Get lots more systemd stuff working

Enabled a bunch of units that ship with systemd.  Also added an option
‘boot.systemd.units’ that can be used to define additional units
(e.g. ‘sshd.service’).

modules/services/networking/ssh/sshd.nix

@@ -127,6 +127,18 @@ let
       ${userLoop}
     '';
 
+  preStart = pkgs.writeScript "openssh-pre-start"
+    ''
+      #! ${pkgs.stdenv.shell}
+
+      ${mkAuthkeyScript}
+
+      mkdir -m 0755 -p /etc/ssh
+
+      if ! test -f ${cfg.hostKeyPath}; then
+          ssh-keygen -t ${hktn} -b ${toString hktb} -f ${cfg.hostKeyPath} -N ""
+      fi
+    '';
 
 in
 
@@ -305,9 +317,26 @@ in
       }
     ];
 
-    jobs.sshd = {
+    boot.systemd.units."sshd.service" =
+      ''
+        [Unit]
+        Description=SSH daemon
 
-        description = "OpenSSH server";
+        [Service]
+        Environment=PATH=${pkgs.coreutils}/bin:${pkgs.openssh}/bin
+        ExecStartPre=${preStart}
+        ExecStart=\
+          ${pkgs.openssh}/sbin/sshd -h ${cfg.hostKeyPath} \
+            -f ${pkgs.writeText "sshd_config" cfg.extraConfig}
+        Restart=always
+        RestartSec=5
+        Type=forking
+        KillMode=process
+        PIDFile=/run/sshd.pid
+      '';
+
+    jobs.sshd =
+      { description = "OpenSSH server";
 
         startOn = "started network-interfaces";
 
@@ -343,6 +372,8 @@ in
 
     services.openssh.extraConfig =
       ''
+        PidFile /run/sshd.pid
+      
         Protocol 2
 
         UsePAM ${if cfg.usePAM then "yes" else "no"}

modules/services/system/dbus.nix

@@ -116,6 +116,32 @@ in
         gid = config.ids.gids.messagebus;
       };
 
+    # FIXME: these are copied verbatim from the dbus source tree.  We
+    # should install and use the originals.
+    boot.systemd.units."dbus.socket" =
+      ''
+        [Unit]
+        Description=D-Bus System Message Bus Socket
+
+        [Socket]
+        ListenStream=/var/run/dbus/system_bus_socket
+      '';
+      
+    boot.systemd.units."dbus.service" =
+      ''
+        [Unit]
+        Description=D-Bus System Message Bus
+        Requires=dbus.socket
+        After=syslog.target
+
+        [Service]
+        ExecStartPre=${pkgs.dbus_tools}/bin/dbus-uuidgen --ensure
+        ExecStartPre=-${pkgs.coreutils}/bin/rm -f /var/run/dbus/pid
+        ExecStart=${pkgs.dbus_daemon}/bin/dbus-daemon --system --address=systemd: --nofork --systemd-activation
+        ExecReload=${pkgs.dbus_tools}/dbus-send --print-reply --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig
+        OOMScoreAdjust=-900
+      '';
+
     jobs.dbus =
       { startOn = "started udev and started syslogd";
       

modules/system/boot/stage-2-init.sh

@@ -90,12 +90,13 @@ mkdir -m 0755 -p /dev/pts
 mount -t devpts -o mode=0600,gid=@ttyGid@ none /dev/pts
 [ -e /proc/bus/usb ] && mount -t usbfs none /proc/bus/usb # UML doesn't have USB by default
 mkdir -m 01777 -p /tmp
-mkdir -m 0755 -p /var
+mkdir -m 0755 -p /var /var/log
 mkdir -m 0755 -p /nix/var
 mkdir -m 0700 -p /root
 mkdir -m 0755 -p /bin # for the /bin/sh symlink
 mkdir -m 0755 -p /home
 mkdir -m 0755 -p /etc/nixos
+mkdir -m 0700 -p /var/log/journal
 
 
 # Miscellaneous boot time cleanup.
@@ -195,4 +196,4 @@ fi
 
 # Start systemd.
 echo "starting systemd..."
-PATH=/var/run/current-system/systemd/lib/systemd exec systemd --log-level debug --log-target=console --crash-shell
+PATH=/var/run/current-system/systemd/lib/systemd exec systemd --log-target journal --log-level debug --crash-shell

modules/system/boot/stage-2.nix

@@ -61,7 +61,6 @@ let
     isExecutable = true;
     inherit (config.boot) devShmSize runSize cleanTmpDir;
     ttyGid = config.ids.gids.tty;
-    upstart = config.system.build.upstart;
     path =
       [ pkgs.coreutils
         pkgs.utillinux

modules/system/boot/systemd.nix

@@ -9,106 +9,71 @@ let
   makeUnit = name: text:
     pkgs.writeTextFile { name = "unit"; inherit text; destination = "/${name}"; };
 
-  defaultTarget = makeUnit "default.target"
-    ''
-      [Unit]
-      Description=Default System
-      Requires=getty.target
-      After=getty.target
-      Conflicts=rescue.target
-      AllowIsolate=yes
-    '';
-
-  gettyTarget = makeUnit "getty.target"
-    ''
-      [Unit]
-      Description=Login Prompts
-      Requires=getty@tty1.service getty@tty2.service
-      After=getty@tty1.service getty@tty2.service
-    '';
-
-  gettyService = makeUnit "getty@.service"
-    ''
-      [Unit]
-      Description=Getty on %I
-      #BindTo=dev-%i.device
-      #After=dev-%i.device systemd-user-sessions.service plymouth-quit-wait.service
-      Before=getty.target
-
-      [Service]
-      Environment=TERM=linux
-      ExecStart=-${pkgs.utillinux}/sbin/agetty --noclear --login-program ${pkgs.shadow}/bin/login %I 38400
-      Restart=always
-      RestartSec=0
-      UtmpIdentifier=%I
-      TTYPath=/dev/%I
-      TTYReset=yes
-      TTYVHangup=yes
-      TTYVTDisallocate=yes
-      KillMode=process
-      IgnoreSIGPIPE=no
-
-      # Unset locale for the console getty since the console has problems
-      # displaying some internationalized messages.
-      Environment=LANG= LANGUAGE= LC_CTYPE= LC_NUMERIC= LC_TIME= LC_COLLATE= LC_MONETARY= LC_MESSAGES= LC_PAPER= LC_NAME= LC_ADDRESS= LC_TELEPHONE= LC_MEASUREMENT= LC_IDENTIFICATION=
-
-      # Some login implementations ignore SIGTERM, so we send SIGHUP
-      # instead, to ensure that login terminates cleanly.
-      KillSignal=SIGHUP
-    '';
-
-  rescueTarget = makeUnit "rescue.target"
-    ''
-      [Unit]
-      Description=Rescue Mode
-      Requires=rescue.service
-      After=rescue.service
-      AllowIsolate=yes
-    '';
-
-  rescueService = makeUnit "rescue.service"
-    ''
-      [Unit]
-      Description=Rescue Shell
-      DefaultDependencies=no
-      #After=basic.target
-      #Before=shutdown.target
-
-      [Service]
-      Environment=HOME=/root
-      WorkingDirectory=/root
-      ExecStartPre=-${pkgs.coreutils}/bin/echo 'Welcome to rescue mode. Use "systemctl default" or ^D to enter default mode.'
-      #ExecStart=-/sbin/sulogin
-      ExecStart=-${pkgs.bashInteractive}/bin/bash --login
-      ExecStopPost=-${systemd}/bin/systemctl --fail --no-block default
-      StandardInput=tty-force
-      StandardOutput=inherit
-      StandardError=inherit
-      KillMode=process
-
-      # Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash
-      # terminates cleanly.
-      KillSignal=SIGHUP
-    '';
-
   upstreamUnits =
-    [ "systemd-journald.socket"
+    [ # Targets.
-      "systemd-journald.service"
       "basic.target"
       "sysinit.target"
-      "sysinit.target.wants"
       "sockets.target"
-      "sockets.target.wants"
+      "graphical.target"
+      "multi-user.target"
+      "getty.target"
+      "rescue.target"
+      "network.target"
+      "nss-lookup.target"
+      "nss-user-lookup.target"
+      "syslog.target"
+      "time-sync.target"
 
+      # Login stuff.
+      "systemd-logind.service"
+      "autovt@.service"
+      "systemd-vconsole-setup.service"
+      "systemd-user-sessions.service"
+
+      # Journal.
+      "systemd-journald.socket"
+      "systemd-journald.service"
+
+      # SysV init compatibility.
+      "systemd-initctl.socket"
+      "systemd-initctl.service"
+      "runlevel0.target"
+      "runlevel1.target"
+      "runlevel2.target"
+      "runlevel3.target"
+      "runlevel4.target"
+      "runlevel5.target"
+      "runlevel6.target"
+
+      # Random seed.
+      "systemd-random-seed-load.service"
+      "systemd-random-seed-save.service"
+
+      # Utmp maintenance.
+      "systemd-update-utmp-runlevel.service"
+      "systemd-update-utmp-shutdown.service"
+      
       # Filesystems.
+      "fsck@.service"
+      "fsck-root.service"
+      "systemd-remount-fs.service"
       "local-fs.target"
-      "local-fs.target.wants"
       "local-fs-pre.target"
       "remote-fs.target"
       "remote-fs-pre.target"
       "swap.target"
-      "media.mount"
+      "dev-hugepages.mount"
       "dev-mqueue.mount"
+      "sys-fs-fuse-connections.mount"
+      "sys-kernel-config.mount"
+      "sys-kernel-debug.mount"
+
+      # Hibernate / suspend.
+      "hibernate.target"
+      "hibernate.service"
+      "suspend.target"
+      "suspend.service"
+      "sleep.target"
 
       # Reboot stuff.
       "reboot.target"
@@ -121,18 +86,46 @@ let
       "shutdown.target"
       "umount.target"
       "final.target"
+
+      # Misc.
+      "syslog.socket"
     ];
 
+  upstreamWants =
+    [ "basic.target.wants"
+      "sysinit.target.wants"
+      "sockets.target.wants"
+      "local-fs.target.wants"
+      "multi-user.target.wants"
+      "shutdown.target.wants"
+    ];
+
+  nixosUnits = mapAttrsToList makeUnit config.boot.systemd.units;
+    
   systemUnits = pkgs.runCommand "system-units" { }
     ''
       mkdir -p $out/system
       for i in ${toString upstreamUnits}; do
         fn=${systemd}/example/systemd/system/$i
-        echo $fn
         [ -e $fn ]
-        ln -s $fn $out/system
+        if [ -L $fn ]; then
+          cp -pd $fn $out/system/
+        else
+          ln -s $fn $out/system
+        fi
       done
-      for i in ${toString [ defaultTarget gettyTarget gettyService rescueTarget rescueService ]}; do
+      for i in ${toString upstreamWants}; do
+        fn=${systemd}/example/systemd/system/$i
+        [ -e $fn ]
+        x=$out/system/$(basename $fn)
+        mkdir $x
+        for i in $fn/*; do
+          y=$x/$(basename $i)
+          cp -pd $i $y
+          if ! [ -e $y ]; then rm -v $y; fi
+        done
+      done
+      for i in ${toString nixosUnits}; do
         cp $i/* $out/system
       done
     ''; # */
@@ -141,6 +134,18 @@ in
 
 {
 
+  ###### interface
+
+  options = {
+
+    boot.systemd.units = mkOption {
+      default = {} ;
+      description = "Systemd units.";
+    };
+
+  };
+
+  
   ###### implementation
 
   config = {
@@ -152,7 +157,81 @@ in
           target = "systemd";
         }
       ];
+
+    boot.systemd.units."default.target" =
+      ''
+        [Unit]
+        Description=Default System
+        Requires=multi-user.target
+        After=multi-user.target
+        Conflicts=rescue.target
+        AllowIsolate=yes
+        Wants=sshd.service autovt@tty1.service # FIXME
+      '';
     
+    boot.systemd.units."getty@.service" =
+      ''
+        [Unit]
+        Description=Getty on %I
+        Documentation=man:agetty(8)
+        After=systemd-user-sessions.service plymouth-quit-wait.service
+
+        # If additional gettys are spawned during boot then we should make
+        # sure that this is synchronized before getty.target, even though
+        # getty.target didn't actually pull it in.
+        Before=getty.target
+        IgnoreOnIsolate=yes
+
+        [Service]
+        Environment=TERM=linux
+        ExecStart=-${pkgs.utillinux}/sbin/agetty --noclear --login-program ${pkgs.shadow}/bin/login %I 38400
+        Type=idle
+        Restart=always
+        RestartSec=0
+        UtmpIdentifier=%I
+        TTYPath=/dev/%I
+        TTYReset=yes
+        TTYVHangup=yes
+        TTYVTDisallocate=yes
+        KillMode=process
+        IgnoreSIGPIPE=no
+
+        # Unset locale for the console getty since the console has problems
+        # displaying some internationalized messages.
+        Environment=LANG= LANGUAGE= LC_CTYPE= LC_NUMERIC= LC_TIME= LC_COLLATE= LC_MONETARY= LC_MESSAGES= LC_PAPER= LC_NAME= LC_ADDRESS= LC_TELEPHONE= LC_MEASUREMENT= LC_IDENTIFICATION=
+
+        # Some login implementations ignore SIGTERM, so we send SIGHUP
+        # instead, to ensure that login terminates cleanly.
+        KillSignal=SIGHUP
+      '';
+
+    boot.systemd.units."rescue.service" =
+      ''
+        [Unit]
+        Description=Rescue Shell
+        DefaultDependencies=no
+        Conflicts=shutdown.target
+        After=sysinit.target
+        Before=shutdown.target
+
+        [Service]
+        Environment=HOME=/root
+        WorkingDirectory=/root
+        ExecStartPre=-${pkgs.coreutils}/bin/echo 'Welcome to rescue mode. Use "systemctl default" or ^D to enter default mode.'
+        #ExecStart=-/sbin/sulogin
+        ExecStart=-${pkgs.bashInteractive}/bin/bash --login
+        ExecStopPost=-${systemd}/bin/systemctl --fail --no-block default
+        Type=idle
+        StandardInput=tty-force
+        StandardOutput=inherit
+        StandardError=inherit
+        KillMode=process
+
+        # Bash ignores SIGTERM, so we send SIGHUP instead, to ensure that bash
+        # terminates cleanly.
+        KillSignal=SIGHUP
+      '';
+
   };
 
 }

modules/system/upstart/upstart.nix

@@ -476,6 +476,7 @@ in
 
     system.build.upstart = upstart;
 
+    /*
     environment.etc =
       flip map (attrValues config.jobs) (job:
         { source = job.jobDrv;
@@ -492,6 +493,7 @@ in
       ${optionalString (job.setuid != "") "chown ${job.setuid} /var/log/upstart/${job.name}"}
       ${optionalString (job.setgid != "") "chown :${job.setgid} /var/log/upstart/${job.name}"}
     '') (attrValues config.jobs));
+    */
 
   };