diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/lib/make-iso9660-image.nix | 13 | ||||
-rw-r--r-- | nixos/lib/make-iso9660-image.sh | 48 | ||||
-rw-r--r-- | nixos/modules/config/update-users-groups.pl | 10 | ||||
-rw-r--r-- | nixos/modules/installer/cd-dvd/installation-cd-base.nix | 3 | ||||
-rw-r--r-- | nixos/modules/installer/cd-dvd/iso-image.nix | 132 | ||||
-rw-r--r-- | nixos/modules/services/networking/quassel.nix | 20 | ||||
-rw-r--r-- | nixos/modules/virtualisation/docker.nix | 6 |
7 files changed, 101 insertions, 131 deletions
diff --git a/nixos/lib/make-iso9660-image.nix b/nixos/lib/make-iso9660-image.nix index b2409c6006bc..5ad546e9534d 100644 --- a/nixos/lib/make-iso9660-image.nix +++ b/nixos/lib/make-iso9660-image.nix @@ -1,4 +1,4 @@ -{ stdenv, perl, pathsFromGraph, xorriso, syslinux +{ stdenv, perl, cdrkit, pathsFromGraph , # The file name of the resulting ISO image. isoName ? "cd.iso" @@ -22,18 +22,12 @@ , # Whether this should be an efi-bootable El-Torito CD. efiBootable ? false -, # Wheter this should be an hybrid CD (bootable from USB as well as CD). - usbBootable ? false - , # The path (in the ISO file system) of the boot image. bootImage ? "" , # The path (in the ISO file system) of the efi boot image. efiBootImage ? "" -, # The path (outside the ISO file system) of the isohybrid-mbr image. - isohybridMbrImage ? "" - , # Whether to compress the resulting ISO image with bzip2. compressImage ? false @@ -44,14 +38,13 @@ assert bootable -> bootImage != ""; assert efiBootable -> efiBootImage != ""; -assert usbBootable -> isohybridMbrImage != ""; stdenv.mkDerivation { name = "iso9660-image"; builder = ./make-iso9660-image.sh; - buildInputs = [perl xorriso syslinux]; + buildInputs = [perl cdrkit]; - inherit isoName bootable bootImage compressImage volumeID pathsFromGraph efiBootImage efiBootable isohybridMbrImage usbBootable; + inherit isoName bootable bootImage compressImage volumeID pathsFromGraph efiBootImage efiBootable; # !!! should use XML. sources = map (x: x.source) contents; diff --git a/nixos/lib/make-iso9660-image.sh b/nixos/lib/make-iso9660-image.sh index c8522513aa23..675b5bb35148 100644 --- a/nixos/lib/make-iso9660-image.sh +++ b/nixos/lib/make-iso9660-image.sh @@ -31,20 +31,11 @@ if test -n "$bootable"; then fi done - isoBootFlags="-eltorito-boot ${bootImage} - -eltorito-catalog .boot.cat - -no-emul-boot -boot-load-size 4 -boot-info-table" -fi - -if test -n "$usbBootable"; then - usbBootFlags="-isohybrid-mbr ${isohybridMbrImage}" + bootFlags="-b $bootImage -c .boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table" fi if test -n "$efiBootable"; then - efiBootFlags="-eltorito-alt-boot - -e $efiBootImage - -no-emul-boot - -isohybrid-gpt-basdat" + bootFlags="$bootFlags -eltorito-alt-boot -e $efiBootImage -no-emul-boot" fi touch pathlist @@ -83,41 +74,18 @@ for ((n = 0; n < ${#objects[*]}; n++)); do fi done -# Escape filenames that contain '='. -# TODO: Handle this properly. This fails for filenames -# that contain multiple '=' symbols. +# !!! what does this do? cat pathlist | sed -e 's/=\(.*\)=\(.*\)=/\\=\1=\2\\=/' | tee pathlist.safer mkdir -p $out/iso - -xorriso="xorriso - -as mkisofs - -iso-level 3 - -volid ${volumeID} - -appid nixos - -publisher nixos - -graft-points - -full-iso9660-filenames - ${isoBootFlags} - ${usbBootFlags} - ${efiBootFlags} - -r - -path-list pathlist.safer - --sort-weight 0 / - --sort-weight 1 /isolinux" # Make sure isolinux is near the beginning of the ISO - -$xorriso -output $out/iso/$isoName - -if test -n "$usbBootable"; then - echo "Making image hybrid..." - isohybrid --uefi $out/iso/$isoName +genCommand="genisoimage -iso-level 4 -r -J $bootFlags -hide-rr-moved -graft-points -path-list pathlist.safer ${volumeID:+-V $volumeID}" +if test -z "$compressImage"; then + $genCommand -o $out/iso/$isoName +else + $genCommand | bzip2 > $out/iso/$isoName.bz2 fi -if test -n "$compressImage"; then - echo "Compressing image..." - bzip2 $out/iso/$isoName -fi mkdir -p $out/nix-support echo $system > $out/nix-support/system diff --git a/nixos/modules/config/update-users-groups.pl b/nixos/modules/config/update-users-groups.pl index 63e1c82dd6de..d35ecb754bdb 100644 --- a/nixos/modules/config/update-users-groups.pl +++ b/nixos/modules/config/update-users-groups.pl @@ -123,7 +123,7 @@ foreach my $g (@{$spec->{groups}}) { } # Update the persistent list of declarative groups. -write_file($declGroupsFile, join(" ", sort(keys %groupsOut))); +write_file($declGroupsFile, { binmode => ':utf8' }, join(" ", sort(keys %groupsOut))); # Merge in the existing /etc/group. foreach my $name (keys %groupsCur) { @@ -140,7 +140,7 @@ foreach my $name (keys %groupsCur) { # Rewrite /etc/group. FIXME: acquire lock. my @lines = map { join(":", $_->{name}, $_->{password}, $_->{gid}, $_->{members}) . "\n" } (sort { $a->{gid} <=> $b->{gid} } values(%groupsOut)); -write_file("/etc/group.tmp", @lines); +write_file("/etc/group.tmp", { binmode => ':utf8' }, @lines); rename("/etc/group.tmp", "/etc/group") or die; system("nscd --invalidate group"); @@ -198,7 +198,7 @@ foreach my $u (@{$spec->{users}}) { } # Update the persistent list of declarative users. -write_file($declUsersFile, join(" ", sort(keys %usersOut))); +write_file($declUsersFile, { binmode => ':utf8' }, join(" ", sort(keys %usersOut))); # Merge in the existing /etc/passwd. foreach my $name (keys %usersCur) { @@ -214,7 +214,7 @@ foreach my $name (keys %usersCur) { # Rewrite /etc/passwd. FIXME: acquire lock. @lines = map { join(":", $_->{name}, $_->{fakePassword}, $_->{uid}, $_->{gid}, $_->{description}, $_->{home}, $_->{shell}) . "\n" } (sort { $a->{uid} <=> $b->{uid} } (values %usersOut)); -write_file("/etc/passwd.tmp", @lines); +write_file("/etc/passwd.tmp", { binmode => ':utf8' }, @lines); rename("/etc/passwd.tmp", "/etc/passwd") or die; system("nscd --invalidate passwd"); @@ -242,5 +242,5 @@ foreach my $u (values %usersOut) { push @shadowNew, join(":", $u->{name}, $hashedPassword, "1::::::") . "\n"; } -write_file("/etc/shadow.tmp", { perms => 0600 }, @shadowNew); +write_file("/etc/shadow.tmp", { binmode => ':utf8', perms => 0600 }, @shadowNew); rename("/etc/shadow.tmp", "/etc/shadow") or die; diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index a68581c113fc..3001214f90fb 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -36,9 +36,6 @@ with lib; # EFI booting isoImage.makeEfiBootable = true; - # USB booting - isoImage.makeUsbBootable = true; - # Add Memtest86+ to the CD. boot.loader.grub.memtest86.enable = true; diff --git a/nixos/modules/installer/cd-dvd/iso-image.nix b/nixos/modules/installer/cd-dvd/iso-image.nix index f387c64cb9c9..22f31c460802 100644 --- a/nixos/modules/installer/cd-dvd/iso-image.nix +++ b/nixos/modules/installer/cd-dvd/iso-image.nix @@ -8,37 +8,45 @@ with lib; let - # The configuration file for syslinux. - isolinuxCfg = + # The Grub image. + grubImage = pkgs.runCommand "grub_eltorito" {} '' - SERIAL 0 38400 - UI vesamenu.c32 - MENU TITLE NixOS - MENU BACKGROUND /isolinux/background.png - - LABEL boot - MENU LABEL Boot NixOS - LINUX /boot/bzImage init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} - INITRD /boot/initrd - - LABEL chain - MENU LABEL Boot existing OS - COM32 chain.c32 - APPEND hd0 0 - - LABEL reboot - MENU LABEL Reboot - COM32 reboot.c32 - - LABEL poweroff - MENU LABEL Power Off - COM32 poweroff.c32 + ${pkgs.grub2}/bin/grub-mkimage -p /boot/grub -O i386-pc -o tmp biosdisk iso9660 help linux linux16 chain png jpeg echo gfxmenu reboot + cat ${pkgs.grub2}/lib/grub/*/cdboot.img tmp > $out + ''; # */ + + + # The configuration file for Grub. + grubCfg = + '' + set default=${builtins.toString config.boot.loader.grub.default} + set timeout=${builtins.toString config.boot.loader.grub.timeout} + + if loadfont /boot/grub/unicode.pf2; then + set gfxmode=640x480 + insmod gfxterm + insmod vbe + terminal_output gfxterm + + insmod png + if background_image /boot/grub/splash.png; then + set color_normal=white/black + set color_highlight=black/white + else + set menu_color_normal=cyan/blue + set menu_color_highlight=white/blue + fi + + fi + + ${config.boot.loader.grub.extraEntries} ''; + # The efi boot image efiDir = pkgs.runCommand "efi-directory" {} '' - mkdir -p $out/EFI/boot - cp -v ${pkgs.gummiboot}/lib/gummiboot/gummiboot${targetArch}.efi $out/EFI/boot/boot${targetArch}.efi + mkdir -p $out/efi/boot + cp -v ${pkgs.gummiboot}/lib/gummiboot/gummiboot${targetArch}.efi $out/efi/boot/boot${targetArch}.efi mkdir -p $out/loader/entries echo "title NixOS LiveCD" > $out/loader/entries/nixos-livecd.conf echo "linux /boot/bzImage" >> $out/loader/entries/nixos-livecd.conf @@ -144,22 +152,6 @@ in ''; }; - isoImage.makeUsbBootable = mkOption { - default = false; - description = '' - Whether the ISO image should be bootable from CD as well as USB. - ''; - }; - - isoImage.splashImage = mkOption { - default = pkgs.fetchurl { - url = https://raw.githubusercontent.com/NixOS/nixos-artwork/5729ab16c6a5793c10a2913b5a1b3f59b91c36ee/ideas/grub-splash/grub-nixos-1.png; - sha256 = "43fd8ad5decf6c23c87e9026170a13588c2eba249d9013cb9f888da5e2002217"; - }; - description = '' - The splash image to use in the bootloader. - ''; - }; }; @@ -174,7 +166,7 @@ in # !!! Hack - attributes expected by other modules. system.boot.loader.kernelFile = "bzImage"; - environment.systemPackages = [ pkgs.grub2 pkgs.syslinux ]; + environment.systemPackages = [ pkgs.grub2 ]; # In stage 1 of the boot, mount the CD as the root FS by label so # that we don't need to know its device. We pass the label of the @@ -221,7 +213,7 @@ in options = "allow_other,cow,nonempty,chroot=/mnt-root,max_files=32768,hide_meta_files,dirs=/nix/.rw-store=rw:/nix/.ro-store=ro"; }; - boot.initrd.availableKernelModules = [ "squashfs" "iso9660" "usb-storage" ]; + boot.initrd.availableKernelModules = [ "squashfs" "iso9660" ]; boot.initrd.kernelModules = [ "loop" ]; @@ -241,12 +233,15 @@ in # Individual files to be included on the CD, outside of the Nix # store on the CD. isoImage.contents = - [ { source = pkgs.substituteAll { - name = "isolinux.cfg"; - src = pkgs.writeText "isolinux.cfg-in" isolinuxCfg; + [ { source = grubImage; + target = "/boot/grub/grub_eltorito"; + } + { source = pkgs.substituteAll { + name = "grub.cfg"; + src = pkgs.writeText "grub.cfg-in" grubCfg; bootRoot = "/boot"; }; - target = "/isolinux/isolinux.cfg"; + target = "/boot/grub/grub.cfg"; } { source = config.boot.kernelPackages.kernel + "/bzImage"; target = "/boot/bzImage"; @@ -254,38 +249,51 @@ in { source = config.system.build.initialRamdisk + "/initrd"; target = "/boot/initrd"; } - { source = config.system.build.squashfsStore; - target = "/nix-store.squashfs"; + { source = "${pkgs.grub2}/share/grub/unicode.pf2"; + target = "/boot/grub/unicode.pf2"; } - { source = "${pkgs.syslinux}/share/syslinux"; - target = "/isolinux"; + { source = config.boot.loader.grub.splashImage; + target = "/boot/grub/splash.png"; } - { source = config.isoImage.splashImage; - target = "/isolinux/background.png"; + { source = config.system.build.squashfsStore; + target = "/nix-store.squashfs"; } ] ++ optionals config.isoImage.makeEfiBootable [ { source = efiImg; target = "/boot/efi.img"; } - { source = "${efiDir}/EFI"; - target = "/EFI"; + { source = "${efiDir}/efi"; + target = "/efi"; } { source = "${efiDir}/loader"; target = "/loader"; } - ]; + ] ++ mapAttrsToList (n: v: { source = v; target = "/boot/${n}"; }) config.boot.loader.grub.extraFiles; + + # The Grub menu. + boot.loader.grub.extraEntries = + '' + menuentry "NixOS ${config.system.nixosVersion} Installer" { + linux /boot/bzImage init=${config.system.build.toplevel}/init ${toString config.boot.kernelParams} + initrd /boot/initrd + } + + menuentry "Boot from hard disk" { + set root=(hd0) + chainloader +1 + } + ''; + + boot.loader.grub.timeout = 10; # Create the ISO image. system.build.isoImage = import ../../../lib/make-iso9660-image.nix ({ - inherit (pkgs) stdenv perl pathsFromGraph xorriso syslinux; + inherit (pkgs) stdenv perl cdrkit pathsFromGraph; inherit (config.isoImage) isoName compressImage volumeID contents; bootable = true; - bootImage = "/isolinux/isolinux.bin"; - } // optionalAttrs config.isoImage.makeUsbBootable { - usbBootable = true; - isohybridMbrImage = "${pkgs.syslinux}/share/syslinux/isohdpfx.bin"; + bootImage = "/boot/grub/grub_eltorito"; } // optionalAttrs config.isoImage.makeEfiBootable { efiBootable = true; efiBootImage = "boot/efi.img"; diff --git a/nixos/modules/services/networking/quassel.nix b/nixos/modules/services/networking/quassel.nix index 749e5dcebb61..579d62884c78 100644 --- a/nixos/modules/services/networking/quassel.nix +++ b/nixos/modules/services/networking/quassel.nix @@ -74,21 +74,23 @@ in gid = config.ids.gids.quassel; }]; - jobs.quassel = + systemd.services.quassel = { description = "Quassel IRC client daemon"; - startOn = "ip-up"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; preStart = '' - mkdir -p ${cfg.dataDir} - chown ${user} ${cfg.dataDir} + mkdir -p ${cfg.dataDir} + chown ${user} ${cfg.dataDir} ''; - exec = '' - ${pkgs.su}/bin/su -s ${pkgs.stdenv.shell} ${user} \ - -c '${quassel}/bin/quasselcore --listen=${cfg.interface}\ - --port=${toString cfg.portNumber} --configdir=${cfg.dataDir}' - ''; + serviceConfig = + { + ExecStart = "${quassel}/bin/quasselcore --listen=${cfg.interface} --port=${toString cfg.portNumber} --configdir=${cfg.dataDir}"; + User = user; + PermissionsStartOnly = true; + }; }; }; diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix index 1ce066cdc73d..11d3f576728f 100644 --- a/nixos/modules/virtualisation/docker.nix +++ b/nixos/modules/virtualisation/docker.nix @@ -7,6 +7,8 @@ with lib; let cfg = config.virtualisation.docker; + pro = config.nix.proxy; + proxy_env = optionalAttrs (pro != "") { Environment = "\"http_proxy=${pro}\""; }; in @@ -73,7 +75,7 @@ in # goes in config bundled with docker itself LimitNOFILE = 1048576; LimitNPROC = 1048576; - }; + } // proxy_env; }; systemd.sockets.docker = { @@ -99,7 +101,7 @@ in # goes in config bundled with docker itself LimitNOFILE = 1048576; LimitNPROC = 1048576; - }; + } // proxy_env; # Presumably some containers are running we don't want to interrupt restartIfChanged = false; |