diff options
Diffstat (limited to 'nixos')
24 files changed, 99 insertions, 55 deletions
diff --git a/nixos/doc/manual/development/releases.xml b/nixos/doc/manual/development/releases.xml index 863110a1c7ca..d4e5ff3f4312 100755 --- a/nixos/doc/manual/development/releases.xml +++ b/nixos/doc/manual/development/releases.xml @@ -70,7 +70,7 @@ <listitem> <para> <link xlink:href="https://github.com/NixOS/nixpkgs/compare/bdf161ed8d21...6b63c4616790"> - Bump the <literal>system.nixos.defaultChannel</literal> attribute in + Bump the <literal>system.defaultChannel</literal> attribute in <literal>nixos/modules/misc/version.nix</literal> </link> </para> </listitem> diff --git a/nixos/doc/manual/release-notes/rl-1509.xml b/nixos/doc/manual/release-notes/rl-1509.xml index 2465f370cf13..4eb2f9aa0a95 100644 --- a/nixos/doc/manual/release-notes/rl-1509.xml +++ b/nixos/doc/manual/release-notes/rl-1509.xml @@ -433,9 +433,9 @@ system.autoUpgrade.enable = true; default. If you have existing systems with such host keys and want to continue to use them, please set <programlisting> -system.nixos.stateVersion = "14.12"; +system.stateVersion = "14.12"; </programlisting> - The new option <option>system.nixos.stateVersion</option> ensures that + The new option <option>system.stateVersion</option> ensures that certain configuration changes that could break existing systems (such as the <command>sshd</command> host key setting) will maintain compatibility with the specified NixOS release. NixOps sets the state version of diff --git a/nixos/modules/installer/cd-dvd/installation-cd-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-base.nix index 298b8d88bb59..36024ce9f45e 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-base.nix @@ -32,5 +32,5 @@ with lib; # Allow the user to log in as root without a password. users.users.root.initialHashedPassword = ""; - system.nixos.stateVersion = mkDefault "18.03"; + system.stateVersion = mkDefault "18.03"; } diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index 165566912401..cbe145d5a330 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -628,7 +628,7 @@ $bootLoaderConfig # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. - system.nixos.stateVersion = "${\(qw(@release@))}"; # Did you read the comment? + system.stateVersion = "${\(qw(@release@))}"; # Did you read the comment? } EOF diff --git a/nixos/modules/installer/virtualbox-demo.nix b/nixos/modules/installer/virtualbox-demo.nix index f823c0d83bb6..8ca3592f3800 100644 --- a/nixos/modules/installer/virtualbox-demo.nix +++ b/nixos/modules/installer/virtualbox-demo.nix @@ -21,5 +21,5 @@ with lib; services.xserver.videoDrivers = mkOverride 40 [ "virtualbox" "vmware" "cirrus" "vesa" "modesetting" ]; powerManagement.enable = false; - system.nixos.stateVersion = mkDefault "18.03"; + system.stateVersion = mkDefault "18.03"; } diff --git a/nixos/modules/misc/version.nix b/nixos/modules/misc/version.nix index 33d8a7861693..3be12e4a6375 100644 --- a/nixos/modules/misc/version.nix +++ b/nixos/modules/misc/version.nix @@ -12,29 +12,29 @@ in { - options.system.nixos = { + options.system = { - version = mkOption { + nixos.version = mkOption { internal = true; type = types.str; description = "The full NixOS version (e.g. <literal>16.03.1160.f2d4ee1</literal>)."; }; - release = mkOption { + nixos.release = mkOption { readOnly = true; type = types.str; default = trivial.release; description = "The NixOS release (e.g. <literal>16.03</literal>)."; }; - versionSuffix = mkOption { + nixos.versionSuffix = mkOption { internal = true; type = types.str; default = trivial.versionSuffix; description = "The NixOS version suffix (e.g. <literal>1160.f2d4ee1</literal>)."; }; - revision = mkOption { + nixos.revision = mkOption { internal = true; type = types.str; default = if pathIsDirectory gitRepo then commitIdFromGitRepo gitRepo @@ -43,7 +43,7 @@ in description = "The Git revision from which this NixOS configuration was built."; }; - codeName = mkOption { + nixos.codeName = mkOption { readOnly = true; type = types.str; description = "The NixOS release code name (e.g. <literal>Emu</literal>)."; @@ -76,8 +76,8 @@ in config = { - warnings = lib.optional (options.system.nixos.stateVersion.highestPrio > 1000) - "You don't have `system.nixos.stateVersion` explicitly set. Expect things to break."; + warnings = lib.optional (options.system.stateVersion.highestPrio > 1000) + "You don't have `system.stateVersion` explicitly set. Expect things to break."; system.nixos = { # These defaults are set here rather than up there so that diff --git a/nixos/modules/programs/shell.nix b/nixos/modules/programs/shell.nix index 3b5212c9e76b..944a8bdf16fc 100644 --- a/nixos/modules/programs/shell.nix +++ b/nixos/modules/programs/shell.nix @@ -34,7 +34,7 @@ with lib; # Subscribe the root user to the NixOS channel by default. if [ "$USER" = root -a ! -e "$HOME/.nix-channels" ]; then - echo "${config.system.nixos.defaultChannel} nixos" > "$HOME/.nix-channels" + echo "${config.system.defaultChannel} nixos" > "$HOME/.nix-channels" fi # Create the per-user garbage collector roots directory. diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 5242444a60b8..40f66ccb26b2 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -4,6 +4,11 @@ with lib; { imports = [ + # !!! These were renamed the other way, but got reverted later. + # !!! Drop these before 18.09 is released. + (mkRenamedOptionModule [ "system" "nixos" "stateVersion" ] [ "system" "stateVersion" ]) + (mkRenamedOptionModule [ "system" "nixos" "defaultChannel" ] [ "system" "defaultChannel" ]) + (mkRenamedOptionModule [ "dysnomia" ] [ "services" "dysnomia" ]) (mkRenamedOptionModule [ "environment" "x11Packages" ] [ "environment" "systemPackages" ]) (mkRenamedOptionModule [ "environment" "enableBashCompletion" ] [ "programs" "bash" "enableCompletion" ]) @@ -222,8 +227,6 @@ with lib; (mkRenamedOptionModule [ "system" "nixosVersionSuffix" ] [ "system" "nixos" "versionSuffix" ]) (mkRenamedOptionModule [ "system" "nixosRevision" ] [ "system" "nixos" "revision" ]) (mkRenamedOptionModule [ "system" "nixosLabel" ] [ "system" "nixos" "label" ]) - (mkRenamedOptionModule [ "system" "stateVersion" ] [ "system" "nixos" "stateVersion" ]) - (mkRenamedOptionModule [ "system" "defaultChannel" ] [ "system" "nixos" "defaultChannel" ]) # Users (mkAliasOptionModule [ "users" "extraUsers" ] [ "users" "users" ]) diff --git a/nixos/modules/services/databases/mysql.nix b/nixos/modules/services/databases/mysql.nix index 3eb7879e2d9f..0dde9ee6e2e5 100644 --- a/nixos/modules/services/databases/mysql.nix +++ b/nixos/modules/services/databases/mysql.nix @@ -218,7 +218,7 @@ in config = mkIf config.services.mysql.enable { services.mysql.dataDir = - mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then "/var/lib/mysql" + mkDefault (if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/mysql" else "/var/mysql"); users.users.mysql = { diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index e33bee9db6e9..f59fb1c81772 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -146,7 +146,7 @@ in }; superUser = mkOption { type = types.str; - default= if versionAtLeast config.system.nixos.stateVersion "17.09" then "postgres" else "root"; + default= if versionAtLeast config.system.stateVersion "17.09" then "postgres" else "root"; internal = true; description = '' NixOS traditionally used 'root' as superuser, most other distros use 'postgres'. @@ -165,14 +165,14 @@ in services.postgresql.package = # Note: when changing the default, make it conditional on - # ‘system.nixos.stateVersion’ to maintain compatibility with existing + # ‘system.stateVersion’ to maintain compatibility with existing # systems! - mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then pkgs.postgresql96 - else if versionAtLeast config.system.nixos.stateVersion "16.03" then pkgs.postgresql95 + mkDefault (if versionAtLeast config.system.stateVersion "17.09" then pkgs.postgresql96 + else if versionAtLeast config.system.stateVersion "16.03" then pkgs.postgresql95 else pkgs.postgresql94); services.postgresql.dataDir = - mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}" + mkDefault (if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}" else "/var/db/postgresql"); services.postgresql.authentication = mkAfter diff --git a/nixos/modules/services/misc/matrix-synapse.nix b/nixos/modules/services/misc/matrix-synapse.nix index 3e3de9114708..18e13f6ac030 100644 --- a/nixos/modules/services/misc/matrix-synapse.nix +++ b/nixos/modules/services/misc/matrix-synapse.nix @@ -342,7 +342,7 @@ in { }; database_type = mkOption { type = types.enum [ "sqlite3" "psycopg2" ]; - default = if versionAtLeast config.system.nixos.stateVersion "18.03" + default = if versionAtLeast config.system.stateVersion "18.03" then "psycopg2" else "sqlite3"; description = '' diff --git a/nixos/modules/services/network-filesystems/ipfs.nix b/nixos/modules/services/network-filesystems/ipfs.nix index 21b664e5b2f9..412d57b27b82 100644 --- a/nixos/modules/services/network-filesystems/ipfs.nix +++ b/nixos/modules/services/network-filesystems/ipfs.nix @@ -14,7 +14,7 @@ let (optionalString (cfg.defaultMode == "norouting") "--routing=none") ] ++ cfg.extraFlags); - defaultDataDir = if versionAtLeast config.system.nixos.stateVersion "17.09" then + defaultDataDir = if versionAtLeast config.system.stateVersion "17.09" then "/var/lib/ipfs" else "/var/lib/ipfs/.ipfs"; diff --git a/nixos/modules/services/networking/radicale.nix b/nixos/modules/services/networking/radicale.nix index 2afab5ee3b3e..d6fabbcd4700 100644 --- a/nixos/modules/services/networking/radicale.nix +++ b/nixos/modules/services/networking/radicale.nix @@ -9,7 +9,7 @@ let confFile = pkgs.writeText "radicale.conf" cfg.config; # This enables us to default to version 2 while still not breaking configurations of people with version 1 - defaultPackage = if versionAtLeast config.system.nixos.stateVersion "17.09" then { + defaultPackage = if versionAtLeast config.system.stateVersion "17.09" then { pkg = pkgs.radicale2; text = "pkgs.radicale2"; } else { @@ -35,7 +35,7 @@ in defaultText = defaultPackage.text; description = '' Radicale package to use. This defaults to version 1.x if - <literal>system.nixos.stateVersion < 17.09</literal> and version 2.x + <literal>system.stateVersion < 17.09</literal> and version 2.x otherwise. ''; }; diff --git a/nixos/modules/services/search/elasticsearch.nix b/nixos/modules/services/search/elasticsearch.nix index d61f588205af..b0831dcd1ca8 100644 --- a/nixos/modules/services/search/elasticsearch.nix +++ b/nixos/modules/services/search/elasticsearch.nix @@ -25,18 +25,17 @@ let ${cfg.extraConf} ''; - configDir = pkgs.buildEnv { - name = "elasticsearch-config"; - paths = [ - (pkgs.writeTextDir "elasticsearch.yml" esConfig) - (if es5 then (pkgs.writeTextDir "log4j2.properties" cfg.logging) - else (pkgs.writeTextDir "logging.yml" cfg.logging)) - ]; - postBuild = concatStringsSep "\n" (concatLists [ - # Elasticsearch 5.x won't start when the scripts directory does not exist - (optional es5 "${pkgs.coreutils}/bin/mkdir -p $out/scripts") - (optional es6 "ln -s ${cfg.package}/config/jvm.options $out/jvm.options") - ]); + configDir = cfg.dataDir + "/config"; + + elasticsearchYml = pkgs.writeTextFile { + name = "elasticsearch.yml"; + text = esConfig; + }; + + loggingConfigFilename = if es5 then "log4j2.properties" else "logging.yml"; + loggingConfigFile = pkgs.writeTextFile { + name = loggingConfigFilename; + text = cfg.logging; }; esPlugins = pkgs.buildEnv { @@ -193,7 +192,24 @@ in { ln -sfT ${esPlugins}/plugins ${cfg.dataDir}/plugins ln -sfT ${cfg.package}/lib ${cfg.dataDir}/lib ln -sfT ${cfg.package}/modules ${cfg.dataDir}/modules - if [ "$(id -u)" = 0 ]; then chown -R elasticsearch ${cfg.dataDir}; fi + + # elasticsearch needs to create the elasticsearch.keystore in the config directory + # so this directory needs to be writable. + mkdir -m 0700 -p ${configDir} + + # Note that we copy config files from the nix store instead of symbolically linking them + # because otherwise X-Pack Security will raise the following exception: + # java.security.AccessControlException: + # access denied ("java.io.FilePermission" "/var/lib/elasticsearch/config/elasticsearch.yml" "read") + + cp ${elasticsearchYml} ${configDir}/elasticsearch.yml + # Make sure the logging configuration for old elasticsearch versions is removed: + rm -f ${if es5 then "${configDir}/logging.yml" else "${configDir}/log4j2.properties"} + cp ${loggingConfigFile} ${configDir}/${loggingConfigFilename} + ${optionalString es5 "mkdir -p ${configDir}/scripts"} + ${optionalString es6 "cp ${cfg.package}/config/jvm.options ${configDir}/jvm.options"} + + if [ "$(id -u)" = 0 ]; then chown -R elasticsearch:elasticsearch ${cfg.dataDir}; fi ''; }; diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix index 4237cfdd9198..d0b936cb019f 100644 --- a/nixos/modules/services/web-servers/caddy.nix +++ b/nixos/modules/services/web-servers/caddy.nix @@ -66,7 +66,7 @@ in { description = "Caddy web server"; after = [ "network-online.target" ]; wantedBy = [ "multi-user.target" ]; - environment = mkIf (versionAtLeast config.system.nixos.stateVersion "17.09") + environment = mkIf (versionAtLeast config.system.stateVersion "17.09") { CADDYPATH = cfg.dataDir; }; serviceConfig = { ExecStart = '' diff --git a/nixos/modules/system/activation/switch-to-configuration.pl b/nixos/modules/system/activation/switch-to-configuration.pl index 2ce04ed5342c..ecd35767e01d 100644 --- a/nixos/modules/system/activation/switch-to-configuration.pl +++ b/nixos/modules/system/activation/switch-to-configuration.pl @@ -166,6 +166,24 @@ while (my ($unit, $state) = each %{$activePrev}) { if (-e $prevUnitFile && ($state->{state} eq "active" || $state->{state} eq "activating")) { if (! -e $newUnitFile || abs_path($newUnitFile) eq "/dev/null") { + # Ignore (i.e. never stop) these units: + if ($unit eq "system.slice") { + # TODO: This can be removed a few months after 18.09 is out + # (i.e. after everyone switched away from 18.03). + # Problem: Restarting (stopping) system.slice would not only + # stop X11 but also most system units/services. We obviously + # don't want this happening to users when they switch from 18.03 + # to 18.09 or nixos-unstable. + # Reason: The following change in systemd: + # https://github.com/systemd/systemd/commit/d8e5a9338278d6602a0c552f01f298771a384798 + # The commit adds system.slice to the perpetual units, which + # means removing the unit file and adding it to the source code. + # This is done so that system.slice can't be stopped anymore but + # in our case it ironically would cause this script to stop + # system.slice because the unit was removed (and an older + # systemd version is still running). + next; + } my $unitInfo = parseUnit($prevUnitFile); $unitsToStop{$unit} = 1 if boolIsTrue($unitInfo->{'X-StopOnRemoval'} // "yes"); } diff --git a/nixos/modules/testing/test-instrumentation.nix b/nixos/modules/testing/test-instrumentation.nix index 114e0ca39fa2..d94e21d681f3 100644 --- a/nixos/modules/testing/test-instrumentation.nix +++ b/nixos/modules/testing/test-instrumentation.nix @@ -127,7 +127,7 @@ with import ../../lib/qemu-flags.nix { inherit pkgs; }; services.xserver.displayManager.job.logToJournal = true; # set default stateVersion to avoid warnings during eval - system.nixos.stateVersion = mkDefault "18.03"; + system.stateVersion = mkDefault "18.03"; }; } diff --git a/nixos/modules/virtualisation/amazon-options.nix b/nixos/modules/virtualisation/amazon-options.nix index 1a45c3093b78..15de8638bbab 100644 --- a/nixos/modules/virtualisation/amazon-options.nix +++ b/nixos/modules/virtualisation/amazon-options.nix @@ -3,7 +3,7 @@ options = { ec2 = { hvm = lib.mkOption { - default = lib.versionAtLeast config.system.nixos.stateVersion "17.03"; + default = lib.versionAtLeast config.system.stateVersion "17.03"; internal = true; description = '' Whether the EC2 instance is a HVM instance. diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 31f5f6fe7807..b91165ce3b82 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -607,7 +607,7 @@ in { services.postgresql.enable = true; services.postgresql.package = pkgs.postgresql96; - system.nixos.stateVersion = "17.03"; + system.stateVersion = "17.03"; }; }; } diff --git a/nixos/release.nix b/nixos/release.nix index dfa4ee9e1278..09b0edcf9bd6 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -198,7 +198,7 @@ in rec { modules = singleton ({ ... }: { fileSystems."/".device = mkDefault "/dev/sda1"; boot.loader.grub.device = mkDefault "/dev/sda"; - system.nixos.stateVersion = mkDefault "18.03"; + system.stateVersion = mkDefault "18.03"; }); }).config.system.build.toplevel; preferLocalBuild = true; diff --git a/nixos/tests/containers-imperative.nix b/nixos/tests/containers-imperative.nix index 42bff6a9a3f9..93b00b5b9772 100644 --- a/nixos/tests/containers-imperative.nix +++ b/nixos/tests/containers-imperative.nix @@ -18,7 +18,7 @@ import ./make-test.nix ({ pkgs, ...} : { inherit (config.nixpkgs.localSystem) system; modules = lib.singleton { containers.foo.config = { - system.nixos.stateVersion = "18.03"; + system.stateVersion = "18.03"; }; }; }; diff --git a/nixos/tests/containers-ipv4.nix b/nixos/tests/containers-ipv4.nix index c4d954592ef0..4affe3d9d56d 100644 --- a/nixos/tests/containers-ipv4.nix +++ b/nixos/tests/containers-ipv4.nix @@ -21,7 +21,7 @@ import ./make-test.nix ({ pkgs, ...} : { services.httpd.adminAddr = "foo@example.org"; networking.firewall.allowedTCPPorts = [ 80 ]; networking.firewall.allowPing = true; - system.nixos.stateVersion = "18.03"; + system.stateVersion = "18.03"; }; }; diff --git a/nixos/tests/elk.nix b/nixos/tests/elk.nix index 8dba7a905fa6..4c5c441ca265 100644 --- a/nixos/tests/elk.nix +++ b/nixos/tests/elk.nix @@ -1,4 +1,4 @@ -{ system ? builtins.currentSystem }: +{ system ? builtins.currentSystem, enableUnfree ? false }: with import ../lib/testing.nix { inherit system; }; with pkgs.lib; let @@ -99,9 +99,16 @@ in mapAttrs mkElkTest { logstash = pkgs.logstash5; kibana = pkgs.kibana5; }; - "ELK-6" = { - elasticsearch = pkgs.elasticsearch6; - logstash = pkgs.logstash6; - kibana = pkgs.kibana6; - }; + "ELK-6" = + if enableUnfree + then { + elasticsearch = pkgs.elasticsearch6; + logstash = pkgs.logstash6; + kibana = pkgs.kibana6; + } + else { + elasticsearch = pkgs.elasticsearch6-oss; + logstash = pkgs.logstash6-oss; + kibana = pkgs.kibana6-oss; + }; } diff --git a/nixos/tests/radicale.nix b/nixos/tests/radicale.nix index 0a9c2d394a7a..bf22fc9291af 100644 --- a/nixos/tests/radicale.nix +++ b/nixos/tests/radicale.nix @@ -43,7 +43,7 @@ in }); }) ]; - system.nixos.stateVersion = "17.03"; + system.stateVersion = "17.03"; }; radicale1_export = lib.recursiveUpdate radicale1 { services.radicale.extraArgs = [ @@ -54,7 +54,7 @@ in services.radicale.extraArgs = [ "--verify-storage" ]; }; radicale2 = lib.recursiveUpdate (common args) { - system.nixos.stateVersion = "17.09"; + system.stateVersion = "17.09"; }; }; |