2009-01-02 16:06:46 +00:00
|
|
|
# generate the script used to activate the configuration.
|
2014-04-14 15:26:48 +01:00
|
|
|
{ config, lib, pkgs, ... }:
|
2010-09-13 16:41:38 +01:00
|
|
|
|
2014-04-14 15:26:48 +01:00
|
|
|
with lib;
|
2009-01-02 16:06:46 +00:00
|
|
|
|
|
|
|
|
let
|
|
|
|
|
|
2009-05-20 02:35:46 +01:00
|
|
|
addAttributeName = mapAttrs (a: v: v // {
|
2010-09-13 16:41:38 +01:00
|
|
|
text = ''
|
|
|
|
|
#### Activation script snippet ${a}:
|
2018-08-06 00:15:14 +01:00
|
|
|
_localstatus=0
|
2010-09-13 16:41:38 +01:00
|
|
|
${v.text}
|
2018-08-06 00:15:14 +01:00
|
|
|
|
|
|
|
|
if (( _localstatus > 0 )); then
|
|
|
|
|
printf "Activation script snippet '%s' failed (%s)\n" "${a}" "$_localstatus"
|
|
|
|
|
fi
|
2009-05-27 10:40:55 +01:00
|
|
|
'';
|
2010-09-13 16:41:38 +01:00
|
|
|
});
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2021-09-03 16:18:07 +01:00
|
|
|
systemActivationScript = set: onlyDry: let
|
2021-09-12 10:34:13 +01:00
|
|
|
set' = mapAttrs (_: v: if isString v then (noDepEntry v) // { supportsDryActivation = false; } else v) set;
|
2021-09-03 16:18:07 +01:00
|
|
|
withHeadlines = addAttributeName set';
|
2021-09-12 10:34:13 +01:00
|
|
|
# When building a dry activation script, this replaces all activation scripts
|
|
|
|
|
# that do not support dry mode with a comment that does nothing. Filtering these
|
|
|
|
|
# activation scripts out so they don't get generated into the dry activation script
|
|
|
|
|
# does not work because when an activation script that supports dry mode depends on
|
|
|
|
|
# an activation script that does not, the dependency cannot be resolved and the eval
|
|
|
|
|
# fails.
|
|
|
|
|
withDrySnippets = mapAttrs (a: v: if onlyDry && !v.supportsDryActivation then v // {
|
|
|
|
|
text = "#### Activation script snippet ${a} does not support dry activation.";
|
|
|
|
|
} else v) withHeadlines;
|
2021-09-03 16:18:07 +01:00
|
|
|
in
|
|
|
|
|
''
|
|
|
|
|
#!${pkgs.runtimeShell}
|
|
|
|
|
|
|
|
|
|
systemConfig='@out@'
|
|
|
|
|
|
|
|
|
|
export PATH=/empty
|
|
|
|
|
for i in ${toString path}; do
|
|
|
|
|
PATH=$PATH:$i/bin:$i/sbin
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
_status=0
|
|
|
|
|
trap "_status=1 _localstatus=\$?" ERR
|
|
|
|
|
|
|
|
|
|
# Ensure a consistent umask.
|
|
|
|
|
umask 0022
|
|
|
|
|
|
2021-09-12 10:34:13 +01:00
|
|
|
${textClosureMap id (withDrySnippets) (attrNames withDrySnippets)}
|
2021-09-03 16:18:07 +01:00
|
|
|
|
|
|
|
|
'' + optionalString (!onlyDry) ''
|
|
|
|
|
# Make this configuration the current configuration.
|
|
|
|
|
# The readlink is there to ensure that when $systemConfig = /system
|
|
|
|
|
# (which is a symlink to the store), /run/current-system is still
|
|
|
|
|
# used as a garbage collection root.
|
|
|
|
|
ln -sfn "$(readlink -f "$systemConfig")" /run/current-system
|
|
|
|
|
|
|
|
|
|
# Prevent the current configuration from being garbage-collected.
|
2022-01-20 18:16:30 +00:00
|
|
|
mkdir -p /nix/var/nix/gcroots
|
2021-09-03 16:18:07 +01:00
|
|
|
ln -sfn /run/current-system /nix/var/nix/gcroots/current-system
|
|
|
|
|
|
|
|
|
|
exit $_status
|
|
|
|
|
'';
|
|
|
|
|
|
2016-09-06 16:14:50 +01:00
|
|
|
path = with pkgs; map getBin
|
|
|
|
|
[ coreutils
|
|
|
|
|
gnugrep
|
|
|
|
|
findutils
|
2018-03-24 20:33:47 +00:00
|
|
|
getent
|
2018-10-31 12:00:04 +00:00
|
|
|
stdenv.cc.libc # nscd in update-users-groups.pl
|
2016-09-06 16:14:50 +01:00
|
|
|
shadow
|
|
|
|
|
nettools # needed for hostname
|
2020-11-24 15:29:28 +00:00
|
|
|
util-linux # needed for mount and mountpoint
|
2009-05-27 10:40:55 +01:00
|
|
|
];
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2021-09-03 16:18:07 +01:00
|
|
|
scriptType = withDry: with types;
|
2020-10-26 12:33:12 +00:00
|
|
|
let scriptOptions =
|
|
|
|
|
{ deps = mkOption
|
|
|
|
|
{ type = types.listOf types.str;
|
|
|
|
|
default = [ ];
|
|
|
|
|
description = "List of dependencies. The script will run after these.";
|
|
|
|
|
};
|
|
|
|
|
text = mkOption
|
|
|
|
|
{ type = types.lines;
|
|
|
|
|
description = "The content of the script.";
|
|
|
|
|
};
|
2021-09-03 16:18:07 +01:00
|
|
|
} // optionalAttrs withDry {
|
|
|
|
|
supportsDryActivation = mkOption
|
|
|
|
|
{ type = types.bool;
|
|
|
|
|
default = false;
|
|
|
|
|
description = ''
|
|
|
|
|
Whether this activation script supports being dry-activated.
|
|
|
|
|
These activation scripts will also be executed on dry-activate
|
|
|
|
|
activations with the environment variable
|
|
|
|
|
<literal>NIXOS_ACTION</literal> being set to <literal>dry-activate
|
|
|
|
|
</literal>. it's important that these activation scripts don't
|
|
|
|
|
modify anything about the system when the variable is set.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2020-10-26 12:33:12 +00:00
|
|
|
};
|
|
|
|
|
in either str (submodule { options = scriptOptions; });
|
|
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
in
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
{
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
###### interface
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
options = {
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
system.activationScripts = mkOption {
|
|
|
|
|
default = {};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2021-10-03 17:06:03 +01:00
|
|
|
example = literalExpression ''
|
2020-10-26 12:33:12 +00:00
|
|
|
{ stdio.text =
|
|
|
|
|
'''
|
|
|
|
|
# Needed by some programs.
|
|
|
|
|
ln -sfn /proc/self/fd /dev/fd
|
|
|
|
|
ln -sfn /proc/self/fd/0 /dev/stdin
|
|
|
|
|
ln -sfn /proc/self/fd/1 /dev/stdout
|
|
|
|
|
ln -sfn /proc/self/fd/2 /dev/stderr
|
|
|
|
|
''';
|
2015-07-04 07:53:26 +01:00
|
|
|
}
|
|
|
|
|
'';
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
description = ''
|
2013-10-23 15:59:15 +01:00
|
|
|
A set of shell script fragments that are executed when a NixOS
|
|
|
|
|
system configuration is activated. Examples are updating
|
|
|
|
|
/etc, creating accounts, and so on. Since these are executed
|
|
|
|
|
every time you boot the system or run
|
|
|
|
|
<command>nixos-rebuild</command>, it's important that they are
|
|
|
|
|
idempotent and fast.
|
2010-09-13 16:41:38 +01:00
|
|
|
'';
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2021-09-03 16:18:07 +01:00
|
|
|
type = types.attrsOf (scriptType true);
|
|
|
|
|
apply = set: set // {
|
|
|
|
|
script = systemActivationScript set false;
|
2010-09-13 16:41:38 +01:00
|
|
|
};
|
2018-10-04 04:57:18 +01:00
|
|
|
};
|
|
|
|
|
|
2021-09-03 16:18:07 +01:00
|
|
|
system.dryActivationScript = mkOption {
|
|
|
|
|
description = "The shell script that is to be run when dry-activating a system.";
|
|
|
|
|
readOnly = true;
|
|
|
|
|
internal = true;
|
|
|
|
|
default = systemActivationScript (removeAttrs config.system.activationScripts [ "script" ]) true;
|
2021-12-05 21:06:49 +00:00
|
|
|
defaultText = literalDocBook "generated activation script";
|
2021-09-03 16:18:07 +01:00
|
|
|
};
|
|
|
|
|
|
2018-10-04 04:57:18 +01:00
|
|
|
system.userActivationScripts = mkOption {
|
|
|
|
|
default = {};
|
|
|
|
|
|
2021-10-03 17:06:03 +01:00
|
|
|
example = literalExpression ''
|
2018-10-04 04:57:18 +01:00
|
|
|
{ plasmaSetup = {
|
|
|
|
|
text = '''
|
2021-11-26 00:16:07 +00:00
|
|
|
''${pkgs.libsForQt5.kservice}/bin/kbuildsycoca5"
|
2018-10-04 04:57:18 +01:00
|
|
|
''';
|
|
|
|
|
deps = [];
|
|
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
description = ''
|
|
|
|
|
A set of shell script fragments that are executed by a systemd user
|
|
|
|
|
service when a NixOS system configuration is activated. Examples are
|
|
|
|
|
rebuilding the .desktop file cache for showing applications in the menu.
|
|
|
|
|
Since these are executed every time you run
|
|
|
|
|
<command>nixos-rebuild</command>, it's important that they are
|
|
|
|
|
idempotent and fast.
|
|
|
|
|
'';
|
|
|
|
|
|
2021-09-03 16:18:07 +01:00
|
|
|
type = with types; attrsOf (scriptType false);
|
2018-10-04 04:57:18 +01:00
|
|
|
|
|
|
|
|
apply = set: {
|
|
|
|
|
script = ''
|
|
|
|
|
unset PATH
|
|
|
|
|
for i in ${toString path}; do
|
|
|
|
|
PATH=$PATH:$i/bin:$i/sbin
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
_status=0
|
|
|
|
|
trap "_status=1 _localstatus=\$?" ERR
|
|
|
|
|
|
|
|
|
|
${
|
|
|
|
|
let
|
|
|
|
|
set' = mapAttrs (n: v: if isString v then noDepEntry v else v) set;
|
|
|
|
|
withHeadlines = addAttributeName set';
|
|
|
|
|
in textClosureMap id (withHeadlines) (attrNames withHeadlines)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exit $_status
|
|
|
|
|
'';
|
|
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2016-01-19 17:11:36 +00:00
|
|
|
environment.usrbinenv = mkOption {
|
|
|
|
|
default = "${pkgs.coreutils}/bin/env";
|
2021-10-03 17:06:03 +01:00
|
|
|
defaultText = literalExpression ''"''${pkgs.coreutils}/bin/env"'';
|
|
|
|
|
example = literalExpression ''"''${pkgs.busybox}/bin/env"'';
|
2016-01-19 17:11:36 +00:00
|
|
|
type = types.nullOr types.path;
|
|
|
|
|
visible = false;
|
|
|
|
|
description = ''
|
|
|
|
|
The env(1) executable that is linked system-wide to
|
|
|
|
|
<literal>/usr/bin/env</literal>.
|
|
|
|
|
'';
|
|
|
|
|
};
|
2010-09-13 16:41:38 +01:00
|
|
|
};
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
###### implementation
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
config = {
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2018-02-07 16:58:21 +00:00
|
|
|
system.activationScripts.stdio = ""; # obsolete
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
system.activationScripts.var =
|
|
|
|
|
''
|
|
|
|
|
# Various log/runtime directories.
|
2009-05-27 10:40:55 +01:00
|
|
|
|
2010-09-13 16:41:38 +01:00
|
|
|
mkdir -m 1777 -p /var/tmp
|
2009-09-26 11:27:47 +01:00
|
|
|
|
2016-09-07 09:41:56 +01:00
|
|
|
# Empty, immutable home directory of many system accounts.
|
|
|
|
|
mkdir -p /var/empty
|
2016-09-06 16:14:50 +01:00
|
|
|
# Make sure it's really empty
|
2016-09-21 09:29:04 +01:00
|
|
|
${pkgs.e2fsprogs}/bin/chattr -f -i /var/empty || true
|
2016-09-07 09:41:56 +01:00
|
|
|
find /var/empty -mindepth 1 -delete
|
|
|
|
|
chmod 0555 /var/empty
|
2016-10-09 11:01:47 +01:00
|
|
|
chown root:root /var/empty
|
2016-09-21 09:29:04 +01:00
|
|
|
${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true
|
2010-09-13 16:41:38 +01:00
|
|
|
'';
|
|
|
|
|
|
2016-01-19 17:11:36 +00:00
|
|
|
system.activationScripts.usrbinenv = if config.environment.usrbinenv != null
|
|
|
|
|
then ''
|
2012-03-12 10:41:39 +00:00
|
|
|
mkdir -m 0755 -p /usr/bin
|
2016-01-19 17:11:36 +00:00
|
|
|
ln -sfn ${config.environment.usrbinenv} /usr/bin/.env.tmp
|
2012-03-12 10:41:39 +00:00
|
|
|
mv /usr/bin/.env.tmp /usr/bin/env # atomically replace /usr/bin/env
|
2016-01-19 17:11:36 +00:00
|
|
|
''
|
|
|
|
|
else ''
|
|
|
|
|
rm -f /usr/bin/env
|
2020-02-02 14:29:40 +00:00
|
|
|
rmdir --ignore-fail-on-non-empty /usr/bin /usr
|
2010-09-13 16:41:38 +01:00
|
|
|
'';
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2016-09-26 01:00:41 +01:00
|
|
|
system.activationScripts.specialfs =
|
2012-05-17 20:33:55 +01:00
|
|
|
''
|
2016-08-27 11:29:38 +01:00
|
|
|
specialMount() {
|
|
|
|
|
local device="$1"
|
|
|
|
|
local mountPoint="$2"
|
|
|
|
|
local options="$3"
|
|
|
|
|
local fsType="$4"
|
|
|
|
|
|
2016-09-17 11:53:12 +01:00
|
|
|
if mountpoint -q "$mountPoint"; then
|
2016-09-26 00:54:45 +01:00
|
|
|
local options="remount,$options"
|
|
|
|
|
else
|
|
|
|
|
mkdir -m 0755 -p "$mountPoint"
|
|
|
|
|
fi
|
2016-09-17 11:53:12 +01:00
|
|
|
mount -t "$fsType" -o "$options" "$device" "$mountPoint"
|
2016-08-27 11:29:38 +01:00
|
|
|
}
|
|
|
|
|
source ${config.system.build.earlyMountScript}
|
2012-05-17 20:33:55 +01:00
|
|
|
'';
|
|
|
|
|
|
2018-10-04 04:57:18 +01:00
|
|
|
systemd.user = {
|
|
|
|
|
services.nixos-activation = {
|
2019-09-16 15:49:33 +01:00
|
|
|
description = "Run user-specific NixOS activation";
|
2018-10-04 04:57:18 +01:00
|
|
|
script = config.system.userActivationScripts.script;
|
|
|
|
|
unitConfig.ConditionUser = "!@system";
|
|
|
|
|
serviceConfig.Type = "oneshot";
|
2021-02-15 23:09:30 +00:00
|
|
|
wantedBy = [ "default.target" ];
|
2018-10-04 04:57:18 +01:00
|
|
|
};
|
|
|
|
|
};
|
2009-05-27 10:40:55 +01:00
|
|
|
};
|
2011-09-14 19:20:50 +01:00
|
|
|
|
2009-01-02 16:06:46 +00:00
|
|
|
}
|
