diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/lib/make-disk-image.nix | 14 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/atlassian/confluence.nix | 16 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/atlassian/crowd.nix | 19 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/atlassian/jira.nix | 20 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/mattermost.nix | 2 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 16 | ||||
-rw-r--r-- | nixos/modules/virtualisation/amazon-image.nix | 2 |
7 files changed, 49 insertions, 40 deletions
diff --git a/nixos/lib/make-disk-image.nix b/nixos/lib/make-disk-image.nix index 9fa848301f60..865be297c066 100644 --- a/nixos/lib/make-disk-image.nix +++ b/nixos/lib/make-disk-image.nix @@ -64,7 +64,7 @@ let ${channelSources} ''; - prepareImageInputs = with pkgs; [ rsync utillinux parted e2fsprogs lkl fakeroot config.system.build.nixos-prepare-root ] ++ stdenv.initialPath; + prepareImageInputs = with pkgs; [ rsync utillinux parted e2fsprogs lkl fakeroot libfaketime config.system.build.nixos-prepare-root ] ++ stdenv.initialPath; # I'm preserving the line below because I'm going to search for it across nixpkgs to consolidate # image building logic. The comment right below this now appears in 4 different places in nixpkgs :) @@ -86,7 +86,7 @@ let offset=0 ''} - mkfs.${fsType} -F -L nixos -E offset=$offset $diskImage + faketime -f "1970-01-01 00:00:01" mkfs.${fsType} -F -L nixos -E offset=$offset $diskImage root="$PWD/root" mkdir -p $root @@ -124,7 +124,15 @@ let fakeroot nixos-prepare-root $root ${channelSources} ${config.system.build.toplevel} closure echo "copying staging root to image..." - cptofs ${pkgs.lib.optionalString partitioned "-P 1"} -t ${fsType} -i $diskImage $root/* / + # If we don't faketime, we can end up with timestamps other than 1 on the nix store, which + # will confuse Nix in some situations (e.g., breaking image builds in the target image) + # N.B: I use 0 here, which results in timestamp = 1 in the image. It's weird but see + # https://github.com/lkl/linux/issues/393. Also, running under faketime makes `cptofs` super + # noisy and it prints out that it can't find a bunch of files, and then works anyway. We'll + # shut it up someday but trying to do a stderr filter through grep is running into some nasty + # bug in some eval nonsense we have in runInLinuxVM and I'm sick of trying to fix it. + faketime -f "1970-01-01 00:00:00" \ + cptofs ${pkgs.lib.optionalString partitioned "-P 1"} -t ${fsType} -i $diskImage $root/* / ''; in pkgs.vmTools.runInLinuxVM ( pkgs.runCommand name diff --git a/nixos/modules/services/web-apps/atlassian/confluence.nix b/nixos/modules/services/web-apps/atlassian/confluence.nix index 2344b9922d0b..84c41b6e53c2 100644 --- a/nixos/modules/services/web-apps/atlassian/confluence.nix +++ b/nixos/modules/services/web-apps/atlassian/confluence.nix @@ -127,14 +127,11 @@ in - jrePackage = let - jreSwitch = unfree: free: if config.nixpkgs.config.allowUnfree or false then unfree else free; - in mkOption { + jrePackage = mkOption { type = types.package; - default = jreSwitch pkgs.oraclejre8 pkgs.openjdk8.jre; - defaultText = jreSwitch "pkgs.oraclejre8" "pkgs.openjdk8.jre"; - example = literalExample "pkgs.openjdk8.jre"; - description = "Java Runtime to use for Confluence. Note that Atlassian recommends the Oracle JRE."; + default = pkgs.oraclejre8; + defaultText = "pkgs.oraclejre8"; + description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152)."; }; }; }; @@ -178,14 +175,13 @@ in ${pkg}/conf/server.xml.dist > ${cfg.home}/server.xml ''; - script = "${pkg}/bin/start-confluence.sh -fg"; - stopScript = "${pkg}/bin/stop-confluence.sh"; - serviceConfig = { User = cfg.user; Group = cfg.group; PrivateTmp = true; PermissionsStartOnly = true; + ExecStart = "${pkg}/bin/start-confluence.sh -fg"; + ExecStop = "${pkg}/bin/stop-confluence.sh"; }; }; }; diff --git a/nixos/modules/services/web-apps/atlassian/crowd.nix b/nixos/modules/services/web-apps/atlassian/crowd.nix index 2a5f08046382..0ac941b6ec99 100644 --- a/nixos/modules/services/web-apps/atlassian/crowd.nix +++ b/nixos/modules/services/web-apps/atlassian/crowd.nix @@ -9,9 +9,10 @@ let pkg = pkgs.atlassian-crowd.override { home = cfg.home; port = cfg.listenPort; - proxyUrl = "${cfg.proxy.scheme}://${cfg.proxy.name}:${toString cfg.proxy.port}"; openidPassword = cfg.openidPassword; - }; + } // (optionalAttrs cfg.proxy.enable { + proxyUrl = "${cfg.proxy.scheme}://${cfg.proxy.name}:${toString cfg.proxy.port}"; + }); in @@ -92,14 +93,11 @@ in }; }; - jrePackage = let - jreSwitch = unfree: free: if config.nixpkgs.config.allowUnfree or false then unfree else free; - in mkOption { + jrePackage = mkOption { type = types.package; - default = jreSwitch pkgs.oraclejre8 pkgs.openjdk8.jre; - defaultText = jreSwitch "pkgs.oraclejre8" "pkgs.openjdk8.jre"; - example = literalExample "pkgs.openjdk8.jre"; - description = "Java Runtime to use for Crowd. Note that Atlassian recommends the Oracle JRE."; + default = pkgs.oraclejre8; + defaultText = "pkgs.oraclejre8"; + description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152)."; }; }; }; @@ -142,13 +140,12 @@ in ${pkg}/apache-tomcat/conf/server.xml.dist > ${cfg.home}/server.xml ''; - script = "${pkg}/start_crowd.sh -fg"; - serviceConfig = { User = cfg.user; Group = cfg.group; PrivateTmp = true; PermissionsStartOnly = true; + ExecStart = "${pkg}/start_crowd.sh -fg"; }; }; }; diff --git a/nixos/modules/services/web-apps/atlassian/jira.nix b/nixos/modules/services/web-apps/atlassian/jira.nix index 19b6a8d30851..81ee8154326c 100644 --- a/nixos/modules/services/web-apps/atlassian/jira.nix +++ b/nixos/modules/services/web-apps/atlassian/jira.nix @@ -6,7 +6,7 @@ let cfg = config.services.jira; - pkg = pkgs.atlassian-jira.override { + pkg = pkgs.atlassian-jira.override (optionalAttrs cfg.sso.enable { enableSSO = cfg.sso.enable; crowdProperties = '' application.name ${cfg.sso.applicationName} @@ -21,7 +21,7 @@ let session.validationinterval ${toString cfg.sso.validationInterval} session.lastvalidation session.lastvalidation ''; - }; + }); in @@ -131,14 +131,11 @@ in }; }; - jrePackage = let - jreSwitch = unfree: free: if config.nixpkgs.config.allowUnfree or false then unfree else free; - in mkOption { + jrePackage = mkOption { type = types.package; - default = jreSwitch pkgs.oraclejre8 pkgs.openjdk8.jre; - defaultText = jreSwitch "pkgs.oraclejre8" "pkgs.openjdk8.jre"; - example = literalExample "pkgs.openjdk8.jre"; - description = "Java Runtime to use for JIRA. Note that Atlassian recommends the Oracle JRE."; + default = pkgs.oraclejre8; + defaultText = "pkgs.oraclejre8"; + description = "Note that Atlassian only support the Oracle JRE (JRASERVER-46152)."; }; }; }; @@ -183,14 +180,13 @@ in ${pkg}/conf/server.xml.dist > ${cfg.home}/server.xml ''; - script = "${pkg}/bin/start-jira.sh -fg"; - stopScript = "${pkg}/bin/stop-jira.sh"; - serviceConfig = { User = cfg.user; Group = cfg.group; PrivateTmp = true; PermissionsStartOnly = true; + ExecStart = "${pkg}/bin/start-jira.sh -fg"; + ExecStop = "${pkg}/bin/stop-jira.sh"; }; }; }; diff --git a/nixos/modules/services/web-apps/mattermost.nix b/nixos/modules/services/web-apps/mattermost.nix index 0b637e3991b4..be74a2b1955b 100644 --- a/nixos/modules/services/web-apps/mattermost.nix +++ b/nixos/modules/services/web-apps/mattermost.nix @@ -173,7 +173,7 @@ in preStart = '' mkdir -p ${cfg.statePath}/{data,config,logs} - ln -sf ${pkgs.mattermost}/{bin,fonts,i18n,templates,webapp} ${cfg.statePath} + ln -sf ${pkgs.mattermost}/{bin,fonts,i18n,templates,client} ${cfg.statePath} '' + lib.optionalString (!cfg.mutableConfig) '' ln -sf ${mattermostConfJSON} ${cfg.statePath}/config/config.json '' + lib.optionalString cfg.mutableConfig '' diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 8ce7b2d2cf36..b7e85e402aa9 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -923,10 +923,22 @@ in assertions = (flip map interfaces (i: { assertion = i.subnetMask == null; - message = "The networking.interfaces.${i.name}.subnetMask option is defunct. Use prefixLength instead."; + message = '' + The networking.interfaces."${i.name}".subnetMask option is defunct. Use prefixLength instead. + ''; + })) ++ (flip map interfaces (i: { + # With the linux kernel, interface name length is limited by IFNAMSIZ + # to 16 bytes, including the trailing null byte. + # See include/linux/if.h in the kernel sources + assertion = stringLength i.name < 16; + message = '' + The name of networking.interfaces."${i.name}" is too long, it needs to be less than 16 characters. + ''; })) ++ (flip map slaveIfs (i: { assertion = i.ip4 == [ ] && i.ipAddress == null && i.ip6 == [ ] && i.ipv6Address == null; - message = "The networking.interfaces.${i.name} must not have any defined ips when it is a slave."; + message = '' + The networking.interfaces."${i.name}" must not have any defined ips when it is a slave. + ''; })) ++ [ { assertion = cfg.hostId == null || (stringLength cfg.hostId == 8 && isHexString cfg.hostId); diff --git a/nixos/modules/virtualisation/amazon-image.nix b/nixos/modules/virtualisation/amazon-image.nix index 3e47710361a8..1eb3ca707afd 100644 --- a/nixos/modules/virtualisation/amazon-image.nix +++ b/nixos/modules/virtualisation/amazon-image.nix @@ -33,7 +33,7 @@ let cfg = config.ec2; in config.boot.kernelPackages.ena ]; boot.initrd.kernelModules = [ "xen-blkfront" "xen-netfront" ]; - boot.initrd.availableKernelModules = [ "ixgbevf" "ena" ]; + boot.initrd.availableKernelModules = [ "ixgbevf" "ena" "nvme" ]; boot.kernelParams = mkIf cfg.hvm [ "console=ttyS0" ]; # Prevent the nouveau kernel module from being loaded, as it |