From 215b5f6282a02044b928a9a4fcf361beabba11ab Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Sun, 20 Mar 2016 00:36:36 +0100 Subject: [PATCH 1/9] systemd: Try adding cryptsetup to buildInputs. --- pkgs/os-specific/linux/systemd/default.nix | 2 +- pkgs/top-level/all-packages.nix | 5 +++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index cb1521a4005..7620fef0aa6 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { buildInputs = [ linuxHeaders pkgconfig intltool gperf libcap kmod xz pam acl - /* cryptsetup */ libuuid m4 glib libxslt libgcrypt libgpgerror + cryptsetup libuuid m4 glib libxslt libgcrypt libgpgerror libmicrohttpd kexectools libseccomp audit lz4 libapparmor /* FIXME: we may be able to prevent the following dependencies by generating an autoconf'd tarball, but that's probably not diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index dfb1d258ba3..d9507a18982 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10990,6 +10990,11 @@ in systemd = callPackage ../os-specific/linux/systemd { linuxHeaders = linuxHeaders_3_18; + cryptsetup = null; # Infinite recusion + }; + + systemd-with-cryptsetup = systemd.override { + inherit cryptsetup; }; # In nixos, you can set systemd.package = pkgs.systemd_with_lvm2 to get From 8cbf4bb70b50da07f15a1bfb07fd866c14312bf6 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Sun, 20 Mar 2016 00:46:13 +0100 Subject: [PATCH 2/9] systemd-with-cryptsetup: append '-with-cryptsetup' to name. --- pkgs/top-level/all-packages.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d9507a18982..736cb2f2db6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10993,9 +10993,9 @@ in cryptsetup = null; # Infinite recusion }; - systemd-with-cryptsetup = systemd.override { + systemd-with-cryptsetup = appendToName "-with-cryptsetup" (systemd.override { inherit cryptsetup; - }; + }); # In nixos, you can set systemd.package = pkgs.systemd_with_lvm2 to get # LVM2 working in systemd. From 2e9a0b21f458f8f56cec9c8dd42af87e78630d9f Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Sun, 20 Mar 2016 17:48:48 +0100 Subject: [PATCH 3/9] systemd-with-cryptsetup -> systemd_with_cryptsetup. --- pkgs/top-level/all-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 736cb2f2db6..c0a45379793 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10993,7 +10993,7 @@ in cryptsetup = null; # Infinite recusion }; - systemd-with-cryptsetup = appendToName "-with-cryptsetup" (systemd.override { + systemd_with_cryptsetup = appendToName "-with-cryptsetup" (systemd.override { inherit cryptsetup; }); From 47e5fd9f57b69b2b22a5162456c22525bbb17ab6 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Thu, 24 Mar 2016 12:42:27 +0100 Subject: [PATCH 4/9] systemd-cryptsetup-generator: Init --- .../linux/systemd/cryptsetup-generator.nix | 21 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 3 +++ 2 files changed, 24 insertions(+) create mode 100644 pkgs/os-specific/linux/systemd/cryptsetup-generator.nix diff --git a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix new file mode 100644 index 00000000000..efad362e886 --- /dev/null +++ b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix @@ -0,0 +1,21 @@ +{ stdenv, systemd, cryptsetup }: + +assert stdenv.isLinux; + +stdenv.lib.overrideDerivation systemd (p: { + version = p.version; + name = "systemd-cryptsetup-generator"; + + nativeBuildInputs = p.nativeBuildInputs ++ [ cryptsetup ]; + outputs = [ "out" ]; + + buildPhase = '' + make $makeFlags built-sources + make $makeFlags systemd-cryptsetup-generator + ''; + + installPhase = '' + mkdir -p $out/lib/systemd/system-generators/ + cp systemd-cryptsetup-generator $out/lib/systemd/system-generators/systemd-cryptsetup-generator + ''; +}) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c0a45379793..392ead817f0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10997,6 +10997,9 @@ in inherit cryptsetup; }); + # The standalone cryptsetup generator for systemd + systemd-cryptsetup-generator = callPackage ../os-specific/linux/systemd/cryptsetup-generator.nix { }; + # In nixos, you can set systemd.package = pkgs.systemd_with_lvm2 to get # LVM2 working in systemd. systemd_with_lvm2 = pkgs.lib.overrideDerivation pkgs.systemd (p: { From faa79e60cc6b049786c4814f47e38bcc5e273a81 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Thu, 24 Mar 2016 13:30:29 +0100 Subject: [PATCH 5/9] systemd-cryptsetup-generator: Also build `systemd-cryptsetup` --- pkgs/os-specific/linux/systemd/cryptsetup-generator.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix index efad362e886..69ba39616d7 100644 --- a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix +++ b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix @@ -11,11 +11,15 @@ stdenv.lib.overrideDerivation systemd (p: { buildPhase = '' make $makeFlags built-sources + make $makeFlags systemd-cryptsetup make $makeFlags systemd-cryptsetup-generator ''; installPhase = '' mkdir -p $out/lib/systemd/system-generators/ cp systemd-cryptsetup-generator $out/lib/systemd/system-generators/systemd-cryptsetup-generator + + mkdir -p $out/lib/systemd/ + cp systemd-cryptsetup $out/lib/systemd/systemd-cryptsetup ''; }) From 88e2cc480f588be7514ea3953c42facd34e0f123 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Thu, 24 Mar 2016 15:27:47 +0100 Subject: [PATCH 6/9] systemd.generator-packages: Option to specify packages providing generators. --- nixos/modules/system/boot/systemd.nix | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index a3c83521c35..244a4cd61f0 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -472,6 +472,13 @@ in ''; }; + systemd.generator-packages = mkOption { + default = []; + type = types.listOf types.package; + example = literalExample "[ pkgs.systemd-cryptsetup-generator ]"; + description = "Packages providing systemd generators."; + }; + systemd.defaultUnit = mkOption { default = "multi-user.target"; type = types.str; @@ -628,7 +635,13 @@ in environment.systemPackages = [ systemd ]; - environment.etc = { + environment.etc = let + generators = (fold (p: attrs: let path = "${p}/lib/systemd/system-generators"; + in attrs // (mapAttrs' (name: _: nameValuePair name "${path}/${toString name}") + (builtins.readDir "${path}"))) + cfg.generators + cfg.generator-packages); + in ({ "systemd/system".source = generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants; "systemd/user".source = generateUnits "user" cfg.user.units upstreamUserUnits []; @@ -667,7 +680,7 @@ in ${concatStringsSep "\n" cfg.tmpfiles.rules} ''; - } // mapAttrs' (n: v: nameValuePair "systemd/system-generators/${n}" {"source"=v;}) cfg.generators; + } // mapAttrs' (n: v: nameValuePair "systemd/system-generators/${n}" {"source"=v;}) generators); system.activationScripts.systemd = stringAfter [ "groups" ] '' From 7503ee71fcbb2088d49f9736ded445f0dcf4e57a Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Thu, 24 Mar 2016 15:34:09 +0100 Subject: [PATCH 7/9] Revert "systemd: Try adding cryptsetup to buildInputs." This reverts commit eda8d21d8b0a69e4b7a3bc215e2215ffc6526495. --- pkgs/os-specific/linux/systemd/default.nix | 2 +- pkgs/top-level/all-packages.nix | 7 +------ 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index 7620fef0aa6..cb1521a4005 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { buildInputs = [ linuxHeaders pkgconfig intltool gperf libcap kmod xz pam acl - cryptsetup libuuid m4 glib libxslt libgcrypt libgpgerror + /* cryptsetup */ libuuid m4 glib libxslt libgcrypt libgpgerror libmicrohttpd kexectools libseccomp audit lz4 libapparmor /* FIXME: we may be able to prevent the following dependencies by generating an autoconf'd tarball, but that's probably not diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 392ead817f0..65ca5c3a58d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10990,14 +10990,9 @@ in systemd = callPackage ../os-specific/linux/systemd { linuxHeaders = linuxHeaders_3_18; - cryptsetup = null; # Infinite recusion }; - systemd_with_cryptsetup = appendToName "-with-cryptsetup" (systemd.override { - inherit cryptsetup; - }); - - # The standalone cryptsetup generator for systemd + # standalone cryptsetup generator for systemd systemd-cryptsetup-generator = callPackage ../os-specific/linux/systemd/cryptsetup-generator.nix { }; # In nixos, you can set systemd.package = pkgs.systemd_with_lvm2 to get From 5c770c4c0bce80fabdf0bc69c6a9bfc0ff012a1a Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Thu, 24 Mar 2016 15:50:39 +0100 Subject: [PATCH 8/9] systemd-cryptsetup-generator: Cleaner install phase. --- pkgs/os-specific/linux/systemd/cryptsetup-generator.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix index 69ba39616d7..2935990755c 100644 --- a/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix +++ b/pkgs/os-specific/linux/systemd/cryptsetup-generator.nix @@ -16,10 +16,10 @@ stdenv.lib.overrideDerivation systemd (p: { ''; installPhase = '' - mkdir -p $out/lib/systemd/system-generators/ - cp systemd-cryptsetup-generator $out/lib/systemd/system-generators/systemd-cryptsetup-generator - mkdir -p $out/lib/systemd/ cp systemd-cryptsetup $out/lib/systemd/systemd-cryptsetup + + mkdir -p $out/lib/systemd/system-generators/ + cp systemd-cryptsetup-generator $out/lib/systemd/system-generators/systemd-cryptsetup-generator ''; }) From e366d8294ee3afedfd951222ec8a8fc8c60c1063 Mon Sep 17 00:00:00 2001 From: Moritz Ulrich Date: Fri, 25 Mar 2016 12:45:54 +0100 Subject: [PATCH 9/9] systemd.generators: Generate folders via environment.etc. --- nixos/modules/system/boot/systemd.nix | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 244a4cd61f0..3f497566ff1 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -636,11 +636,16 @@ in environment.systemPackages = [ systemd ]; environment.etc = let - generators = (fold (p: attrs: let path = "${p}/lib/systemd/system-generators"; - in attrs // (mapAttrs' (name: _: nameValuePair name "${path}/${toString name}") - (builtins.readDir "${path}"))) - cfg.generators - cfg.generator-packages); + # generate contents for /etc/systemd/system-generators from + # systemd.generators and systemd.generator-packages + generators = pkgs.runCommand "system-generators" { packages = cfg.generator-packages; } '' + mkdir -p $out + for package in $packages + do + ln -s $package/lib/systemd/system-generators/* $out/ + done; + ${concatStrings (mapAttrsToList (generator: target: "ln -s ${target} $out/${generator};\n") cfg.generators)} + ''; in ({ "systemd/system".source = generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants; @@ -680,7 +685,9 @@ in ${concatStringsSep "\n" cfg.tmpfiles.rules} ''; - } // mapAttrs' (n: v: nameValuePair "systemd/system-generators/${n}" {"source"=v;}) generators); + + "systemd/system-generators" = { source = generators; }; + }); system.activationScripts.systemd = stringAfter [ "groups" ] ''