From 61b8ee90291845621238f14f9ef1d6f13cbdc067 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Fri, 29 Jun 2012 11:52:58 +0200 Subject: [PATCH 01/31] modules/services/networking/wpa_supplicant.nix: document that interface auto-detection doesn't work on Linux 3.4.x --- modules/services/networking/wpa_supplicant.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/modules/services/networking/wpa_supplicant.nix b/modules/services/networking/wpa_supplicant.nix index fe4fecaf0ba..32d4e49557d 100644 --- a/modules/services/networking/wpa_supplicant.nix +++ b/modules/services/networking/wpa_supplicant.nix @@ -44,7 +44,9 @@ in example = [ "wlan0" "wlan1" ]; description = '' The interfaces wpa_supplicant will use. If empty, it will - automatically use all wireless interfaces. + automatically use all wireless interfaces. (Note that auto-detection is currently + broken on Linux 3.4.x kernels. See http://github.com/NixOS/nixos/issues/10 for + further details.) ''; }; From f22dbd5e050d53a8ca9db1e9f7ef8a911bdb2040 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Fri, 29 Jun 2012 11:53:08 +0200 Subject: [PATCH 02/31] modules/services/networking/wpa_supplicant.nix: strip trailing whitespace --- modules/services/networking/wpa_supplicant.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/modules/services/networking/wpa_supplicant.nix b/modules/services/networking/wpa_supplicant.nix index 32d4e49557d..5dc203fd177 100644 --- a/modules/services/networking/wpa_supplicant.nix +++ b/modules/services/networking/wpa_supplicant.nix @@ -18,7 +18,7 @@ in ###### interface options = { - + networking.WLANInterface = mkOption { default = ""; description = "Obsolete. Use instead."; @@ -82,14 +82,14 @@ in ###### implementation - + config = mkIf cfg.enable { environment.systemPackages = [ pkgs.wpa_supplicant ]; services.dbus.packages = [ pkgs.wpa_supplicant ]; - jobs.wpa_supplicant = + jobs.wpa_supplicant = { startOn = "started network-interfaces"; stopOn = "stopping network-interfaces"; @@ -119,13 +119,13 @@ in exec wpa_supplicant -s -u ${optionalString (cfg.driver != "") "-D${cfg.driver}"} -c ${configFile} $ifaces ''; }; - + powerManagement.resumeCommands = '' ${config.system.build.upstart}/sbin/restart wpa_supplicant ''; - assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != []; + assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != []; message = "user controlled wpa_supplicant needs explicit networking.wireless.interfaces";}]; }; From 56373744b4d87dce28feb2c05ea2532631b4c44a Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Mon, 2 Jul 2012 15:01:02 +0200 Subject: [PATCH 03/31] modules/config/networking.nix: recognize whether a local DNS resolver is available resolvconf prefers a locally running BIND resolver over the forwarders; we just have to tell it whether we have one or not. We use 'config.services.bind.enable' to make that decision, assuming that people are not going to configure a local BIND that won't respond to queries on 127.0.0.1. If we run into such a (weird) case, then we'll need to introduce another variable for that purpose which can be set independently from 'config.services.bind.enable'. --- modules/config/networking.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/config/networking.nix b/modules/config/networking.nix index 5065fc22f2c..2b4be69cc51 100644 --- a/modules/config/networking.nix +++ b/modules/config/networking.nix @@ -68,6 +68,9 @@ in # Invalidate the nscd cache whenever resolv.conf is # regenerated. libc_restart='${pkgs.upstart}/sbin/start invalidate-nscd' + '' + optionalString config.services.bind.enable '' + # This hosts runs a full-blown DNS resolver. + name_servers='127.0.0.1' '' ); target = "resolvconf.conf"; } From 348691645d24df7687da675d33f17d5ce8267916 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 2 Jul 2012 10:57:36 -0400 Subject: [PATCH 04/31] Remove broken "nopipefail" option http://hydra.nixos.org/build/2751337 --- modules/installer/tools/nixos-rebuild.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/installer/tools/nixos-rebuild.sh b/modules/installer/tools/nixos-rebuild.sh index 22aa847e192..72661cf4773 100644 --- a/modules/installer/tools/nixos-rebuild.sh +++ b/modules/installer/tools/nixos-rebuild.sh @@ -128,8 +128,7 @@ if [ -n "$pullManifest" -o "$action" = pull ]; then set -o pipefail manifests=$(nix-instantiate --eval-only --xml --strict '' -A manifests \ | grep ' Date: Mon, 2 Jul 2012 08:11:55 +0200 Subject: [PATCH 05/31] EFI shell got updated upstream, reflecting new hash --- modules/installer/cd-dvd/iso-image.nix | 4 ++-- modules/installer/efi-boot-stub/efi-boot-stub.nix | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/installer/cd-dvd/iso-image.nix b/modules/installer/cd-dvd/iso-image.nix index cf76151c2ae..99628b33bab 100644 --- a/modules/installer/cd-dvd/iso-image.nix +++ b/modules/installer/cd-dvd/iso-image.nix @@ -122,12 +122,12 @@ let efiShell = if pkgs.stdenv.isi686 then pkgs.fetchurl { url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/Ia32/Shell_Full.efi"; - sha256 = "0ymm3mbbwx9f6cq0bp2nr7ikyagxgsg4sjs5q1s4xbnms27slwjq"; + sha256 = "1gv6kyaspczdp7x8qnx5x76ilriaygkfs99ay7ihhdi6riclkhfl"; } else pkgs.fetchurl { url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/X64/Shell_Full.efi"; - sha256 = "1xchy8a05mgqzr82mmahdni0jbxsz6xf6vm2bg1bch9i6l72qgmh"; + sha256 = "1g18z84rlavxr5gsrh2g942rfr6znv9fs3fqww5m7dhmnysgyv8p"; }; # The efi boot image diff --git a/modules/installer/efi-boot-stub/efi-boot-stub.nix b/modules/installer/efi-boot-stub/efi-boot-stub.nix index c12078e2a91..1ca3cb0001e 100644 --- a/modules/installer/efi-boot-stub/efi-boot-stub.nix +++ b/modules/installer/efi-boot-stub/efi-boot-stub.nix @@ -90,12 +90,12 @@ let if pkgs.stdenv.isi686 then pkgs.fetchurl { url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/Ia32/Shell_Full.efi"; - sha256 = "0ymm3mbbwx9f6cq0bp2nr7ikyagxgsg4sjs5q1s4xbnms27slwjq"; + sha256 = "1gv6kyaspczdp7x8qnx5x76ilriaygkfs99ay7ihhdi6riclkhfl"; } else pkgs.fetchurl { url = "https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2/EdkShellBinPkg/FullShell/X64/Shell_Full.efi"; - sha256 = "1xchy8a05mgqzr82mmahdni0jbxsz6xf6vm2bg1bch9i6l72qgmh"; + sha256 = "1g18z84rlavxr5gsrh2g942rfr6znv9fs3fqww5m7dhmnysgyv8p"; } else null; From 46dce21bffdca9167fed9731f8cde75ee4531ac4 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Thu, 5 Jul 2012 21:02:54 +0200 Subject: [PATCH 06/31] MediaWiki: Generalise the skins support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The new option ‘skins’ allows specifying a list of directories providing skins to be added to the MediaWiki installation. The ‘defaultSkin’ option just sets the default. --- .../web-servers/apache-httpd/mediawiki.nix | 35 +++++++++---------- 1 file changed, 17 insertions(+), 18 deletions(-) diff --git a/modules/services/web-servers/apache-httpd/mediawiki.nix b/modules/services/web-servers/apache-httpd/mediawiki.nix index d45d477b671..9f321b173d3 100644 --- a/modules/services/web-servers/apache-httpd/mediawiki.nix +++ b/modules/services/web-servers/apache-httpd/mediawiki.nix @@ -4,16 +4,6 @@ with pkgs.lib; let - src_clean_skin = pkgs.fetchurl { - url = "http://lastlog.de/misc/clean-1.01.tar.gz"; - sha256 = "5fb1736b64b33ca3429d035f1358cf8217da2d02019d8a80b14c7985367f659f"; - }; - - src_nixos_skin = pkgs.fetchurl { - url = "http://lastlog.de/misc/nixos-1.0.tar.gz"; - sha256 = "413b0f451bde81ac2dd0bede17dd088f9abcd0f3cea1722279311ca648a855cf"; - }; - mediawikiConfig = pkgs.writeText "LocalSettings.php" '' Date: Fri, 6 Jul 2012 13:47:42 -0400 Subject: [PATCH 07/31] Apache: don't fork into the background due to Upstart weirdness If Apache crashes during startup, Upstart for some reason shows the job in the "start/running" state. As a workaround, don't fork. --- modules/services/web-servers/apache-httpd/default.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index ce3311a5f59..c47df868b88 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -593,9 +593,7 @@ in done ''; - daemonType = "fork"; - - exec = "httpd -f ${httpdConf}"; + exec = "httpd -f ${httpdConf} -DNO_DETACH"; preStop = '' From 18031e41bbcee75f05e0200b2a04c8ab4a098888 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jul 2012 14:23:55 -0400 Subject: [PATCH 08/31] Apache: Add an option to set the MPM Supported values are "prefork" (default), "worker" and "event" (experimental in Apache 2.2 but not 2.4). --- .../web-servers/apache-httpd/default.nix | 27 +++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index c47df868b88..828b2bc4c1f 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -6,7 +6,7 @@ let mainCfg = config.services.httpd; - httpd = pkgs.apacheHttpd; + httpd = pkgs.apacheHttpd.override { mpm = mainCfg.multiProcessingModule; }; getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80; @@ -105,10 +105,11 @@ let # Other modules. "ext_filter" "include" "log_config" "env" "mime_magic" "cern_meta" "expires" "headers" "usertrack" /* "unique_id" */ "setenvif" - "mime" "dav" "status" "autoindex" "asis" "info" "cgi" "dav_fs" + "mime" "dav" "status" "autoindex" "asis" "info" "dav_fs" "vhost_alias" "negotiation" "dir" "imagemap" "actions" "speling" "userdir" "alias" "rewrite" "proxy" "proxy_http" ] + ++ (if mainCfg.multiProcessingModule == "prefork" then [ "cgi" ] else [ "cgid" ]) ++ optional enableSSL "ssl" ++ extraApacheModules; @@ -283,6 +284,11 @@ let PidFile ${mainCfg.stateDir}/httpd.pid + ${optionalString (mainCfg.multiProcessingModule != "prefork") '' + # mod_cgid requires this. + ScriptSock ${mainCfg.stateDir}/cgisock + ''} + MaxClients ${toString mainCfg.maxClients} MaxRequestsPerChild ${toString mainCfg.maxRequestsPerChild} @@ -484,6 +490,23 @@ in "Options appended to the PHP configuration file php.ini."; }; + multiProcessingModule = mkOption { + default = "prefork"; + example = "worker"; + type = types.uniq types.string; + description = + '' + Multi-processing module to be used by Apache. Available + modules are prefork (the default; + handles each request in a separate child process), + worker (hybrid approach that starts a + number of child processes each running a number of + threads) and event (a recent variant of + worker that handles persistent + connections more efficiently). + ''; + }; + maxClients = mkOption { default = 150; example = 8; From d0c9a3ce3211a53f61bb22092784ea066b3aa308 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 6 Jul 2012 23:28:46 +0200 Subject: [PATCH 09/31] Apache: build PHP against the right httpd If httpd is built with a threaded MPM, then PHP needs to be built with thread support as well. --- modules/services/web-servers/apache-httpd/default.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index 828b2bc4c1f..04418d97b10 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -8,6 +8,8 @@ let httpd = pkgs.apacheHttpd.override { mpm = mainCfg.multiProcessingModule; }; + php = pkgs.php.override { apacheHttpd = httpd; }; + getPort = cfg: if cfg.port != 0 then cfg.port else if cfg.enableSSL then 443 else 80; extraModules = attrByPath ["extraModules"] [] mainCfg; @@ -308,7 +310,7 @@ let allModules = concatMap (svc: svc.extraModulesPre) allSubservices ++ map (name: {inherit name; path = "${httpd}/modules/mod_${name}.so";}) apacheModules - ++ optional enablePHP { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } + ++ optional enablePHP { name = "php5"; path = "${php}/modules/libphp5.so"; } ++ concatMap (svc: svc.extraModules) allSubservices ++ extraForeignModules; in concatMapStrings load allModules @@ -379,7 +381,7 @@ let ([ mainCfg.phpOptions ] ++ (map (svc: svc.phpOptions) allSubservices)); } '' - cat ${pkgs.php}/etc/php-recommended.ini > $out + cat ${php}/etc/php-recommended.ini > $out echo "$options" >> $out ''; @@ -410,7 +412,7 @@ in extraModules = mkOption { default = []; - example = [ "proxy_connect" { name = "php5"; path = "${pkgs.php}/modules/libphp5.so"; } ]; + example = [ "proxy_connect" { name = "php5"; path = "${php}/modules/libphp5.so"; } ]; description = '' Specifies additional Apache modules. These can be specified as a string in the case of modules distributed with Apache, From fbf9ecf78a68785a682d05bf2a4851b6427ce11a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 9 Jul 2012 16:27:39 +0200 Subject: [PATCH 10/31] Apache: make /var/run/httpd readable to wwwrun, as required by mod_cgid --- modules/services/web-servers/apache-httpd/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/services/web-servers/apache-httpd/default.nix b/modules/services/web-servers/apache-httpd/default.nix index 04418d97b10..ba02c6ead43 100644 --- a/modules/services/web-servers/apache-httpd/default.nix +++ b/modules/services/web-servers/apache-httpd/default.nix @@ -594,7 +594,8 @@ in preStart = '' - mkdir -m 0700 -p ${mainCfg.stateDir} + mkdir -m 0750 -p ${mainCfg.stateDir} + chown root.wwwrun ${mainCfg.stateDir} mkdir -m 0700 -p ${mainCfg.logDir} ${optionalString (mainCfg.documentRoot != null) From b7398794ed7805002e57bb37d59bdcb777d623c9 Mon Sep 17 00:00:00 2001 From: Rok Garbas Date: Tue, 10 Jul 2012 16:07:53 +0200 Subject: [PATCH 11/31] i3 window manager was not installed when enabled --- modules/services/x11/window-managers/i3.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/services/x11/window-managers/i3.nix b/modules/services/x11/window-managers/i3.nix index 7699d064eef..705a2762ea6 100644 --- a/modules/services/x11/window-managers/i3.nix +++ b/modules/services/x11/window-managers/i3.nix @@ -26,5 +26,6 @@ in "; }]; }; + environment.x11Packages = [ pkgs.i3 ]; }; } From 3039caf5ad3657ffd8bc84929ffc9eca44d18292 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Wed, 11 Jul 2012 11:22:16 -0400 Subject: [PATCH 12/31] Add logstash module. Since the logstash config file seemed very similar to a nixexpr, I decided to map directly from nixexprs to logstash configs. I didn't realize until too far in that this solution was probably way over-engineered, but it works. --- modules/module-list.nix | 1 + modules/services/logging/logstash.nix | 152 ++++++++++++++++++++++++++ 2 files changed, 153 insertions(+) create mode 100644 modules/services/logging/logstash.nix diff --git a/modules/module-list.nix b/modules/module-list.nix index ee326205973..0a6507cd5e6 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -83,6 +83,7 @@ ./services/hardware/upower.nix ./services/logging/klogd.nix ./services/logging/logrotate.nix + ./services/logging/logstash.nix ./services/logging/syslogd.nix ./services/mail/dovecot.nix ./services/mail/dovecot2.nix diff --git a/modules/services/logging/logstash.nix b/modules/services/logging/logstash.nix new file mode 100644 index 00000000000..f8b0d353cad --- /dev/null +++ b/modules/services/logging/logstash.nix @@ -0,0 +1,152 @@ +{ config, pkgs, ... }: + +with pkgs.lib; + +let + + cfg = config.services.logstash; + + listToConfig = list: "[ " + (concatStringsSep ", " (map exprToConfig list)) + " ]"; + + hashToConfig = attrs: + let + attrNameToConfigList = name: + [ (exprToConfig name) (exprToConfig (getAttr name attrs)) ]; + in + "[ " + + (concatStringsSep ", " (map attrNameToConfigList (attrNames attrs))) + + " ]"; + + valueToConfig = name: value: + if (isAttrs value) && ((!(value ? __type)) || value.__type == "repeated") + then '' + ${name} { + ${exprToConfig value} + } + '' + else "${name} => ${exprToConfig value}"; + + repeatedAttrsToConfig = names: values: + concatStringsSep "\n" (zipListsWith valueToConfig names values); + + attrsToConfig = attrs: + let + attrToConfig = name: valueToConfig name (getAttr name attrs); + in + concatStringsSep "\n" (map attrToConfig (attrNames attrs)); + + exprToConfig = expr: + let + isCustomType = expr: (isAttrs expr) && (expr ? __type); + + isFloat = expr: (isCustomType expr) && (expr.__type == "float"); + + isHash = expr: (isCustomType expr) && (expr.__type == "hash"); + + isRepeatedAttrs = expr: (isCustomType expr) && (expr.__type == "repeated"); + in + if builtins.isBool expr then (if expr then "true" else "false") else + if builtins.isString expr then ''"${expr}"'' else + if builtins.isInt expr then toString expr else + if isFloat expr then expr.value else + if isList expr then listToConfig expr else + if isHash expr then hashToConfig expr.value else + if isRepeatedAttrs expr then repeatedAttrsToConfig expr.names expr.values + else attrsToConfig expr; + + mergeConfigs = configs: + let + op = attrs: newAttrs: + let + isRepeated = newAttrs ? __type && newAttrs.__type == "repeated"; + in { + names = attrs.names ++ + (if isRepeated then newAttrs.names else attrNames newAttrs); + + values = attrs.values ++ + (if isRepeated then newAttrs.values else attrValues newAttrs); + }; + in (foldl op { names = []; values = []; } configs) // + { __type = "repeated"; }; + +in + +{ + ###### interface + + options = { + services.logstash = { + enable = mkOption { + default = false; + description = '' + Enable logstash. + ''; + }; + + inputConfig = mkOption { + default = {}; + description = '' + An attr set representing a logstash configuration's input section. + logstash configs are name-value pairs, where values can be bools, + strings, numbers, arrays, hashes, or other name-value pairs, + and names are strings that can be repeated. name-value pairs with no + repeats are represented by attr sets. name-value pairs with repeats + are represented by an attrset with attr "__type" = "repeated" and + attrs "names" and "values" as matching lists pairing name and value. + bools, strings, ints, and arrays are mapped directly. Floats are + represented as an attrset with attr "__type" = "float" and attr value + set to the string representation of the float. Hashes are represented + with attr "__type" = "hash" and attr value set to an attr set + corresponding to the hash. + ''; + merge = mergeConfigs; + }; + + filterConfig = mkOption { + default = {}; + description = '' + An attr set representing a logstash configuration's filter section. + See inputConfig description for details. + ''; + merge = mergeConfigs; + }; + + outputConfig = mkOption { + default = {}; + description = '' + An attr set representing a logstash configuration's output section. + See inputConfig description for details. + ''; + merge = mergeConfigs; + }; + }; + }; + + + ###### implementation + + config = mkIf cfg.enable { + # Always log to stdout + services.logstash.outputConfig = { stdout = {}; }; + + jobs.logstash = with pkgs; { + description = "Logstash daemon"; + + path = [ jre ]; + + exec = "java -jar ${logstash} agent -f ${writeText "logstash.conf" '' + input { + ${exprToConfig cfg.inputConfig} + } + + filter { + ${exprToConfig cfg.filterConfig} + } + + output { + ${exprToConfig cfg.outputConfig} + } + ''}"; + }; + }; +} From 315087def17d0aba7d4cca976ef2e5bf80f098cb Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Wed, 11 Jul 2012 11:59:00 -0400 Subject: [PATCH 13/31] logstash: use {name=; value='} attrsets for repeated name-value pairs instead of parallel lists --- modules/services/logging/logstash.nix | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/modules/services/logging/logstash.nix b/modules/services/logging/logstash.nix index f8b0d353cad..2130ddcd2b9 100644 --- a/modules/services/logging/logstash.nix +++ b/modules/services/logging/logstash.nix @@ -17,7 +17,7 @@ let (concatStringsSep ", " (map attrNameToConfigList (attrNames attrs))) + " ]"; - valueToConfig = name: value: + valueToConfig = nvpair: let name = nvpair.name; value = nvpair.value; in if (isAttrs value) && ((!(value ? __type)) || value.__type == "repeated") then '' ${name} { @@ -26,12 +26,15 @@ let '' else "${name} => ${exprToConfig value}"; - repeatedAttrsToConfig = names: values: - concatStringsSep "\n" (zipListsWith valueToConfig names values); + repeatedAttrsToConfig = values: + concatStringsSep "\n" (map valueToConfig values); attrsToConfig = attrs: let - attrToConfig = name: valueToConfig name (getAttr name attrs); + attrToConfig = name: valueToConfig { + inherit name; + value = (getAttr name attrs); + }; in concatStringsSep "\n" (map attrToConfig (attrNames attrs)); @@ -51,7 +54,7 @@ let if isFloat expr then expr.value else if isList expr then listToConfig expr else if isHash expr then hashToConfig expr.value else - if isRepeatedAttrs expr then repeatedAttrsToConfig expr.names expr.values + if isRepeatedAttrs expr then repeatedAttrsToConfig expr.values else attrsToConfig expr; mergeConfigs = configs: @@ -60,14 +63,11 @@ let let isRepeated = newAttrs ? __type && newAttrs.__type == "repeated"; in { - names = attrs.names ++ - (if isRepeated then newAttrs.names else attrNames newAttrs); - - values = attrs.values ++ - (if isRepeated then newAttrs.values else attrValues newAttrs); + values = attrs.values ++ (if isRepeated then newAttrs.values else + map (name: { inherit name; value = getAttr name newAttrs; }) + (attrNames newAttrs)); }; - in (foldl op { names = []; values = []; } configs) // - { __type = "repeated"; }; + in (foldl op { values = []; } configs) // { __type = "repeated"; }; in @@ -92,7 +92,7 @@ in and names are strings that can be repeated. name-value pairs with no repeats are represented by attr sets. name-value pairs with repeats are represented by an attrset with attr "__type" = "repeated" and - attrs "names" and "values" as matching lists pairing name and value. + attr "values" as a list of {name; value;} attrsets. bools, strings, ints, and arrays are mapped directly. Floats are represented as an attrset with attr "__type" = "float" and attr value set to the string representation of the float. Hashes are represented From 5412b1089ffa88788c15358020921033f12d0a0c Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Wed, 11 Jul 2012 13:45:36 -0400 Subject: [PATCH 14/31] logstash: Start process in /tmp See https://logstash.jira.com/browse/LOGSTASH-107 --- modules/services/logging/logstash.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/logging/logstash.nix b/modules/services/logging/logstash.nix index 2130ddcd2b9..9387a731db9 100644 --- a/modules/services/logging/logstash.nix +++ b/modules/services/logging/logstash.nix @@ -134,7 +134,7 @@ in path = [ jre ]; - exec = "java -jar ${logstash} agent -f ${writeText "logstash.conf" '' + script = "cd /tmp && exec java -jar ${logstash} agent -f ${writeText "logstash.conf" '' input { ${exprToConfig cfg.inputConfig} } From 008493f94ca7d4639e2e3305adb51ca765f54c7a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carles=20Pag=C3=A8s?= Date: Mon, 2 Jul 2012 21:34:27 +0200 Subject: [PATCH 15/31] Add option to keep hardware clock in local time. --- modules/config/timezone.nix | 18 ++++++++++++------ modules/system/upstart-events/shutdown.nix | 2 +- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/modules/config/timezone.nix b/modules/config/timezone.nix index 5dcf38c462d..bb03074a4ae 100644 --- a/modules/config/timezone.nix +++ b/modules/config/timezone.nix @@ -5,13 +5,19 @@ with pkgs.lib; { options = { - time.timeZone = mkOption { - default = "CET"; - type = with types; uniq string; - example = "America/New_York"; - description = "The time zone used when displaying times and dates."; - }; + time = { + timeZone = mkOption { + default = "CET"; + type = with types; uniq string; + example = "America/New_York"; + description = "The time zone used when displaying times and dates."; + }; + clockLocal = mkOption { + default = false; + description = "Keep the Hardware Clock in local time instead of UTC"; + }; + }; }; config = { diff --git a/modules/system/upstart-events/shutdown.nix b/modules/system/upstart-events/shutdown.nix index 8aa794378ed..bfe8d073a82 100644 --- a/modules/system/upstart-events/shutdown.nix +++ b/modules/system/upstart-events/shutdown.nix @@ -73,7 +73,7 @@ with pkgs.lib; # Set the hardware clock to the system time. echo "setting the hardware clock..." - hwclock --systohc --utc + hwclock --systohc ${if config.time.clockLocal then "--localtime" else "--utc"} # Stop all swap devices. From 7de6a7e8b04fd9c889a19acedaf92c3e58e652f0 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Wed, 11 Jul 2012 15:33:34 -0400 Subject: [PATCH 16/31] Rename time.clockLocal -> time.hardwareClockInLocalTime. --- modules/config/timezone.nix | 6 ++++-- modules/system/upstart-events/shutdown.nix | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/modules/config/timezone.nix b/modules/config/timezone.nix index bb03074a4ae..38c698bc21c 100644 --- a/modules/config/timezone.nix +++ b/modules/config/timezone.nix @@ -6,6 +6,7 @@ with pkgs.lib; options = { time = { + timeZone = mkOption { default = "CET"; type = with types; uniq string; @@ -13,10 +14,11 @@ with pkgs.lib; description = "The time zone used when displaying times and dates."; }; - clockLocal = mkOption { + hardwareClockInLocalTime = mkOption { default = false; - description = "Keep the Hardware Clock in local time instead of UTC"; + description = "If set, keep the hardware clock in local time instead of UTC."; }; + }; }; diff --git a/modules/system/upstart-events/shutdown.nix b/modules/system/upstart-events/shutdown.nix index bfe8d073a82..59fbcc0d878 100644 --- a/modules/system/upstart-events/shutdown.nix +++ b/modules/system/upstart-events/shutdown.nix @@ -73,7 +73,7 @@ with pkgs.lib; # Set the hardware clock to the system time. echo "setting the hardware clock..." - hwclock --systohc ${if config.time.clockLocal then "--localtime" else "--utc"} + hwclock --systohc ${if config.time.hardwareClockInLocalTime then "--localtime" else "--utc"} # Stop all swap devices. From 0c12e293689128a84e4234502380f83bddf9699a Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Thu, 12 Jul 2012 11:33:10 +0200 Subject: [PATCH 17/31] Don't add the i3 window manager to the system if it isn't enabled in configuration.nix. --- modules/services/x11/window-managers/i3.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/services/x11/window-managers/i3.nix b/modules/services/x11/window-managers/i3.nix index 705a2762ea6..d688c064c5a 100644 --- a/modules/services/x11/window-managers/i3.nix +++ b/modules/services/x11/window-managers/i3.nix @@ -16,9 +16,9 @@ in }; }; - config = { + config = mkIf cfg.enable { services.xserver.windowManager = { - session = mkIf cfg.enable [{ + session = [{ name = "i3"; start = " ${pkgs.i3}/bin/i3 & From 8712e1dafc8127f912ce06836bd1deb7dab6730d Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Thu, 12 Jul 2012 13:46:04 -0400 Subject: [PATCH 18/31] Add lib module for modules to provide helper functions --- modules/misc/lib.nix | 15 +++++++++++++++ modules/module-list.nix | 1 + 2 files changed, 16 insertions(+) create mode 100644 modules/misc/lib.nix diff --git a/modules/misc/lib.nix b/modules/misc/lib.nix new file mode 100644 index 00000000000..18fc68a6988 --- /dev/null +++ b/modules/misc/lib.nix @@ -0,0 +1,15 @@ +{ config, pkgs, ... }: + +{ + options = { + lib = pkgs.lib.mkOption { + default = {}; + + type = pkgs.lib.types.attrsOf pkgs.lib.types.attrs; + + description = '' + This option allows modules to define helper functions, constants, etc. + ''; + }; + }; +} diff --git a/modules/module-list.nix b/modules/module-list.nix index 0a6507cd5e6..dfc91a765be 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -34,6 +34,7 @@ ./misc/crashdump.nix ./misc/ids.nix ./misc/locate.nix + ./misc/lib.nix ./misc/nixpkgs.nix ./misc/passthru.nix ./misc/version.nix From a2b59f595f085ecaf578108bffb4e11c9a94fe20 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Thu, 12 Jul 2012 14:15:43 -0400 Subject: [PATCH 19/31] logstash: Export config.lib.logstash.mk{Float,Hash,NameValuePairs}. This allows hiding the implementation details for how to represent logstash config types that don't directly map to nix expressions, particularly floats, hashes, and name-value pair sets with repeated names. Instead of setting __type and value directly, the user now uses these convenience functions to generate their logstash config. --- modules/services/logging/logstash.nix | 29 +++++++++++++++++---------- 1 file changed, 18 insertions(+), 11 deletions(-) diff --git a/modules/services/logging/logstash.nix b/modules/services/logging/logstash.nix index 9387a731db9..32e2f17d189 100644 --- a/modules/services/logging/logstash.nix +++ b/modules/services/logging/logstash.nix @@ -86,18 +86,17 @@ in inputConfig = mkOption { default = {}; description = '' - An attr set representing a logstash configuration's input section. + A nixexpr representing a logstash configuration's input section. logstash configs are name-value pairs, where values can be bools, strings, numbers, arrays, hashes, or other name-value pairs, and names are strings that can be repeated. name-value pairs with no - repeats are represented by attr sets. name-value pairs with repeats - are represented by an attrset with attr "__type" = "repeated" and - attr "values" as a list of {name; value;} attrsets. - bools, strings, ints, and arrays are mapped directly. Floats are - represented as an attrset with attr "__type" = "float" and attr value - set to the string representation of the float. Hashes are represented - with attr "__type" = "hash" and attr value set to an attr set - corresponding to the hash. + repeats are represented by attr sets. bools, strings, ints, and + arrays are mapped directly. name-value pairs with repeats can be + generated by the config.lib.logstash.mkNameValuePairs function, which + takes a list of attrsets and combines them while preserving attribute + name duplicates if they occur. Similarly, there are the mkFloat and + mkHash functions, which take a string representation of a float and an + attrset, respectively. ''; merge = mergeConfigs; }; @@ -125,7 +124,15 @@ in ###### implementation - config = mkIf cfg.enable { + config = mkMerge [ { + lib.logstash = { + mkFloat = stringRep: { __type = "float"; value = stringRep; }; + + mkHash = attrs: { __type = "hash"; value = attrs; }; + + mkNameValuePairs = mergeConfigs; + }; + } ( mkIf cfg.enable { # Always log to stdout services.logstash.outputConfig = { stdout = {}; }; @@ -148,5 +155,5 @@ in } ''}"; }; - }; + })]; } From 8544ba285d8323f10914bbff12d97325a4a70068 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Thu, 12 Jul 2012 14:35:06 -0400 Subject: [PATCH 20/31] logstash: Fix sloppy description fields --- modules/services/logging/logstash.nix | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/modules/services/logging/logstash.nix b/modules/services/logging/logstash.nix index 32e2f17d189..bb3b83dd230 100644 --- a/modules/services/logging/logstash.nix +++ b/modules/services/logging/logstash.nix @@ -86,12 +86,13 @@ in inputConfig = mkOption { default = {}; description = '' - A nixexpr representing a logstash configuration's input section. - logstash configs are name-value pairs, where values can be bools, + An attribute set (or an expression generated by mkNameValuePairs) + representing a logstash configuration's input section. + Logstash configs are name-value pairs, where values can be bools, strings, numbers, arrays, hashes, or other name-value pairs, - and names are strings that can be repeated. name-value pairs with no - repeats are represented by attr sets. bools, strings, ints, and - arrays are mapped directly. name-value pairs with repeats can be + and names are strings that can be repeated. Name-value pairs with no + repeats are represented by attr sets. Bools, strings, ints, and + arrays are mapped directly. Name-value pairs with repeats can be generated by the config.lib.logstash.mkNameValuePairs function, which takes a list of attrsets and combines them while preserving attribute name duplicates if they occur. Similarly, there are the mkFloat and @@ -104,7 +105,8 @@ in filterConfig = mkOption { default = {}; description = '' - An attr set representing a logstash configuration's filter section. + An attribute set (or an expression generated by mkNameValuePairs) + representing a logstash configuration's filter section. See inputConfig description for details. ''; merge = mergeConfigs; @@ -113,7 +115,8 @@ in outputConfig = mkOption { default = {}; description = '' - An attr set representing a logstash configuration's output section. + An attribute set (or an expression generated by mkNameValuePairs) + representing a logstash configuration's output section. See inputConfig description for details. ''; merge = mergeConfigs; From 7fca8ceaf8fbb1fdb3e4dd08d40a8192281c3695 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jul 2012 10:41:48 -0400 Subject: [PATCH 21/31] /etc/login.defs: set the mode of new home directories to 700 --- modules/programs/shadow.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/modules/programs/shadow.nix b/modules/programs/shadow.nix index 3a348818a97..869f4f85fb4 100644 --- a/modules/programs/shadow.nix +++ b/modules/programs/shadow.nix @@ -21,6 +21,9 @@ let TTYGROUP tty TTYPERM 0620 + # Ensure privacy for newly created home directories. + UMASK 077 + # Uncomment this to allow non-root users to change their account #information. This should be made configurable. #CHFN_RESTRICT frwh From 7e77dae45866813c9a1c061e6bc7c506d25df6ca Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jul 2012 11:48:47 -0400 Subject: [PATCH 22/31] sshd.nix: Create ~/.ssh/authorized_keys with the right ownership --- modules/services/networking/ssh/sshd.nix | 25 ++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix index 53efc08cfb8..7f1cc24793e 100644 --- a/modules/services/networking/ssh/sshd.nix +++ b/modules/services/networking/ssh/sshd.nix @@ -103,25 +103,34 @@ let local authKeyFiles="$3" local preserveExisting="$4" - eval authfile=~$userName/.ssh/authorized_keys - mkdir -p "$(dirname $authfile)" - touch "$authfile" + eval homeDir=~$userName + if ! [ -d "$homeDir" ]; then + echo "User $userName does not exist" + return + fi + if ! [ -d "$homeDir/.ssh" ]; then + mkdir -v -m 700 "$homeDir/.ssh" + chown "$userName":users "$homeDir/.ssh" + fi + local authKeysFile="$homeDir/.ssh/authorized_keys" + touch "$authKeysFile" if [ "$preserveExisting" == false ]; then - rm -f "$authfile" - echo "${marker2}" > "$authfile" + rm -f "$authKeysFile" + echo "${marker2}" > "$authKeysFile" else - sed -i '/${marker1}/ d' "$authfile" + sed -i '/${marker1}/ d' "$authKeysFile" fi IFS=, for f in $authKeys; do - echo "$f ${marker1}" >> "$authfile" + echo "$f ${marker1}" >> "$authKeysFile" done unset IFS for f in $authKeyFiles; do if [ -f "$f" ]; then - echo "$(cat "$f") ${marker1}" >> "$authfile" + echo "$(cat "$f") ${marker1}" >> "$authKeysFile" fi done + chown "$userName" "$authKeysFile" } ${userLoop} From 57d74e6f4fa13cf1402536efa39250ea9e99a883 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Fri, 13 Jul 2012 17:59:03 -0400 Subject: [PATCH 23/31] openssh.authorizedKeys.keyFiles: allow multiple keys Ugly hack to get around the error "a string that refers to a store path cannot be appended to a path". The underlying problem is that you cannot do "${./file1} ${./file2}" but you can do " ${./file1} ${./file2}" Obviously we should allow the first case as well. --- modules/services/networking/ssh/sshd.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix index 7f1cc24793e..6791a6b3ea8 100644 --- a/modules/services/networking/ssh/sshd.nix +++ b/modules/services/networking/ssh/sshd.nix @@ -90,7 +90,7 @@ let userLoop = flip concatMapStrings usersWithKeys (u: let authKeys = concatStringsSep "," u.openssh.authorizedKeys.keys; - authKeyFiles = concatStringsSep " " u.openssh.authorizedKeys.keyFiles; + authKeyFiles = concatStrings (map (x: " ${x}") u.openssh.authorizedKeys.keyFiles); preserveExisting = if u.openssh.authorizedKeys.preserveExistingKeys then "true" else "false"; in '' mkAuthKeysFile "${u.name}" "${authKeys}" "${authKeyFiles}" "${preserveExisting}" From e3337c7f05c198a4fddac1084a752b2413d64cbd Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Fri, 13 Jul 2012 23:54:41 -0400 Subject: [PATCH 24/31] Add module for b43 firmware --- modules/hardware/network/b43.nix | 30 ++++++++++++++++++++++++++++++ modules/module-list.nix | 1 + 2 files changed, 31 insertions(+) create mode 100644 modules/hardware/network/b43.nix diff --git a/modules/hardware/network/b43.nix b/modules/hardware/network/b43.nix new file mode 100644 index 00000000000..077e0a1e11e --- /dev/null +++ b/modules/hardware/network/b43.nix @@ -0,0 +1,30 @@ +{pkgs, config, ...}: + +let kernelVersion = config.boot.kernelPackages.kernel.version; in + +{ + + ###### interface + + options = { + + networking.enableB43Firmware = pkgs.lib.mkOption { + default = false; + type = pkgs.lib.types.bool; + description = '' + Turn on this option if you want firmware for the NICs supported by the b43 module. + ''; + }; + + }; + + + ###### implementation + + config = pkgs.lib.mkIf config.networking.enableB43Firmware { + hardware.firmware = if builtins.lessThan (builtins.compareVersions kernelVersion "3.2") 0 then + throw "b43 firmware for kernels older than 3.2 not packaged yet!" else + [ pkgs.b43Firmware_5_1_138 ]; + }; + +} diff --git a/modules/module-list.nix b/modules/module-list.nix index dfc91a765be..1e5ec300df5 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -15,6 +15,7 @@ ./config/unix-odbc-drivers.nix ./config/users-groups.nix ./hardware/cpu/intel-microcode.nix + ./hardware/network/b43.nix ./hardware/network/intel-2100bg.nix ./hardware/network/intel-2200bg.nix ./hardware/network/intel-3945abg.nix From c909ea920855c21beba3b9fca4b59432ca1ecc01 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Sat, 14 Jul 2012 18:02:46 -0400 Subject: [PATCH 25/31] multitouch: Add option to invert scroll --- modules/services/x11/hardware/multitouch.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/modules/services/x11/hardware/multitouch.nix b/modules/services/x11/hardware/multitouch.nix index 3aa2760f3f0..35e30ccf76b 100644 --- a/modules/services/x11/hardware/multitouch.nix +++ b/modules/services/x11/hardware/multitouch.nix @@ -14,6 +14,13 @@ with pkgs.lib; description = "Whether to enable multitouch touchpad support."; }; + invertScroll = mkOption { + default = false; + example = true; + type = types.bool; + description = "Whether to invert scrolling direction à la OSX Lion"; + }; + }; }; @@ -29,6 +36,10 @@ with pkgs.lib; MatchIsTouchpad "on" Identifier "Touchpads" Driver "mtrack" + ${optionalString config.services.xserver.multitouch.invertScroll '' + Option "ScrollUpButton" "5" + Option "ScrollDownButton" "4" + ''} EndSection ''; From 3d2b83c110c581aff72978e45b237e3aea28ef51 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Sat, 14 Jul 2012 21:40:49 -0400 Subject: [PATCH 26/31] multitouch: Add an option to ignore palm touches --- modules/services/x11/hardware/multitouch.nix | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/modules/services/x11/hardware/multitouch.nix b/modules/services/x11/hardware/multitouch.nix index 35e30ccf76b..ea51a4fc55b 100644 --- a/modules/services/x11/hardware/multitouch.nix +++ b/modules/services/x11/hardware/multitouch.nix @@ -2,6 +2,8 @@ with pkgs.lib; +let cfg = config.services.xserver.multitouch; in + { options = { @@ -21,11 +23,18 @@ with pkgs.lib; description = "Whether to invert scrolling direction à la OSX Lion"; }; + ignorePalm = mkOption { + default = false; + example = true; + type = types.bool; + description = "Whether to ignore touches detected as being the palm (i.e when typing)"; + }; + }; }; - config = mkIf config.services.xserver.multitouch.enable { + config = mkIf cfg.enable { services.xserver.modules = [ pkgs.xf86_input_mtrack ]; @@ -36,7 +45,8 @@ with pkgs.lib; MatchIsTouchpad "on" Identifier "Touchpads" Driver "mtrack" - ${optionalString config.services.xserver.multitouch.invertScroll '' + Option "IgnorePalm" "${if cfg.ignorePalm then "true" else "false"}" + ${optionalString cfg.invertScroll '' Option "ScrollUpButton" "5" Option "ScrollDownButton" "4" ''} From cdd8ecf9c7546944bd327790dd532b29b6521b55 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Mon, 16 Jul 2012 08:03:47 -0400 Subject: [PATCH 27/31] multitouch: Invert left-right scrolling when invertScroll is enabled --- modules/services/x11/hardware/multitouch.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/modules/services/x11/hardware/multitouch.nix b/modules/services/x11/hardware/multitouch.nix index ea51a4fc55b..115d0e41a65 100644 --- a/modules/services/x11/hardware/multitouch.nix +++ b/modules/services/x11/hardware/multitouch.nix @@ -49,6 +49,8 @@ let cfg = config.services.xserver.multitouch; in ${optionalString cfg.invertScroll '' Option "ScrollUpButton" "5" Option "ScrollDownButton" "4" + Option "ScrollLeftButton" "7" + Option "ScrollLeftButton" "6" ''} EndSection ''; From 8c24de13e4828cfd1c66ae0f3ae0d3c3a39c07fa Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Mon, 16 Jul 2012 08:11:44 -0400 Subject: [PATCH 28/31] D'oh --- modules/services/x11/hardware/multitouch.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/x11/hardware/multitouch.nix b/modules/services/x11/hardware/multitouch.nix index 115d0e41a65..4f9048bfd91 100644 --- a/modules/services/x11/hardware/multitouch.nix +++ b/modules/services/x11/hardware/multitouch.nix @@ -50,7 +50,7 @@ let cfg = config.services.xserver.multitouch; in Option "ScrollUpButton" "5" Option "ScrollDownButton" "4" Option "ScrollLeftButton" "7" - Option "ScrollLeftButton" "6" + Option "ScrollRightButton" "6" ''} EndSection ''; From 73532c38559b7bad2f6ff31bdef0d283ec75b543 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jul 2012 11:27:59 -0400 Subject: [PATCH 29/31] Global replace /var/run/current-system -> /run/current-system --- modules/config/shells.nix | 1 + modules/config/system-path.nix | 6 +++--- modules/config/users-groups.nix | 2 +- modules/installer/cd-dvd/iso-image.nix | 2 +- modules/installer/cd-dvd/system-tarball.nix | 4 ++-- modules/misc/crashdump.nix | 6 +++--- modules/programs/bash/profile.sh | 6 +++--- modules/programs/shadow.nix | 2 +- modules/services/misc/disnix.nix | 2 +- modules/services/monitoring/systemhealth.nix | 4 ++-- modules/services/network-filesystems/drbd.nix | 2 +- modules/services/network-filesystems/samba.nix | 2 +- modules/services/networking/ssh/sshd.nix | 2 +- modules/services/scheduling/fcron.nix | 4 ++-- modules/services/ttys/mingetty.nix | 2 +- modules/services/x11/display-managers/kdm.nix | 2 +- modules/services/x11/xfs.conf | 2 +- modules/system/activation/activation-script.nix | 6 +++--- modules/system/activation/switch-to-configuration.sh | 2 +- modules/system/boot/stage-2-init.sh | 2 +- modules/tasks/kbd.nix | 2 +- 21 files changed, 32 insertions(+), 31 deletions(-) diff --git a/modules/config/shells.nix b/modules/config/shells.nix index 6286223752a..b0a946a8e6e 100644 --- a/modules/config/shells.nix +++ b/modules/config/shells.nix @@ -13,6 +13,7 @@ with pkgs.lib; { target = "shells"; source = pkgs.writeText "shells" '' + /run/current-system/sw/bin/bash /var/run/current-system/sw/bin/bash /bin/sh ''; diff --git a/modules/config/system-path.nix b/modules/config/system-path.nix index 9eab8dde473..38e5f076bcf 100644 --- a/modules/config/system-path.nix +++ b/modules/config/system-path.nix @@ -1,5 +1,5 @@ # This module defines the packages that appear in -# /var/run/current-system/sw. +# /run/current-system/sw. { config, pkgs, ... }: @@ -69,7 +69,7 @@ let example = "[ pkgs.icecat3 pkgs.thunderbird ]"; description = '' The set of packages that appear in - /var/run/current-system/sw. These packages are + /run/current-system/sw. These packages are automatically available to all users, and are automatically updated every time you rebuild the system configuration. (The latter is the main difference with @@ -84,7 +84,7 @@ let default = []; example = ["/"]; description = " - Lists directories to be symlinked in `/var/run/current-system/sw'. + Lists directories to be symlinked in `/run/current-system/sw'. "; }; }; diff --git a/modules/config/users-groups.nix b/modules/config/users-groups.nix index beb21734652..598d68eb91d 100644 --- a/modules/config/users-groups.nix +++ b/modules/config/users-groups.nix @@ -48,7 +48,7 @@ let shell = mkOption { type = with types; uniq string; - default = "/var/run/current-system/sw/sbin/nologin"; + default = "/run/current-system/sw/sbin/nologin"; description = "The path to the user's shell."; }; diff --git a/modules/installer/cd-dvd/iso-image.nix b/modules/installer/cd-dvd/iso-image.nix index 99628b33bab..c1094daa49f 100644 --- a/modules/installer/cd-dvd/iso-image.nix +++ b/modules/installer/cd-dvd/iso-image.nix @@ -312,7 +312,7 @@ in # nixos-rebuild also requires a "system" profile and an # /etc/NIXOS tag. touch /etc/NIXOS - ${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /var/run/current-system + ${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system ''; # Add vfat support to the initrd to enable people to copy the diff --git a/modules/installer/cd-dvd/system-tarball.nix b/modules/installer/cd-dvd/system-tarball.nix index daffb94bc53..e0cbfd6e713 100644 --- a/modules/installer/cd-dvd/system-tarball.nix +++ b/modules/installer/cd-dvd/system-tarball.nix @@ -50,7 +50,7 @@ in # script and the top-level system configuration directory. tarball.storeContents = [ { object = config.system.build.toplevel; - symlink = "/var/run/current-system"; + symlink = "/run/current-system"; } ]; @@ -87,6 +87,6 @@ in # nixos-rebuild also requires a "system" profile and an # /etc/NIXOS tag. touch /etc/NIXOS - ${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /var/run/current-system + ${config.environment.nix}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system ''; } diff --git a/modules/misc/crashdump.nix b/modules/misc/crashdump.nix index fff459c9ab4..973abfd9327 100644 --- a/modules/misc/crashdump.nix +++ b/modules/misc/crashdump.nix @@ -48,9 +48,9 @@ in config = mkIf crashdump.enable { boot = { postBootCommands = '' - ${pkgs.kexectools}/sbin/kexec -p /var/run/current-system/kernel \ - --initrd=/var/run/current-system/initrd \ - --append="init=$(readlink -f /var/run/current-system/init) system=$(readlink -f /var/run/current-system) irqpoll maxcpus=1 reset_devices ${kernelParams}" --reset-vga --console-vga + ${pkgs.kexectools}/sbin/kexec -p /run/current-system/kernel \ + --initrd=/run/current-system/initrd \ + --append="init=$(readlink -f /run/current-system/init) system=$(readlink -f /run/current-system) irqpoll maxcpus=1 reset_devices ${kernelParams}" --reset-vga --console-vga ''; kernelParams = [ "crashkernel=64M" diff --git a/modules/programs/bash/profile.sh b/modules/programs/bash/profile.sh index 3da860388b1..1eef2a9e84a 100644 --- a/modules/programs/bash/profile.sh +++ b/modules/programs/bash/profile.sh @@ -12,8 +12,8 @@ __ETC_PROFILE_SOURCED=1 export __ETC_PROFILE_DONE=1 # Initialise a bunch of environment variables. -export LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive -export LD_LIBRARY_PATH=/var/run/opengl-driver/lib:/var/run/opengl-driver-32/lib # !!! only set if needed +export LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive +export LD_LIBRARY_PATH=/run/opengl-driver/lib:/run/opengl-driver-32/lib # !!! only set if needed export NIXPKGS_CONFIG=/etc/nix/nixpkgs-config.nix export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixpkgs=/etc/nixos/nixpkgs:nixos=/etc/nixos/nixos:nixos-config=/etc/nixos/configuration.nix:services=/etc/nixos/services export PAGER="less -R" @@ -22,7 +22,7 @@ export LOCATE_PATH=/var/cache/locatedb # Include the various profiles in the appropriate environment variables. export NIX_USER_PROFILE_DIR=/nix/var/nix/profiles/per-user/$USER -export NIX_PROFILES="/var/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile" +export NIX_PROFILES="/run/current-system/sw /nix/var/nix/profiles/default $HOME/.nix-profile" unset PATH INFOPATH PKG_CONFIG_PATH PERL5LIB ALSA_PLUGIN_DIRS GST_PLUGIN_PATH KDEDIRS unset QT_PLUGIN_PATH QTWEBKIT_PLUGIN_PATH STRIGI_PLUGIN_PATH XDG_CONFIG_DIRS XDG_DATA_DIRS diff --git a/modules/programs/shadow.nix b/modules/programs/shadow.nix index 869f4f85fb4..137064bba85 100644 --- a/modules/programs/shadow.nix +++ b/modules/programs/shadow.nix @@ -38,7 +38,7 @@ in options = { users.defaultUserShell = pkgs.lib.mkOption { - default = "/var/run/current-system/sw/bin/bash"; + default = "/run/current-system/sw/bin/bash"; description = '' This option defines the default shell assigned to user accounts. This must not be a store path, since the path is diff --git a/modules/services/misc/disnix.nix b/modules/services/misc/disnix.nix index 645e92c39df..8d04c81ad68 100644 --- a/modules/services/misc/disnix.nix +++ b/modules/services/misc/disnix.nix @@ -130,7 +130,7 @@ in script = '' - export PATH=/var/run/current-system/sw/bin:/var/run/current-system/sw/sbin + export PATH=/run/current-system/sw/bin:/run/current-system/sw/sbin export HOME=/root ${pkgs.disnix}/bin/disnix-service --activation-modules-dir=${disnix_activation_scripts}/libexec/disnix/activation-scripts diff --git a/modules/services/monitoring/systemhealth.nix b/modules/services/monitoring/systemhealth.nix index 71389be5b2f..0a3e666ad4e 100644 --- a/modules/services/monitoring/systemhealth.nix +++ b/modules/services/monitoring/systemhealth.nix @@ -86,8 +86,8 @@ in [paths] rrdtool = ${pkgs.rrdtool}/bin/rrdtool loadavg_rrd = loadavg - ps = /var/run/current-system/sw/bin/ps - df = /var/run/current-system/sw/bin/df + ps = /run/current-system/sw/bin/ps + df = /run/current-system/sw/bin/df meminfo_rrd = meminfo uptime_rrd = uptime rrd_path = ${rrdDir} diff --git a/modules/services/network-filesystems/drbd.nix b/modules/services/network-filesystems/drbd.nix index 1c70d44f6ba..1a00ccab0a6 100644 --- a/modules/services/network-filesystems/drbd.nix +++ b/modules/services/network-filesystems/drbd.nix @@ -44,7 +44,7 @@ let cfg = config.services.drbd; in boot.extraModprobeConfig = '' - options drbd usermode_helper=/var/run/current-system/sw/sbin/drbdadm + options drbd usermode_helper=/run/current-system/sw/sbin/drbdadm ''; environment.etc = singleton diff --git a/modules/services/network-filesystems/samba.nix b/modules/services/network-filesystems/samba.nix index 7461d12d78b..2cf4e8c11ff 100644 --- a/modules/services/network-filesystems/samba.nix +++ b/modules/services/network-filesystems/samba.nix @@ -70,7 +70,7 @@ let environment = { LD_LIBRARY_PATH = nssModulesPath; TZ = config.time.timeZone; - LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive"; + LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; }; daemonType = "fork"; diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix index 6791a6b3ea8..ea60e591c14 100644 --- a/modules/services/networking/ssh/sshd.nix +++ b/modules/services/networking/ssh/sshd.nix @@ -323,7 +323,7 @@ in environment = { LD_LIBRARY_PATH = nssModulesPath; # Duplicated from bashrc. OpenSSH needs a patch for this. - LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive"; + LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; }; path = [ pkgs.openssh pkgs.gnused ]; diff --git a/modules/services/scheduling/fcron.nix b/modules/services/scheduling/fcron.nix index 6d274bf5973..812af1edfc0 100644 --- a/modules/services/scheduling/fcron.nix +++ b/modules/services/scheduling/fcron.nix @@ -87,7 +87,7 @@ in fcrondeny = /etc/fcron.deny shell = /bin/sh sendmail = /var/setuid-wrappers/sendmail - editor = /var/run/current-system/sw/bin/vi + editor = /run/current-system/sw/bin/vi ''; target = "fcron.conf"; mode = "0600"; # max allowed is 644 @@ -104,7 +104,7 @@ in startOn = "startup and filesystem"; environment = - { PATH = "/var/run/current-system/sw/bin"; + { PATH = "/run/current-system/sw/bin"; }; preStart = diff --git a/modules/services/ttys/mingetty.nix b/modules/services/ttys/mingetty.nix index 85db3f8966e..e5dbc07aeb0 100644 --- a/modules/services/ttys/mingetty.nix +++ b/modules/services/ttys/mingetty.nix @@ -69,7 +69,7 @@ with pkgs.lib; exec = "mingetty --loginprog=${pkgs.shadow}/bin/login --noclear ${tty}"; - environment.LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive"; + environment.LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; }) config.services.mingetty.ttys); diff --git a/modules/services/x11/display-managers/kdm.nix b/modules/services/x11/display-managers/kdm.nix index fe7802100b2..838a4ed9033 100644 --- a/modules/services/x11/display-managers/kdm.nix +++ b/modules/services/x11/display-managers/kdm.nix @@ -106,7 +106,7 @@ in mkdir -m 0755 -p /var/lib/kdm chown kdm /var/lib/kdm ${(optionalString (config.system.boot.loader.id == "grub") "PATH=${config.system.build.grub}/sbin:$PATH ") + - "KDEDIRS=/var/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"} + "KDEDIRS=/run/current-system/sw exec ${kdebase_workspace}/bin/kdm -config ${kdmrc} -nodaemon"} ''; logsXsession = true; }; diff --git a/modules/services/x11/xfs.conf b/modules/services/x11/xfs.conf index 5352d74faa0..13dcf803db2 100644 --- a/modules/services/x11/xfs.conf +++ b/modules/services/x11/xfs.conf @@ -12,4 +12,4 @@ default-resolutions = 75,75,100,100 cache-hi-mark = 2048 cache-low-mark = 1433 cache-balance = 70 -catalogue = /var/run/current-system/sw/share/X11-fonts/ +catalogue = /run/current-system/sw/share/X11-fonts/ diff --git a/modules/system/activation/activation-script.nix b/modules/system/activation/activation-script.nix index 083e3767ed8..41c3ced1bc2 100644 --- a/modules/system/activation/activation-script.nix +++ b/modules/system/activation/activation-script.nix @@ -74,12 +74,12 @@ in # Make this configuration the current configuration. # The readlink is there to ensure that when $systemConfig = /system - # (which is a symlink to the store), /var/run/current-system is still + # (which is a symlink to the store), /run/current-system is still # used as a garbage collection root. - ln -sfn "$(readlink -f "$systemConfig")" /var/run/current-system + ln -sfn "$(readlink -f "$systemConfig")" /run/current-system # Prevent the current configuration from being garbage-collected. - ln -sfn /var/run/current-system /nix/var/nix/gcroots/current-system + ln -sfn /run/current-system /nix/var/nix/gcroots/current-system ''; }; diff --git a/modules/system/activation/switch-to-configuration.sh b/modules/system/activation/switch-to-configuration.sh index da1471cf550..62af63ec39f 100644 --- a/modules/system/activation/switch-to-configuration.sh +++ b/modules/system/activation/switch-to-configuration.sh @@ -59,7 +59,7 @@ fi # Activate the new configuration. if [ "$action" != switch -a "$action" != test ]; then exit 0; fi -oldVersion=$(cat /var/run/current-system/upstart-interface-version 2> /dev/null || echo 0) +oldVersion=$(cat /run/current-system/upstart-interface-version 2> /dev/null || echo 0) newVersion=$(cat @out@/upstart-interface-version 2> /dev/null || echo 0) if test "$oldVersion" -ne "$newVersion"; then diff --git a/modules/system/boot/stage-2-init.sh b/modules/system/boot/stage-2-init.sh index c252b221dfb..51f7bbe8f72 100644 --- a/modules/system/boot/stage-2-init.sh +++ b/modules/system/boot/stage-2-init.sh @@ -189,4 +189,4 @@ fi # Start Upstart's init. echo "starting Upstart..." -PATH=/var/run/current-system/upstart/sbin exec init --no-sessions ${debug2:+--verbose} +PATH=/run/current-system/upstart/sbin exec init --no-sessions ${debug2:+--verbose} diff --git a/modules/tasks/kbd.nix b/modules/tasks/kbd.nix index 62c4b92ed09..d9e820ef9e7 100644 --- a/modules/tasks/kbd.nix +++ b/modules/tasks/kbd.nix @@ -65,7 +65,7 @@ in script = '' export LANG=${defaultLocale} - export LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive + export LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive export PATH=${pkgs.gzip}/bin:$PATH # Needed by setfont set +e # continue in case of errors From 98459eb6753ccbe9babc61fb9d88c8e329dbf238 Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jul 2012 11:30:37 -0400 Subject: [PATCH 30/31] Global replace /var/run/booted-system -> /run/booted-system --- modules/services/logging/klogd.nix | 2 +- modules/system/boot/modprobe.nix | 2 +- modules/system/boot/stage-2-init.sh | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/services/logging/klogd.nix b/modules/services/logging/klogd.nix index af21f9cc959..907d83c7a6a 100644 --- a/modules/services/logging/klogd.nix +++ b/modules/services/logging/klogd.nix @@ -13,7 +13,7 @@ exec = "klogd -c 1 -2 -n " + - "-k $(dirname $(readlink -f /var/run/booted-system/kernel))/System.map"; + "-k $(dirname $(readlink -f /run/booted-system/kernel))/System.map"; }; } diff --git a/modules/system/boot/modprobe.nix b/modules/system/boot/modprobe.nix index f210ecec26d..41252e2ba0c 100644 --- a/modules/system/boot/modprobe.nix +++ b/modules/system/boot/modprobe.nix @@ -24,7 +24,7 @@ with pkgs.lib; # modules in the current configuration don't match the # running kernel. if [ ! -d "$MODULE_DIR/$(${pkgs.coreutils}/bin/uname -r)" ]; then - MODULE_DIR=/var/run/booted-system/kernel-modules/lib/modules/ + MODULE_DIR=/run/booted-system/kernel-modules/lib/modules/ fi exec ${pkgs.module_init_tools}/sbin/modprobe "$@" diff --git a/modules/system/boot/stage-2-init.sh b/modules/system/boot/stage-2-init.sh index 51f7bbe8f72..0a42083144d 100644 --- a/modules/system/boot/stage-2-init.sh +++ b/modules/system/boot/stage-2-init.sh @@ -155,12 +155,12 @@ $systemConfig/activate # Record the boot configuration. -ln -sfn "$systemConfig" /var/run/booted-system +ln -sfn "$systemConfig" /run/booted-system # Prevent the booted system form being garbage-collected If it weren't # a gcroot, if we were running a different kernel, switched system, # and garbage collected all, we could not load kernel modules anymore. -ln -sfn /var/run/booted-system /nix/var/nix/gcroots/booted-system +ln -sfn /run/booted-system /nix/var/nix/gcroots/booted-system # Run any user-specified commands. From 1d5748942771c6d39df0030e36819b47002d460a Mon Sep 17 00:00:00 2001 From: Eelco Dolstra Date: Mon, 16 Jul 2012 11:32:26 -0400 Subject: [PATCH 31/31] Global replace /var/run/opengl-driver -> /run/opengl-driver --- modules/services/x11/xserver.nix | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules/services/x11/xserver.nix b/modules/services/x11/xserver.nix index 2ae42f5b41b..97424308c27 100644 --- a/modules/services/x11/xserver.nix +++ b/modules/services/x11/xserver.nix @@ -407,21 +407,21 @@ in preStart = '' - rm -f /var/run/opengl-driver - rm -f /var/run/opengl-driver-32 + rm -f /run/opengl-driver + rm -f /run/opengl-driver-32 ${# !!! The OpenGL driver depends on what's detected at runtime. if elem "nvidia" driverNames then '' - ln -sf ${kernelPackages.nvidia_x11} /var/run/opengl-driver + ln -sf ${kernelPackages.nvidia_x11} /run/opengl-driver ${optionalString (pkgs.stdenv.system == "x86_64-linux" && cfg.driSupport32Bit) - "ln -sf ${pkgs_i686.linuxPackages.nvidia_x11.override { libsOnly = true; kernel = null; } } /var/run/opengl-driver-32"} + "ln -sf ${pkgs_i686.linuxPackages.nvidia_x11.override { libsOnly = true; kernel = null; } } /run/opengl-driver-32"} '' else if elem "nvidiaLegacy96" driverNames then - "ln -sf ${kernelPackages.nvidia_x11_legacy96} /var/run/opengl-driver" + "ln -sf ${kernelPackages.nvidia_x11_legacy96} /run/opengl-driver" else if elem "nvidiaLegacy173" driverNames then - "ln -sf ${kernelPackages.nvidia_x11_legacy173} /var/run/opengl-driver" + "ln -sf ${kernelPackages.nvidia_x11_legacy173} /run/opengl-driver" else if cfg.driSupport then - "ln -sf ${pkgs.mesa} /var/run/opengl-driver" + "ln -sf ${pkgs.mesa} /run/opengl-driver" else "" }