diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2018-03-03 18:02:35 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2018-03-03 18:02:35 +0100 |
commit | b70c93f211819f5d4475569093f75d0c1e8857d6 (patch) | |
tree | b8514b9488e8bf739db9e5dbdf32cc270d27b127 /nixos/modules/system | |
parent | ceb0a28e8c2d3f3bd0f57dda74f185a570522ecf (diff) | |
parent | ac3b53707c7edf238b297ba4ce3799cecf2ee72d (diff) | |
download | nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar.gz nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar.bz2 nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar.lz nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar.xz nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.tar.zst nixlib-b70c93f211819f5d4475569093f75d0c1e8857d6.zip |
Merge branch 'master' into nix-2.0
Diffstat (limited to 'nixos/modules/system')
-rw-r--r-- | nixos/modules/system/boot/initrd-ssh.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/grub/grub.nix | 10 | ||||
-rw-r--r-- | nixos/modules/system/boot/luksroot.nix | 9 | ||||
-rw-r--r-- | nixos/modules/system/boot/networkd.nix | 6 |
4 files changed, 15 insertions, 12 deletions
diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index cdeff4845948..8b3dc2d90eb3 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -118,7 +118,7 @@ in echo ${escapeShellArg key} >> /root/.ssh/authorized_keys '') cfg.authorizedKeys)} - dropbear -s -j -k -E -m -p ${toString cfg.port} ${optionalString (cfg.hostRSAKey == null && cfg.hostDSSKey == null && cfg.hostECDSAKey == null) "-R"} + dropbear -s -j -k -E -p ${toString cfg.port} ${optionalString (cfg.hostRSAKey == null && cfg.hostDSSKey == null && cfg.hostECDSAKey == null) "-R"} ''; boot.initrd.secrets = diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index 9056121fa7d1..0d83391de893 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -110,7 +110,7 @@ in device = mkOption { default = ""; - example = "/dev/hda"; + example = "/dev/disk/by-id/wwn-0x500001234567890a"; type = types.str; description = '' The device on which the GRUB boot loader will be installed. @@ -123,7 +123,7 @@ in devices = mkOption { default = []; - example = [ "/dev/hda" ]; + example = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; type = types.listOf types.str; description = '' The devices on which the boot loader, GRUB, will be @@ -135,8 +135,8 @@ in mirroredBoots = mkOption { default = [ ]; example = [ - { path = "/boot1"; devices = [ "/dev/sda" ]; } - { path = "/boot2"; devices = [ "/dev/sdb" ]; } + { path = "/boot1"; devices = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; } + { path = "/boot2"; devices = [ "/dev/disk/by-id/wwn-0x500009876543210a" ]; } ]; description = '' Mirror the boot configuration to multiple partitions and install grub @@ -178,7 +178,7 @@ in devices = mkOption { default = [ ]; - example = [ "/dev/sda" "/dev/sdb" ]; + example = [ "/dev/disk/by-id/wwn-0x500001234567890a" "/dev/disk/by-id/wwn-0x500009876543210a" ]; type = types.listOf types.str; description = '' The path to the devices which will have the GRUB MBR written. diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index eefee5a479e7..8b390e1b60c4 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -228,10 +228,6 @@ in [ "aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" - # workaround until https://marc.info/?l=linux-crypto-vger&m=148783562211457&w=4 is merged - # remove once 'modprobe --show-depends xts' shows ecb as a dependency - "ecb" - (if pkgs.stdenv.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") ]; description = '' @@ -441,7 +437,10 @@ in # Some modules that may be needed for mounting anything ciphered # Also load input_leds to get caps lock light working (#12456) boot.initrd.availableKernelModules = [ "dm_mod" "dm_crypt" "cryptd" "input_leds" ] - ++ luks.cryptoModules; + ++ luks.cryptoModules + # workaround until https://marc.info/?l=linux-crypto-vger&m=148783562211457&w=4 is merged + # remove once 'modprobe --show-depends xts' shows ecb as a dependency + ++ (if builtins.elem "xts" luks.cryptoModules then ["ecb"] else []); # copy the cryptsetup binary and it's dependencies boot.initrd.extraUtilsCommands = '' diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index eea10613ea58..7bf7a51a2417 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -650,7 +650,11 @@ let unitFiles = map (name: { target = "systemd/network/${name}"; source = "${cfg.units.${name}.unit}/${name}"; - }) (attrNames cfg.units); + }) (attrNames cfg.units) ++ + (map (entry: { + target = "systemd/network/${entry}"; + source = "${config.systemd.package}/lib/systemd/network/${entry}"; + }) (attrNames (builtins.readDir "${config.systemd.package}/lib/systemd/network"))); in { |