diff options
Diffstat (limited to 'nixos/modules/system')
-rw-r--r-- | nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix | 15 | ||||
-rw-r--r-- | nixos/modules/system/boot/resolved.nix | 43 | ||||
-rw-r--r-- | nixos/modules/system/boot/stage-2.nix | 9 | ||||
-rw-r--r-- | nixos/modules/system/boot/systemd-unit-options.nix | 2 |
4 files changed, 47 insertions, 22 deletions
diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix index 910a602c61de..22d459ceb04f 100644 --- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix +++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix @@ -22,7 +22,9 @@ let editor = if cfg.editor then "True" else "False"; - inherit (cfg) consoleMode configurationLimit; + configurationLimit = if cfg.configurationLimit == null then 0 else cfg.configurationLimit; + + inherit (cfg) consoleMode; inherit (efi) efiSysMountPoint canTouchEfiVariables; @@ -58,12 +60,15 @@ in { }; configurationLimit = mkOption { - default = 100; + default = null; example = 120; - type = types.int; + type = types.nullOr types.int; description = '' - Maximum of configurations in boot menu. Otherwise boot partition could - run out of disk space. + Maximum number of latest generations in the boot menu. + Useful to prevent boot partition running out of disk space. + + <literal>null</literal> means no limit i.e. all generations + that were not garbage collected yet. ''; }; diff --git a/nixos/modules/system/boot/resolved.nix b/nixos/modules/system/boot/resolved.nix index 5c66cf4a6e6e..3ea96f8e4645 100644 --- a/nixos/modules/system/boot/resolved.nix +++ b/nixos/modules/system/boot/resolved.nix @@ -3,6 +3,10 @@ with lib; let cfg = config.services.resolved; + + dnsmasqResolve = config.services.dnsmasq.enable && + config.services.dnsmasq.resolveLocalQueries; + in { @@ -126,6 +130,12 @@ in config = mkIf cfg.enable { + assertions = [ + { assertion = !config.networking.useHostResolvConf; + message = "Using host resolv.conf is not supported with systemd-resolved"; + } + ]; + systemd.additionalUpstreamSystemUnits = [ "systemd-resolved.service" ]; @@ -135,21 +145,30 @@ in restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ]; }; - environment.etc."systemd/resolved.conf".text = '' - [Resolve] - ${optionalString (config.networking.nameservers != []) - "DNS=${concatStringsSep " " config.networking.nameservers}"} - ${optionalString (cfg.fallbackDns != []) - "FallbackDNS=${concatStringsSep " " cfg.fallbackDns}"} - ${optionalString (cfg.domains != []) - "Domains=${concatStringsSep " " cfg.domains}"} - LLMNR=${cfg.llmnr} - DNSSEC=${cfg.dnssec} - ${config.services.resolved.extraConfig} - ''; + environment.etc = { + "systemd/resolved.conf".text = '' + [Resolve] + ${optionalString (config.networking.nameservers != []) + "DNS=${concatStringsSep " " config.networking.nameservers}"} + ${optionalString (cfg.fallbackDns != []) + "FallbackDNS=${concatStringsSep " " cfg.fallbackDns}"} + ${optionalString (cfg.domains != []) + "Domains=${concatStringsSep " " cfg.domains}"} + LLMNR=${cfg.llmnr} + DNSSEC=${cfg.dnssec} + ${config.services.resolved.extraConfig} + ''; + + # symlink the dynamic stub resolver of resolv.conf as recommended by upstream: + # https://www.freedesktop.org/software/systemd/man/systemd-resolved.html#/etc/resolv.conf + "resolv.conf".source = "/run/systemd/resolve/stub-resolv.conf"; + } // optionalAttrs dnsmasqResolve { + "dnsmasq-resolv.conf".source = "/run/systemd/resolve/resolv.conf"; + }; # If networkmanager is enabled, ask it to interface with resolved. networking.networkmanager.dns = "systemd-resolved"; + }; } diff --git a/nixos/modules/system/boot/stage-2.nix b/nixos/modules/system/boot/stage-2.nix index 55e6b19c67fd..6b0b47227301 100644 --- a/nixos/modules/system/boot/stage-2.nix +++ b/nixos/modules/system/boot/stage-2.nix @@ -4,19 +4,20 @@ with lib; let + useHostResolvConf = config.networking.resolvconf.enable && config.networking.useHostResolvConf; + bootStage2 = pkgs.substituteAll { src = ./stage-2-init.sh; shellDebug = "${pkgs.bashInteractive}/bin/bash"; shell = "${pkgs.bash}/bin/bash"; isExecutable = true; inherit (config.nix) readOnlyStore; - inherit (config.networking) useHostResolvConf; + inherit useHostResolvConf; inherit (config.system.build) earlyMountScript; - path = lib.makeBinPath [ + path = lib.makeBinPath ([ pkgs.coreutils pkgs.utillinux - pkgs.openresolv - ]; + ] ++ lib.optional useHostResolvConf pkgs.openresolv); fsPackagesPath = lib.makeBinPath config.system.fsPackages; postBootCommands = pkgs.writeText "local-cmds" '' diff --git a/nixos/modules/system/boot/systemd-unit-options.nix b/nixos/modules/system/boot/systemd-unit-options.nix index 63f974b704f3..ee4ae845a7d5 100644 --- a/nixos/modules/system/boot/systemd-unit-options.nix +++ b/nixos/modules/system/boot/systemd-unit-options.nix @@ -6,7 +6,7 @@ with import ./systemd-lib.nix { inherit config lib pkgs; }; let checkService = checkUnitConfig "Service" [ (assertValueOneOf "Type" [ - "simple" "forking" "oneshot" "dbus" "notify" "idle" + "exec" "simple" "forking" "oneshot" "dbus" "notify" "idle" ]) (assertValueOneOf "Restart" [ "no" "on-success" "on-failure" "on-abnormal" "on-abort" "always" |