diff options
Diffstat (limited to 'nixos/modules')
19 files changed, 395 insertions, 85 deletions
diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index fde9989e1f97..446d79ce2200 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -45,9 +45,6 @@ with lib; # Get a console as soon as the initrd loads fbcon on EFI boot. boot.initrd.kernelModules = [ "fbcon" ]; - # Configure host id for ZFS to work - networking.hostId = "8425e349"; - # Allow the user to log in as root without a password. users.extraUsers.root.initialHashedPassword = ""; } diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index eadaae6715b4..ec3137ede4ff 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -352,7 +352,7 @@ EOF if ($fsType eq "btrfs") { my ($status, @id_info) = runCommand("btrfs subvol show $rootDir$mountPoint"); if ($status != 0 || join("", @msg) =~ /ERROR:/) { - die "Failed to retreive subvolume info for $mountPoint\n"; + die "Failed to retrieve subvolume info for $mountPoint\n"; } my @ids = join("", @id_info) =~ m/Object ID:[ \t\n]*([^ \t\n]*)/; if ($#ids > 0) { diff --git a/nixos/modules/installer/tools/nixos-install.sh b/nixos/modules/installer/tools/nixos-install.sh index 14ae3daace0b..b1f4772d5705 100644 --- a/nixos/modules/installer/tools/nixos-install.sh +++ b/nixos/modules/installer/tools/nixos-install.sh @@ -45,7 +45,9 @@ while [ "$#" -gt 0 ]; do ;; --chroot) runChroot=1 - chrootCommand=("$@") + if [[ "$@" != "" ]]; then + chrootCommand=("$@") + fi break ;; --help) @@ -254,8 +256,14 @@ NIXOS_INSTALL_GRUB=1 chroot $mountPoint \ chroot $mountPoint /nix/var/nix/profiles/system/activate +# Some systems may not be prepared to use NixOS' paths. +export PATH=/run/current-system/sw/bin:/run/current-system/sw/sbin:$PATH +export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixpkgs=/etc/nixos/nixpkgs +export NIX_PATH=$NIX_PATH:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels + + # Ask the user to set a root password. -if [ "$(chroot $mountPoint nix-instantiate --eval '<nixos>' -A config.users.mutableUsers)" = true ] && [ -t 0 ] ; then +if [ "$(chroot $mountPoint nix-instantiate --eval '<nixpkgs/nixos>' -A config.users.mutableUsers)" = true ] && [ -t 0 ] ; then echo "setting root password..." chroot $mountPoint /var/setuid-wrappers/passwd fi diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 023d67a01424..bf70715cea4c 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -152,6 +152,7 @@ ./services/hardware/actkbd.nix ./services/hardware/amd-hybrid-graphics.nix ./services/hardware/bluetooth.nix + ./services/hardware/brltty.nix ./services/hardware/freefall.nix ./services/hardware/nvidia-optimus.nix ./services/hardware/pcscd.nix @@ -185,6 +186,7 @@ ./services/misc/canto-daemon.nix ./services/misc/cpuminer-cryptonight.nix ./services/misc/cgminer.nix + ./services/misc/confd.nix ./services/misc/dictd.nix ./services/misc/disnix.nix ./services/misc/docker-registry.nix @@ -195,6 +197,7 @@ ./services/misc/gitolite.nix ./services/misc/gpsd.nix ./services/misc/ihaskell.nix + ./services/misc/mbpfan.nix ./services/misc/mediatomb.nix ./services/misc/mesos-master.nix ./services/misc/mesos-slave.nix @@ -272,6 +275,7 @@ ./services/networking/haproxy.nix ./services/networking/hostapd.nix ./services/networking/i2pd.nix + ./services/networking/i2p.nix ./services/networking/ifplugd.nix ./services/networking/iodined.nix ./services/networking/ircd-hybrid/default.nix diff --git a/nixos/modules/profiles/base.nix b/nixos/modules/profiles/base.nix index 0d40b7112df7..6c8e99943797 100644 --- a/nixos/modules/profiles/base.nix +++ b/nixos/modules/profiles/base.nix @@ -54,4 +54,6 @@ # Include support for various filesystems. boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "zfs" "ntfs" "cifs" ]; + # Configure host id for ZFS to work + networking.hostId = "8425e349"; } diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index 631e8317cb4c..35622b12ea33 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -36,6 +36,16 @@ let ''; }; + u2fAuth = mkOption { + default = config.security.pam.enableU2F; + type = types.bool; + description = '' + If set, users listed in + <filename>~/.yubico/u2f_keys</filename> are able to log in + with the associated U2F key. + ''; + }; + usbAuth = mkOption { default = config.security.pam.usb.enable; type = types.bool; @@ -209,6 +219,8 @@ let "auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=~/.ssh/authorized_keys:~/.ssh/authorized_keys2:/etc/ssh/authorized_keys.d/%u"} ${optionalString cfg.fprintAuth "auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so"} + ${optionalString cfg.u2fAuth + "auth sufficient ${pkgs.pam_u2f}/lib/security/pam_u2f.so"} ${optionalString cfg.usbAuth "auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so"} ${optionalString cfg.unixAuth @@ -364,6 +376,13 @@ in ''; }; + security.pam.enableU2F = mkOption { + default = false; + description = '' + Enable the U2F PAM module. + ''; + }; + security.pam.enableEcryptfs = mkOption { default = false; description = '' @@ -392,6 +411,7 @@ in ++ optionals config.krb5.enable [pam_krb5 pam_ccreds] ++ optionals config.security.pam.enableOTPW [ pkgs.otpw ] ++ optionals config.security.pam.enableOATH [ pkgs.oathToolkit ] + ++ optionals config.security.pam.enableU2F [ pkgs.pam_u2f ] ++ optionals config.security.pam.enableEcryptfs [ pkgs.ecryptfs ]; security.setuidPrograms = diff --git a/nixos/modules/services/cluster/kubernetes.nix b/nixos/modules/services/cluster/kubernetes.nix index d9ae0454ba5e..6a775bb159fc 100644 --- a/nixos/modules/services/cluster/kubernetes.nix +++ b/nixos/modules/services/cluster/kubernetes.nix @@ -224,7 +224,7 @@ in { machines = mkOption { description = "Kubernetes controller list of machines to schedule to schedule onto"; - default = []; + default = [config.networking.hostName]; type = types.listOf types.str; }; @@ -310,6 +310,12 @@ in { type = types.str; }; + master = mkOption { + description = "Kubernetes apiserver address"; + default = "${cfg.apiserver.address}:${toString cfg.apiserver.port}"; + type = types.str; + }; + extraOpts = mkOption { description = "Kubernetes proxy extra command line options."; default = ""; @@ -355,6 +361,7 @@ in { --secure_port=${toString cfg.apiserver.securePort} \ --portal_net=${cfg.apiserver.portalNet} \ --logtostderr=true \ + --runtime_config=api/v1beta3 \ ${optionalString cfg.verbose "--v=6 --log_flush_frequency=1s"} \ ${cfg.apiserver.extraOpts} ''; @@ -416,7 +423,6 @@ in { script = '' export PATH="/bin:/sbin:/usr/bin:/usr/sbin:$PATH" exec ${cfg.package}/bin/kubelet \ - --etcd_servers=${concatMapStringsSep "," (f: "http://${f}") cfg.etcdServers} \ --api_servers=${concatMapStringsSep "," (f: "http://${f}") cfg.kubelet.apiServers} \ --address=${cfg.kubelet.address} \ --port=${toString cfg.kubelet.port} \ @@ -443,7 +449,7 @@ in { after = [ "network-interfaces.target" "etcd.service" ]; serviceConfig = { ExecStart = ''${cfg.package}/bin/kube-proxy \ - --etcd_servers=${concatMapStringsSep "," (s: "http://${s}") cfg.etcdServers} \ + --master=${cfg.proxy.master} \ --bind_address=${cfg.proxy.address} \ --logtostderr=true \ ${optionalString cfg.verbose "--v=6 --log_flush_frequency=1s"} \ diff --git a/nixos/modules/services/hardware/brltty.nix b/nixos/modules/services/hardware/brltty.nix new file mode 100644 index 000000000000..d6c05a3d620c --- /dev/null +++ b/nixos/modules/services/hardware/brltty.nix @@ -0,0 +1,42 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.brltty; + + stateDir = "/run/brltty"; + + pidFile = "${stateDir}/brltty.pid"; + +in { + + options = { + + services.brltty.enable = mkOption { + type = types.bool; + default = false; + description = "Whether to enable the BRLTTY daemon."; + }; + + }; + + config = mkIf cfg.enable { + + systemd.services.brltty = { + description = "Braille console driver"; + preStart = '' + mkdir -p ${stateDir} + ''; + serviceConfig = { + ExecStart = "${pkgs.brltty}/bin/brltty --pid-file=${pidFile}"; + Type = "forking"; + PIDFile = pidFile; + }; + before = [ "sysinit.target" ]; + wantedBy = [ "sysinit.target" ]; + }; + + }; + +} diff --git a/nixos/modules/services/misc/confd.nix b/nixos/modules/services/misc/confd.nix new file mode 100644 index 000000000000..7094bb460895 --- /dev/null +++ b/nixos/modules/services/misc/confd.nix @@ -0,0 +1,89 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.confd; + + confdConfig = '' + backend = "${cfg.backend}" + confdir = "${cfg.confDir}" + interval = ${toString cfg.interval} + nodes = [ ${concatMapStringsSep "," (s: ''"${s}"'') cfg.nodes}, ] + prefix = "${cfg.prefix}" + log-level = "${cfg.logLevel}" + watch = ${if cfg.watch then "true" else "false"} + ''; + +in { + options.services.confd = { + enable = mkEnableOption "Whether to enable confd service."; + + backend = mkOption { + description = "Confd config storage backend to use."; + default = "etcd"; + type = types.enum ["etcd" "consul" "redis" "zookeeper"]; + }; + + interval = mkOption { + description = "Confd check interval."; + default = 10; + type = types.int; + }; + + nodes = mkOption { + description = "Confd list of nodes to connect to."; + default = [ "http://127.0.0.1:4001" ]; + type = types.listOf types.str; + }; + + watch = mkOption { + description = "Confd, whether to watch etcd config for changes."; + default = true; + type = types.bool; + }; + + prefix = mkOption { + description = "The string to prefix to keys."; + default = "/"; + type = types.path; + }; + + logLevel = mkOption { + description = "Confd log level."; + default = "info"; + type = types.enum ["info" "debug"]; + }; + + confDir = mkOption { + description = "The path to the confd configs."; + default = "/etc/confd"; + type = types.path; + }; + + package = mkOption { + description = "Confd package to use."; + default = pkgs.goPackages.confd; + type = types.package; + }; + }; + + config = mkIf cfg.enable { + systemd.services.confd = { + description = "Confd Service."; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + serviceConfig = { + ExecStart = "${cfg.package}/bin/confd"; + }; + }; + + environment.etc = { + "confd/confd.toml".text = confdConfig; + }; + + environment.systemPackages = [ cfg.package ]; + + services.etcd.enable = mkIf (cfg.backend == "etcd") (mkDefault true); + }; +} diff --git a/nixos/modules/services/misc/mbpfan.nix b/nixos/modules/services/misc/mbpfan.nix new file mode 100644 index 000000000000..3fb5f684b761 --- /dev/null +++ b/nixos/modules/services/misc/mbpfan.nix @@ -0,0 +1,113 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.mbpfan; + verbose = if cfg.verbose then "v" else ""; + +in { + options.services.mbpfan = { + enable = mkOption { + default = false; + type = types.bool; + description = '' + Whether to enable the mbpfan daemon. + ''; + }; + + package = mkOption { + default = pkgs.mbpfan; + description = '' + The package used for the mbpfan daemon. + ''; + }; + + minFanSpeed = mkOption { + type = types.int; + default = 2000; + description = '' + The minimum fan speed. + ''; + }; + + maxFanSpeed = mkOption { + type = types.int; + default = 6200; + description = '' + The maximum fan speed. + ''; + }; + + lowTemp = mkOption { + type = types.int; + default = 63; + description = '' + The low temperature. + ''; + }; + + highTemp = mkOption { + type = types.int; + default = 66; + description = '' + The high temperature. + ''; + }; + + maxTemp = mkOption { + type = types.int; + default = 86; + description = '' + The maximum temperature. + ''; + }; + + pollingInterval = mkOption { + type = types.int; + default = 7; + description = '' + The polling interval. + ''; + }; + + verbose = mkOption { + type = types.bool; + default = false; + description = '' + If true, sets the log level to verbose. + ''; + }; + }; + + config = mkIf cfg.enable { + boot.kernelModules = [ "coretemp" "applesmc" ]; + + environment = { + etc."mbpfan.conf".text = '' + [general] + min_fan_speed = ${toString cfg.minFanSpeed} + max_fan_speed = ${toString cfg.maxFanSpeed} + low_temp = ${toString cfg.lowTemp} + high_temp = ${toString cfg.highTemp} + max_temp = ${toString cfg.maxTemp} + polling_interval = ${toString cfg.pollingInterval} + ''; + systemPackages = [ cfg.package ]; + }; + + systemd.services.mbpfan = { + description = "A fan manager daemon for MacBook Pro"; + wantedBy = [ "sysinit.target" ]; + after = [ "syslog.target" "sysinit.target" ]; + restartTriggers = [ config.environment.etc."mbpfan.conf".source ]; + serviceConfig = { + Type = "simple"; + ExecStart = "${cfg.package}/bin/mbpfan -f${verbose}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; + PIDFile = "/var/run/mbpfan.pid"; + Restart = "always"; + }; + }; + }; +} diff --git a/nixos/modules/services/misc/ripple-data-api.nix b/nixos/modules/services/misc/ripple-data-api.nix index 6e5ac7ab00bd..3b281449a256 100644 --- a/nixos/modules/services/misc/ripple-data-api.nix +++ b/nixos/modules/services/misc/ripple-data-api.nix @@ -43,6 +43,24 @@ in { type = types.int; }; + importMode = mkOption { + description = "Ripple data api import mode."; + default = "liveOnly"; + type = types.enum ["live" "liveOnly"]; + }; + + minLedger = mkOption { + description = "Ripple data api minimal ledger to fetch."; + default = null; + type = types.nullOr types.int; + }; + + maxLedger = mkOption { + description = "Ripple data api maximal ledger to fetch."; + default = null; + type = types.nullOr types.int; + }; + redis = { enable = mkOption { description = "Whether to enable caching of ripple data to redis."; @@ -129,6 +147,7 @@ in { serviceConfig = { ExecStart = "${pkgs.ripple-data-api}/bin/api"; + Restart = "always"; User = "ripple-data-api"; }; }; @@ -145,8 +164,15 @@ in { LOG_FILE = "/dev/null"; }; - serviceConfig = { - ExecStart = "${pkgs.ripple-data-api}/bin/importer live debug2"; + serviceConfig = let + importMode = + if cfg.minLedger != null && cfg.maxLedger != null then + "${toString cfg.minLedger} ${toString cfg.maxLedger}" + else + cfg.importMode; + in { + ExecStart = "${pkgs.ripple-data-api}/bin/importer ${importMode} debug"; + Restart = "always"; User = "ripple-data-api"; }; diff --git a/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix b/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix index c0ed20416397..52d8c89baff2 100644 --- a/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix +++ b/nixos/modules/services/web-servers/apache-httpd/mediawiki.nix @@ -83,11 +83,11 @@ let # Unpack Mediawiki and put the config file in its root directory. mediawikiRoot = pkgs.stdenv.mkDerivation rec { - name= "mediawiki-1.23.3"; + name= "mediawiki-1.23.9"; src = pkgs.fetchurl { url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz"; - sha256 = "0l6798jwjwk2khfnm84mgc65ij53a8pnv30wdnn15ys4ivia4bpf"; + sha256 = "1l7k4g0pgz92yvrfr52w26x740s4362v0gc95pk0i30vn2sp5bql"; }; skins = config.skins; @@ -142,6 +142,7 @@ in RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d ${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedDirs} + ${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedFiles} RewriteRule ${if config.enableUploads then "!^/images" else "^.*\$" diff --git a/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix b/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix index 0db27b0bcbe6..5abcc5e74900 100644 --- a/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix +++ b/nixos/modules/services/web-servers/apache-httpd/per-server-options.nix @@ -97,7 +97,7 @@ with lib; default = []; example = [ { urlPath = "/foo/bar.png"; - dir = "/home/eelco/some-file.png"; + files = "/home/eelco/some-file.png"; } ]; description = '' diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 0f21ef012639..fe50c182bfe5 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -102,6 +102,7 @@ in ''; serviceConfig = { ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}"; + ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; Restart = "on-failure"; RestartSec = "10s"; StartLimitInterval = "1min"; diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index 0221374ab835..b183c0f32366 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -132,7 +132,7 @@ let commonNetworkOptions = { enable = mkOption { - default = false; + default = true; type = types.bool; description = '' Whether to manage network configuration using <command>systemd-network</command>. @@ -482,6 +482,11 @@ let }; }; + commonMatchText = def: '' + [Match] + ${attrsToSection def.matchConfig} + ''; + linkToUnit = name: def: { inherit (def) enable; text = commonMatchText def + diff --git a/nixos/modules/system/boot/systemd-lib.nix b/nixos/modules/system/boot/systemd-lib.nix index e8cfd3395cb0..873fff15d384 100644 --- a/nixos/modules/system/boot/systemd-lib.nix +++ b/nixos/modules/system/boot/systemd-lib.nix @@ -25,6 +25,69 @@ rec { ln -s /dev/null $out/${shellEscape name} ''; + boolValues = [true false "yes" "no"]; + + digits = map toString (range 0 9); + + isByteFormat = s: + let + l = reverseList (stringToCharacters s); + suffix = head l; + nums = tail l; + in elem suffix (["K" "M" "G" "T"] ++ digits) + && all (num: elem num digits) nums; + + assertByteFormat = name: group: attr: + optional (attr ? ${name} && ! isByteFormat attr.${name}) + "Systemd ${group} field `${name}' must be in byte format [0-9]+[KMGT]."; + + hexChars = stringToCharacters "0123456789abcdefABCDEF"; + + isMacAddress = s: stringLength s == 17 + && flip all (splitString ":" s) (bytes: + all (byte: elem byte hexChars) (stringToCharacters bytes) + ); + + assertMacAddress = name: group: attr: + optional (attr ? ${name} && ! isMacAddress attr.${name}) + "Systemd ${group} field `${name}' must be a valid mac address."; + + + assertValueOneOf = name: values: group: attr: + optional (attr ? ${name} && !elem attr.${name} values) + "Systemd ${group} field `${name}' cannot have value `${attr.${name}}'."; + + assertHasField = name: group: attr: + optional (!(attr ? ${name})) + "Systemd ${group} field `${name}' must exist."; + + assertRange = name: min: max: group: attr: + optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name})) + "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]"; + + assertOnlyFields = fields: group: attr: + let badFields = filter (name: ! elem name fields) (attrNames attr); in + optional (badFields != [ ]) + "Systemd ${group} has extra fields [${concatStringsSep " " badFields}]."; + + checkUnitConfig = group: checks: v: + let errors = concatMap (c: c group v) checks; in + if errors == [] then true + else builtins.trace (concatStringsSep "\n" errors) false; + + toOption = x: + if x == true then "true" + else if x == false then "false" + else toString x; + + attrsToSection = as: + concatStrings (concatLists (mapAttrsToList (name: value: + map (x: '' + ${name}=${toOption x} + '') + (if isList value then value else [value])) + as)); + generateUnits = type: units: upstreamUnits: upstreamWants: pkgs.runCommand "${type}-units" { preferLocalBuild = true; } '' mkdir -p $out diff --git a/nixos/modules/system/boot/systemd-unit-options.nix b/nixos/modules/system/boot/systemd-unit-options.nix index 785634cbf66a..57831a5e6ef3 100644 --- a/nixos/modules/system/boot/systemd-unit-options.nix +++ b/nixos/modules/system/boot/systemd-unit-options.nix @@ -1,58 +1,9 @@ { config, lib }: with lib; +with import ./systemd-lib.nix { inherit config lib pkgs; }; let - - boolValues = [true false "yes" "no"]; - - assertValueOneOf = name: values: group: attr: - optional (attr ? ${name} && !elem attr.${name} values) - "Systemd ${group} field `${name}' cannot have value `${attr.${name}}'."; - - assertHasField = name: group: attr: - optional (!(attr ? ${name})) - "Systemd ${group} field `${name}' must exist."; - - assertOnlyFields = fields: group: attr: - let badFields = filter (name: ! elem name fields) (attrNames attr); in - optional (badFields != [ ]) - "Systemd ${group} has extra fields [${concatStringsSep " " badFields}]."; - - assertRange = name: min: max: group: attr: - optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name})) - "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]"; - - digits = map toString (range 0 9); - - isByteFormat = s: - let - l = reverseList (stringToCharacters s); - suffix = head l; - nums = tail l; - in elem suffix (["K" "M" "G" "T"] ++ digits) - && all (num: elem num digits) nums; - - assertByteFormat = name: group: attr: - optional (attr ? ${name} && ! isByteFormat attr.${name}) - "Systemd ${group} field `${name}' must be in byte format [0-9]+[KMGT]."; - - hexChars = stringToCharacters "0123456789abcdefABCDEF"; - - isMacAddress = s: stringLength s == 17 - && flip all (splitString ":" s) (bytes: - all (byte: elem byte hexChars) (stringToCharacters bytes) - ); - - assertMacAddress = name: group: attr: - optional (attr ? ${name} && ! isMacAddress attr.${name}) - "Systemd ${group} field `${name}' must be a valid mac address."; - - checkUnitConfig = group: checks: v: - let errors = concatMap (c: c group v) checks; in - if errors == [] then true - else builtins.trace (concatStringsSep "\n" errors) false; - checkService = checkUnitConfig "Service" [ (assertValueOneOf "Type" [ "simple" "forking" "oneshot" "dbus" "notify" "idle" diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 78aac7fe96f1..0f210d506881 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -276,19 +276,6 @@ let }; }; - toOption = x: - if x == true then "true" - else if x == false then "false" - else toString x; - - attrsToSection = as: - concatStrings (concatLists (mapAttrsToList (name: value: - map (x: '' - ${name}=${toOption x} - '') - (if isList value then value else [value])) - as)); - commonUnitText = def: '' [Unit] ${attrsToSection def.unitConfig} @@ -369,11 +356,6 @@ let ''; }; - commonMatchText = def: '' - [Match] - ${attrsToSection def.matchConfig} - ''; - in { diff --git a/nixos/modules/virtualisation/google-compute-config.nix b/nixos/modules/virtualisation/google-compute-config.nix index 9e6be93b6d98..f6bca1aa8579 100644 --- a/nixos/modules/virtualisation/google-compute-config.nix +++ b/nixos/modules/virtualisation/google-compute-config.nix @@ -1,5 +1,5 @@ -{ config, pkgs, modulesPath, ... }: +{ config, pkgs, ... }: { - imports = [ "${modulesPath}/virtualisation/google-compute-image.nix" ]; + imports = [ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]; } |