nixos: tmp on tmpfs option

/tmp cleaning is done by systemd rather than stage-2-init enableEmergencyMode moved from systemd to seperate module new option to mount tmp on tmpfs new option to enable additional units shipped with systemd
2014-07-25 14:05:57 -04:00 · 2014-07-25 14:05:57 -04:00 · 63d259df32
commit 63d259df32
parent 1cc6dc1984
6 changed files with 90 additions and 35 deletions
--- a/nixos/modules/module-list.nix
+++ b/nixos/modules/module-list.nix
@ -297,6 +297,7 @@
  ./services/x11/xserver.nix
  ./system/activation/activation-script.nix
  ./system/activation/top-level.nix
+  ./system/boot/emergency-mode.nix
  ./system/boot/kernel.nix
  ./system/boot/kexec.nix
  ./system/boot/loader/efi.nix
@ -312,6 +313,7 @@
  ./system/boot/stage-1.nix
  ./system/boot/stage-2.nix
  ./system/boot/systemd.nix
+  ./system/boot/tmp.nix
  ./system/etc/etc.nix
  ./system/upstart/upstart.nix
  ./tasks/cpu-freq.nix
--- a/nixos/modules/system/boot/emergency-mode.nix
+++ b/nixos/modules/system/boot/emergency-mode.nix
@ -0,0 +1,37 @@
+{ config, lib, ... }:
+
+with lib;
+
+{
+
+  ###### interface
+
+  options = {
+
+    systemd.enableEmergencyMode = mkOption {
+      default = true;
+      type = types.bool;
+      description = ''
+        Whether to enable emergency mode, which is an
+        <command>sulogin</command> shell started on the console if
+        mounting a filesystem fails.  Since some machines (like EC2
+        instances) have no console of any kind, emergency mode doesn't
+        make sense, and it's better to continue with the boot insofar
+        as possible.
+      '';
+    };
+
+  };
+
+  ###### implementation
+
+  config = {
+
+    systemd.additionalUpstreamSystemUnits = optionals
+      config.systemd.enableEmergencyMode [
+        "emergency.target" "emergency.service"
+      ];
+
+  };
+
+}
--- a/nixos/modules/system/boot/stage-2-init.sh
+++ b/nixos/modules/system/boot/stage-2-init.sh
@ -98,12 +98,6 @@ mkdir -m 0755 -p /etc/nixos
 rm -rf /var/run /var/lock
 rm -f /etc/{group,passwd,shadow}.lock

-if test -n "@cleanTmpDir@"; then
-    echo -n "cleaning \`/tmp'..."
-    find /tmp -maxdepth 1 -mindepth 1 -print0 | xargs -0r rm -rf --one-file-system
-    echo " done"
-fi
-

 # Also get rid of temporary GC roots.
 rm -rf /nix/var/nix/gcroots/tmp /nix/var/nix/temproots
--- a/nixos/modules/system/boot/stage-2.nix
+++ b/nixos/modules/system/boot/stage-2.nix
@ -17,7 +17,7 @@ let
    src = ./stage-2-init.sh;
    shellDebug = "${pkgs.bashInteractive}/bin/bash";
    isExecutable = true;
-    inherit (config.boot) devShmSize runSize cleanTmpDir;
+    inherit (config.boot) devShmSize runSize;
    inherit (config.nix) readOnlyStore;
    inherit (config.networking) useHostResolvConf;
    ttyGid = config.ids.gids.tty;
@ -26,8 +26,7 @@ let
        pkgs.utillinux
        pkgs.sysvtools
        pkgs.openresolv
-      ] ++ (optional config.boot.cleanTmpDir pkgs.findutils)
-      ++ optional config.nix.readOnlyStore readonlyMountpoint;
+      ] ++ optional config.nix.readOnlyStore readonlyMountpoint;
    postBootCommands = pkgs.writeText "local-cmds"
      ''
        ${config.boot.postBootCommands}
@ -81,15 +80,6 @@ in
        '';
      };

-      # FIXME: should replace this with something that uses systemd-tmpfiles.
-      cleanTmpDir = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Whether to delete all files in <filename>/tmp</filename> during boot.
-        '';
-      };
-
    };

  };
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@ -162,10 +162,7 @@ let
      "systemd-sysctl.service"
    ]

-    ++ optionals cfg.enableEmergencyMode [
-      "emergency.target"
-      "emergency.service"
-    ];
+    ++ cfg.additionalUpstreamSystemUnits;

  upstreamSystemWants =
    [ #"basic.target.wants"
@ -637,19 +634,6 @@ in
      '';
    };

-    systemd.enableEmergencyMode = mkOption {
-      default = true;
-      type = types.bool;
-      description = ''
-        Whether to enable emergency mode, which is an
-        <command>sulogin</command> shell started on the console if
-        mounting a filesystem fails.  Since some machines (like EC2
-        instances) have no console of any kind, emergency mode doesn't
-        make sense, and it's better to continue with the boot insofar
-        as possible.
-      '';
-    };
-
    systemd.tmpfiles.rules = mkOption {
      type = types.listOf types.str;
      default = [];
@ -692,6 +676,15 @@ in
      description = "Definition of systemd per-user socket units.";
    };

+    systemd.additionalUpstreamSystemUnits = mkOption {
+      default = [ ];
+      type = types.listOf types.str;
+      example = [ "debug-shell.service" "systemd-quotacheck.service" ];
+      description = ''
+        Additional units shipped with systemd that shall be enabled.
+      '';
+    };
+
  };


--- a/nixos/modules/system/boot/tmp.nix
+++ b/nixos/modules/system/boot/tmp.nix
@ -0,0 +1,39 @@
+{ config, lib, ... }:
+
+with lib;
+
+{
+
+  ###### interface
+
+  options = {
+
+    boot.cleanTmpDir = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Whether to delete all files in <filename>/tmp</filename> during boot.
+      '';
+    };
+
+    boot.tmpOnTmpfs = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+         Whether to mount a tmpfs on <filename>/tmp</filename> during boot.
+      '';
+    };
+
+  };
+
+  ###### implementation
+
+  config = {
+
+    systemd.additionalUpstreamSystemUnits = optional config.boot.tmpOnTmpfs "tmp.mount";
+
+    systemd.tmpfiles.rules = optional config.boot.cleanTmpDir "D! /tmp 1777 root root";
+
+  };
+
+}