This makes it so multiple definitions are merged by adding a newline
between each entry, to avoid the need to add a newline to the end of
every definition of extraModprobeConfig. See #119 for an example of an
issue this has caused.
Signed-off-by: Shea Levy <shea@shealevy.com>
The smartd used to expect a list of devices to monitor. After this patch, it
expects a list of attribute sets, which may have two attributes:
- device: path to the device (required)
- options: smartd options to apply to this particular device (optional)
A concrete example configuration would be:
services.smartd = {
enable = true;
devices = [ { device = "/dev/sda"; } { device = "/dev/sdb"; options = "-d sat"; } ];
};
Furthermore, the config option 'deviceOpts' can be used to configure options
that are applied to *every* device.
Enable it with
services.transmission.enable = true;
and optionally configure it
services.transmission.settings =
{
download-dir = "/srv/torrents/";
incomplete-dir = "/srv/torrents/.incomplete/";
incomplete-dir-enabled = true;
rpc-whitelist = "127.0.0.1,192.168.*.*";
# for users in group "transmission" to have access to torrents
umask = 2;
};
The above settings are written/merged into settings.json each time the
service is about to start.
In principle this could work, but the current remount logic in nix fails
to remount mountpoints that are root in their own filesystem (as would
be the case with bind-mounting a mountpoint over itself). nixos/nix#98
is aimed at fixing this.
Signed-off-by: Shea Levy <shea@shealevy.com>
Newer kernels (since torvalds/linux@abb139e75c) try to
read firmware directly from the filesystem before falling back to a
userspace helper (udev) if firmware cannot be found (in even newer
kernels, the fallback path can be disabled altogether). By default, only
certain paths in /lib/firmware* are searched, so this was initially not
helpful for NixOS.
Since torvalds/linux@2760284206 (which,
based on the commit message, was implemented just for NixOS, go us!),
though, an extra path can be dynamically prepended to the search path.
So do that, in three ways:
1. Pass a kernel command line option in case the module is built-in
2. Add a line to modprobe.conf in case the module isn't yet loaded by
activation-time
3. Add an activation script to set the option in /sys in case the module
is already loaded by activation-time.
man logind.conf clearly states that the header is [Login] (no 'd').
Without this fix services.logind.extraConfig does not take effect
because logind ignores the invalidly named section.
So that we can customize systemd-logind in configuration.nix.
Example:
services.logind.extraConfig = "HandleLidSwitch=ignore";
See man logind.conf for available options.
xf86videovmware[1].
Adds "vmware" to list of default options of
services.xerver.videoDrivers.
new default:
[ "ati" "cirrus" "intel" "vesa" "vmware" ]
old default:
[ "ati" "cirrus" "intel" "vesa" ]
[1] Pull request for xf86videovmware found at
https://github.com/NixOS/nixpkgs/pull/338.
The mongodb service runs as user mongodb, and therefore
the preStart-script has no permissions to set up mongodb
directories. This is solved by adding an initialisation
service that runs as root and just sets up the required
directories.
This reverts commit 2802538dc2. The idea
was good, but unfortunately $GDFONTPATH has a different format, i.e.
programs that use this variable don't descend into the directories
listed here like fontconfig does, so we cannot use the same values for
both settings.
Set the environment variable GDFONTPATH to the list of directories where fonts
are expected to be installed. This is search path is used by same GD-based
applications, such as Gnuplot.
Alternatively, we could rely on fontconfig to achieve the same thing, i.e. by
running
for n in $(fc-list | sed -r -e 's|^([^:]+):.*$|\1|'); do echo $(dirname "$n"); done | sort | uniq
to get that list at run-time, but the static approach feels more deterministic.
This provides a more convenient syntax and allows easier overriding.
For example,
environment.etc = singleton
{ target = "vconsole.conf";
source = vconsoleConf;
};
can now be written as
environment.etc."vconsole.conf".source = vconsoleConf;
Adding support for the kind of bootloader in raspberrypi. Disable grub,
disable generationsDir, enable boot.loader.raspberrypi.
Usual layout expected: /boot being the first vfat the board reads blobs from.
If the user tries to run a program that doesn't exist from Bash, the
program name is looked up in a database that maps to Nix package
names. If it is found, we print out a message like:
$ pdflatex
The program ‘pdflatex’ is currently not installed. It is provided by
several packages. You can install it by typing one of the following:
nix-env -i tetex
nix-env -i texlive-core
If the environment variable $NIX_AUTO_INSTALL is set, the command is
installed and executed automatically:
$ hello --version
The program ‘hello’ is currently not installed. It is provided by
the package ‘hello’, which I will now install for you.
installing `hello-2.8'
hello (GNU hello) 2.8
Copyright (C) 2011 Free Software Foundation, Inc. ...
To use this, you must currently manually put the SQLite programs
database in /var/lib/nixos/programs.sqlite. In the future, this file
should be provided as part of the NixOS channel so it gets updated
automatically. To get a test version:
$ curl http://nixos.org/~eelco/programs.sqlite.xz | xz -d > /var/lib/nixos/programs.sqlite
This reverts commit 683100666d.
Seems somebody (systemd? the kernel?) gets confused at power
events and remounts the filesystem containing /nix/store as
read-only.
Commit 37b56574e2 revealed that the code
to get regInfo from /proc/cmdline was broken. It only happened to
work because the kernel passes the command line to stage 1 through the
environment, so $regInfo was set anyway.
This is required to create a gschemas.compiled file with content
from all gschemas. Otherwise, gschemas.compiled will be taken
from a random package, and gsettings programs will not find what
they are looking for. I had to add this to get NetworkManager-applet
to work. You'll also have to add share/glib-2.0 to the pathsToLink
list.
Generating this in the activation script (along with gtk icons
etc), is not the nicest solution. But I have no real idea on
how to modularise it.
EC2 instances don't have a console, so it's pointless to start
emergency mode if a mount fails. (This happened to me with an
encrypted filesystem where the key wasn't sent on time using "charon
send-keys".) Better to cross fingers and continue booting.
This is necessary to prevent a race. Udev 197 has a new naming scheme
for network devices, so it will rename (say) eth0 to eno0. This fails
with "error changing net interface name eth0 to eno1: Device or
resource busy" if another process has opened the interface in the
meantime.
This reverts commit 1e741f1572b6793b861e2f9820015475ce339ae0 as it is
unnecessary according to @edolstra, because services.xserver.config from another
module will be merged into the configuration.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This is currently only a very simple implementation which just recurses a list
of heads that get chained together to the right of the corresponding previous
item of the list.
If I forgot about something in the already existing configuration options,
please let me know or if this commit is useless or a duplicate, feel free to
revert. But by looking at implementation before this commit, I only see zaphod
and/or quirky xinerama-like configuration options.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Starting an authenticated root shell is a security hole, so don't do
it by default. The kernel command line parameter
‘initrd.shell_on_fail’ restores the original. (Of course, this only
improves security if you have a password on GRUB to prevent the kernel
command line from being edited by unauthorized users.)
The 'memtest86' package didn't work on any of my machines. 'memtest86plus', on
the other hand, seems to work just fine. Does anyone know why we keep the
seemingly older version around still?
This is especially useful if you want to supply a default XRandR configuration,
where you need multiple "Monitor" sections in order to set properties for
specific CRTCs (if not running in zaphod mode).
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
The "S|s|single" option is handled by systemd (starting
rescue.target). And the rescue target basically removes the need for
a special debug shell. (Also, there is "systemd.crash_shell=1" for
starting a shell if systemd crashes.)
Also, symlink kbrequest.target to rescue.target as suggested by the
systemd.special manpage. This way, you can start a sulogin rescue
shell by pressing Alt+Up.
Restarting <interface>-cfg.service may cause the interface's IP
addresses to be flushed. If the default gateway goes through that
interface, then the default gateway is deleted. So we need to
restart network-setup.target.
This allows setting the max tcp window size for the route of
the default gateway (usually the internet access).
It works only for non-DHCP configurations by now.
To be honest, it's more like "be less discriminating against USB tablets".
USB tablets usually get autodetected, device name is not necessary and defaulting to a serial touchscreen is a clear discrimination.
Unconditionally remapping buttons is generally not a good idea either.
Old defaults transformed into examples.