diff options
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/installer/cd-dvd/installation-cd-base.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/installer/tools/nixos-build-vms/build-vms.nix | 2 | ||||
| -rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixos/modules/security/sudo.nix | 7 | ||||
| -rw-r--r-- | nixos/modules/services/databases/couchdb.nix | 16 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/graphite.nix | 43 | ||||
| -rw-r--r-- | nixos/modules/services/monitoring/statsd.nix | 4 | ||||
| -rw-r--r-- | nixos/modules/services/web-servers/tomcat.nix | 6 | ||||
| -rw-r--r-- | nixos/modules/system/boot/stage-1-init.sh | 8 | ||||
| -rw-r--r-- | nixos/modules/system/boot/stage-2-init.sh | 14 | ||||
| -rw-r--r-- | nixos/modules/tasks/trackpoint.nix | 66 | ||||
| -rw-r--r-- | nixos/modules/virtualisation/nixos-container.pl | 4 |
12 files changed, 130 insertions, 43 deletions
diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index eb7c4026857b..4d87c20559d6 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -19,7 +19,7 @@ with lib; # ISO naming. isoImage.isoName = "${config.isoImage.isoBaseName}-${config.system.nixosVersion}-${pkgs.stdenv.system}.iso"; - isoImage.volumeID = substring 0 11 "NIXOS_${config.system.nixosVersion}"; + isoImage.volumeID = substring 0 11 "NIXOS_ISO"; # Make the installer more likely to succeed in low memory # environments. The kernel's overcommit heustistics bite us diff --git a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix index 5e77b701ff5a..4372d196261e 100644 --- a/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix +++ b/nixos/modules/installer/tools/nixos-build-vms/build-vms.nix @@ -6,4 +6,4 @@ let nodes = import networkExpr; in with import ../../../../lib/testing.nix { inherit system; }; -(complete { inherit nodes; testScript = ""; }).driver +(makeTest { inherit nodes; testScript = ""; }).driver diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 7fa705a5ae37..4ceb48989beb 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -323,6 +323,7 @@ ./tasks/network-interfaces.nix ./tasks/scsi-link-power-management.nix ./tasks/swraid.nix + ./tasks/trackpoint.nix ./testing/service-runner.nix ./virtualisation/container-config.nix ./virtualisation/containers.nix diff --git a/nixos/modules/security/sudo.nix b/nixos/modules/security/sudo.nix index 6cfeac0d7dc8..cce1e785563b 100644 --- a/nixos/modules/security/sudo.nix +++ b/nixos/modules/security/sudo.nix @@ -81,10 +81,13 @@ in security.pam.services.sudo = { sshAgentAuth = true; }; environment.etc = singleton - { source = pkgs.writeText "sudoers-in" cfg.configFile; + { source = + pkgs.runCommand "sudoers" + {src = pkgs.writeText "sudoers-in" cfg.configFile; } # Make sure that the sudoers file is syntactically valid. # (currently disabled - NIXOS-66) - #"${pkgs.sudo}/sbin/visudo -f $src -c && cp $src $out"; + "${pkgs.sudo.override {keepVisudo = true;}}/sbin/visudo -f $src -c && + cp $src $out"; target = "sudoers"; mode = "0440"; }; diff --git a/nixos/modules/services/databases/couchdb.nix b/nixos/modules/services/databases/couchdb.nix index 5088c7416810..e1fe6be6f6a3 100644 --- a/nixos/modules/services/databases/couchdb.nix +++ b/nixos/modules/services/databases/couchdb.nix @@ -126,6 +126,16 @@ in { Extra configuration. Overrides any other cofiguration. ''; }; + + configFile = mkOption { + type = types.string; + default = "/var/lib/couchdb/couchdb.ini"; + description = '' + Custom configuration file. File needs to be readable and writable + from couchdb user/group. + ''; + }; + }; }; @@ -146,11 +156,13 @@ in { mkdir -p `dirname ${cfg.logFile}`; mkdir -p ${cfg.databaseDir}; mkdir -p ${cfg.viewIndexDir}; + touch ${cfg.configFile} if [ "$(id -u)" = 0 ]; then - chown ${cfg.user}:${cfg.group} `dirname ${cfg.uriFile}` + chown ${cfg.user}:${cfg.group} ${cfg.uriFile} chown ${cfg.user}:${cfg.group} ${cfg.databaseDir} chown ${cfg.user}:${cfg.group} ${cfg.viewIndexDir} + chown ${cfg.user}:${cfg.group} ${cfg.configFile} fi ''; @@ -158,7 +170,7 @@ in { PermissionsStartOnly = true; User = cfg.user; Group = cfg.group; - ExecStart = "${cfg.package}/bin/couchdb -a ${configFile} -a ${pkgs.writeText "couchdb-extra.ini" cfg.extraConfig}"; + ExecStart = "${cfg.package}/bin/couchdb -a ${configFile} -a ${pkgs.writeText "couchdb-extra.ini" cfg.extraConfig} -a ${cfg.configFile}"; }; }; diff --git a/nixos/modules/services/monitoring/graphite.nix b/nixos/modules/services/monitoring/graphite.nix index d543d15b34e1..dbfe0ee182a0 100644 --- a/nixos/modules/services/monitoring/graphite.nix +++ b/nixos/modules/services/monitoring/graphite.nix @@ -12,7 +12,7 @@ let name = "graphite-config"; paths = lists.filter (el: el != null) [ (writeTextOrNull "carbon.conf" cfg.carbon.config) - (writeTextOrNull "storage-agregation.conf" cfg.carbon.storageAggregation) + (writeTextOrNull "storage-aggregation.conf" cfg.carbon.storageAggregation) (writeTextOrNull "storage-schemas.conf" cfg.carbon.storageSchemas) (writeTextOrNull "blacklist.conf" cfg.carbon.blacklist) (writeTextOrNull "whitelist.conf" cfg.carbon.whitelist) @@ -47,19 +47,19 @@ in { web = { enable = mkOption { - description = "Whether to enable graphite web frontend"; + description = "Whether to enable graphite web frontend."; default = false; type = types.uniq types.bool; }; host = mkOption { - description = "Graphite web frontend listen address"; + description = "Graphite web frontend listen address."; default = "127.0.0.1"; type = types.str; }; port = mkOption { - description = "Graphite web frontend port"; + description = "Graphite web frontend port."; default = 8080; type = types.int; }; @@ -67,7 +67,7 @@ in { carbon = { config = mkOption { - description = "Content of carbon configuration file"; + description = "Content of carbon configuration file."; default = '' [cache] # Listen on localhost by default for security reasons @@ -83,13 +83,13 @@ in { }; enableCache = mkOption { - description = "Whether to enable carbon cache, the graphite storage daemon"; + description = "Whether to enable carbon cache, the graphite storage daemon."; default = false; type = types.uniq types.bool; }; storageAggregation = mkOption { - description = "Defines how to aggregate data to lower-precision retentions"; + description = "Defines how to aggregate data to lower-precision retentions."; default = null; type = types.uniq (types.nullOr types.string); example = '' @@ -101,7 +101,7 @@ in { }; storageSchemas = mkOption { - description = "Defines retention rates for storing metrics"; + description = "Defines retention rates for storing metrics."; default = ""; type = types.uniq (types.nullOr types.string); example = '' @@ -112,21 +112,24 @@ in { }; blacklist = mkOption { - description = "Any metrics received which match one of the experssions will be dropped"; + description = "Any metrics received which match one of the experssions will be dropped."; default = null; type = types.uniq (types.nullOr types.string); example = "^some\.noisy\.metric\.prefix\..*"; }; whitelist = mkOption { - description = "Only metrics received which match one of the experssions will be persisted"; + description = "Only metrics received which match one of the experssions will be persisted."; default = null; type = types.uniq (types.nullOr types.string); example = ".*"; }; rewriteRules = mkOption { - description = "Regular expression patterns that can be used to rewrite metric names in a search and replace fashion"; + description = '' + Regular expression patterns that can be used to rewrite metric names + in a search and replace fashion. + ''; default = null; type = types.uniq (types.nullOr types.string); example = '' @@ -137,7 +140,7 @@ in { }; enableRelay = mkOption { - description = "Whether to enable carbon relay, the carbon replication and sharding service"; + description = "Whether to enable carbon relay, the carbon replication and sharding service."; default = false; type = types.uniq types.bool; }; @@ -154,13 +157,13 @@ in { }; enableAggregator = mkOption { - description = "Whether to enable carbon agregator, the carbon buffering service"; + description = "Whether to enable carbon agregator, the carbon buffering service."; default = false; type = types.uniq types.bool; }; aggregationRules = mkOption { - description = "Defines if and how received metrics will be agregated"; + description = "Defines if and how received metrics will be agregated."; default = null; type = types.uniq (types.nullOr types.string); example = '' @@ -188,10 +191,7 @@ in { }; restartTriggers = [ pkgs.pythonPackages.carbon - cfg.carbon.config - cfg.carbon.storageAggregation - cfg.carbon.storageSchemas - cfg.carbon.rewriteRules + configDir ]; preStart = '' mkdir -p ${cfg.dataDir}/whisper @@ -212,7 +212,8 @@ in { Group = "graphite"; }; restartTriggers = [ - pkgs.pythonPackages.carbon cfg.carbon.config cfg.carbon.aggregationRules + pkgs.pythonPackages.carbon + configDir ]; }; @@ -228,7 +229,8 @@ in { Group = "graphite"; }; restartTriggers = [ - pkgs.pythonPackages.carbon cfg.carbon.config cfg.carbon.relayRules + pkgs.pythonPackages.carbon + configDir ]; }; @@ -271,7 +273,6 @@ in { ''; restartTriggers = [ pkgs.python27Packages.graphite_web - pkgs.python27Packages.waitress ]; }; diff --git a/nixos/modules/services/monitoring/statsd.nix b/nixos/modules/services/monitoring/statsd.nix index 05950639c1e0..74f3deb4c290 100644 --- a/nixos/modules/services/monitoring/statsd.nix +++ b/nixos/modules/services/monitoring/statsd.nix @@ -69,8 +69,8 @@ in }; graphitePort = mkOption { - description = "Port of Graphite server"; - default = config.services.graphite.web.port; + description = "Port of Graphite server (i.e. carbon-cache)."; + default = 2003; type = types.uniq types.int; }; diff --git a/nixos/modules/services/web-servers/tomcat.nix b/nixos/modules/services/web-servers/tomcat.nix index b5eee8f8be8f..1de3d40165e9 100644 --- a/nixos/modules/services/web-servers/tomcat.nix +++ b/nixos/modules/services/web-servers/tomcat.nix @@ -119,6 +119,8 @@ in startOn = "started network-interfaces"; stopOn = "stopping network-interfaces"; + daemonType = "daemon"; + preStart = '' # Create the base directory @@ -327,9 +329,11 @@ in done '' else ""} + ''; + script = '' ${pkgs.su}/bin/su -s ${pkgs.bash}/bin/sh ${cfg.user} -c 'CATALINA_BASE=${cfg.baseDir} JAVA_HOME=${pkgs.jdk} JAVA_OPTS="${cfg.javaOpts}" CATALINA_OPTS="${cfg.catalinaOpts}" ${tomcat}/bin/startup.sh' - ''; + ''; postStop = '' diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index 15586e68e7e5..7adb932aba7f 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -60,12 +60,12 @@ touch /etc/fstab # to shut up mount touch /etc/mtab # to shut up mke2fs touch /etc/initrd-release mkdir -p /proc -mount -t proc none /proc +mount -t proc proc /proc mkdir -p /sys -mount -t sysfs none /sys -mount -t devtmpfs -o "size=@devSize@" none /dev +mount -t sysfs sysfs /sys +mount -t devtmpfs -o "size=@devSize@" devtmpfs /dev mkdir -p /run -mount -t tmpfs -o "mode=0755,size=@runSize@" none /run +mount -t tmpfs -o "mode=0755,size=@runSize@" tmpfs /run # Process the kernel command line. diff --git a/nixos/modules/system/boot/stage-2-init.sh b/nixos/modules/system/boot/stage-2-init.sh index ab414e29eb2f..eff2fb583bab 100644 --- a/nixos/modules/system/boot/stage-2-init.sh +++ b/nixos/modules/system/boot/stage-2-init.sh @@ -36,9 +36,9 @@ mount -n -o remount,rw / # stage 1, we need to do that here. if [ ! -e /proc/1 ]; then mkdir -m 0755 -p /proc - mount -n -t proc none /proc + mount -n -t proc proc /proc mkdir -m 0755 -p /dev - mount -t devtmpfs none /dev + mount -t devtmpfs devtmpfs /dev fi @@ -82,9 +82,9 @@ done # More special file systems, initialise required directories. mkdir -m 0755 /dev/shm -mount -t tmpfs -o "rw,nosuid,nodev,size=@devShmSize@" none /dev/shm +mount -t tmpfs -o "rw,nosuid,nodev,size=@devShmSize@" tmpfs /dev/shm mkdir -m 0755 -p /dev/pts -[ -e /proc/bus/usb ] && mount -t usbfs none /proc/bus/usb # UML doesn't have USB by default +[ -e /proc/bus/usb ] && mount -t usbfs usbfs /proc/bus/usb # UML doesn't have USB by default mkdir -m 01777 -p /tmp mkdir -m 0755 -p /var /var/log /var/lib /var/db mkdir -m 0755 -p /nix/var @@ -114,7 +114,7 @@ rm -rf /nix/var/nix/gcroots/tmp /nix/var/nix/temproots if ! mountpoint -q /run; then rm -rf /run mkdir -m 0755 -p /run - mount -t tmpfs -o "mode=0755,size=@runSize@" none /run + mount -t tmpfs -o "mode=0755,size=@runSize@" tmpfs /run fi # Create a ramfs on /run/keys to hold secrets that shouldn't be @@ -122,7 +122,7 @@ fi if ! mountpoint -q /run/keys; then rm -rf /run/keys mkdir /run/keys - mount -t ramfs none /run/keys + mount -t ramfs ramfs /run/keys chown 0:96 /run/keys chmod 0750 /run/keys fi @@ -153,7 +153,7 @@ fi # Create /var/setuid-wrappers as a tmpfs. rm -rf /var/setuid-wrappers mkdir -m 0755 -p /var/setuid-wrappers -mount -t tmpfs -o "mode=0755" none /var/setuid-wrappers +mount -t tmpfs -o "mode=0755" tmpfs /var/setuid-wrappers # Run the script that performs all configuration activation that does diff --git a/nixos/modules/tasks/trackpoint.nix b/nixos/modules/tasks/trackpoint.nix new file mode 100644 index 000000000000..4be2c3eb4c47 --- /dev/null +++ b/nixos/modules/tasks/trackpoint.nix @@ -0,0 +1,66 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + ###### interface + + options = { + + hardware.trackpoint = { + + enable = mkOption { + default = false; + type = types.bool; + description = '' + Enable sensitivity and speed configuration for trackpoints. + ''; + }; + + sensitivity = mkOption { + default = 128; + example = 255; + type = types.int; + description = '' + Configure the trackpoint sensitivity. By default, the kernel + configures 128. + ''; + }; + + speed = mkOption { + default = 97; + example = 255; + type = types.int; + description = '' + Configure the trackpoint sensitivity. By default, the kernel + configures 97. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf config.hardware.trackpoint.enable { + + jobs.trackpoint = + { description = "Initialize trackpoint"; + + startOn = "started udev"; + + task = true; + + script = '' + echo -n ${toString config.hardware.trackpoint.sensitivity} \ + > /sys/devices/platform/i8042/serio1/sensitivity + echo -n ${toString config.hardware.trackpoint.speed} \ + > /sys/devices/platform/i8042/serio1/speed + ''; + }; + + }; + +} diff --git a/nixos/modules/virtualisation/nixos-container.pl b/nixos/modules/virtualisation/nixos-container.pl index 718630fe8b9b..5083abd84489 100644 --- a/nixos/modules/virtualisation/nixos-container.pl +++ b/nixos/modules/virtualisation/nixos-container.pl @@ -31,7 +31,7 @@ EOF } my $ensureUniqueName = 0; -my $extraConfig = ""; +my $extraConfig; GetOptions( "help" => sub { showHelp() }, @@ -190,7 +190,7 @@ elsif ($action eq "update") { # FIXME: may want to be more careful about clobbering the existing # configuration.nix. - writeNixOSConfig $nixosConfigFile if defined $extraConfig; + writeNixOSConfig $nixosConfigFile if (defined $extraConfig && $extraConfig ne ""); system("nix-env", "-p", "$profileDir/system", "-I", "nixos-config=$nixosConfigFile", "-f", "<nixpkgs/nixos>", |