diff options
Diffstat (limited to 'nixos/modules/system/boot')
-rw-r--r-- | nixos/modules/system/boot/luksroot.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/networkd.nix | 15 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-2-init.sh | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-2.nix | 1 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd-lib.nix | 8 |
5 files changed, 21 insertions, 7 deletions
diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index 27c1f891f485..ed8b9f01e275 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -324,7 +324,7 @@ in [ "aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" - (if pkgs.stdenv.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") + (if pkgs.stdenv.hostPlatform.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") ]; description = '' A list of cryptographic kernel modules needed to decrypt the root device(s). diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index c11aaeaeb6dc..4bacf0f126a4 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -30,10 +30,14 @@ let (assertValueOneOf "UDPSegmentationOffload" boolValues) (assertValueOneOf "GenericReceiveOffload" boolValues) (assertValueOneOf "LargeReceiveOffload" boolValues) - (assertRange "RxChannels" 1 4294967295) - (assertRange "TxChannels" 1 4294967295) - (assertRange "OtherChannels" 1 4294967295) - (assertRange "CombinedChannels" 1 4294967295) + (assertInt "RxChannels") + (assertMinimum "RxChannels" 1) + (assertInt "TxChannels") + (assertMinimum "TxChannels" 1) + (assertInt "OtherChannels") + (assertMinimum "OtherChannels" 1) + (assertInt "CombinedChannels") + (assertMinimum "CombinedChannels" 1) ]; checkNetdev = checkUnitConfig "Netdev" [ @@ -226,7 +230,8 @@ let (assertValueOneOf "UseTimezone" boolValues) (assertValueOneOf "CriticalConnection" boolValues) (assertValueOneOf "RequestBroadcast" boolValues) - (assertRange "RouteTable" 0 4294967295) + (assertInt "RouteTable") + (assertMinimum "RouteTable" 0) (assertValueOneOf "RapidCommit" boolValues) ]; diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh index b83012dfda7e..49764b75a557 100644 --- a/nixos/modules/system/boot/stage-2-init.sh +++ b/nixos/modules/system/boot/stage-2-init.sh @@ -159,6 +159,6 @@ exec {logOutFd}>&- {logErrFd}>&- # Start systemd. echo "starting systemd..." -PATH=/run/current-system/systemd/lib/systemd \ +PATH=/run/current-system/systemd/lib/systemd:@fsPackagesPath@ \ LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive \ exec systemd diff --git a/nixos/modules/system/boot/stage-2.nix b/nixos/modules/system/boot/stage-2.nix index 9fd89b6319db..55e6b19c67fd 100644 --- a/nixos/modules/system/boot/stage-2.nix +++ b/nixos/modules/system/boot/stage-2.nix @@ -17,6 +17,7 @@ let pkgs.utillinux pkgs.openresolv ]; + fsPackagesPath = lib.makeBinPath config.system.fsPackages; postBootCommands = pkgs.writeText "local-cmds" '' ${config.boot.postBootCommands} diff --git a/nixos/modules/system/boot/systemd-lib.nix b/nixos/modules/system/boot/systemd-lib.nix index 8b37bf8d35d8..9c8d4a026b4a 100644 --- a/nixos/modules/system/boot/systemd-lib.nix +++ b/nixos/modules/system/boot/systemd-lib.nix @@ -73,11 +73,19 @@ in rec { optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name})) "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]"; + assertMinimum = name: min: group: attr: + optional (attr ? ${name} && attr.${name} < min) + "Systemd ${group} field `${name}' must be greater than or equal to ${toString min}"; + assertOnlyFields = fields: group: attr: let badFields = filter (name: ! elem name fields) (attrNames attr); in optional (badFields != [ ]) "Systemd ${group} has extra fields [${concatStringsSep " " badFields}]."; + assertInt = name: group: attr: + optional (attr ? ${name} && !isInt attr.${name}) + "Systemd ${group} field `${name}' is not an integer"; + checkUnitConfig = group: checks: attrs: let # We're applied at the top-level type (attrsOf unitOption), so the actual # unit options might contain attributes from mkOverride that we need to |