Commit graph

426 commits

Author SHA1 Message Date
Aristid Breitkreuz
a43e33d0e4 nixos: disable sound by default, if stateVersion >= 18.03 (#35355) 2018-02-22 22:06:31 +00:00
Eelco Dolstra
d12c9911df
Merge remote-tracking branch 'origin/master' into nix-2.0 2018-02-22 17:28:51 +01:00
Eelco Dolstra
32af695a22
nix: 1.11.16 -> 2.0 2018-02-22 17:03:27 +01:00
Jan Malakhovski
2e6b796761 nixos: rename config.system.nixos* -> config.system.nixos.* 2018-02-18 12:56:30 +00:00
Eelco Dolstra
847ea13be3
Doh 2018-02-07 19:47:03 +01:00
Eelco Dolstra
0f5d5970b2
nixos-prepare-root: Remove
This is no longer needed thanks to Nix 2.0 magic.
2018-02-07 19:39:14 +01:00
Eelco Dolstra
5d8860b919
nixos-install: Accept --substituters
This is useful in tests where we don't have network access. Passing
--substituters "" prevents wasting time by checking cache.nixos.org.
2018-02-07 19:39:13 +01:00
Eelco Dolstra
598a3f5b30
nixos-install: Create /etc 2018-02-07 19:10:13 +01:00
Eelco Dolstra
6daad9b3c5
nixos-install: Fix --closure 2018-02-07 18:22:05 +01:00
Eelco Dolstra
da702a4034
nixos-enter: Don't require root
Of course, you'll get a bunch of warnings from the activation script:

  $ nixos-enter --root /tmp/mnt/
  setting up /etc...
  mount: /dev: permission denied.
  mount: /dev/pts: permission denied.
  mount: /dev/shm: permission denied.
  mount: /sys: permission denied.
  /nix/var/nix/profiles/system/activate: line 74: /proc/sys/kernel/modprobe: Permission denied
  chown: changing ownership of '/run/wrappers/wrappers.0pKlU8JsvV/dbus-daemon-launch-helper': Invalid argument
  NOTE: Under Linux, effective file capabilities must either be empty, or
        exactly match the union of selected permitted and inheritable bits.
  Failed to set capabilities on file `/run/wrappers/wrappers.0pKlU8JsvV/ping' (Operation not permitted)
  chown: changing ownership of '/run/wrappers/wrappers.0pKlU8JsvV/unix_chkpwd': Invalid argument

  [root@nixos:/]#
2018-02-07 17:59:04 +01:00
Eelco Dolstra
bb030ece3b
nixos-enter: Check whether --root denotes a NixOS installation 2018-02-07 17:23:05 +01:00
Eelco Dolstra
f0979ca30e
nixos-install: Don't require root
E.g.

  nixos-install --root /tmp/mnt/ --no-bootloader --no-root-passwd

now works for non-root users.
2018-02-07 17:20:26 +01:00
Eelco Dolstra
f9e64dbe76
nixos-enter: Don't mount special filesystems
The activation script already does this.
2018-02-05 21:05:02 +01:00
Eelco Dolstra
e88f28965a
nixos-install: Make compatible with Nix 2.0
The use of Nix 2.0 significantly simplifies the installer, since we
can just pass a different store URI (--store /mnt) - it's no longer
needed to set up a chroot environment for the build, and to bootstrap
Nix into the chroot.

Also, commands that need to run in the installation (namely boot
loader installation and setting a root password) are now executed
using nixos-enter.

This also removes the need for nixos-prepare-root since any required
initialisation is done by Nix or by the activation script.
2018-02-05 19:50:36 +01:00
Eelco Dolstra
60cb23001a
Add a "nixos-enter" command
This factors out the functionality in nixos-install for running a
command inside a NixOS installation (nixos-install --chroot).
2018-02-05 19:41:54 +01:00
Eelco Dolstra
875eaf0821
nix: 1.11.15 -> 1.11.16 2017-12-12 17:46:21 +01:00
Maximilian Bosch
20a5e9db84 nixos-option: don't eval description
see https://github.com/NixOS/nixpkgs/pull/31630#issuecomment-344073438
2017-11-14 23:06:44 +01:00
Orivej Desh
2dd9588834
Merge pull request #31071 from yegortimoshenko/nixos-install/mkdir-or-chmod
nixos-prepare-root: chmod if dir already exists, fixes #22413
2017-11-11 01:04:14 +00:00
Yegor Timoshenko
2c9e195eed nixos-prepare-root: chmod if dir already exists 2017-11-04 15:07:36 +00:00
Yegor Timoshenko
f2621d4ba8 nixos-generate-config: enforce umask 0022, fixes #30954 2017-10-30 21:59:37 +00:00
Danylo Hlynskyi
dab7ecc054 nixos-generate-config: lessen priority for cpuFreqGovernor (#30221)
In particular, it conflicts with `services.tlp.enable` option.

There exists workaround:
```
  powerManagement.cpuFreqGovernor = lib.mkForce null;
  services.tlp.enable = true;
```
But should it?
2017-10-20 19:59:31 +00:00
aszlig
f4e742594d
nixos: Fix detection of btrfs root volume
Regression introduced by 801c920e95.

Since then, the btrfsSimple subtest of the installer VM test fails with:

Btrfs did not return a path for the subvolume at /

The reason for this is that the output for "btrfs subvol show" has
changed between version 4.8.2 and 4.13.1.

For example the output of "btrfs subvol show /" in version 4.8.2 was:

/ is toplevel subvolume

In version 4.13.1, the output now is the following and thus the regular
expressions used in nixos-generate-config.pl and install-grub.pl now
match (which results in the error mentioned above):

/
        Name:                   <FS_TREE>
        UUID:                   -
        Parent UUID:            -
        Received UUID:          -
        Creation time:          -
        Subvolume ID:           5
        Generation:             287270
        Gen at creation:        0
        Parent ID:              0
        Top level ID:           0
        Flags:                  -
        Snapshot(s):

In order to fix this I've changed nixos-generate-config.pl and
install-grub.pl, because both use "btrfs subvol show" in a similar vein,
so the regex for parsing the output now doesn't match anymore whenever
the volume path is "/", which should result in the same behaviour as we
had with btrfs-progs version 4.8.2.

Tested against the btrfsSimple, btrfsSubvols and btrfsSubvolDefault
subtests of the installer VM test and they all succeed now.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2017-10-11 04:30:52 +02:00
Franz Pletz
801c920e95
btrfs-progs: 4.8.2 -> 4.13.1 2017-10-07 04:04:20 +02:00
Daniel Peebles
79d8ccf4f0 Merge pull request #28777 from copumpkin/installer-chroot
nixos-install: re-enable --chroot option
2017-09-26 12:23:19 -07:00
Dan Peebles
186c120bed nixos-install: re-enable --chroot option
I forgot to implement it the first time around. Whoops!
2017-09-26 07:25:14 -07:00
Franz Pletz
0f5cd17f2c
nixos-generate-config: add programs options examples 2017-09-23 20:03:19 +02:00
Jörg Thalheim
7d5633ea7a Merge pull request #27342 from lheckemann/installer-changes
Installer changes
2017-09-15 16:19:11 +01:00
Eelco Dolstra
6dad1f70ce
nix: 1.11.14 -> 1.11.15 2017-09-15 16:38:33 +02:00
Graham Christensen
8a11b0d7df Merge pull request #28775 from grahamc/describe-stateVersion
Document the stateVersion more
2017-08-31 06:47:09 -04:00
Eelco Dolstra
79954b9d1f
nix: 1.11.13 -> 1.11.14 2017-08-31 11:00:09 +02:00
Graham Christensen
8efb46b609
configuration.nix: Document the stateVersion more 2017-08-30 21:41:35 -04:00
Graham Christensen
af51aa79d2
installer: add a comment hinting about enabling libinput for touchpads 2017-08-30 20:24:36 -04:00
Pascal Bach
322d0c562c auto-upgrade: add proxy support
Add the proxy variables so that auto upgrade works behind a proxy.
2017-08-30 01:25:47 +02:00
Eelco Dolstra
17642b5fd0
nix: 1.11.12 -> 1.11.13 2017-07-18 10:54:01 +02:00
Eelco Dolstra
40cf34aaae
nix: 1.11.11 -> 1.11.12 2017-07-13 16:37:11 +02:00
Linus Heckemann
77ce02201e nixos-install: use FIFO for system closure
This avoids running out of space in space-constrained environments,
e.g. VMs with relatively small amounts of memory and tmp on tmpfs
2017-07-13 06:30:24 +01:00
Linus Heckemann
8b1f1d93fa nixos-install: only search for nixpkgs when needed 2017-07-13 06:26:44 +01:00
Linus Heckemann
fa5700544b nixos-install: quote nixos-prepare-root arguments
This prevents the script from breaking when channel_root is empty.
2017-07-12 21:58:25 +01:00
Eelco Dolstra
707703185d
nixos-rebuild: Respect empty NIX_REMOTE
Fixes #11384.

Note: in Nix 1.12, you can set NIX_REMOTE to "local" to avoid
ambiguity.
2017-07-07 11:58:10 +02:00
Eelco Dolstra
5446934b41
nix: 1.11.10 -> 1.11.11
(cherry picked from commit 7b1e936b24ca60810cdb6d46b68300cd179836f1)
2017-06-19 19:03:39 +02:00
Eelco Dolstra
0bffe03828
nix: 1.11.9 -> 1.11.10 2017-06-12 20:13:27 +02:00
Jörg Thalheim
361314ca71
nixos-prepare-root: force symlink at /run
Otherwise a reinstall will fail.
2017-05-01 16:10:58 +02:00
Eelco Dolstra
e4190943c8
nix: 1.11.8 -> 1.11.9 2017-04-25 17:19:10 +02:00
Dan Peebles
f1708a9d7d make-disk-image: change to be less VM-centric
This changes much of the make-disk-image.nix logic (and thus most NixOS
image building) to use LKL to set up the target directory structure rather
than a Linux VM. The only work we still do in a VM is less IO-heavy stuff
that while still time-consuming, is less of the overall load. The goal is
to kill more of that stuff, but that will require deeper changes to NixOS
activation scripts and switch-to-configuration.pl, and I don't want to
bite off too much at once.
2017-04-24 02:30:00 +00:00
Dan Peebles
d990aa7163 Refactor nixos-install to separate out filesystem build logic
The key distinction I'm drawing is that there's a component that deals
with the store of the machine being built, and another component for
the store building it. The inner part of it assumes nothing from the
builder (doesn't need chroot or root powers) so it can run comfortably
inside a Nix build, as well as nixos-rebuild. I have some upcoming work
that will use that to significantly speed up and streamline image builds
for NixOS, especially on virtualized hosts like EC2, but it's also a
reasonable speedup on native hosts.
2017-04-16 16:09:41 +00:00
Eelco Dolstra
2cb25f8b59
nix: 1.11.7 -> 1.11.8 2017-03-21 14:49:23 +01:00
Franz Pletz
fb50cde71e
nixos/treewide: systemd.time is in manvolume 7
cc #23396
2017-03-21 08:28:53 +01:00
Eelco Dolstra
d72a34311a
Remove nixFallback
This causes unintended schema upgrades, and is no longer needed now
that we have nixos/modules/installer/tools/nix-fallback-paths.nix.
2017-03-06 15:54:50 +01:00
Thomas Tuegel
d91637c546
nixos-generate-config: rename plasma5 desktop 2017-03-03 07:28:29 -06:00
Eelco Dolstra
8e1fa01f3a
nix: 1.11.6 -> 1.11.7 2017-02-24 12:53:53 +01:00
Eelco Dolstra
14c47bd546 Merge pull request #22758 from dezgeg/pr-nixos-rebuild
nixos-rebuild: Don't rebuild nixos-rebuild when --fast is used
2017-02-14 16:35:43 +01:00
Parnell Springmeyer
467bb3f674
/run/wrapper is not a filesystem, no need to skip it 2017-02-14 07:32:24 -06:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Tuomas Tynkkynen
2000f0941e nixos-rebuild: Don't build nixos-rebuild with --fast 2017-02-13 21:52:32 +02:00
Tuomas Tynkkynen
23fee8bfbd nixos-rebuild: Support passing e.g. '-j8'
Where there is no space between '-j' and the number.
2017-02-13 21:52:30 +02:00
Graham Christensen
b12564cc1b
nixos: update default cases from KDM/KDE4 to SDDM/KDE5 2017-02-09 21:52:00 -05:00
taku0
8dfa60ce73 nixos-generate-config.pl, all-hardware.nix: Add support for Hyper-V 2017-02-05 18:22:26 +09:00
Guillaume Maudoux
698f178d4e default nixos config: add firewall options.
By showing how to open ports in the firewall and how to disable it, we make users aware that there is a firewall enabled by default.
2017-02-03 16:45:11 +01:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer
025555d7f1
More fixes and improvements 2017-01-26 00:05:40 -08:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Eelco Dolstra
96b6968950
nix: 1.11.5 -> 1.11.6 2017-01-13 11:38:09 +01:00
Eelco Dolstra
0108c31e22
nix: 1.11.4 -> 1.11.5 2017-01-03 11:25:38 +01:00
gnidorah
90deca3a0c nixos-generate-config: detect CPU governor
* cpu-freq: Try powersave if ondemand is not available

* Revert "cpu-freq: Try powersave if ondemand is not available"

This reverts commit 4dc56db37e32dcfecd667ebbf88263e47b296097.
Consult available scaling governors; for freshly generated configs, this provides a better experience than relying on a default that might not work everywhere.
2017-01-02 17:20:28 +01:00
Maximilian Güntner
0cf907ae12
nixos-rebuild: Fix SSHOPTS typo
Signed-off-by: Maximilian Güntner <code@klandest.in>
2016-12-18 22:39:27 +01:00
Eric Sagnes
e14de56613 module system: extensible option types 2016-11-06 00:05:58 +01:00
Joachim Fasting
645ff13a4b
nixos autoUpgrade: fix use of startAt
`startAt = ""` as in `startAt = optionalString false ...` results
in an invalid timer unit (due to "" being promoted to a singleton
list and not filtered out).

Ref: c9941c4b5e
2016-10-23 17:56:39 +02:00
Tuomas Tynkkynen
a34ec1517f nixos-install: Bug fix for root password not being asked
Since some changes to the setuid wrappers, there is a symlink involved
and it doesn't resolve correctly inside the chroot. Do the check inside
the chroot to make it work again.
2016-09-29 23:17:53 +03:00
obadz
1c9ac8aabc grub: add boot.loader.grub.efiInstallAsRemovable
Closes #16374
2016-09-16 18:02:36 +01:00
Eelco Dolstra
f2ddf2a9be nix: 1.11.3 -> 1.11.4 2016-09-06 16:15:22 +02:00
Eelco Dolstra
1fef99942e nixos-rebuild: Move the Nix fallback store paths into a separate file 2016-09-06 16:07:47 +02:00
obadz
3f1ceae281 Partially revert "Revert "nixos: remove rsync from base install and add explicit path in nixos-install""
This partially reverts commit 0aa7520670.

Fine for rsync to be in system path but we still need the explicit path
in nixos-install in case it is invoked from non-NixOS systems and also
to fix OVA test failure

See also 0aa7520670

cc @edolstra
2016-09-06 11:49:03 +01:00
Eelco Dolstra
0aa7520670 Revert "nixos: remove rsync from base install and add explicit path in nixos-install"
This reverts commit 582313bafe.

Removing rsync is actually pointless because nixos-install depends on
it. So if it's part of the system closure, we may as well provide it
to users.

Probably with the next Nix release we can drop the use of rsync and
use "nix copy" instead.
2016-09-05 13:45:59 +02:00
Alexander Ried
1542bddcc8 nixos-install.sh: Create /var (#18266)
Got lost in a6670c1a0b
2016-09-03 19:17:44 +02:00
Parnell Springmeyer
98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Parnell Springmeyer
81b33eb466 security: Updating the machinery for creating the wrapper programs dir in var and updating ping and ping6 for changed config interface. 2016-09-01 19:16:36 -05:00
Parnell Springmeyer
6fe93ae42a installer: adding perl 'next if' skip command for setcap-wrappers dir 2016-09-01 19:15:09 -05:00
Parnell Springmeyer
00dc2c559c installer: adding mkdir command for the setcap-wrappers dir 2016-09-01 19:15:09 -05:00
Domen Kožar
a6670c1a0b Fixes #18124: atomically replace /var/setuid-wrappers/ (#18186)
Before this commit updating /var/setuid-wrappers/ folder introduced
a small window where NixOS activation scripts could be terminated
and resulted into empty /var/setuid-wrappers/ folder.

That's very unfortunate because one might lose sudo binary.

Instead we use two atomic operations mv and ln (as described in
https://axialcorps.com/2013/07/03/atomically-replacing-files-and-directories/)
to achieve atomicity.

Since /var/setuid-wrappers is not a directory anymore, tmpfs mountpoints
were removed in installation scripts and in boot process.

Tested:

- upgrade /var/setuid-wrappers/ from folder to a symlink
- make sure /run/setuid-wrappers-dirs/ legacy symlink is really deleted
2016-09-01 20:57:51 +02:00
obadz
697518d467 nixos-install: remove manifest related stuff 2016-08-24 16:09:30 +01:00
Shea Levy
2942895d55 Merge branch 'install-bootloader-flag' 2016-08-17 21:16:29 -04:00
obadz
24f8cf08cc nixos/lib/make-disk-image: refactor to use nixos-install
- Replace hand-rolled version of nixos-install in make-disk-image by an
  actual call to nixos-install
- Required a few cleanups of nixos-install
- nixos-install invokes an activation script which the hand-rolled version
  in make-disk-image did not do. We remove /etc/machine-id as that's
  a host-specific, impure, output of the activation script

Testing:

nix-build '<nixpkgs/nixos/release.nix>' -A tests.installer.simple passes

Also tried generating an image with:

nix-build -E 'let
    pkgs = import <nixpkgs> {};
    lib = pkgs.lib;
    nixos = import <nixpkgs/nixos> {
      configuration = {
        fileSystems."/".device = "/dev/disk/by-label/nixos";
        boot.loader.grub.devices = [ "/dev/sda" ];
        boot.loader.grub.extraEntries = '"''"'
          menuentry "Ubuntu" {
             insmod ext2
             search --set=root --label ubuntu
             configfile /boot/grub/grub.cfg
          }
        '"''"';
      };
    };
  in import <nixpkgs/nixos/lib/make-disk-image.nix> {
    inherit pkgs lib;
    config = nixos.config;
    diskSize = 2000;
    partitioned = false;
    installBootLoader = false;
  }'

Then installed the image:
$ sudo df if=./result/nixos.img of=/dev/sdaX bs=1M
$ sudo resize2fs /dev/disk/by-label/nixos
$ sudo mount /dev/disk/by-label/nixos /mnt
$ sudo mount --rbind /proc /mnt/proc
$ sudo mount --rbind /dev /mnt/dev
$ sudo chroot /mnt /nix/var/nix/profiles/system/bin/switch-to-configuration boot

[ … optionally do something about passwords … ]

and successfully rebooted to that image.

Was doing all this from inside a Ubuntu VM with a single user nix install.
2016-08-16 15:31:16 +01:00
Shea Levy
b4954a8f38 Deprecate --install-grub in favor of --install-bootloader for nixos-rebuild.
Fixes #14293
2016-08-16 07:51:58 -04:00
obadz
806e88c137 nixos-install: cleanups & improvements to run on non-NixOS systems
- Fix --no-bootloader which didn't do what it advertised
- Hardcode nixbld GID so that systems which do not have a nixbld user
  can still run nixos-install (only with --closure since they can't
  build anything)
- Cleanup: get rid of NIX_CONF_DIR(=/tmp)/nix.conf and pass arguments instead
- Cleanup: don't assume that the target system has '<nixpkgs/nixos>' or
  '<nixos-config>' to see if config.users.mutableUsers. Instead check if
  /var/setuid-wrappers/passwd is there

Installing NixOS now works from a Ubuntu host (using --closure).

nix-build -A tests.installer.simple '<nixpkgs/nixos/release.nix>' succeeds ✓
2016-08-16 02:47:49 +01:00
obadz
582313bafe nixos: remove rsync from base install and add explicit path in nixos-install
As per 60b3f95ad8 (commitcomment-18507812)
2016-08-09 21:39:40 +01:00
obadz
57b7c3c545 nixos-install: more robust way of sourcing fresh version of self 2016-08-09 21:39:40 +01:00
aszlig
55d881eea3
Revert adding .git-revision unconditionally
This reverts commit 1e534e234b.

We already should have a .git directory if it is managed via Git,
otherwise there is no way to get the Git revision if neither
.git-revision or .git is present.

But having .git-revision _and_ .git present seems very much redundant to
me.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @bennofs, @Profpatsch
Issue: #17218
2016-08-09 14:15:06 +02:00
obadz
037d9c6cab nixos-install: add options --closure, --no-channel-copy, --no-root-passwd, and --no-bootloader
Closes #17236

nix-build -A tests.installer.simple '<nixos/release.nix>' succeeds ✓
2016-08-04 16:22:25 +01:00
Benno Fünfstück
1e534e234b fix nixos-version --hash when building from git 2016-07-23 22:59:03 +02:00
davidak
d97a107426 nixos-version: fix syntax error and add -h (#16906)
* nixos-version: fix syntax error

* nixos-version: add -h parameter
2016-07-13 09:11:32 +02:00
Graham Christensen
d9724bcdbf doc: add man page for nixos-version (#16869) 2016-07-12 16:29:13 +02:00
Nikolay Amiantov
21f9180d49 Merge pull request #15579 from abbradar/nixos-install-ssl
nixos-install: fix SSL certificate error
2016-06-23 07:48:45 +04:00
Eelco Dolstra
9f0e137338 Rename boot.loader.gummiboot.enable -> boot.loader.systemd-boot.enable 2016-06-01 12:55:52 +02:00
Eelco Dolstra
a7baec7cb1 nixos-generate-config: Emit LUKS configuration for boot device 2016-05-25 18:04:41 +02:00
Eelco Dolstra
c6ab4ab206 nixos-generate-config: Enable strictness 2016-05-25 18:04:34 +02:00
Nikolay Amiantov
1193790b95 nixos-install: fix SSL certificate error 2016-05-20 15:30:56 +03:00
Tuomas Tynkkynen
1d4b21ef42 treewide: Use correct output of config.nix.package in non-string contexts 2016-04-25 16:44:38 +02:00
Eelco Dolstra
25387a1bed nixos-checkout: Remove
This command was useful when NixOS was spread across multiple
repositories, but now it's pretty pointless (and obfuscates what
happens, i.e. "git clone git://github.com/NixOS/nixpkgs.git").
2016-04-20 20:57:02 +02:00
Vladimír Čunát
39ebb01d6e Merge branch 'staging', containing closure-size #7701 2016-04-13 09:25:28 +02:00
Vladimír Čunát
5c04313451 nixos-generate-config: lower priority of nix.maxJobs
Fixes #6429.
2016-04-12 08:09:52 +02:00
Vladimír Čunát
30f14243c3 Merge branch 'master' into closure-size
Comparison to master evaluations on Hydra:
  - 1255515 for nixos
  - 1255502 for nixpkgs
2016-04-10 11:17:52 +02:00
Vladimír Čunát
d1df28f8e5 Merge 'staging' into closure-size
This is mainly to get the update of bootstrap tools.
Otherwise there were mysterious segfaults:
https://github.com/NixOS/nixpkgs/pull/7701#issuecomment-203389817
2016-04-07 14:40:51 +02:00
Domen Kožar
55a86b799e nixos-generate-config.pl: correct path for broadcom-43xx
(cherry picked from commit b01eedaeecd4bd292fd9a22225c9490a285e3b77)
Signed-off-by: Domen Kožar <domen@dev.si>
2016-03-31 23:47:20 +01:00
Eelco Dolstra
c94f8a4abd nixos-rebuild: Fix Nix fallback
Somebody forgot that Bash is not a real programming language...
2016-03-30 16:36:18 +02:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
Eelco Dolstra
f3d94cfc23 Revert "Add the tool "nixos-typecheck" that can check an option declaration to:"
This reverts commit cad8957eab. It
breaks NixOps, but more importantly, such major changes to the module
system really need to be reviewed.
2016-03-01 20:52:06 +01:00
Thomas Strobel
cad8957eab Add the tool "nixos-typecheck" that can check an option declaration to:
- Enforce that an option declaration has a "defaultText" if and only if the
   type of the option derives from "package", "packageSet" or "nixpkgsConfig"
   and if a "default" attribute is defined.

 - Enforce that the value of the "example" attribute is wrapped with "literalExample"
   if the type of the option derives from "package", "packageSet" or "nixpkgsConfig".

 - Warn if a "defaultText" is defined in an option declaration if the type of
   the option does not derive from "package", "packageSet" or "nixpkgsConfig".

 - Warn if no "type" is defined in an option declaration.
2016-02-29 01:09:00 +01:00
Vladimír Čunát
e9520e81b3 Merge branch 'master' into staging 2016-02-17 10:06:31 +01:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Nikolay Amiantov
46f3975d99 nixos-install: don't check that /mnt is a mount point 2016-02-10 02:08:36 +03:00
Vladimír Čunát
a115bff08c Merge branch 'master' into staging 2016-02-07 13:52:42 +01:00
Aneesh Agrawal
3c5fca9618 filesystems: use list of strings for fs options
Allow usage of list of strings instead of a comma-separated string
for filesystem options. Deprecate the comma-separated string style
with a warning message; convert this to a hard error after 16.09.
15.09 was just released, so this provides a deprecation period during
the 16.03 release.

closes #10518

Signed-off-by: Robin Gloster <mail@glob.in>
2016-02-06 19:48:30 +00:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size
Let's get rid of those merge conflicts.
2016-02-03 16:57:19 +01:00
Guillaume Maudoux
9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Rickard Nilsson
e430f14da3 nixos-rebuild: Don't propagate --no-out-link arg to nix-store 2016-02-01 10:54:58 +01:00
Rickard Nilsson
b5b7805543 nixos-rebuild: Do not create result symlinks for boot/switch actions (resolves #12665) 2016-02-01 10:37:53 +01:00
Vladimír Čunát
3e1599f57b nixos-generate-config: fix #12595: broadcom quoting 2016-01-25 07:57:53 +01:00
Rickard Nilsson
51c6383ebd nixos-rebuild: Build only the 'out' output of nix (not 'doc' and 'debug' too)
This fixes the failing NixOS installer tests.
2016-01-20 10:01:59 +01:00
Rickard Nilsson
fb2eae08d5 Revert "Revert "nixos-rebuild: Add option for building and/or deploying on a remote host""
This reverts commit 78be7f5a53.
2016-01-20 10:01:59 +01:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Domen Kožar
78be7f5a53 Revert "nixos-rebuild: Add option for building and/or deploying on a remote host"
This reverts commit ca0c460406.

All the installer tests are failing due to this change. cc @rickynils
2016-01-10 17:50:50 +01:00
Eelco Dolstra
104c252b61 Merge pull request #11279 from rickynils/nixos-rebuild-remote
nixos-rebuild: Add option for building and/or deploying on a remote host
2016-01-04 11:52:25 +01:00
Tobias Geerinckx-Rice
82419575aa btrfsProgs -> canonical btrfs-progs 2016-01-03 20:38:44 +01:00
Rickard Nilsson
ca0c460406 nixos-rebuild: Add option for building and/or deploying on a remote host
This commit adds the options --build-host and --target-host to nixos-rebuild.

--build-host instructs nixos-rebuild to perform all nix builds on the
specified host (via ssh). Build results are then copied back to the
local machine and used when activating the system.

--build-target instructs nixos-rebuild to activate the configuration
not on the local machine but on the specified remote host. Build
results are copied to the target machine and then activated there (via ssh).

It is possible to combine the usage of --build-host and --target-host,
in which case you can perform the build on one remote machine and deploy
the configuration to another remote machine. The only requirement is that
the build host has a working ssh connection to the target host (if the
target is not local), and that the local machine can connect to both
the target and the build host. Also, your user must be allowed to copy
nix closures between the local machine and the target and host machines.

At no point in time are the configuration sources (the nix files) copied
anywhere. Instead, nix evaluation always happens locally
(with nix-instantiate). The drv-file is then copied and realised remotely
(with nix-store).

As a convenience, if only --target-host is specified, --build-host is
implicitly set to that host too. So if you want to build locally and deploy
remotely you have to explicitly set "--build-host localhost".

To activate (test, boot or switch) you need to have root access to the
target host. You can specify this by "--target-host root@myhost".

I have tested the obvious scenarios and they are working. Some of the
combinations of --build-host and --target-host and the various actions might
not make much sense, and should maybe be forbidden (like setting a remote
target host when building a VM), and some combinations might not work at all.
2016-01-01 18:21:59 +01:00
Vladimír Čunát
f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Eelco Dolstra
af6732e503 nixos autoUpgrade: add a 'dates' option
(cherry picked from commit 80917d2473d321d7a990cf991c6353547976638c)
Originally merged #11808 to release-15.09 directly. Close #11821.
2015-12-19 08:46:13 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Arseniy Seroka
61910861dc fix spelling 2015-10-25 04:26:49 +03:00
Brian McKenna
3ef956eb50 nixos-generate-config: look at mmc_host for device drivers
I needed to add sdhci_acpi and mmc_block to my initrd modules in order to boot
my Chromebook. Looking under /sys/class/mmc_host/*/device/driver/module will
give us the sdhci_acpi dependency.
2015-10-16 17:41:15 +11:00
Charles Strahan
cb38f10d12 nixos-generate-config: detect brcmfmac requirement
This makes the firmware available (or would, if someone switched off
enableAllFirmware). Corresponding kernel module should get auto-loaded.

See #9948. Close #9971.
2015-10-15 13:12:42 +02:00
Eelco Dolstra
e65b8fcebe Fix nixos-upgrade 2015-10-05 09:26:30 +02:00
Tuomas Tynkkynen
86919e2ae4 nixos/auto-upgrade: Reference correct xz output 2015-10-03 14:08:52 +02:00
Eelco Dolstra
ab16b6a837 Merge pull request #10160 from dezgeg/pr-unset-build-hook-in-nixos-install
nixos-install: Don't use NIX_BUILD_HOOK from caller's environment
2015-09-30 23:33:07 +02:00
Tuomas Tynkkynen
725a4d6740 nixos-install: Don't use NIX_BUILD_HOOK from caller's environment
If nixos-install is run on a machine with `nix.distributedBuilds = true`
the installation will fail at some point like this:

Died at /nix/store/4frhrl31cl7iahlz6vyvysy5dmr6xnh3-nix-1.10/libexec/nix/build-remote.pl line 115, <STDIN> line 1.

This is due to `nix.distributedBuilds` setting
NIX_BUILD_HOOK=/nix/store/.../build-remote.pl in the global environment,
which then gets confused in the minimal chroot created by nixos-install.

To avoid these kinds of issues with build hooks, just disable them in
the chroot.
2015-09-30 23:02:21 +03:00
Eelco Dolstra
3231424c37 Bump fallback Nix store paths 2015-09-30 21:12:46 +02:00
Tuomas Tynkkynen
8914e1af6d nixos-generate-config: Don't enable vbox guest via deprecated option
Avoids this warning when running `nixos-rebuild switch`:
````
building Nix...
building the system configuration...
trace: Obsolete option `services.virtualboxGuest.enable' is used. It was renamed to `virtualisation.virtualbox.guest.enable'.
````
2015-08-16 00:32:37 +02:00
Eelco Dolstra
43c4756090 Add auto update feature
You can now keep your system up to date automatically by setting:

  system.autoUpgrade.enable = true;

Fixes #7369.
2015-08-07 05:37:31 +02:00
Eelco Dolstra
2cd7c1f198 Unify NixOS and Nixpkgs channel structure
This is primarily to ensure that

  -I nixpkgs=https://nixos.org/channels/nixos-unstable/nixexprs.tar.xz

and

  -I nixpkgs=https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz

and

  -I nixpkgs=https://nixos.org/channels/nixpkgs-unstable/nixexprs.tar.xz

behave consistently.

It also allows installing packages via "nix-env -iA nixos.<pkg>"
rather than "nixos.pkgs.<pkg>". It would be even better to allow
"nixpkgs.<pkg>", but that requires a change to nix-channel.

Fixes #7659.
2015-08-05 17:37:11 +02:00
Eelco Dolstra
91e71725d4 Remove some obsolete references to <nixos> 2015-08-05 17:37:08 +02:00
Eelco Dolstra
bb38d9974b Update fallback Nix store paths 2015-08-05 14:34:57 +02:00
Eelco Dolstra
699ba71b50 nixos-install: Source the profile when running inside the chroot 2015-08-05 14:33:18 +02:00
Eelco Dolstra
d166c854b6 Add option system.stateVersion
This option requests compatibility with older NixOS releases with
respect to stateful data, in cases where new releases have defaults
that might be incompatible with system state of existing NixOS
deployments. For instance, if we change the default version of
PostgreSQL, existing deployments will break if the new version can't
read databases created by the old version.

So for example, setting

  system.stateVersion = "15.07";

requests that options like services.postgresql.package use defaults
corresponding to the 15.07 release branch. Note that
nixos-generate-config emits this option. (In the future, NixOps may
set system.stateVersion to the NixOS release in use when the machine
was created.)

See also #7939 for another motivating example.
2015-07-27 20:30:09 +02:00
Eelco Dolstra
b1623385d0 nixos-generate-config: Container improvements 2015-07-17 11:27:33 +02:00
Eelco Dolstra
fd06533def nixos-install: Don't barf if btrfs is missing 2015-07-13 17:55:49 +02:00
William A. Kennington III
08ff83eab3 nixos/btrfs: Fix parsing of btrfs subvolume show with btrfsprogs 4.1 2015-07-07 11:34:50 -07:00
Vladimír Čunát
0b68b92062 nixos i18n.consoleFont: choose a different default
Distros often choose Terminus as the default, and it supports some
non-ASCII characters that we use in config. Fixes #8107.
2015-06-09 20:13:42 +02:00
Eelco Dolstra
e98da673e4 nixos-checkout: Add nixpkgs-channels as a remote
This way, you can do things like

  git checkout channels/nixos-14.12

to get the latest tested and built version of NixOS.
2015-05-20 14:16:36 +02:00
Steven Shaw
2a8577d7fe Correct spelling 2015-05-03 19:15:03 +10:00
Domen Kožar
ff88f4bcda nixos-install: correctly detect stdin 2015-04-29 18:48:21 +02:00
Jookia
71910be9ea nixos-install: Fix chroot flag not defaulting to Bash outside NixOS.
Passing the chroot flag to nixos-install without arguments should now give you a
Bash shell as intended rather than try an empty path.

This was masked by the user's shell (usually /bin/bash) being defaulted to by
chroot, and being found since their paths used NixOS conventions.
2015-04-28 06:37:04 -04:00
Jookia
7b37a5f168 nixos-install: Fix password prompt failing outside NixOS.
When bootstrapping from other distributions, nixos-install is unable to find
various tools in the chroot since their paths aren't aware of NixOS conventions.

This makes a small change to existing code by specifying nixpkgs/nixos instead
of just nixos when running nix-instantiate in the chroot. I haven't tested this
outside of bootstrapping, but the same specification is used elsewhere in the
code so I don't see why it wouldn't work.
2015-04-28 06:34:47 -04:00
aszlig
df31a338dc
nixos-rebuild: Conditionally update channels.
This partially reverts commit 3a4fd0bfc6.

Addresses another concern by @edolstra that users might not want to
update *all* channels. We're now reverting to the old behaviour but
after updating the "nixos" channel, we just check whether the channel
ships with a file called ".update-on-nixos-rebuild" and if it exists, we
update that channel as well.

Other channels than these are not touched anymore.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 12:54:19 +02:00
aszlig
3a4fd0bfc6
nixos-rebuild: Update all channels of user root.
Should make it even easier to use custom channels, because whenever the
user does a "nixos-rebuild --upgrade", it will also upgrade possibly
used ("used" as in referenced in configuration.nix) channels besides
"nixos". And if you also ship a channel tied to a particular version of
nixpkgs or even remove the "nixos" channels, you won't run into
unexpected situations where the system is not updating your custom
channels.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2015-04-13 00:09:00 +02:00
Eelco Dolstra
a38f130126 Revert "Set stricter permissions on /nix/store"
This reverts commit 066758758e7c0768ff8da51d208cdae0f33b368c because
it breaks NixOS VM tests.
2015-04-07 15:10:41 +02:00
Domen Kožar
42c421adc3 Merge pull request #7180 from jagajaga/fix_generator
Fixing nixos-generate-config
2015-04-07 12:24:04 +02:00
Arseniy Seroka
b11f662617 fix https://github.com/NixOS/nixpkgs/issues/3560 2015-04-05 16:12:14 +03:00
lethalman
f72b0c43f6 Merge pull request #6762 from lethalman/nixos-install
nixos-install: support -j, --cores and --option. Closes #6755
2015-03-30 18:06:53 +02:00
Eelco Dolstra
224d0d5302 Set stricter permissions on /nix/store
The nixbld group doesn't need read permission, it only needs write and
execute permission.

(cherry picked from commit 066758758e7c0768ff8da51d208cdae0f33b368c)
2015-03-18 10:58:08 +01:00
Luca Bruno
fe6b0b15e6 nixos-install: support -j, --cores and --option. Closes #6755 2015-03-11 16:47:44 +00:00
Eelco Dolstra
a574065a81 nixos-rebuild: Add ‘dry-activate’ command
‘nixos-rebuild dry-activate’ builds the new configuration and then
prints what systemd services would be stopped, restarted etc. if the
configuration were actually activated. This could be extended later to
show other activation actions (like uids being deleted).

To prevent confusion, ‘nixos-rebuild dry-run’ has been renamed to
‘nixos-rebuild dry-build’.
2015-03-09 16:50:59 +01:00
Peter Simons
263a49be20 Merge pull request #5704 from eduarrrd/nixos-version
Add option to display git revision to nixos-version
2015-02-20 16:35:56 +01:00
Domen Kožar
b83433cdd1 Remove gui (see #6207), use nixui instead 2015-02-08 10:47:58 +01:00
Eelco Dolstra
53710c752a nixos-rebuild: Update fallback code to update Nix 2015-01-27 18:58:20 +01:00
Eelco Dolstra
b9c4569b6b nixos-install: Create /root with 700 permission 2015-01-15 18:37:55 +01:00
Eduard Bachmakov
86cd055477 Add option to display git revision to nixos-version
Example use case: git checkout `nixos-version --hash`
2014-12-27 21:43:04 +01:00
Domen Kožar
a4961f09f6 Merge pull request #5390 from abbradar/nixos-isntall
nixos-install: fix -I flag
2014-12-23 18:15:14 +01:00
Nicolas B. Pierron
6a7971bee7 Merge pull request #5416 from nbp/nixos-option-include
nixos-option: Support -I option
2014-12-21 15:11:11 -08:00
Nicolas B. Pierron
974edc5056 nixos-option: Use <nixpkgs/nixos> instead of <nixpkgs>. 2014-12-21 01:33:06 +01:00
Nicolas B. Pierron
82a5f54c0d nixos-option: Support -I option. 2014-12-20 20:30:19 +01:00
Nicolas B. Pierron
c9682a22ff nixos-option: Produce nicer error messages in case of typos. 2014-12-20 19:52:28 +01:00
Nicolas B. Pierron
640428d3c5 nixos-option: Handle 'attrsOf submodule' options. 2014-12-20 19:16:43 +01:00
Nicolas B. Pierron
cd2f7ce9f9 nixos-option: Improve error messages to avoid reporting internal location and traces. 2014-12-19 23:00:52 +01:00
Nicolas B. Pierron
b2abfe54b3 nixos-option: Print derivation outPath within attribute sets and list, when the strict mode is used. 2014-12-19 23:00:00 +01:00
Nicolas B. Pierron
9db6a84f0b nixos-option: Print the outPath of derivation for option values. 2014-12-19 22:33:24 +01:00
Nikolay Amiantov
22eb0e22d3 nixos-install: fix -I flag 2014-12-18 22:43:40 +03:00
Domen Kožar
432490e319 fix users.mutableUsers = false; install in iso
(cherry picked from commit 9bc8bcbbdcc7cac98686877f09315bb749627732)
Signed-off-by: Domen Kožar <domen@dev.si>
2014-12-18 12:18:49 +01:00
Eelco Dolstra
bed675f400 nixos-generate-config: Don't emit networking.hostId
Systemd already generates /etc/machine-id. So there is no need to
generate another unique host identifer.
2014-12-15 17:03:28 +01:00
Eelco Dolstra
0d3a229baa nixos-generate-config: Add time zone 2014-12-15 16:55:03 +01:00
aszlig
cf7f15c92c
nixos-install: Pass CA cert bundle to chroot.
Since we're using HTTPS for the binary cache (introduced in faf0797) by
default, the binary cache should also be available during installation.

The file that is defined in SSL_CERT_FILE outside of the chroot is
copied over to /tmp/ca-cert.crt inside the chroot, so we have an
absolute path we can reference during nixos-install. However, this might
end up with the file not being cleaned up properly from outside of the
store, but neither would be /tmp/root so the cleanup issue needs to be
solved in another place (or commit to be more exact).

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-12-12 03:03:14 +01:00
Eelco Dolstra
faf0797c0c Use https://cache.nixos.org 2014-12-09 13:38:46 +01:00
aszlig
444987193e
nixos: Rename virtualbox to virtualboxGuest.
Especially new users could be confused by this, so we're now marking
services.virtualbox.enable as obsolete and defaulting to
services.virtualboxGuest.enable instead. I believe this now makes it
clear, that this option is for guest additions only.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-11-27 18:42:22 +01:00
Bjørn Forsman
8835d932b1 nixos-generate-config: add 'lib' to module template
The NixOS manual says modules have the following signature:
 { config, lib, pkgs, ... }:

But our generated configuration.nix file lacks the 'lib' part. Add it.
2014-11-17 17:13:36 +01:00
Ricardo M. Correia
7a7bf8368e nixos-generate-config: Configure networking.hostId by default
The host id value gets generated by reading a 32-bit value from
/dev/urandom.

This makes programs that rely on a correct host id more reliable.

It also makes using ZFS more seamless, as you don't need to configure
the hostId manually; instead, it becomes part of your config from the
moment you install NixOS.
2014-11-12 22:31:50 +01:00
Aristid Breitkreuz
bda39ae4de remove unused parameter from nixos module that is causing trouble with nixops 1.2 2014-10-19 14:10:28 +02:00
Eelco Dolstra
05163e99db nixos-rebuild: Don't pass -K by default 2014-09-10 14:57:26 +02:00
Eelco Dolstra
1a9c27c092 Typo 2014-09-08 13:58:44 +02:00
Eelco Dolstra
585983bc95 Merge remote-tracking branch 'origin/staging'
Conflicts:
	pkgs/applications/version-management/subversion/default.nix
2014-09-08 11:42:09 +02:00
Domen Kožar
18d9904433 nixos-option: fixes as suggested by @nbp 2014-09-06 20:59:14 +02:00
Vladimír Čunát
06fea81c6e Merge recent master into staging
Hydra: ?compare=1150594
2014-09-06 16:52:45 +02:00
Luca Bruno
a1ded5c20e nixos-install: use absolute path when running passwd in chroot 2014-09-03 23:12:40 +02:00
Luca Bruno
59ad713288 nixos-install: set umask 0022 2014-09-03 23:12:40 +02:00
Domen Kožar
2e97c06999 nixos-option: enable all flags by default and make output a bit readable cc @nbp 2014-09-03 22:08:25 +02:00
William A. Kennington III
87b6232f3a nixos/generate-config: Don't interpret btrfs subvols as bind mounts 2014-09-02 09:16:13 -07:00
William A. Kennington III
7fae423522 nixos/generate-config: Support detecting nested subvolumes 2014-09-02 09:16:13 -07:00
William A. Kennington III
36614ff3e2 Revert "Revert "Merge pull request #2449 from wkennington/master.grub""
This reverts commit 94205f5f21.

Conflicts:
	nixos/modules/system/boot/loader/grub/install-grub.pl
2014-09-02 09:16:13 -07:00
Peter Simons
1c0d15b90e Merge branch 'origin/master' into staging.
Conflicts:
	pkgs/development/libraries/ffmpeg/2.x.nix
	pkgs/development/libraries/serf/default.nix
2014-09-02 12:31:03 +02:00
Michael Raskin
94205f5f21 Revert "Merge pull request #2449 from wkennington/master.grub"
This reverts commit 469f22d717, reversing
changes made to 0078bc5d8f.

Conflicts:
	nixos/modules/installer/tools/nixos-generate-config.pl
	nixos/modules/system/boot/loader/grub/install-grub.pl
	nixos/release.nix
	nixos/tests/installer.nix

I tried to keep apparently-safe code in conflicts.
2014-08-31 12:58:37 +04:00
Vladimír Čunát
e51f73652d Merge recent master into staging
Hydra: ?compare=1149952

Conflicts:
	nixos/doc/manual/configuration.xml (changed split file)
	nixos/modules/config/users-groups.nix (choosing filterNull instead of inline definition)
	pkgs/development/libraries/readline/readline6.3.nix (auto-solved)
2014-08-30 10:04:02 +02:00