philipp/nixpkgs
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity
%!d() commits 3 branches 0 tags 1.4 GiB
Commit graph

562 commits

Author SHA1 Message Date
Shea Levy d67d3b5b6a extraModprobeConfig: set type to types.lines 
This makes it so multiple definitions are merged by adding a newline
between each entry, to avoid the need to add a newline to the end of
every definition of extraModprobeConfig. See #119 for an example of an
issue this has caused.

Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-03-12 05:51:45 -04:00
Shea Levy f1d48aec43 Don't mount /nix/store ro if it's a mountpoint 
In principle this could work, but the current remount logic in nix fails
to remount mountpoints that are root in their own filesystem (as would
be the case with bind-mounting a mountpoint over itself). nixos/nix#98
is aimed at fixing this.

Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-03-08 10:42:34 -05:00
Shea Levy bc21ccc981 readonly-mountpoint: Remove unusued variable 2013-03-07 19:05:54 -05:00
Shea Levy 6d6d3d4228 readOnlyStore: Don't do a read-only bind-mount of an already read-only store. 
Signed-off-by: Shea Levy <shea@shealevy.com>
 2013-03-07 19:00:21 -05:00
Mathijs Kwik 09680dec6a read-only-store functionality should apply even when /nix/store is on a separate filesystem 2013-03-04 22:46:06 +01:00
Mathijs Kwik 134750f6ac gummiboot: fix typo 2013-03-04 22:46:06 +01:00
Mathijs Kwik e05a37d736 rename deprecated option 2013-03-04 22:46:06 +01:00
Bjørn Forsman ec2378f07b systemd-logind: fix config file header: [Logind] => [Login] 
man logind.conf clearly states that the header is [Login] (no 'd').
Without this fix services.logind.extraConfig does not take effect
because logind ignores the invalidly named section.
 2013-03-02 19:45:47 +01:00
Bjørn Forsman 08c9a0ad5e Add service.logind.extraConfig option 
So that we can customize systemd-logind in configuration.nix.

Example:
  services.logind.extraConfig = "HandleLidSwitch=ignore";

See man logind.conf for available options.
 2013-03-02 00:24:34 +01:00
Shea Levy 497aeabd23 systemd automatically mounts securityfs (if it's enabled) 2013-02-21 14:22:18 -05:00
Shea Levy 5f29704861 gummiboot-builder.py: Update to latest gummiboot 2013-02-21 12:40:33 -05:00
Shea Levy e80cfe7d2d gummiboot-builder.py: Not rewriting entries probably doesn't save much time, and is problematic in the case where you delete the latest generation before your rebuild 2013-02-19 20:47:23 -05:00
Shea Levy 6c6d40452f Stage 1 mounts securityfs, so require that in the kernel 2013-02-19 20:47:23 -05:00
Shea Levy 338ef594c7 Add boot.initrd.compressor option 2013-02-19 11:55:39 -05:00
Eelco Dolstra 18e8724e64 Log the configuration when booting / switching 2013-02-18 15:39:47 +01:00
Shea Levy 59a4df3159 Add websockify service 2013-02-14 21:50:41 -05:00
Shea Levy b669633d63 gummiboot-builder.py: Handle the case where there's no /etc/machine-id. 
Bug hit by add^_ in IRC when installing from the livecd, as there's no /mnt/etc/machine-id
 2013-02-12 10:47:52 -05:00
Eelco Dolstra 979117b6b8 Selectively allow /etc files to be disabled 
For instance, if you don't want NixOS to emit /etc/hosts, you
can say:

  environment.etc.hosts.enable = false;
 2013-02-03 14:28:18 +01:00
Eelco Dolstra 1daab1ebf5 environment.etc: Add convenience option 'text' 
This allows writing

  environment.etc.hosts.text = "127.0.0.1 localhost";

instead of

  environment.etc.hosts.source = pkgs.writeText "hosts" "127.0.0.1 localhost";
 2013-02-03 14:28:18 +01:00
Eelco Dolstra ab238804b8 Turn environment.etc into an attribute set 
This provides a more convenient syntax and allows easier overriding.

For example,

  environment.etc = singleton
    { target = "vconsole.conf";
      source = vconsoleConf;
    };

can now be written as

  environment.etc."vconsole.conf".source = vconsoleConf;
 2013-02-03 14:28:18 +01:00
Eelco Dolstra 73152e1702 etc.nix: Fix style 2013-02-03 14:28:17 +01:00
Shea Levy 36088abb39 gummiboot-builder: Only read /etc/machine-id once per invocation 2013-02-02 21:16:12 -05:00
Shea Levy d57df55566 gummiboot-builder: When NIXOS_INSTALL_GRUB is set and efibootmgr is used, prepend the gummiboot entry to the boot entries list 2013-02-02 21:10:09 -05:00
Shea Levy 3f37031c4f Merge branch 'gummiboot' into upstream-master 2013-02-02 00:04:31 -05:00
Shea Levy 02e209b139 Add gummiboot module. 
We should probably eventually get rid of the old direct boot stub approach.
 2013-02-02 00:03:45 -05:00
Eelco Dolstra 88e4569147 systemd: Allow whitespace in environment values 2013-02-01 13:40:44 +01:00
Lluís Batlle i Rossell 2c27a41686 Fixing the init= in raspberrypi loader. 2013-01-29 20:08:38 +01:00
Lluís Batlle i Rossell fe85f4be6c Adding an untested bootloader for raspberrypi 2013-01-28 20:58:46 +00:00
Lluís Batlle i Rossell 39ccd50896 Fixing the doublePatchelf in initrd; it should be for all ARM. 2013-01-27 20:42:45 +00:00
Rickard Nilsson 8fe8ab7097 switch-to-configuration.pl: Fix parsing of comments in fstab, hash-tokens inside strings are not comments. 2013-01-25 15:54:45 +01:00
Rickard Nilsson e32e501435 activation: Don't use double quotes in boot loader warning message, it messes up perl system call 2013-01-25 15:47:38 +01:00
Shea Levy 28cf26d674 Remove unneeded /nix/rw-store creation when using readOnlyStore 2013-01-24 20:50:28 -05:00
Eelco Dolstra 7464d850d3 Start a getty on tty1 again 2013-01-24 14:55:55 +01:00
Eelco Dolstra 6580588230 Set $HOME in stage-2 
http://hydra.nixos.org/build/3900294
 2013-01-23 20:16:33 +01:00
Eelco Dolstra 37b56574e2 stage-1: Clear environment before calling stage-2 
In particular, stage-1's LD_LIBRARY_PATH should not infect stage-2.
Reported by viric.
 2013-01-23 11:51:58 +01:00
Eelco Dolstra 2b8cb59399 Fix the fix of the description of the memtest86 option 2013-01-22 19:25:14 +01:00
Eelco Dolstra ca4f93d3ae stage-1: Don't create a log file in $out 2013-01-22 18:18:05 +01:00
Lluís Batlle i Rossell 64ffca1e06 Fixing the description of memtest86. It's not memtest86+. 
Noticed by abogani@freenode
 2013-01-22 16:32:51 +01:00
Eelco Dolstra 4068648563 Blacklist the cirrusfb kernel module 2013-01-22 13:30:45 +01:00
Shea Levy 82fb34f409 Upstart -> systemd 2013-01-21 18:14:09 -05:00
Eelco Dolstra f2c2b7ace9 Don't start emergency mode on EC2 instances 
EC2 instances don't have a console, so it's pointless to start
emergency mode if a mount fails.  (This happened to me with an
encrypted filesystem where the key wasn't sent on time using "charon
send-keys".)  Better to cross fingers and continue booting.
 2013-01-21 21:01:48 +01:00
Eelco Dolstra 1aaa726e75 Merge remote-tracking branch 'origin/systemd' 2013-01-21 12:45:50 +01:00
Eelco Dolstra 4d983d4955 Rename ‘system.build.systemd’ to ‘systemd.package’ 
This makes it cheaper to test a new systemd and is more consistent
with other modules.
 2013-01-16 13:17:57 +01:00
Eelco Dolstra ae4e94d9ac Rename ‘boot.systemd’ to ‘systemd’ 
Suggested by Mathijs Kwik.  ‘boot.systemd’ is a misnomer because
systemd affects more than just booting.  And it saves some typing.
 2013-01-16 12:33:18 +01:00
Evgeny Egorochkin 7e82b41220 LuksRoot: fix crypto module list. This one should finally work well. 2013-01-14 06:46:46 +02:00
Evgeny Egorochkin 6ecf2c3a28 LuksRoot: use generic aes module which loads platform-optimized modules automagically. 2013-01-14 05:12:20 +02:00
Evgeny Egorochkin 0f11519d45 LuksRoot: add more modules to load by default and let users add more or override the list. Added every module 
mentioned by most popular guides, benchmarks and discussions to make things just work.
 2013-01-13 12:44:16 +02:00
Evgeny Egorochkin 8c710b4f23 LuksRoot: mitigate DMA key recovery attacks by default. 2013-01-13 11:04:26 +02:00
Eelco Dolstra c7b427fbca Give our kernel parameters a common prefix ("boot.*") 2013-01-09 22:53:44 +01:00
Eelco Dolstra 93a7a32bab initrd: Don't enable the root shell by default 
Starting an authenticated root shell is a security hole, so don't do
it by default.  The kernel command line parameter
‘initrd.shell_on_fail’ restores the original.  (Of course, this only
improves security if you have a password on GRUB to prevent the kernel
command line from being edited by unauthorized users.)
 2013-01-09 22:53:44 +01:00