diff options
author | Vladimír Čunát <vladimir.cunat@nic.cz> | 2016-07-14 15:51:28 +0200 |
---|---|---|
committer | Vladimír Čunát <vladimir.cunat@nic.cz> | 2016-07-14 15:51:28 +0200 |
commit | 1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb (patch) | |
tree | 79da6273c3244e5de7a0cb5c5093376aa3efa2c6 /nixos | |
parent | ab9515092b291fb92cf83a21c2a344a096ae8474 (diff) | |
parent | d9aafc885fe9424689ae30b11736b214be3cf9c2 (diff) | |
download | nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar.gz nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar.bz2 nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar.lz nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar.xz nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.tar.zst nixlib-1b5ac058451e5e0a0bc3ad36d1d1546e9aba61bb.zip |
Merge branch 'staging'
Includes security fixes in gd and libarchive.
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/config/fonts/fontconfig-ultimate.nix | 153 | ||||
-rw-r--r-- | nixos/modules/config/fonts/fontconfig.nix | 262 | ||||
-rw-r--r-- | nixos/modules/config/i18n.nix | 9 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/system/boot/initrd-ssh.nix | 3 | ||||
-rw-r--r-- | nixos/modules/system/boot/luksroot.nix | 26 | ||||
-rw-r--r-- | nixos/modules/system/boot/plymouth.nix | 129 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-1-init.sh | 6 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-1.nix | 26 | ||||
-rw-r--r-- | nixos/modules/tasks/kbd.nix | 102 |
10 files changed, 478 insertions, 239 deletions
diff --git a/nixos/modules/config/fonts/fontconfig-ultimate.nix b/nixos/modules/config/fonts/fontconfig-ultimate.nix index 02568f9de51e..47d7cc5924d4 100644 --- a/nixos/modules/config/fonts/fontconfig-ultimate.nix +++ b/nixos/modules/config/fonts/fontconfig-ultimate.nix @@ -3,6 +3,84 @@ with lib; let fcBool = x: if x then "<bool>true</bool>" else "<bool>false</bool>"; + cfg = config.fonts.fontconfig.ultimate; + fontconfigUltimateConf = pkgs.writeText "ultimate-conf" '' + <?xml version="1.0"?> + <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> + <fontconfig> + + ${optionalString (!cfg.allowBitmaps) '' + <!-- Reject bitmap fonts --> + <selectfont> + <rejectfont> + <pattern> + <patelt name="scalable"><bool>false</bool></patelt> + </pattern> + </rejectfont> + </selectfont> + ''} + + ${optionalString cfg.allowType1 '' + <!-- Reject Type 1 fonts --> + <selectfont> + <rejectfont> + <pattern> + <patelt name="fontformat"> + <string>Type 1</string> + </patelt> + </pattern> + </rejectfont> + </selectfont> + ''} + + <!-- Use embedded bitmaps in fonts like Calibri? --> + <match target="font"> + <edit name="embeddedbitmap" mode="assign"> + ${fcBool cfg.useEmbeddedBitmaps} + </edit> + </match> + + <!-- Force autohint always --> + <match target="font"> + <edit name="force_autohint" mode="assign"> + ${fcBool cfg.forceAutohint} + </edit> + </match> + + <!-- Render some monospace TTF fonts as bitmaps --> + <match target="pattern"> + <edit name="bitmap_monospace" mode="assign"> + ${fcBool cfg.renderMonoTTFAsBitmap} + </edit> + </match> + + </fontconfig> + ''; + confPkg = + let version = pkgs.fontconfig.configVersion; + in pkgs.runCommand "font-ultimate-conf" {} '' + mkdir -p $out/etc/fonts/{,${version}/}conf.d/ + + cp ${fontconfigUltimateConf} \ + $out/etc/fonts/conf.d/52-fontconfig-ultimate.conf + + cp ${fontconfigUltimateConf} \ + $out/etc/fonts/${version}/conf.d/52-fontconfig-ultimate.conf + + ${optionalString (cfg.substitutions != "none") '' + cp ${pkgs.fontconfig-ultimate.confd}/etc/fonts/presets/${cfg.substitutions}/*.conf \ + $out/etc/fonts/conf.d/ + cp ${pkgs.fontconfig-ultimate.confd}/etc/fonts/presets/${cfg.substitutions}/*.conf \ + $out/etc/fonts/${version}/conf.d/ + ''} + + ln -s ${pkgs.fontconfig-ultimate.confd}/etc/fonts/conf.d/*.conf \ + $out/etc/fonts/conf.d/ + + ln -s ${pkgs.fontconfig-ultimate.confd}/etc/fonts/conf.d/*.conf \ + $out/etc/fonts/${version}/conf.d/ + ''; + in { @@ -115,78 +193,11 @@ in }; - config = - let ultimate = config.fonts.fontconfig.ultimate; - fontconfigUltimateConf = '' - <?xml version="1.0"?> - <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> - <fontconfig> - - ${optionalString (!ultimate.allowBitmaps) '' - <!-- Reject bitmap fonts --> - <selectfont> - <rejectfont> - <pattern> - <patelt name="scalable"><bool>false</bool></patelt> - </pattern> - </rejectfont> - </selectfont> - ''} - - ${optionalString ultimate.allowType1 '' - <!-- Reject Type 1 fonts --> - <selectfont> - <rejectfont> - <pattern> - <patelt name="fontformat"> - <string>Type 1</string> - </patelt> - </pattern> - </rejectfont> - </selectfont> - ''} - - <!-- Use embedded bitmaps in fonts like Calibri? --> - <match target="font"> - <edit name="embeddedbitmap" mode="assign"> - ${fcBool ultimate.useEmbeddedBitmaps} - </edit> - </match> - - <!-- Force autohint always --> - <match target="font"> - <edit name="force_autohint" mode="assign"> - ${fcBool ultimate.forceAutohint} - </edit> - </match> - - <!-- Render some monospace TTF fonts as bitmaps --> - <match target="pattern"> - <edit name="bitmap_monospace" mode="assign"> - ${fcBool ultimate.renderMonoTTFAsBitmap} - </edit> - </match> - - ${optionalString (ultimate.substitutions != "none") '' - <!-- Type 1 font substitutions --> - <include ignore_missing="yes">${pkgs.fontconfig-ultimate.confd}/etc/fonts/presets/${ultimate.substitutions}</include> - ''} - - <include ignore_missing="yes">${pkgs.fontconfig-ultimate.confd}/etc/fonts/conf.d</include> - - </fontconfig> - ''; - in mkIf (config.fonts.fontconfig.enable && ultimate.enable) { - - environment.etc."fonts/conf.d/52-fontconfig-ultimate.conf" = { - text = fontconfigUltimateConf; - }; - - environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/52-fontconfig-ultimate.conf" = { - text = fontconfigUltimateConf; - }; + config = mkIf (config.fonts.fontconfig.enable && cfg.enable) { - environment.variables = ultimate.rendering; + fonts.fontconfig.confPkgs = [ confPkg ]; + + environment.variables = cfg.rendering; }; diff --git a/nixos/modules/config/fonts/fontconfig.nix b/nixos/modules/config/fonts/fontconfig.nix index 1eaebe4b2bbd..fcf5add45197 100644 --- a/nixos/modules/config/fonts/fontconfig.nix +++ b/nixos/modules/config/fonts/fontconfig.nix @@ -2,6 +2,121 @@ with lib; +let cfg = config.fonts.fontconfig; + fcBool = x: "<bool>" + (if x then "true" else "false") + "</bool>"; + renderConf = pkgs.writeText "render-conf" '' + <?xml version='1.0'?> + <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> + <fontconfig> + + <!-- Default rendering settings --> + <match target="font"> + <edit mode="assign" name="hinting"> + ${fcBool cfg.hinting.enable} + </edit> + <edit mode="assign" name="autohint"> + ${fcBool cfg.hinting.autohint} + </edit> + <edit mode="assign" name="hintstyle"> + <const>hint${cfg.hinting.style}</const> + </edit> + <edit mode="assign" name="antialias"> + ${fcBool cfg.antialias} + </edit> + <edit mode="assign" name="rgba"> + <const>${cfg.subpixel.rgba}</const> + </edit> + <edit mode="assign" name="lcdfilter"> + <const>lcd${cfg.subpixel.lcdfilter}</const> + </edit> + </match> + + ${optionalString (cfg.dpi != 0) '' + <match target="pattern"> + <edit name="dpi" mode="assign"> + <double>${toString cfg.dpi}</double> + </edit> + </match> + ''} + + </fontconfig> + ''; + genericAliasConf = + let genDefault = fonts: name: + optionalString (fonts != []) '' + <alias> + <family>${name}</family> + <prefer> + ${concatStringsSep "" + (map (font: '' + <family>${font}</family> + '') fonts)} + </prefer> + </alias> + ''; + in + pkgs.writeText "generic-alias-conf" '' + <?xml version='1.0'?> + <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> + <fontconfig> + + <!-- Default fonts --> + ${genDefault cfg.defaultFonts.sansSerif "sans-serif"} + + ${genDefault cfg.defaultFonts.serif "serif"} + + ${genDefault cfg.defaultFonts.monospace "monospace"} + + </fontconfig> + ''; + cacheConf = let + cache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.fonts; }; + in + pkgs.writeText "cache-conf" '' + <?xml version='1.0'?> + <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> + <fontconfig> + <!-- Font directories --> + ${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)} + <!-- Pre-generated font caches --> + <cachedir>${cache pkgs.fontconfig}</cachedir> + ${optionalString (pkgs.stdenv.isx86_64 && cfg.cache32Bit) '' + <cachedir>${cache pkgs.pkgsi686Linux.fontconfig}</cachedir> + ''} + </fontconfig> + ''; + userConf = pkgs.writeText "user-conf" '' + <?xml version="1.0"?> + <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> + <fontconfig> + <include ignore_missing="yes" prefix="xdg">fontconfig/conf.d</include> + <include ignore_missing="yes" prefix="xdg">fontconfig/fonts.conf</include> + </fontconfig> + ''; + fontsConf = pkgs.makeFontsConf { fontconfig = pkgs.fontconfig_210; fontDirectories = config.fonts.fonts; }; + confPkg = + let version = pkgs.fontconfig.configVersion; + in pkgs.runCommand "fontconfig-conf" {} '' + mkdir -p $out/etc/fonts/{,${version}/}conf.d + + ln -s ${fontsConf} $out/etc/fonts/fonts.conf + + ln -s ${pkgs.fontconfig.out}/etc/fonts/fonts.conf $out/etc/fonts/${version}/fonts.conf + ln -s ${pkgs.fontconfig.out}/etc/fonts/conf.d/* $out/etc/fonts/${version}/conf.d/ + + ln -s ${renderConf} $out/etc/fonts/conf.d/10-nixos-rendering.conf + ln -s ${genericAliasConf} $out/etc/fonts/conf.d/60-nixos-generic-alias.conf + + ln -s ${cacheConf} $out/etc/fonts/${version}/conf.d/00-nixos.conf + + ln -s ${renderConf} $out/etc/fonts/${version}/conf.d/10-nixos-rendering.conf + ln -s ${genericAliasConf} $out/etc/fonts/${version}/conf.d/30-nixos-generic-alias.conf + + ${optionalString cfg.includeUserConf + "ln -s ${userConf} $out/etc/fonts/${version}/conf.d/99-user.conf"} + + ''; +in { options = { @@ -21,6 +136,15 @@ with lib; ''; }; + confPkgs = mkOption { + internal = true; + type = with types; listOf path; + default = [ ]; + description = '' + Fontconfig configuration packages. + ''; + }; + antialias = mkOption { type = types.bool; default = true; @@ -143,135 +267,17 @@ with lib; }; - config = - let fontconfig = config.fonts.fontconfig; - fcBool = x: "<bool>" + (if x then "true" else "false") + "</bool>"; - renderConf = '' - <?xml version='1.0'?> - <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> - <fontconfig> - - <!-- Default rendering settings --> - <match target="font"> - <edit mode="assign" name="hinting"> - ${fcBool fontconfig.hinting.enable} - </edit> - <edit mode="assign" name="autohint"> - ${fcBool fontconfig.hinting.autohint} - </edit> - <edit mode="assign" name="hintstyle"> - <const>hint${fontconfig.hinting.style}</const> - </edit> - <edit mode="assign" name="antialias"> - ${fcBool fontconfig.antialias} - </edit> - <edit mode="assign" name="rgba"> - <const>${fontconfig.subpixel.rgba}</const> - </edit> - <edit mode="assign" name="lcdfilter"> - <const>lcd${fontconfig.subpixel.lcdfilter}</const> - </edit> - </match> - - ${optionalString (fontconfig.dpi != 0) '' - <match target="pattern"> - <edit name="dpi" mode="assign"> - <double>${toString fontconfig.dpi}</double> - </edit> - </match> - ''} - - </fontconfig> - ''; - genericAliasConf = '' - <?xml version='1.0'?> - <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> - <fontconfig> - - <!-- Default fonts --> - ${optionalString (fontconfig.defaultFonts.sansSerif != []) '' - <alias> - <family>sans-serif</family> - <prefer> - ${concatStringsSep "\n" - (map (font: "<family>${font}</family>") - fontconfig.defaultFonts.sansSerif)} - </prefer> - </alias> - ''} - ${optionalString (fontconfig.defaultFonts.serif != []) '' - <alias> - <family>serif</family> - <prefer> - ${concatStringsSep "\n" - (map (font: "<family>${font}</family>") - fontconfig.defaultFonts.serif)} - </prefer> - </alias> - ''} - ${optionalString (fontconfig.defaultFonts.monospace != []) '' - <alias> - <family>monospace</family> - <prefer> - ${concatStringsSep "\n" - (map (font: "<family>${font}</family>") - fontconfig.defaultFonts.monospace)} - </prefer> - </alias> - ''} - - </fontconfig> - ''; - in mkIf fontconfig.enable { - - # Fontconfig 2.10 backward compatibility - - # Bring in the default (upstream) fontconfig configuration, only for fontconfig 2.10 - environment.etc."fonts/fonts.conf".source = - pkgs.makeFontsConf { fontconfig = pkgs.fontconfig_210; fontDirectories = config.fonts.fonts; }; - - environment.etc."fonts/conf.d/10-nixos-rendering.conf".text = renderConf; - environment.etc."fonts/conf.d/60-nixos-generic-alias.conf".text = genericAliasConf; - - # Versioned fontconfig > 2.10. Take shared fonts.conf from fontconfig. - # Otherwise specify only font directories. - environment.etc."fonts/${pkgs.fontconfig.configVersion}/fonts.conf".source = - "${pkgs.fontconfig.out}/etc/fonts/fonts.conf"; - - environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/00-nixos.conf".text = - let - cache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.fonts; }; - in '' - <?xml version='1.0'?> - <!DOCTYPE fontconfig SYSTEM 'fonts.dtd'> - <fontconfig> - <!-- Font directories --> - ${concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.fonts)} - <!-- Pre-generated font caches --> - <cachedir>${cache pkgs.fontconfig}</cachedir> - ${optionalString (pkgs.stdenv.isx86_64 && config.fonts.fontconfig.cache32Bit) '' - <cachedir>${cache pkgs.pkgsi686Linux.fontconfig}</cachedir> - ''} - </fontconfig> - ''; - - environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/10-nixos-rendering.conf".text = renderConf; - environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/60-nixos-generic-alias.conf".text = genericAliasConf; - - environment.etc."fonts/${pkgs.fontconfig.configVersion}/conf.d/99-user.conf" = { - enable = fontconfig.includeUserConf; - text = '' - <?xml version="1.0"?> - <!DOCTYPE fontconfig SYSTEM "fonts.dtd"> - <fontconfig> - <include ignore_missing="yes" prefix="xdg">fontconfig/conf.d</include> - <include ignore_missing="yes" prefix="xdg">fontconfig/fonts.conf</include> - </fontconfig> - ''; - }; + config = mkIf cfg.enable { + fonts.fontconfig.confPkgs = [ confPkg ]; - environment.systemPackages = [ pkgs.fontconfig ]; + environment.etc.fonts.source = + let fontConf = pkgs.symlinkJoin { + name = "fontconfig-etc"; + paths = cfg.confPkgs; + }; + in "${fontConf}/etc/fonts/"; - }; + environment.systemPackages = [ pkgs.fontconfig ]; + }; } diff --git a/nixos/modules/config/i18n.nix b/nixos/modules/config/i18n.nix index b20fac6ad3e2..e341931aacce 100644 --- a/nixos/modules/config/i18n.nix +++ b/nixos/modules/config/i18n.nix @@ -41,6 +41,15 @@ in ''; }; + consolePackages = mkOption { + type = types.listOf types.package; + default = with pkgs.kbdKeymaps; [ dvp neo ]; + description = '' + List of additional packages that provide console fonts, keymaps and + other resources. + ''; + }; + consoleFont = mkOption { type = types.str; default = "Lat2-Terminus16"; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 2ed711b79c45..04ea1c14e297 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -525,6 +525,7 @@ ./system/boot/luksroot.nix ./system/boot/modprobe.nix ./system/boot/networkd.nix + ./system/boot/plymouth.nix ./system/boot/resolved.nix ./system/boot/shutdown.nix ./system/boot/stage-1.nix diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index 3e2805a8c341..d0a4ce51148f 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -100,9 +100,6 @@ in ''; boot.initrd.network.postCommands = '' - mkdir /dev/pts - mount -t devpts devpts /dev/pts - echo '${cfg.shell}' > /etc/shells echo 'root:x:0:0:root:/root:${cfg.shell}' > /etc/passwd echo 'passwd: files' > /etc/nsswitch.conf diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index 8dad09c89207..15881b6d3714 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -36,7 +36,7 @@ let ${optionalString (header != null) "--header=${header}"} \ ${optionalString (keyFile != null) "--key-file=${keyFile} ${optionalString (keyFileSize != null) "--keyfile-size=${toString keyFileSize}"}"} \ > /.luksopen_args - cryptsetup-askpass + get_password "Enter LUKS Passphrase" cryptsetup-askpass rm /.luksopen_args } @@ -78,9 +78,7 @@ let for try in $(seq 3); do ${optionalString yubikey.twoFactor '' - echo -n "Enter two-factor passphrase: " - read -s k_user - echo + k_user="$(get_password "Enter two-factor passphrase" cat)" ''} if [ ! -z "$k_user" ]; then @@ -463,6 +461,26 @@ in ''} ''; + boot.initrd.preDeviceCommands = '' + get_password() { + local ret + local reply + local tty_stat + + tty_stat="$(stty -g)" + stty -echo + for i in `seq 1 3`; do + echo -n "$1: " + read reply + echo "$reply" | "$2" + if [ "$?" = "0" ]; then + break + fi + done + stty "$tty_stat" + } + ''; + boot.initrd.preLVMCommands = concatStrings (mapAttrsToList openCommand preLVM); boot.initrd.postDeviceCommands = concatStrings (mapAttrsToList openCommand postLVM); diff --git a/nixos/modules/system/boot/plymouth.nix b/nixos/modules/system/boot/plymouth.nix new file mode 100644 index 000000000000..82c1032937c6 --- /dev/null +++ b/nixos/modules/system/boot/plymouth.nix @@ -0,0 +1,129 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + inherit (pkgs) plymouth; + + cfg = config.boot.plymouth; + + themesEnv = pkgs.buildEnv { + name = "plymouth-themes"; + paths = [ plymouth ] ++ cfg.themePackages; + }; + + configFile = pkgs.writeText "plymouthd.conf" '' + [Daemon] + ShowDelay=0 + Theme=${cfg.theme} + ''; + +in + +{ + + options = { + + boot.plymouth = { + + enable = mkEnableOption "Plymouth boot splash screen"; + + themePackages = mkOption { + default = []; + type = types.listOf types.package; + description = '' + Extra theme packages for plymouth. + ''; + }; + + theme = mkOption { + default = "fade-in"; + type = types.str; + description = '' + Splash screen theme. + ''; + }; + + logo = mkOption { + type = types.path; + default = pkgs.fetchurl { + url = "https://nixos.org/logo/nixos-hires.png"; + sha256 = "1ivzgd7iz0i06y36p8m5w48fd8pjqwxhdaavc0pxs7w1g7mcy5si"; + }; + description = '' + Logo which is displayed on the splash screen. + ''; + }; + + }; + + }; + + config = mkIf cfg.enable { + + boot.kernelParams = [ "splash" ]; + + # To be discoverable by systemd. + environment.systemPackages = [ plymouth ]; + + environment.etc."plymouth/plymouthd.conf".source = configFile; + environment.etc."plymouth/plymouthd.defaults".source = "${plymouth}/share/plymouth/plymouth.defaults"; + environment.etc."plymouth/logo.png".source = cfg.logo; + environment.etc."plymouth/themes".source = "${themesEnv}/share/plymouth/themes"; + # XXX: Needed because we supply a different set of plugins in initrd. + environment.etc."plymouth/plugins".source = "${plymouth}/lib/plymouth"; + + systemd.packages = [ plymouth ]; + + systemd.services.plymouth-kexec.wantedBy = [ "kexec.target" ]; + systemd.services.plymouth-halt.wantedBy = [ "halt.target" ]; + systemd.services.plymouth-quit = { + wantedBy = [ "multi-user.target" ]; + after = [ "display-manager.service" "multi-user.target" ]; + }; + systemd.services.plymouth-poweroff.wantedBy = [ "poweroff.target" ]; + systemd.services.plymouth-reboot.wantedBy = [ "reboot.target" ]; + systemd.services.plymouth-read-write.wantedBy = [ "sysinit.target" ]; + + boot.initrd.extraUtilsCommands = '' + copy_bin_and_libs ${pkgs.plymouth}/bin/plymouthd + copy_bin_and_libs ${pkgs.plymouth}/bin/plymouth + + moduleName="$(sed -n 's,ModuleName *= *,,p' ${themesEnv}/share/plymouth/themes/${cfg.theme}/${cfg.theme}.plymouth)" + + mkdir -p $out/lib/plymouth/renderers + cp ${plymouth}/lib/plymouth/{text,details,$moduleName}.so $out/lib/plymouth + cp ${plymouth}/lib/plymouth/renderers/{drm,frame-buffer}.so $out/lib/plymouth/renderers + + mkdir -p $out/share/plymouth/themes + cp ${plymouth}/share/plymouth/plymouthd.defaults $out/share/plymouth + cp -r ${themesEnv}/share/plymouth/themes/{text,details,${cfg.theme}} $out/share/plymouth/themes + cp ${cfg.logo} $out/share/plymouth/logo.png + ''; + + boot.initrd.extraUtilsCommandsTest = '' + $out/bin/plymouthd --help >/dev/null + $out/bin/plymouth --help >/dev/null + ''; + + boot.initrd.extraUdevRulesCommands = '' + cp ${config.systemd.package}/lib/udev/rules.d/{70-uaccess,71-seat}.rules $out + sed -i '/loginctl/d' $out/71-seat.rules + ''; + + boot.initrd.preLVMCommands = mkAfter '' + mkdir -p /etc/plymouth + ln -s ${configFile} /etc/plymouth/plymouthd.conf + ln -s $extraUtils/share/plymouth/plymouthd.defaults /etc/plymouth/plymouthd.defaults + ln -s $extraUtils/share/plymouth/logo.png /etc/plymouth/logo.png + ln -s $extraUtils/share/plymouth/themes /etc/plymouth/themes + ln -s $extraUtils/lib/plymouth /etc/plymouth/plugins + + plymouthd --mode=boot --pid-file=/run/plymouth/pid --attach-to-session + plymouth --show-splash + ''; + + }; + +} diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index 9bffcd31b9b4..6b1bf0b3e028 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -3,6 +3,7 @@ targetRoot=/mnt-root console=tty1 +extraUtils="@extraUtils@" export LD_LIBRARY_PATH=@extraUtils@/lib export PATH=@extraUtils@/bin ln -s @extraUtils@/bin /bin @@ -13,6 +14,9 @@ export LVM_SUPPRESS_FD_WARNINGS=true fail() { if [ -n "$panicOnFail" ]; then exit 1; fi + # If we have a splash screen started, quit it. + command -v plymouth >/dev/null 2>&1 && plymouth quit + # If starting stage 2 failed, allow the user to repair the problem # in an interactive shell. cat <<EOF @@ -70,6 +74,8 @@ mount -t sysfs sysfs /sys mount -t devtmpfs -o "size=@devSize@" devtmpfs /dev mkdir -p /run mount -t tmpfs -o "mode=0755,size=@runSize@" tmpfs /run +mkdir /dev/pts +mount -t devpts devpts /dev/pts # Log the script output to /dev/kmsg or /run/log/stage-1-init.log. mkdir -p /tmp diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 5e6554324ca4..56a9c38b8f2b 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -81,9 +81,9 @@ let # Copy ld manually since it isn't detected correctly cp -pv ${pkgs.glibc.out}/lib/ld*.so.? $out/lib - # Copy all of the needed libraries for the binaries - for BIN in $(find $out/{bin,sbin} -type f); do - echo "Copying libs for bin $BIN" + # Copy all of the needed libraries + find $out/bin $out/lib -type f | while read BIN; do + echo "Copying libs for executable $BIN" LDD="$(ldd $BIN)" || continue LIBS="$(echo "$LDD" | awk '{print $3}' | sed '/^$/d')" for LIB in $LIBS; do @@ -104,13 +104,17 @@ let stripDirs "lib bin" "-s" # Run patchelf to make the programs refer to the copied libraries. - for i in $out/bin/* $out/lib/*; do if ! test -L $i; then nuke-refs -e $out $i; fi; done + find $out/bin $out/lib -type f | while read i; do + if ! test -L $i; then + nuke-refs -e $out $i + fi + done - for i in $out/bin/*; do - if ! test -L $i; then - echo "patching $i..." - patchelf --set-interpreter $out/lib/ld*.so.? --set-rpath $out/lib $i || true - fi + find $out/bin -type f | while read i; do + if ! test -L $i; then + echo "patching $i..." + patchelf --set-interpreter $out/lib/ld*.so.? --set-rpath $out/lib $i || true + fi done # Make sure that the patchelf'ed binaries still work. @@ -138,6 +142,7 @@ let udevRules = pkgs.stdenv.mkDerivation { name = "udev-rules"; + allowedReferences = [ extraUtils ]; buildCommand = '' mkdir -p $out @@ -160,7 +165,8 @@ let --replace /sbin/mdadm ${extraUtils}/bin/mdadm \ --replace /bin/sh ${extraUtils}/bin/sh \ --replace /usr/bin/readlink ${extraUtils}/bin/readlink \ - --replace /usr/bin/basename ${extraUtils}/bin/basename + --replace /usr/bin/basename ${extraUtils}/bin/basename \ + --replace ${udev}/bin/udevadm ${extraUtils}/bin/udevadm done # Work around a bug in QEMU, which doesn't implement the "READ diff --git a/nixos/modules/tasks/kbd.nix b/nixos/modules/tasks/kbd.nix index 02721bb3bea2..8cdd34ef174c 100644 --- a/nixos/modules/tasks/kbd.nix +++ b/nixos/modules/tasks/kbd.nix @@ -5,14 +5,33 @@ with lib; let makeColor = n: value: "COLOR_${toString n}=${value}"; + makeColorCS = + let positions = [ "0" "1" "2" "3" "4" "5" "6" "7" "8" "9" "A" "B" "C" "D" "E" "F" ]; + in n: value: "\033]P${elemAt position n}${value}"; colors = concatImapStringsSep "\n" makeColor config.i18n.consoleColors; + isUnicode = hasSuffix "UTF-8" (toUpper config.i18n.defaultLocale); + + optimizedKeymap = pkgs.runCommand "keymap" { + nativeBuildInputs = [ pkgs.kbd ]; + } '' + cd ${kbdEnv}/share/keymaps + loadkeys -b ${optionalString isUnicode "-u"} "${config.i18n.consoleKeyMap}" > $out + ''; + + # Sadly, systemd-vconsole-setup doesn't support binary keymaps. vconsoleConf = pkgs.writeText "vconsole.conf" '' KEYMAP=${config.i18n.consoleKeyMap} FONT=${config.i18n.consoleFont} ${colors} ''; + kbdEnv = pkgs.buildEnv { + name = "kbd-env"; + paths = [ pkgs.kbd ] ++ config.i18n.consolePackages; + pathsToLink = [ "/share/consolefonts" "/share/consoletrans" "/share/keymaps" "/share/unimaps" ]; + }; + setVconsole = !config.boot.isContainer; in @@ -38,38 +57,75 @@ in ''; }; + boot.earlyVconsoleSetup = mkOption { + default = false; + type = types.bool; + description = '' + Enable setting font and keymap as early as possible (in initrd). + ''; + }; + }; ###### implementation config = mkMerge [ - (mkIf (!setVconsole) { + (mkIf (!setVconsole || (setVconsole && config.boot.earlyVconsoleSetup)) { systemd.services."systemd-vconsole-setup".enable = false; }) - (mkIf setVconsole { - environment.systemPackages = [ pkgs.kbd ]; - - # Let systemd-vconsole-setup.service do the work of setting up the - # virtual consoles. FIXME: trigger a restart of - # systemd-vconsole-setup.service if /etc/vconsole.conf changes. - environment.etc = [ { - target = "vconsole.conf"; - source = vconsoleConf; - } ]; - - # This is identical to the systemd-vconsole-setup.service unit - # shipped with systemd, except that it uses /dev/tty1 instead of - # /dev/tty0 to prevent putting the X server in non-raw mode, and - # it has a restart trigger. - systemd.services."systemd-vconsole-setup" = - { wantedBy = [ "multi-user.target" ]; - before = [ "display-manager.service" ]; - after = [ "systemd-udev-settle.service" ]; - restartTriggers = [ vconsoleConf ]; - }; - }) + (mkIf setVconsole (mkMerge [ + { environment.systemPackages = [ pkgs.kbd ]; + + # Let systemd-vconsole-setup.service do the work of setting up the + # virtual consoles. + environment.etc."vconsole.conf".source = vconsoleConf; + # Provide kbd with additional packages. + environment.etc."kbd".source = "${kbdEnv}/share"; + } + + (mkIf (!config.boot.earlyVconsoleSetup) { + # This is identical to the systemd-vconsole-setup.service unit + # shipped with systemd, except that it uses /dev/tty1 instead of + # /dev/tty0 to prevent putting the X server in non-raw mode, and + # it has a restart trigger. + systemd.services."systemd-vconsole-setup" = + { wantedBy = [ "sysinit.target" ]; + before = [ "display-manager.service" ]; + after = [ "systemd-udev-settle.service" ]; + restartTriggers = [ vconsoleConf kbdEnv ]; + }; + }) + + (mkIf config.boot.earlyVconsoleSetup { + boot.initrd.extraUtilsCommands = '' + mkdir -p $out/share/consolefonts + ${if substring 0 1 config.i18n.consoleFont == "/" then '' + font="${config.i18n.consoleFont}" + '' else '' + font="$(echo ${kbdEnv}/share/consolefonts/${config.i18n.consoleFont}.*)" + ''} + if [[ $font == *.gz ]]; then + gzip -cd $font > $out/share/consolefonts/font.psf + else + cp -L $font $out/share/consolefonts/font.psf + fi + ''; + + boot.initrd.preLVMCommands = mkBefore '' + kbd_mode ${if isUnicode then "-u" else "-a"} -C /dev/console + printf "\033%%${if isUnicode then "G" else "@"}" >> /dev/console + loadkmap < ${optimizedKeymap} + + setfont -C /dev/console $extraUtils/share/consolefonts/font.psf + + ${concatImapStringsSep "\n" (n: color: '' + printf "${makeColorCS n color}" >> /dev/console + '') config.i18n.consoleColors} + ''; + }) + ])) ]; } |