From d514dc220e9fad27a46ef329360bb8db2cdf22ea Mon Sep 17 00:00:00 2001 From: Joerg Thalheim Date: Mon, 25 Sep 2017 10:43:37 +0100 Subject: networkd: also load builtin modules --- nixos/modules/system/boot/networkd.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'nixos/modules/system') diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index 9d2cea3ad165..b7beff1e3c36 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -649,7 +649,11 @@ let unitFiles = map (name: { target = "systemd/network/${name}"; source = "${cfg.units.${name}.unit}/${name}"; - }) (attrNames cfg.units); + }) (attrNames cfg.units) ++ + (map (entry: { + target = "systemd/network/${entry}"; + source = "${config.systemd.package}/lib/systemd/network/${entry}"; + }) (attrNames (builtins.readDir "${config.systemd.package}/lib/systemd/network"))); in { -- cgit 1.4.1 From fd77a08b340d8cee473a3c0543a2b801d6ec83e2 Mon Sep 17 00:00:00 2001 From: Linus Heckemann Date: Sat, 24 Feb 2018 10:50:23 +0000 Subject: grub module: suggest by-id paths for devices Since they are more stable, their use should be encouraged over that of potentially volatile identifiers like /dev/[sh]da. --- nixos/modules/system/boot/loader/grub/grub.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'nixos/modules/system') diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index 9056121fa7d1..0d83391de893 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -110,7 +110,7 @@ in device = mkOption { default = ""; - example = "/dev/hda"; + example = "/dev/disk/by-id/wwn-0x500001234567890a"; type = types.str; description = '' The device on which the GRUB boot loader will be installed. @@ -123,7 +123,7 @@ in devices = mkOption { default = []; - example = [ "/dev/hda" ]; + example = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; type = types.listOf types.str; description = '' The devices on which the boot loader, GRUB, will be @@ -135,8 +135,8 @@ in mirroredBoots = mkOption { default = [ ]; example = [ - { path = "/boot1"; devices = [ "/dev/sda" ]; } - { path = "/boot2"; devices = [ "/dev/sdb" ]; } + { path = "/boot1"; devices = [ "/dev/disk/by-id/wwn-0x500001234567890a" ]; } + { path = "/boot2"; devices = [ "/dev/disk/by-id/wwn-0x500009876543210a" ]; } ]; description = '' Mirror the boot configuration to multiple partitions and install grub @@ -178,7 +178,7 @@ in devices = mkOption { default = [ ]; - example = [ "/dev/sda" "/dev/sdb" ]; + example = [ "/dev/disk/by-id/wwn-0x500001234567890a" "/dev/disk/by-id/wwn-0x500009876543210a" ]; type = types.listOf types.str; description = '' The path to the devices which will have the GRUB MBR written. -- cgit 1.4.1 From b8f4df9d9e5ca70b6a873957e5b0899bb3b892dd Mon Sep 17 00:00:00 2001 From: Aristid Breitkreuz Date: Sun, 25 Feb 2018 21:36:19 +0100 Subject: attempt to fix #30940 more robustly --- nixos/modules/system/boot/luksroot.nix | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'nixos/modules/system') diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index eefee5a479e7..8b390e1b60c4 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -228,10 +228,6 @@ in [ "aes" "aes_generic" "blowfish" "twofish" "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512" - # workaround until https://marc.info/?l=linux-crypto-vger&m=148783562211457&w=4 is merged - # remove once 'modprobe --show-depends xts' shows ecb as a dependency - "ecb" - (if pkgs.stdenv.system == "x86_64-linux" then "aes_x86_64" else "aes_i586") ]; description = '' @@ -441,7 +437,10 @@ in # Some modules that may be needed for mounting anything ciphered # Also load input_leds to get caps lock light working (#12456) boot.initrd.availableKernelModules = [ "dm_mod" "dm_crypt" "cryptd" "input_leds" ] - ++ luks.cryptoModules; + ++ luks.cryptoModules + # workaround until https://marc.info/?l=linux-crypto-vger&m=148783562211457&w=4 is merged + # remove once 'modprobe --show-depends xts' shows ecb as a dependency + ++ (if builtins.elem "xts" luks.cryptoModules then ["ecb"] else []); # copy the cryptsetup binary and it's dependencies boot.initrd.extraUtilsCommands = '' -- cgit 1.4.1 From f2937b74854625b664eb5cb5ca900d80cf0c390b Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Thu, 1 Mar 2018 21:21:27 -0500 Subject: initrd-ssh: Fix for new dropbear version. For some reason 2018.76 dropped the -m flag. --- nixos/modules/system/boot/initrd-ssh.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/system') diff --git a/nixos/modules/system/boot/initrd-ssh.nix b/nixos/modules/system/boot/initrd-ssh.nix index cdeff4845948..8b3dc2d90eb3 100644 --- a/nixos/modules/system/boot/initrd-ssh.nix +++ b/nixos/modules/system/boot/initrd-ssh.nix @@ -118,7 +118,7 @@ in echo ${escapeShellArg key} >> /root/.ssh/authorized_keys '') cfg.authorizedKeys)} - dropbear -s -j -k -E -m -p ${toString cfg.port} ${optionalString (cfg.hostRSAKey == null && cfg.hostDSSKey == null && cfg.hostECDSAKey == null) "-R"} + dropbear -s -j -k -E -p ${toString cfg.port} ${optionalString (cfg.hostRSAKey == null && cfg.hostDSSKey == null && cfg.hostECDSAKey == null) "-R"} ''; boot.initrd.secrets = -- cgit 1.4.1