7 @@ in
fcrondeny = /etc/fcron.deny
shell = /bin/sh
sendmail = /var/setuid-wrappers/sendmail
editor = /var/run/current-system/sw/bin/vi
editor = /run/current-system/sw/bin/vi
'';
target = "fcron.conf";
mode = "0600"; # max allowed is 644
@ -104,7 +104,7 @@ in
startOn = "startup and filesystem";
environment =
{ PATH = "/var/run/current-system/sw/bin";
{ PATH = "/run/current-system/sw/bin";
};
preStart =

2
modules/services/ttys/agetty.nix
View File

@ -72,7 +72,7 @@ with pkgs.lib;
[Service]
Environment=TERM=linux
Environment=LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive
Environment=LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive
ExecStart=@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login %I 38400
Type=idle
Restart=always

42
modules/services/web-servers/apache-httpd/default.nix
View File

@ -6,7 +6,9 @@ let
mainCfg = config.services.httpd;
httpd = pkgs.apacheHttpd;
httpd = pkgs.apacheHttpd.override { mpm = mainCfg.multiProcessingModule; };
php = pkgs.php.override { apacheHttpd = httpd; };
getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80;
@ -105,10 +107,11 @@ let
# Other modules.
"ext_filter" "include" "log_config" "env" "mime_magic"
"cern_meta" "expires" "headers" "usertrack" /* "unique_id" */ "setenvif"
"mime" "dav" "status" "autoindex" "asis" "info" "cgi" "dav_fs"
"mime" "dav" "status" "autoindex" "asis" "info" "dav_fs"
"vhost_alias" "negotiation" "dir" "imagemap" "actions" "speling"
"userdir" "alias" "rewrite" "proxy" "proxy_http"
]
++ (if mainCfg.multiProcessingModule == "prefork" then [ "cgi" ] else [ "cgid" ])
++ optional enableSSL "ssl"
++ extraApacheModules;
@ -283,6 +286,11 @@ let
PidFile ${mainCfg.stateDir}/httpd.pid
${optionalString (mainCfg.multiProcessingModule != "prefork") ''
# mod_cgid requires this.
ScriptSock ${mainCfg.stateDir}/cgisock
''}
<IfModule prefork.c>
MaxClients ${toString mainCfg.maxClients}
MaxRequestsPerChild ${toString mainCfg.maxRequestsPerChild}
@ -302,7 +310,7 @@ let
allModules =
concatMap (svc: svc.extraModulesPre) allSubservices
++ map (name: {inherit name; path = "${httpd}/modules/mod_${name}.so";}) apacheModules
++ optional enablePHP { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; }
++ optional enablePHP { name = "php5"; path = "${php}/modules/libphp5.so"; }
++ concatMap (svc: svc.extraModules) allSubservices
++ extraForeignModules;
in concatMapStrings load allModules
@ -373,7 +381,7 @@ let
([ mainCfg.phpOptions ] ++ (map (svc: svc.phpOptions) allSubservices));
}
''
cat ${pkgs.php}/etc/php-recommended.ini > $out
cat ${php}/etc/php-recommended.ini > $out
echo "$options" >> $out
'';
@ -404,7 +412,7 @@ in
extraModules = mkOption {
default = [];
example = [ "proxy_connect" { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } ];
example = [ "proxy_connect" { name = "php5"; path = "${php}/modules/libphp5.so"; } ];
description = ''
Specifies additional Apache modules. These can be specified
as a string in the case of modules distributed with Apache,
@ -484,6 +492,23 @@ in
"Options appended to the PHP configuration file <filename>php.ini</filename>.";
};
multiProcessingModule = mkOption {
default = "prefork";
example = "worker";
type = types.uniq types.string;
description =
''
Multi-processing module to be used by Apache. Available
modules are <literal>prefork</literal> (the default;
handles each request in a separate child process),
<literal>worker</literal> (hybrid approach that starts a
number of child processes each running a number of
threads) and <literal>event</literal> (a recent variant of
<literal>worker</literal> that handles persistent
connections more efficiently).
'';
};
maxClients = mkOption {
default = 150;
example = 8;
@ -558,7 +583,8 @@ in
preStart =
''
mkdir -m 0700 -p ${mainCfg.stateDir}
mkdir -m 0750 -p ${mainCfg.stateDir}
chown root.wwwrun ${mainCfg.stateDir}
mkdir -m 0700 -p ${mainCfg.logDir}
${optionalString (mainCfg.documentRoot != null)
@ -582,9 +608,7 @@ in
done
'';
daemonType = "fork";
exec = "httpd -f ${httpdConf}";
exec = "httpd -f ${httpdConf} -DNO_DETACH";
preStop =
''

35
modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -4,16 +4,6 @@ with pkgs.lib;
let
src_clean_skin = pkgs.fetchurl {
url = "http://lastlog.de/misc/clean-1.01.tar.gz";
sha256 = "5fb1736b64b33ca3429d035f1358cf8217da2d02019d8a80b14c7985367f659f";
};
src_nixos_skin = pkgs.fetchurl {
url = "http://lastlog.de/misc/nixos-1.0.tar.gz";
sha256 = "413b0f451bde81ac2dd0bede17dd088f9abcd0f3cea1722279311ca648a855cf";
};
mediawikiConfig = pkgs.writeText "LocalSettings.php"
''
<?php
@ -89,15 +79,14 @@ let
sha256 = "1d8afbdh3lsg54b69mnh6a47psb3lg978xpp277qs08yz15cjf7q";
};
skinTarball = if config.defaultSkin == "clean" then src_clean_skin
else if config.defaultSkin == "nixos" then src_nixos_skin
else "";
skins = config.skins;
buildPhase = "
if [ '${skinTarball}' ]; then
tar xfz ${skinTarball} -C skins/;
fi
";
buildPhase =
''
for skin in $skins; do
cp -prvd $skin/* skins/
done
''; # */
installPhase =
''
@ -259,6 +248,16 @@ in
description = "Set this value to change the default skin used by MediaWiki.";
};
skins = mkOption {
default = [];
type = types.listOf types.path;
description =
''
List of paths whose content is copied to the skins
subdirectory of the MediaWiki installation.
'';
};
extraConfig = mkOption {
default = "";
example =

2
modules/services/x11/display-managers/kdm.nix
View File

@ -106,7 +106,7 @@ in
mkdir -m 0755 -p /var/lib/kdm
chown kdm /var/lib/kdm
${(optionalString (config.system.boot.loader.id == "grub") "PATH=${config.system.build.grub}/sbin:$PATH ") +
"KDEDIRS=/var/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"}
"KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"}
'';
logsXsession = true;
};

25
modules/services/x11/hardware/multitouch.nix
View File

@ -2,6 +2,8 @@
with pkgs.lib;
let cfg = config.services.xserver.multitouch; in
{
options = {
@ -14,11 +16,25 @@ with pkgs.lib;
description = "Whether to enable multitouch touchpad support.";
};
invertScroll = mkOption {
default = false;
example = true;
type = types.bool;
description = "Whether to invert scrolling direction à la OSX Lion";
};
ignorePalm = mkOption {
default = false;
example = true;
type = types.bool;
description = "Whether to ignore touches detected as being the palm (i.e when typing)";
};
};
};
config = mkIf config.services.xserver.multitouch.enable {
config = mkIf cfg.enable {
services.xserver.modules = [ pkgs.xf86_input_mtrack ];
@ -29,6 +45,13 @@ with pkgs.lib;
MatchIsTouchpad "on"
Identifier "Touchpads"
Driver "mtrack"
Option "IgnorePalm" "${if cfg.ignorePalm then "true" else "false"}"
${optionalString cfg.invertScroll ''
Option "ScrollUpButton" "5"
Option "ScrollDownButton" "4"
Option "ScrollLeftButton" "7"
Option "ScrollRightButton" "6"
''}
EndSection
'';

5
modules/services/x11/window-managers/i3.nix
View File

@ -16,9 +16,9 @@ in
};
};
config = {
config = mkIf cfg.enable {
services.xserver.windowManager = {
session = mkIf cfg.enable [{
session = [{
name = "i3";
start = "
${pkgs.i3}/bin/i3 &
@ -26,5 +26,6 @@ in
";
}];
};
environment.x11Packages = [ pkgs.i3 ];
};
}

2
modules/services/x11/xfs.conf
View File

@ -12,4 +12,4 @@ default-resolutions = 75,75,100,100
cache-hi-mark = 2048
cache-low-mark = 1433
cache-balance = 70
catalogue = /var/run/current-system/sw/share/X11-fonts/
catalogue = /run/current-system/sw/share/X11-fonts/

14
modules/services/x11/xserver.nix
View File

@ -405,21 +405,21 @@ in
preStart =
''
rm -f /var/run/opengl-driver
rm -f /var/run/opengl-driver-32
rm -f /run/opengl-driver
rm -f /run/opengl-driver-32
${# !!! The OpenGL driver depends on what's detected at runtime.
if elem "nvidia" driverNames then
''
ln -sf ${kernelPackages.nvidia_x11} /var/run/opengl-driver
ln -sf ${kernelPackages.nvidia_x11} /run/opengl-driver
${optionalString (pkgs.stdenv.system == "x86_64-linux" && cfg.driSupport32Bit)
"ln -sf ${pkgs_i686.linuxPackages.nvidia_x11.override { libsOnly = true; kernel = null; } } /var/run/opengl-driver-32"}
"ln -sf ${pkgs_i686.linuxPackages.nvidia_x11.override { libsOnly = true; kernel = null; } } /run/opengl-driver-32"}
''
else if elem "nvidiaLegacy96" driverNames then
"ln -sf ${kernelPackages.nvidia_x11_legacy96} /var/run/opengl-driver"
"ln -sf ${kernelPackages.nvidia_x11_legacy96} /run/opengl-driver"
else if elem "nvidiaLegacy173" driverNames then
"ln -sf ${kernelPackages.nvidia_x11_legacy173} /var/run/opengl-driver"
"ln -sf ${kernelPackages.nvidia_x11_legacy173} /run/opengl-driver"
else if cfg.driSupport then
"ln -sf ${pkgs.mesa} /var/run/opengl-driver"
"ln -sf ${pkgs.mesa} /run/opengl-driver"
else ""
}

6
modules/system/activation/activation-script.nix
View File

@ -74,12 +74,12 @@ in
# Make this configuration the current configuration.
# The readlink is there to ensure that when $systemConfig = /system
# (which is a symlink to the store), /var/run/current-system is still
# (which is a symlink to the store), /run/current-system is still
# used as a garbage collection root.
ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system
ln -sfn "$(readlink -f "$systemConfig")" /run/current-system
# Prevent the current configuration from being garbage-collected.
ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system
ln -sfn /run/current-system /nix/var/nix/gcroots/current-system
'';
};

2
modules/system/activation/switch-to-configuration.sh
View File

@ -59,7 +59,7 @@ fi
# Activate the new configuration.
if [ "$action" != switch -a "$action" != test ]; then exit 0; fi
oldVersion=$(cat /var/run/current-system/upstart-interface-version 2> /dev/null || echo 0)
oldVersion=$(cat /run/current-system/upstart-interface-version 2> /dev/null || echo 0)
newVersion=$(cat @out@/upstart-interface-version 2> /dev/null || echo 0)
if test "$oldVersion" -ne "$newVersion"; then

2
modules/system/boot/modprobe.nix
View File

@ -23,7 +23,7 @@ with pkgs.lib;
# modules in the current configuration don't match the
# running kernel.
if [ ! -d "$MODULE_DIR/$(${pkgs.coreutils}/bin/uname -r)" ]; then
MODULE_DIR=/var/run/booted-system/kernel-modules/lib/modules/
MODULE_DIR=/run/booted-system/kernel-modules/lib/modules/
fi
exec ${pkgs.kmod}/sbin/modprobe "$@"

8
modules/system/boot/stage-2-init.sh
View File

@ -143,12 +143,12 @@ $systemConfig/activate
# Record the boot configuration.
ln -sfn "$systemConfig" /var/run/booted-system
ln -sfn "$systemConfig" /run/booted-system
# Prevent the booted system form being garbage-collected If it weren't
# a gcroot, if we were running a different kernel, switched system,
# and garbage collected all, we could not load kernel modules anymore.
ln -sfn /var/run/booted-system /nix/var/nix/gcroots/booted-system
ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system
# Run any user-specified commands.
@ -177,6 +177,6 @@ fi
# Start systemd.
echo "starting systemd..."
PATH=/var/run/current-system/systemd/lib/systemd \
MODULE_DIR=/var/run/current-system/kernel-modules/lib/modules \
PATH=/run/current-system/systemd/lib/systemd \
MODULE_DIR=/run/current-system/kernel-modules/lib/modules \
exec systemd --log-target journal # --log-level debug --crash-shell

162
modules/system/upstart-events/shutdown.nix Normal file
View File

@ -0,0 +1,162 @@
{ config, pkgs, ... }:
with pkgs.lib;
{
jobs.shutdown =
{ name = "shutdown";
task = true;
stopOn = ""; # must override the default ("starting shutdown")
environment = { MODE = "poweroff"; };
extraConfig = "console owner";
script =
''
set +e # continue in case of errors
${pkgs.kbd}/bin/chvt 1
exec < /dev/console > /dev/console 2>&1
echo ""
if test "$MODE" = maintenance; then
echo "<<< Entering maintenance mode >>>"
else
echo "<<< System shutdown >>>"
fi
echo ""
${config.powerManagement.powerDownCommands}
export PATH=${pkgs.utillinux}/bin:${pkgs.utillinux}/sbin:$PATH
# Do an initial sync just in case.
sync
# Kill all remaining processes except init, this one and any
# Upstart jobs that don't stop on the "starting shutdown"
# event, as these are necessary to complete the shutdown.
omittedPids=$(initctl list | sed -e 's/.*process \([0-9]\+\)/-o \1/;t;d')
#echo "saved PIDs: $omittedPids"
echo "sending the TERM signal to all processes..."
${pkgs.sysvtools}/bin/killall5 -15 $job $omittedPids
sleep 1 # wait briefly
echo "sending the KILL signal to all processes..."
${pkgs.sysvtools}/bin/killall5 -9 $job $omittedPids
# If maintenance mode is requested, start a root shell, and
# afterwards emit the "startup" event to bring everything
# back up.
if test "$MODE" = maintenance; then
echo ""
echo "<<< Maintenance shell >>>"
echo ""
${pkgs.shadow}/bin/login root
initctl emit -n startup
exit 0
fi
# Write a shutdown record to wtmp while /var/log is still writable.
reboot --wtmp-only
# Set the hardware clock to the system time.
echo "setting the hardware clock..."
hwclock --systohc ${if config.time.hardwareClockInLocalTime then "--localtime" else "--utc"}
# Stop all swap devices.
swapoff -a
# Unmount file systems. We repeat this until no more file systems
# can be unmounted. This is to handle loopback devices, file
# systems mounted on other file systems and so on.
tryAgain=1
while test -n "$tryAgain"; do
tryAgain=
failed= # list of mount points that couldn't be unmounted/remounted
# Get rid of loopback devices.
loDevices=$(losetup -a | sed 's#^\(/dev/loop[0-9]\+\).*#\1#')
if [ -n "$loDevices" ]; then
echo "removing loopback devices $loDevices..."
losetup -d $loDevices
fi
cp /proc/mounts /dev/.mounts # don't read /proc/mounts while it's changing
exec 4< /dev/.mounts
while read -u 4 device mp fstype options rest; do
# Skip various special filesystems. Non-existent
# mount points are typically tmpfs/aufs mounts from
# the initrd.
if [ "$mp" = /proc -o "$mp" = /sys -o "$mp" = /dev -o "$device" = "rootfs" -o "$mp" = /run -o "$mp" = /var/run -o "$mp" = /var/lock -o ! -e "$mp" ]; then continue; fi
echo "unmounting $mp..."
# We need to remount,ro before attempting any
# umount, or bind mounts may get confused, with
# the fs not being properly flushed at the end.
# `-i' is to workaround a bug in mount.cifs (it
# doesn't recognise the `remount' option, and
# instead mounts the FS again).
success=
if mount -t "$fstype" -n -i -o remount,ro "device" "$mp"; then success=1; fi
# Note: don't use `umount -f'; it's very buggy.
# (For instance, when applied to a bind-mount it
# unmounts the target of the bind-mount.) !!! But
# we should use `-f' for NFS.
if [ "$mp" != / -a "$mp" != /nix -a "$mp" != /nix/store ]; then
if umount -n "$mp"; then success=1; tryAgain=1; fi
fi
if [ -z "$success" ]; then failed="$failed $mp"; fi
done
done
# Warn about filesystems that could not be unmounted or
# remounted read-only.
if [ -n "$failed" ]; then
echo "warning: the following filesystems could not be unmounted:"
for mp in $failed; do echo " $mp"; done
echo Enter 'i' to launch a shell, or wait 10 seconds to continue.
read -t 10 A
if [ "$A" == "i" ]; then
${pkgs.bashInteractive}/bin/bash -i < /dev/console &> /dev/console
fi
sleep 5
fi
# Final sync.
sync
# Either reboot or power-off the system.
if test "$MODE" = reboot; then
echo "rebooting..."
sleep 1
exec reboot -f
else
echo "powering off..."
sleep 1
exec halt -f -p
fi
'';
};
}

2
modules/tasks/kbd.nix
View File

@ -67,7 +67,7 @@ in
script = ''
export LANG=${defaultLocale}
export LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive
export LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive
export PATH=${pkgs.gzip}/bin:$PATH # Needed by setfont
set +e # continue in case of errors