diff options
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/hardware/video/nvidia.nix | 9 | ||||
-rw-r--r-- | nixos/modules/misc/ids.nix | 2 | ||||
-rw-r--r-- | nixos/modules/misc/nixpkgs.nix | 7 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 4 | ||||
-rw-r--r-- | nixos/modules/security/rngd.nix | 33 | ||||
-rw-r--r-- | nixos/modules/services/desktops/deepin/dde-daemon.nix | 41 | ||||
-rw-r--r-- | nixos/modules/services/desktops/deepin/deepin-menu.nix | 29 | ||||
-rw-r--r-- | nixos/modules/services/desktops/deepin/deepin.nix | 118 | ||||
-rw-r--r-- | nixos/modules/services/misc/jellyfin.nix | 6 | ||||
-rw-r--r-- | nixos/modules/services/misc/nix-daemon.nix | 24 | ||||
-rw-r--r-- | nixos/modules/services/misc/paperless.nix | 185 | ||||
-rw-r--r-- | nixos/modules/services/networking/hostapd.nix | 8 | ||||
-rw-r--r-- | nixos/modules/services/security/tor.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/x11/display-managers/lightdm.nix | 5 | ||||
-rw-r--r-- | nixos/modules/services/x11/display-managers/sddm.nix | 9 | ||||
-rw-r--r-- | nixos/modules/system/boot/kexec.nix | 12 |
16 files changed, 404 insertions, 99 deletions
diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix index 80ea7bc5d5c9..9f2360f41c6e 100644 --- a/nixos/modules/hardware/video/nvidia.nix +++ b/nixos/modules/hardware/video/nvidia.nix @@ -79,6 +79,14 @@ in ''; }; + hardware.nvidia.optimus_prime.allowExternalGpu = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + Configure X to allow external NVIDIA GPUs when using optimus. + ''; + }; + hardware.nvidia.optimus_prime.nvidiaBusId = lib.mkOption { type = lib.types.string; default = ""; @@ -134,6 +142,7 @@ in deviceSection = optionalString optimusCfg.enable '' BusID "${optimusCfg.nvidiaBusId}" + ${optionalString optimusCfg.allowExternalGpu "Option \"AllowExternalGpus\""} ''; screenSection = '' diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index cd6bb9019b18..5198bedc1387 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -339,6 +339,7 @@ rss2email = 312; cockroachdb = 313; zoneminder = 314; + paperless = 315; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -638,6 +639,7 @@ rss2email = 312; cockroachdb = 313; zoneminder = 314; + paperless = 315; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index 3a717fddaba2..9d19dd2a7ff2 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -127,13 +127,14 @@ in default = []; example = literalExample '' - [ (self: super: { + [ + (self: super: { openssh = super.openssh.override { hpnSupport = true; kerberos = self.libkrb5; }; - }; - ) ] + }) + ] ''; type = types.listOf overlayType; description = '' diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 05b4b7296396..111addcc8790 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -256,8 +256,7 @@ ./services/databases/virtuoso.nix ./services/desktops/accountsservice.nix ./services/desktops/bamf.nix - ./services/desktops/deepin/dde-daemon.nix - ./services/desktops/deepin/deepin-menu.nix + ./services/desktops/deepin/deepin.nix ./services/desktops/dleyna-renderer.nix ./services/desktops/dleyna-server.nix ./services/desktops/pantheon/contractor.nix @@ -436,6 +435,7 @@ ./services/misc/octoprint.nix ./services/misc/osrm.nix ./services/misc/packagekit.nix + ./services/misc/paperless.nix ./services/misc/parsoid.nix ./services/misc/phd.nix ./services/misc/plex.nix diff --git a/nixos/modules/security/rngd.nix b/nixos/modules/security/rngd.nix index a54ef2e6fcad..60361d9960ed 100644 --- a/nixos/modules/security/rngd.nix +++ b/nixos/modules/security/rngd.nix @@ -2,20 +2,30 @@ with lib; +let + cfg = config.security.rngd; +in { options = { - security.rngd.enable = mkOption { - type = types.bool; - default = true; - description = '' - Whether to enable the rng daemon, which adds entropy from - hardware sources of randomness to the kernel entropy pool when - available. - ''; + security.rngd = { + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable the rng daemon, which adds entropy from + hardware sources of randomness to the kernel entropy pool when + available. + ''; + }; + debug = mkOption { + type = types.bool; + default = false; + description = "Whether to enable debug output (-d)."; + }; }; }; - config = mkIf config.security.rngd.enable { + config = mkIf cfg.enable { services.udev.extraRules = '' KERNEL=="random", TAG+="systemd" SUBSYSTEM=="cpu", ENV{MODALIAS}=="cpu:type:x86,*feature:*009E*", TAG+="systemd", ENV{SYSTEMD_WANTS}+="rngd.service" @@ -29,7 +39,10 @@ with lib; description = "Hardware RNG Entropy Gatherer Daemon"; - serviceConfig.ExecStart = "${pkgs.rng-tools}/sbin/rngd -f"; + serviceConfig = { + ExecStart = "${pkgs.rng-tools}/sbin/rngd -f" + + optionalString cfg.debug " -d"; + }; }; }; } diff --git a/nixos/modules/services/desktops/deepin/dde-daemon.nix b/nixos/modules/services/desktops/deepin/dde-daemon.nix deleted file mode 100644 index 057da4e2d7f2..000000000000 --- a/nixos/modules/services/desktops/deepin/dde-daemon.nix +++ /dev/null @@ -1,41 +0,0 @@ -# dde-daemon - -{ config, pkgs, lib, ... }: - -{ - - ###### interface - - options = { - - services.deepin.dde-daemon = { - - enable = lib.mkEnableOption - "A daemon for handling Deepin Desktop Environment session settings"; - - }; - - }; - - - ###### implementation - - config = lib.mkIf config.services.deepin.dde-daemon.enable { - - environment.systemPackages = [ pkgs.deepin.dde-daemon ]; - - services.dbus.packages = [ pkgs.deepin.dde-daemon ]; - - systemd.packages = [ pkgs.deepin.dde-daemon ]; - - users.groups.dde-daemon = { }; - - users.users.dde-daemon = { - description = "Deepin daemon user"; - group = "dde-daemon"; - isSystemUser = true; - }; - - }; - -} diff --git a/nixos/modules/services/desktops/deepin/deepin-menu.nix b/nixos/modules/services/desktops/deepin/deepin-menu.nix deleted file mode 100644 index 23fe5a741c42..000000000000 --- a/nixos/modules/services/desktops/deepin/deepin-menu.nix +++ /dev/null @@ -1,29 +0,0 @@ -# deepin-menu - -{ config, pkgs, lib, ... }: - -{ - - ###### interface - - options = { - - services.deepin.deepin-menu = { - - enable = lib.mkEnableOption - "DBus service for unified menus in Deepin Desktop Environment"; - - }; - - }; - - - ###### implementation - - config = lib.mkIf config.services.deepin.deepin-menu.enable { - - services.dbus.packages = [ pkgs.deepin.deepin-menu ]; - - }; - -} diff --git a/nixos/modules/services/desktops/deepin/deepin.nix b/nixos/modules/services/desktops/deepin/deepin.nix new file mode 100644 index 000000000000..7ec326e599e5 --- /dev/null +++ b/nixos/modules/services/desktops/deepin/deepin.nix @@ -0,0 +1,118 @@ +# deepin + +{ config, pkgs, lib, ... }: + +{ + + ###### interface + + options = { + + services.deepin.core.enable = lib.mkEnableOption " + Basic dbus and systemd services, groups and users needed by the + Deepin Desktop Environment. + "; + + services.deepin.deepin-menu.enable = lib.mkEnableOption " + DBus service for unified menus in Deepin Desktop Environment. + "; + + services.deepin.deepin-turbo.enable = lib.mkEnableOption " + Turbo service for the Deepin Desktop Environment. It is a daemon + that helps to launch applications faster. + "; + + }; + + + ###### implementation + + config = lib.mkMerge [ + + (lib.mkIf config.services.deepin.core.enable { + environment.systemPackages = [ + pkgs.deepin.dde-api + pkgs.deepin.dde-calendar + pkgs.deepin.dde-daemon + pkgs.deepin.dde-dock + pkgs.deepin.dde-session-ui + pkgs.deepin.deepin-anything + pkgs.deepin.deepin-image-viewer + pkgs.deepin.deepin-screenshot + ]; + + services.dbus.packages = [ + pkgs.deepin.dde-api + pkgs.deepin.dde-calendar + pkgs.deepin.dde-daemon + pkgs.deepin.dde-dock + pkgs.deepin.dde-session-ui + pkgs.deepin.deepin-anything + pkgs.deepin.deepin-image-viewer + pkgs.deepin.deepin-screenshot + ]; + + systemd.packages = [ + pkgs.deepin.dde-api + pkgs.deepin.dde-daemon + pkgs.deepin.deepin-anything + ]; + + boot.extraModulePackages = [ config.boot.kernelPackages.deepin-anything ]; + + boot.kernelModules = [ "vfs_monitor" ]; + + users.groups.deepin-sound-player = { }; + + users.users.deepin-sound-player = { + description = "Deepin sound player"; + group = "deepin-sound-player"; + isSystemUser = true; + }; + + users.groups.deepin-daemon = { }; + + users.users.deepin-daemon = { + description = "Deepin daemon user"; + group = "deepin-daemon"; + isSystemUser = true; + }; + + users.groups.deepin_anything_server = { }; + + users.users.deepin_anything_server = { + description = "Deepin Anything Server"; + group = "deepin_anything_server"; + isSystemUser = true; + }; + + security.pam.services.deepin-auth-keyboard.text = '' + # original at ${pkgs.deepin.dde-daemon}/etc/pam.d/deepin-auth-keyboard + auth [success=2 default=ignore] pam_lsass.so + auth [success=1 default=ignore] pam_unix.so nullok_secure try_first_pass + auth requisite pam_deny.so + auth required pam_permit.so + ''; + + environment.etc = { + "polkit-1/localauthority/10-vendor.d/com.deepin.api.device.pkla".source = "${pkgs.deepin.dde-api}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.api.device.pkla"; + "polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Accounts.pkla".source = "${pkgs.deepin.dde-daemon}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Accounts.pkla"; + "polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Grub2.pkla".source = "${pkgs.deepin.dde-daemon}/etc/polkit-1/localauthority/10-vendor.d/com.deepin.daemon.Grub2.pkla"; + }; + + services.deepin.deepin-menu.enable = true; + services.deepin.deepin-turbo.enable = true; + }) + + (lib.mkIf config.services.deepin.deepin-menu.enable { + services.dbus.packages = [ pkgs.deepin.deepin-menu ]; + }) + + (lib.mkIf config.services.deepin.deepin-turbo.enable { + environment.systemPackages = [ pkgs.deepin.deepin-turbo ]; + systemd.packages = [ pkgs.deepin.deepin-turbo ]; + }) + + ]; + +} diff --git a/nixos/modules/services/misc/jellyfin.nix b/nixos/modules/services/misc/jellyfin.nix index 7f38dd0ff233..55559206568d 100644 --- a/nixos/modules/services/misc/jellyfin.nix +++ b/nixos/modules/services/misc/jellyfin.nix @@ -48,12 +48,6 @@ in jellyfin = {}; }; - assertions = [ - { - assertion = !config.services.emby.enable; - message = "Emby and Jellyfin are incompatible, you cannot enable both"; - } - ]; }; meta.maintainers = with lib.maintainers; [ minijackson ]; diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index 665215822af8..8db3c44246f3 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -60,6 +60,7 @@ let ${optionalString (isNix20 && !cfg.distributedBuilds) '' builders = ''} + system-features = ${toString cfg.systemFeatures} $extraOptions END '' + optionalString cfg.checkConfig ( @@ -360,6 +361,14 @@ in ''; }; + systemFeatures = mkOption { + type = types.listOf types.str; + example = [ "kvm" "big-parallel" "gccarch-skylake" ]; + description = '' + The supported features of a machine + ''; + }; + checkConfig = mkOption { type = types.bool; default = true; @@ -478,6 +487,21 @@ in /nix/var/nix/gcroots/tmp ''; + nix.systemFeatures = mkDefault ( + [ "nixos-test" "benchmark" "big-parallel" "kvm" ] ++ + optionals (pkgs.stdenv.isx86_64 && pkgs.hostPlatform.platform ? gcc.arch) ( + # a x86_64 builder can run code for `platform.gcc.arch` and minor architectures: + [ "gccarch-${pkgs.hostPlatform.platform.gcc.arch}" ] ++ { + "sandybridge" = [ "gccarch-westmere" ]; + "ivybridge" = [ "gccarch-westmere" "gccarch-sandybridge" ]; + "haswell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" ]; + "broadwell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" ]; + "skylake" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" ]; + "skylake-avx512" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" "gccarch-skylake" ]; + }.${pkgs.hostPlatform.platform.gcc.arch} or [] + ) + ); + }; } diff --git a/nixos/modules/services/misc/paperless.nix b/nixos/modules/services/misc/paperless.nix new file mode 100644 index 000000000000..4e6cd80e2425 --- /dev/null +++ b/nixos/modules/services/misc/paperless.nix @@ -0,0 +1,185 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + cfg = config.services.paperless; + + defaultUser = "paperless"; + + manage = cfg.package.withConfig { + config = { + PAPERLESS_CONSUMPTION_DIR = cfg.consumptionDir; + PAPERLESS_INLINE_DOC = "true"; + PAPERLESS_DISABLE_LOGIN = "true"; + } // cfg.extraConfig; + inherit (cfg) dataDir ocrLanguages; + paperlessPkg = cfg.package; + }; +in +{ + options.services.paperless = { + enable = mkOption { + type = lib.types.bool; + default = false; + description = '' + Enable Paperless. + + When started, the Paperless database is automatically created if it doesn't + exist and updated if the Paperless package has changed. + Both tasks are achieved by running a Django migration. + ''; + }; + + dataDir = mkOption { + type = types.str; + default = "/var/lib/paperless"; + description = "Directory to store the Paperless data."; + }; + + consumptionDir = mkOption { + type = types.str; + default = "${cfg.dataDir}/consume"; + defaultText = "\${dataDir}/consume"; + description = "Directory from which new documents are imported."; + }; + + consumptionDirIsPublic = mkOption { + type = types.bool; + default = false; + description = "Whether all users can write to the consumption dir."; + }; + + ocrLanguages = mkOption { + type = with types; nullOr (listOf string); + default = null; + description = '' + Languages available for OCR via Tesseract, specified as + <literal>ISO 639-2/T</literal> language codes. + If unset, defaults to all available languages. + ''; + example = [ "eng" "spa" "jpn" ]; + }; + + address = mkOption { + type = types.str; + default = "localhost"; + description = "Server listening address."; + }; + + port = mkOption { + type = types.int; + default = 28981; + description = "Server port to listen on."; + }; + + extraConfig = mkOption { + type = types.attrs; + default = {}; + description = '' + Extra paperless config options. + + The config values are evaluated as double-quoted Bash string literals. + + See <literal>paperless-src/paperless.conf.example</literal> for available options. + + To enable user authentication, set <literal>PAPERLESS_DISABLE_LOGIN = "false"</literal> + and run the shell command <literal>$dataDir/paperless-manage createsuperuser</literal>. + + To define secret options without storing them in /nix/store, use the following pattern: + <literal>PAPERLESS_PASSPHRASE = "$(< /etc/my_passphrase_file)"</literal> + ''; + example = literalExample '' + { + PAPERLESS_OCR_LANGUAGE = "deu"; + } + ''; + }; + + user = mkOption { + type = types.str; + default = defaultUser; + description = "User under which Paperless runs."; + }; + + package = mkOption { + type = types.package; + default = pkgs.paperless; + defaultText = "pkgs.paperless"; + description = "The Paperless package to use."; + }; + + manage = mkOption { + type = types.package; + readOnly = true; + default = manage; + description = '' + A script to manage the Paperless instance. + It wraps Django's manage.py and is also available at + <literal>$dataDir/manage-paperless</literal> + ''; + }; + }; + + config = mkIf cfg.enable { + + systemd.tmpfiles.rules = [ + "d '${cfg.dataDir}' - ${cfg.user} ${cfg.user} - -" + ] ++ (optional cfg.consumptionDirIsPublic + "d '${cfg.consumptionDir}' 777 ${cfg.user} ${cfg.user} - -" + # If the consumption dir is not created here, it's automatically created by + # 'manage' with the default permissions. + ); + + systemd.services.paperless-consumer = { + description = "Paperless document consumer"; + serviceConfig = { + User = cfg.user; + ExecStart = "${manage} document_consumer"; + Restart = "always"; + }; + after = [ "systemd-tmpfiles-setup.service" ]; + wantedBy = [ "multi-user.target" ]; + preStart = '' + if [[ $(readlink ${cfg.dataDir}/paperless-manage) != ${manage} ]]; then + ln -sf ${manage} ${cfg.dataDir}/paperless-manage + fi + + ${manage.setupEnv} + # Auto-migrate on first run or if the package has changed + versionFile="$PAPERLESS_DBDIR/src-version" + if [[ $(cat "$versionFile" 2>/dev/null) != ${cfg.package} ]]; then + python $paperlessSrc/manage.py migrate + echo ${cfg.package} > "$versionFile" + fi + ''; + }; + + systemd.services.paperless-server = { + description = "Paperless document server"; + serviceConfig = { + User = cfg.user; + ExecStart = "${manage} runserver --noreload ${cfg.address}:${toString cfg.port}"; + Restart = "always"; + }; + # Bind to `paperless-consumer` so that the server never runs + # during migrations + bindsTo = [ "paperless-consumer.service" ]; + after = [ "paperless-consumer.service" ]; + wantedBy = [ "multi-user.target" ]; + }; + + users = optionalAttrs (cfg.user == defaultUser) { + users = [{ + name = defaultUser; + group = defaultUser; + uid = config.ids.uids.paperless; + home = cfg.dataDir; + }]; + + groups = [{ + name = defaultUser; + gid = config.ids.gids.paperless; + }]; + }; + }; +} diff --git a/nixos/modules/services/networking/hostapd.nix b/nixos/modules/services/networking/hostapd.nix index 3fbc08e90607..7add48308f80 100644 --- a/nixos/modules/services/networking/hostapd.nix +++ b/nixos/modules/services/networking/hostapd.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, pkgs, utils, ... }: # TODO: # @@ -12,6 +12,8 @@ let cfg = config.services.hostapd; + escapedInterface = utils.escapeSystemdPath cfg.interface; + configFile = pkgs.writeText "hostapd.conf" '' interface=${cfg.interface} driver=${cfg.driver} @@ -157,8 +159,8 @@ in { description = "hostapd wireless AP"; path = [ pkgs.hostapd ]; - after = [ "sys-subsystem-net-devices-${cfg.interface}.device" ]; - bindsTo = [ "sys-subsystem-net-devices-${cfg.interface}.device" ]; + after = [ "sys-subsystem-net-devices-${escapedInterface}.device" ]; + bindsTo = [ "sys-subsystem-net-devices-${escapedInterface}.device" ]; requiredBy = [ "network-link-${cfg.interface}.service" ]; serviceConfig = diff --git a/nixos/modules/services/security/tor.nix b/nixos/modules/services/security/tor.nix index 61b751bb518b..6f4852c3ba1a 100644 --- a/nixos/modules/services/security/tor.nix +++ b/nixos/modules/services/security/tor.nix @@ -81,7 +81,7 @@ let ${optionalString (elem cfg.relay.role ["bridge" "private-bridge"]) '' BridgeRelay 1 - ServerTransportPlugin obfs2,obfs3 exec ${pkgs.pythonPackages.obfsproxy}/bin/obfsproxy managed + ServerTransportPlugin ${concatStringsSep "," cfg.relay.bridgeTransports} exec ${obfs4}/bin/obfs4proxy managed ExtORPort auto ${optionalString (cfg.relay.role == "private-bridge") '' ExtraInfoStatistics 0 @@ -355,7 +355,7 @@ in <para> Regular bridge. Works like a regular relay, but doesn't list you in the public relay directory and - hides your Tor node behind obfsproxy. + hides your Tor node behind obfs4proxy. </para> <para> @@ -424,6 +424,13 @@ in ''; }; + bridgeTransports = mkOption { + type = types.listOf types.str; + default = ["obfs4"]; + example = ["obfs2" "obfs3" "obfs4" "scramblesuit"]; + description = "List of pluggable transports"; + }; + nickname = mkOption { type = types.str; default = "anonymous"; diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix index 3ab4f26399f3..afa0cebbc527 100644 --- a/nixos/modules/services/x11/display-managers/lightdm.nix +++ b/nixos/modules/services/x11/display-managers/lightdm.nix @@ -189,6 +189,11 @@ in config = mkIf cfg.enable { assertions = [ + { assertion = xcfg.enable; + message = '' + LightDM requires services.xserver.enable to be true + ''; + } { assertion = cfg.autoLogin.enable -> cfg.autoLogin.user != null; message = '' LightDM auto-login requires services.xserver.displayManager.lightdm.autoLogin.user to be set diff --git a/nixos/modules/services/x11/display-managers/sddm.nix b/nixos/modules/services/x11/display-managers/sddm.nix index 05830e325d51..d1ed345ac579 100644 --- a/nixos/modules/services/x11/display-managers/sddm.nix +++ b/nixos/modules/services/x11/display-managers/sddm.nix @@ -195,6 +195,11 @@ in config = mkIf cfg.enable { assertions = [ + { assertion = xcfg.enable; + message = '' + SDDM requires services.xserver.enable to be true + ''; + } { assertion = cfg.autoLogin.enable -> cfg.autoLogin.user != null; message = '' SDDM auto-login requires services.xserver.displayManager.sddm.autoLogin.user to be set @@ -264,8 +269,8 @@ in }; environment.etc."sddm.conf".source = cfgFile; - environment.pathsToLink = [ - "/share/sddm" + environment.pathsToLink = [ + "/share/sddm" ]; users.groups.sddm.gid = config.ids.gids.sddm; diff --git a/nixos/modules/system/boot/kexec.nix b/nixos/modules/system/boot/kexec.nix index 61f9c6d0e7eb..fd2cb94b756b 100644 --- a/nixos/modules/system/boot/kexec.nix +++ b/nixos/modules/system/boot/kexec.nix @@ -13,8 +13,18 @@ path = [ pkgs.kexectools ]; script = '' + # Don't load the current system profile if we already have a kernel loaded + if [[ 1 = "$(</sys/kernel/kexec_loaded)" ]] ; then + echo "kexec kernel has already been loaded, prepare-kexec skipped" + exit 0 + fi + p=$(readlink -f /nix/var/nix/profiles/system) - if ! [ -d $p ]; then exit 1; fi + if ! [[ -d $p ]]; then + echo "Could not find system profile for prepare-kexec" + exit 1 + fi + echo "Loading NixOS system via kexec." exec kexec --load $p/kernel --initrd=$p/initrd --append="$(cat $p/kernel-params) init=$p/init" ''; }; |