Commit Graph

226 Commits

Author SHA1 Message Date
Joachim Fasting
c27eeeafd9
brltty service: wait for devices to settle
Otherwise it starts way too early, only to fail and having to restart
until devices are available.  It is less wasteful to simply wait until
there's a reasonable chance of success.  This is consistent with
upstream.
2016-12-18 12:42:14 +01:00
Linus Heckemann
689d8349aa amd-hybrid-graphics: fix race condition 2016-12-17 10:38:12 +00:00
Nikolay Amiantov
382047a135 sane service: support remote scanners 2016-11-20 19:09:03 +03:00
Nikolay Amiantov
65f9341370 sane service: add saned support 2016-11-20 19:09:02 +03:00
Emery Hemingway
b675619391 nixos: use types.lines for extraConfig 2016-10-23 19:41:43 +02:00
Bram Duvigneau
f1d45add3b brltty: 5.2 -> 5.4 2016-10-22 22:03:45 +00:00
Joachim F
7e80c42b0e Merge pull request #18511 from ericsagnes/feat/remove-optionSet
modules: optionSet -> submodule
2016-10-01 17:57:45 +02:00
Eelco Dolstra
75a1ec8a65 NixOS: Use runCommand instead of mkDerivation in a few places 2016-09-29 13:05:28 +02:00
Eric Sagnes
495a24d912 brscan4 module: optionSet -> submodule 2016-09-13 12:53:09 +09:00
Nikolay Amiantov
6b41f1132c nixos treewide: don't set MODULE_DIR 2016-08-19 17:56:54 +03:00
Nikolay Amiantov
5ff6e98486 modprobe service: drop kmod wrapper 2016-08-19 17:56:49 +03:00
Shea Levy
9adad8612b Revert "Merge branch 'modprobe-fix' of git://github.com/abbradar/nixpkgs"
Was meant to go into staging, sorry

This reverts commit 57b2d1e9b0, reversing
changes made to 760b2b9048.
2016-08-15 19:05:52 -04:00
Nikolay Amiantov
1f63958772 nixos treewide: don't set MODULE_DIR 2016-08-16 00:19:25 +03:00
Nikolay Amiantov
b2ebecd9e5 modprobe service: drop kmod wrapper 2016-08-16 00:19:25 +03:00
Nikolay Amiantov
00a4613563 Merge pull request #16681 from Aske/tlp-restart
tlp service: add restart on config change
2016-07-03 23:56:41 +04:00
aske
1ea9d71e08 tlp service: add restart on config change 2016-07-03 22:45:54 +03:00
Nikolay Amiantov
0056f5a6d4 tlp service: disable builtin power management 2016-07-03 20:22:35 +03:00
aszlig
9720e16adc
nixos/pcscd: Improve and clean up module
So far the module only allowed for the ccid driver, but there are a lot
of other PCSC driver modules out there, so let's add an option called
"plugins", which boils down to a store path that links together all the
paths specified.

We don't need to create stuff in /var/lib/pcsc anymore, because we
patched pcsclite to allow setting PCSCLITE_HP_DROPDIR.

Another new option is readerConfig, which is especially useful for
non-USB readers that aren't autodetected.

The systemd service now is no longer Type=forking, because we're now
passing the -f (foreground) option to pcscd.

Tested against a YubiKey 4, SCR335 and a REINER SCT USB reader.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Cc: @wkennington
2016-06-04 16:39:19 +02:00
Nikolay Amiantov
cd5dd9f82e udev service: fix packages' paths 2016-05-14 05:12:52 +03:00
Tuomas Tynkkynen
aadaa91379 Merge remote-tracking branch 'upstream/master' into staging
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
2016-05-03 23:12:48 +03:00
Raymond Gauthier
758e8bd1a1 brscan4: init at 0.4.3-3
A sane backend for recent brother scanners.

Depends on the presence of etc files generated by the
nixos module of the same name.

Supports network scanner specification through the
nixos module.
2016-05-01 14:42:25 -04:00
Nikolay Amiantov
16bdef1350 bluetooth service: fix w.r.t. multiple outputs 2016-04-27 13:48:06 +03:00
Vladimír Čunát
09af15654f Merge master into closure-size
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
2016-03-08 09:58:19 +01:00
zimbatm
93a0306e79 sane module: add more documentation
Imported from https://nixos.org/wiki/Scanners
2016-02-25 19:36:46 +00:00
Eelco Dolstra
cacf2d063e Merge pull request #13059 from abbradar/udev-local-priority
Make local udev rules higher prioritized
2016-02-23 16:41:47 +01:00
Nikolay Amiantov
32df5ed4c2 udev service: make local rules apply after all others 2016-02-23 15:17:24 +03:00
Vladimír Čunát
d039c87984 Merge branch 'master' into closure-size 2016-02-14 08:33:51 +01:00
Robin Gloster
648e596c5f Merge pull request #12683 from heydojo/bluetooth--plasma5
kde5 bluedevil plasmoid : enable bluez5 bluetooth functionality
2016-02-12 13:49:54 +01:00
Nikolay Amiantov
8ade67e8c1 Merge pull request #12797 from abbradar/udev-reload
udev service: restart on rules change
2016-02-06 18:57:24 +03:00
aszlig
b060d70d7f
nixos/udev: Fix printing impure FHS paths
The test only checked for existence of the rule file in the output path
of the rulefile generator.

However, we also need to check whether the basename of the file is also
the one we're currently searching for.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-05 15:31:04 +01:00
aszlig
c10a17a3eb
nixos/udev: Always fail if rules contain FHS paths
Partially reverts the following commits:

  9f2a61c59c
  9c13fe6604

As @edolstra pointed out, it would make more sense to do this by default
instead of having that allowImpurePaths option. This of course might
break systems which add extra packages to udev, but on the upside it's
hard to miss one of these paths now because it won't get buried in the
ocean of build output lines.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 16:40:41 +01:00
aszlig
9f2a61c59c
nixos/udev: Add an option to fail on FHS paths
So far we were merely printing a warning if there are still references
to (/usr)/s?bin, but we actually want to make sure that we fix those
paths, especially on updates of packages that come with udev rules.

This adds a new option allowImpurePaths, which when set to false will
cause the "udev-rules" derivation to fail.

I've set this to true by default, to not break existing systems too much
and the intention is to set it to false for a few NixOS VM tests.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig
80983bbe54
nixos/udev: Provide a better warning for FHS paths
We were trying to find FHS references in all of the rules found in
services.udev.packages. Unfortunately we're still fixing up paths in the
same derivation where we are checking those references, so for example
references to /sbin/modprobe were still printed to be needed to fixup
even though they were already fixed at the time.

So now we're printing a more helpful warning message which is also
conditional (before the warning message was printed regardless of
whether there are any rules that need fixup) and is based off the rules
that were already fixed up.

The new warning message not only contains the build-local rule files but
also the original files from other store paths and the FHS path
references that were still found.

With 8ecd3a5e1d reverted, we now get this:

/nix/store/...-udev-rules/63-md-raid-arrays.rules (originally from
 /nix/store/...-mdadm-3.3.4/lib/udev/rules.d/63-md-raid-arrays.rules)
 contains references to /usr/bin/readlink and /usr/bin/basename.

Which is now more accurate to what is not yet fixed and where it's
coming from.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2016-02-03 15:48:52 +01:00
aszlig
ee68bdc42e
nixos/udev: Fix up readlink and basename as well
In 8ecd3a5, we fixed up the FHS paths for stage 1, but unfortunately we
have a similar udev rules generator twice one for the initrd and one
without. So we might need to refactor this in the future.

For now, let's just fix the references to readlink and basename in the
udev module as well until we have properly addressed this.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #12722
2016-02-03 15:45:37 +01:00
Eelco Dolstra
20b54bd989 Merge pull request #12724 from abbradar/udev-hwdb
udev service: generate hwdb database from all udev packages
2016-02-03 14:24:11 +01:00
Nikolay Amiantov
6b5f90a1a1 udev service: restart on rules change 2016-02-03 15:44:43 +03:00
Nikolay Amiantov
7330bfe464 udev service: generate proper hwdb database 2016-02-01 14:09:49 +03:00
Tony White
ddfb660f7b kde5 bluedevil plasmoid : enable bluez5 bluetooth functionality
- Fixed a bug in bluedevil (link to a .js file)
    - Made bluez5 the default bluetooth service except for kde4
    - created org.bluez.obex systemd dbus service
    - Patched bluez5 using bluez-5.37-obexd_without_systemd-1.patch
    in order to enable obex when using either the bluedevil plasmoid
    or dolpin file manager within plasma workspaces 5.

    The functionality was tested using a Sony Xperia Z, the machine
    and the handset paired  and two different files were sent in both
    directions successfully.
2016-01-29 22:08:42 +00:00
koral
93e17506ee Rewrite acpid module in a more generic way 2016-01-21 20:08:14 +01:00
Vladimír Čunát
716aac2519 Merge branch 'staging' into closure-size 2016-01-19 09:55:31 +01:00
Robin Gloster
101125d184 Merge pull request #12441 from k0ral/acpid
Add volume and cd events to acpid configuration
2016-01-17 21:57:58 +01:00
Thomas Strobel
a04a7272aa Add missing 'type', 'defaultText' and 'literalExample' in module definitions
- add missing types in module definitions
- add missing 'defaultText' in module definitions
- wrap example with 'literalExample' where necessary in module definitions
2016-01-17 19:41:23 +01:00
koral
9327982486 Add volume and cd events to acpid configuration 2016-01-17 13:04:54 +01:00
Aristid Breitkreuz
9c92faf370 Merge pull request #12133 from dwe11er/new-package/irqbalance
irqbalance: init at 1.1.0
2016-01-10 21:06:50 +01:00
Marcin Falkiewicz
7636359c89 irqbalance: init at 1.1.0 2016-01-08 12:37:43 +01:00
Robin Gloster
88292fdf09 jobs -> systemd.services 2016-01-07 06:39:06 +00:00
Tobias Geerinckx-Rice
99075fb402 saneBackends{,Git} -> sane-backends{,-git}
Fixes xsane evaluation.
2016-01-03 03:31:38 +01:00
Domen Kožar
8225e1b1c1 Merge pull request #12086 from bmorphism/master
thinkfan levels option to control actuation points
2016-01-02 10:56:37 +01:00
Barton Yadlowski
d732a7f5c5 thinkfan levels option to control actuation points 2016-01-02 04:49:58 -05:00
Vladimír Čunát
f9f6f41bff Merge branch 'master' into closure-size
TODO: there was more significant refactoring of qtbase and plasma 5.5
on master, and I'm deferring pointing to correct outputs to later.
2015-12-31 09:53:02 +01:00
Nikolay Amiantov
0d7c0efa7d udisks2: fix udev rules file (close #11743)
This properly hides system partitions (like EFI or Windows recovery) from UDisks.
2015-12-22 08:09:34 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
Nikolay Amiantov
ae7ff02081 tlp: use module_init_tools, avoid recompilation for nixos 2015-12-05 00:54:09 +03:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Jan Malakhovski
95a723d516 nixos: add actkbd package to environment in actkbd module 2015-11-12 21:05:07 +00:00
Nikolay Amiantov
23845d7084 tlp: add x86_energy_perf_policy, refactor 2015-11-09 17:29:59 +03:00
Nikolay Amiantov
452dbfd288 nixos/tlp: workaround early build trigger 2015-11-05 16:22:10 +03:00
Tuomas Tynkkynen
fab7d6ea69 nixos/upower: Reference correct output of glib 2015-10-28 10:17:08 +01:00
Vladimír Čunát
b44d846990 udev: complete rework
- systemd puts all into one output now (except for man),
  because I wasn't able to fix all systemd/udev refernces
  for NixOS to work well
- libudev is now by default *copied* into another path,
  which is what most packages will use as build input :-)
- pkgs.udev = [ libudev.out libudev.dev ]; because there are too many
  references that just put `udev` into build inputs (to rewrite them all),
  also this made "${udev}/foo" fail at *evaluation* time
  so it's easier to catch and change to something more specific
2015-10-04 10:03:53 +02:00
Vladimír Čunát
5227fb1dd5 Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
Eelco Dolstra
89e983786a Manual: Remove store path references 2015-09-24 11:50:58 +02:00
Bram Duvigneau
18acb80b82 Brltty service: simplified systemd service definition, now it matches
the
variant that has been developed upstream. Now the BRLTTY service comes up reliably on boot.
2015-09-09 22:40:12 +02:00
Eelco Dolstra
3ebe5f802b Remove references to /root/test-firmware
This is no longer supported by systemd.
2015-09-07 22:55:16 +02:00
Tobias Geerinckx-Rice
fa3d7ea77b nixos: freefall module: add package option
...and tidy up some of my old cargo-culted code.
2015-09-06 23:50:02 +02:00
Eelco Dolstra
9c61317002 Put all firmware in $out/lib/firmware
This way, hardware.firmware can be a list of packages.
2015-08-25 00:40:34 +02:00
Tobias Geerinckx-Rice
c22c874aeb nixos: freefall service: run ASAP 2015-08-04 19:48:08 +02:00
Thomas Strobel
6193f5260c tcsd module: adjust default value of kernelPCRs 2015-08-02 22:55:45 +02:00
Arseniy Seroka
b563775994 Merge pull request #9077 from ts468/upstream.tcsd
tcsd module: expose firmwarePCRs and kernelPCRs
2015-08-02 03:47:06 +03:00
Thomas Strobel
aa63d4299f tcsd module: expose firmwarePCRs and kernelPCRs 2015-08-01 16:56:06 +02:00
Eelco Dolstra
dc62669335 Set ‘allowSubstitutes = false’ on various derivations
This reduces the number of binary cache requests. See
b64988bb35.
2015-07-09 15:10:37 +02:00
devhell
6befeb6818 udisks2 service: Fix ExecStart path
It seems that with the latest update to `udisks2`, the ExecStart path
for the daemon changed from `/lib/udisks2` to `/libexec/udisks2`. This
commit reflects that change for our purposes.
2015-07-05 19:36:26 +01:00
Vladimír Čunát
b7c3c25218 fix ${udev} references (and a few others) 2015-05-05 11:52:08 +02:00
Bram Duvigneau
9a535b9023 Added BRLTTY package 2015-04-29 23:02:09 +02:00
Jan Malakhovski
57ab189e78 nixos: add actkbd module and sound.enableMediaKeys option 2015-04-20 17:11:19 +00:00
Franz Pletz
16d25f4fa6 Check if /proc/sys/kernel/hotplug exists before writing
If a kernel without CONFIG_UEVENT_HELPER set is used with NixOS, the file
/proc/sys/kernel/hotplug does not exist. Before writing to it to disable
this deprecated mechanism, we have to ensure it actually exists because
otherwise the activation script will fail.
2015-04-06 09:23:58 +02:00
Jan Malakhovski
dc4fa2da8a nixos: udev: build rules locally 2015-03-26 12:43:42 +00:00
Joachim Fasting
3518b761ba TCSD: use tss user/group instead of nginx
For some reason TCSD is configured to use the nginx uid/gid.
Use the newly created tss uid/gid instead.
2015-03-16 09:58:16 +01:00
Eelco Dolstra
3b9b620656 Revert "linux: disable UEVENT_HELPER*"
This reverts commit 9f87f3ccb0 because
it causes /proc/sys/kernel/hotplug to not be cleared on Linux <= 3.14.
2015-03-06 15:59:06 +01:00
Tobias Geerinckx-Rice
9f87f3ccb0 linux: disable UEVENT_HELPER*
Deprecated since 2006: http://lwn.net/Articles/166954/
2015-03-01 03:31:59 +01:00
Tobias Geerinckx-Rice
ff5eae075a Add freefall NixOS service module 2015-01-28 15:59:21 +01:00
Nikolay Amiantov
b7b3a0972d nixos/tlp: add service 2015-01-24 02:56:21 +03:00
Tino Breddin
ee0f81de5e Fix filename for udev network interface rules
From http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

You disable the assignment of fixed names, so that the unpredictable
kernel names are used again. For this, simply mask udev's rule file for
the default policy: ln -s /dev/null
/etc/udev/rules.d/80-net-setup-link.rules (since v209: this file was
called 80-net-name-slot.rules in release v197 through v208)
2014-12-05 17:32:36 +01:00
Luca Bruno
41cb91a4fd Revert "Merge pull request #5184 from daogames/tb/fix-systemd-udev-net-rules"
This reverts commit ddeee82b31, reversing
changes made to 75ead8812b.
2014-12-02 10:54:48 +01:00
Tino Breddin
d0327c052c Fix filename for udev network interface rules
From http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

You disable the assignment of fixed names, so that the unpredictable
kernel names are used again. For this, simply mask udev's rule file for
the default policy: ln -s /dev/null
/etc/udev/rules.d/80-net-setup-link.rules (since v209: this file was
called 80-net-name-slot.rules in release v197 through v208)
2014-12-01 09:32:41 +01:00
Luca Bruno
83221f3886 Merge branch 'master' into staging
Makes the build more useful:
- Disabled hybrid iso, makes installer tests pass again
- Imagemagick fixes to the "Illegal instruction" thing
2014-11-08 15:56:40 +01:00
Evgeny Egorochkin
85d23f5292 thermald needs dbus config files to run 2014-11-06 15:19:33 +02:00
Vladimír Čunát
2cf17b0802 Merge recent master into staging
Hydra nixpkgs: ?compare=1156478
2014-10-23 17:40:41 +02:00
Eelco Dolstra
a3b873924b Let the kernel load firmware directly
Loading firmware via udevd is obsolete. Fixes #4552.
2014-10-20 13:25:00 +02:00
Vladimír Čunát
359dd3b8ac nixos: fix two pipefail problems
It failed since 3c6efec2c0, i.e. #4453.
Now it should "work" the same as before.
2014-10-19 19:29:28 +02:00
Eelco Dolstra
ec4f38c56f Manual: Remove some option defaults that refer to store paths
Option defaults should not refer to store paths, because they cause
the manual to be rebuilt gratuitously. It's especially bad to refer to
a highly variable path like a computed configuration file.
2014-09-18 16:21:26 +02:00
Rickard Nilsson
8c78986553 Some pkgs.lib -> lib fixes 2014-08-25 14:40:40 +02:00
Thomas Strobel
1da35629cc Cleanup: remove newlines. 2014-08-14 12:42:16 +02:00
Thomas Strobel
b63b8260b5 Add thermald: Linux Thermal Daemon 2014-08-14 02:21:31 +02:00
Vladimír Čunát
87c3c0e885 Merge master into #2129
Conflicts (easy, just UID shifted):
	nixos/modules/misc/ids.nix
	nixos/modules/module-list.nix
2014-08-12 19:24:08 +02:00
Eelco Dolstra
95b828de42 Merge remote-tracking branch 'origin/master' into staging 2014-07-07 13:16:26 +02:00
Shea Levy
b3cfb9084b Get all lib functions from lib, not pkgs.lib, in modules 2014-07-02 12:28:18 -04:00
Eelco Dolstra
40f7b0f9df Another attempt to eradicate ensureDir
See c556a6ea46.
2014-06-30 14:56:10 +02:00
Rickard Nilsson
94deea2035 nixos: Add option hardware.sane.configDir 2014-06-24 10:52:12 +02:00
Cillian de Róiste
74cd7cb3c8 sane: environment.variables -> environment.sessionVariables
See 13befa3979 for details
2014-06-22 14:38:45 +02:00
Rickard Nilsson
5bf076d99b sane: Make SANE_CONFIG_DIR overrideable 2014-05-30 10:18:39 +02:00
Michael Raskin
80cc011f77 Merge pull request #2617 from ttuegel/hplip
hplip: update and fix scanning
2014-05-27 02:31:27 -07:00
Eelco Dolstra
f4b7ac11a3 Remove udisks module
It's no longer used in NixOS.
2014-05-22 12:11:53 +02:00
Luca Bruno
df95a8cc2f upower: add 0.99 version for gnome 3.12 2014-05-20 13:41:39 +02:00
Eelco Dolstra
097f9c7e57 Fix udev rule required by gpm
Backport: 14.04
2014-05-20 13:09:41 +02:00
Thomas Tuegel
8df521bf0f sane: use mkSaneConfig to set system environment 2014-05-11 14:01:07 -05:00
Eelco Dolstra
685ca50650 gpm: Depend on /dev/input/mice 2014-04-28 19:12:48 +02:00
Alexander Kjeldaas
4cca346d21 Add types to tcsd config options. 2014-04-22 14:05:09 +02:00
Alexander Kjeldaas
5065802b3a Added TCSD (Trusted Computing Group Software Stack (TSS) daemon).
Start tcsd after systemd-udev-settle and run it in foreground.
2014-04-22 14:05:09 +02:00
Eelco Dolstra
4e8c2f0ff9 Merge branch 'systemd-update' 2014-04-20 19:31:01 +02:00
William A. Kennington III
3ccf990372 pcscd: Refactor service and use socket activation 2014-04-19 14:37:31 +01:00
Eelco Dolstra
18a7ce76fc Enable udisks2 by default
The ability for unprivileged users to mount external media is useful
regardless of the desktop environment. Also, since udisks2 is
activated on-demand, it doesn't add any overhead if you're not using it.
2014-04-19 14:41:21 +02:00
Eelco Dolstra
232a9caa96 Fix predictable network interface naming
In current systemd, this has been moved to systemd-network, which
we're not using yet. So revive the old udev rules from systemd 203.
2014-04-18 19:34:45 +02:00
Eelco Dolstra
179acfb664 Allow upstream systemd units to be extended
If you define a unit, and either systemd or a package in
systemd.packages already provides that unit, then we now generate a
file /etc/systemd/system/<unit>.d/overrides.conf. This makes it
possible to use upstream units, while allowing them to be customised
from the NixOS configuration. For instance, the module nix-daemon.nix
now uses the units provided by the Nix package. And all unit
definitions that duplicated upstream systemd units are finally gone.

This makes the baseUnit option unnecessary, so I've removed it.
2014-04-17 18:52:31 +02:00
Eelco Dolstra
518f710547 Fix module loading in systemd-udevd 2014-04-17 12:26:12 +02:00
Eelco Dolstra
29027fd1e1 Rewrite ‘with pkgs.lib’ -> ‘with lib’
Using pkgs.lib on the spine of module evaluation is problematic
because the pkgs argument depends on the result of module
evaluation. To prevent an infinite recursion, pkgs and some of the
modules are evaluated twice, which is inefficient. Using ‘with lib’
prevents this problem.
2014-04-14 16:26:48 +02:00
Eelco Dolstra
2ba552fb2e Revert "Fix services.udisks.enable."
This reverts commit 02a30bea44,
necessary after reverting to udisks 1.0.4.

http://hydra.nixos.org/build/10194840
2014-04-08 13:28:24 +02:00
Shea Levy
7cebcb995d Merge branch 'cache.pcscd' of git://github.com/wkennington/nixpkgs
Update Smartcard Utils + Fix Daemon Expression
2014-03-28 23:45:00 -04:00
Moritz Ulrich
02a30bea44 Fix services.udisks.enable.
Latest update to udisks in 344f2e65 broke it for me. Fix it by doing the
following:

- Add udisks.service to /etc/systemd/system (via systemd.packages)
- Fix path to udisks-daemon in udisks.service (libexec/ instead of lib/)
2014-03-25 16:52:45 +01:00
William A. Kennington III
155dc472d8 pcscd: Convert to systemd + Fix config file 2014-03-21 17:52:24 -05:00
Eelco Dolstra
9ee30cd9b5 Add support for lightweight NixOS containers
You can now say:

  systemd.containers.foo.config =
    { services.openssh.enable = true;
      services.openssh.ports = [ 2022 ];
      users.extraUsers.root.openssh.authorizedKeys.keys = [ "ssh-dss ..." ];
    };

which defines a NixOS instance with the given configuration running
inside a lightweight container.

You can also manage the configuration of the container independently
from the host:

  systemd.containers.foo.path = "/nix/var/nix/profiles/containers/foo";

where "path" is a NixOS system profile.  It can be created/updated by
doing:

  $ nix-env --set -p /nix/var/nix/profiles/containers/foo \
      -f '<nixos>' -A system -I nixos-config=foo.nix

The container configuration (foo.nix) should define

  boot.isContainer = true;

to optimise away the building of a kernel and initrd.  This is done
automatically when using the "config" route.

On the host, a lightweight container appears as the service
"container-<name>.service".  The container is like a regular NixOS
(virtual) machine, except that it doesn't have its own kernel.  It has
its own root file system (by default /var/lib/containers/<name>), but
shares the Nix store of the host (as a read-only bind mount).  It also
has access to the network devices of the host.

Currently, if the configuration of the container changes, running
"nixos-rebuild switch" on the host will cause the container to be
rebooted.  In the future we may want to send some message to the
container so that it can activate the new container configuration
without rebooting.

Containers are not perfectly isolated yet.  In particular, the host's
/sys/fs/cgroup is mounted (writable!) in the guest.
2013-11-27 17:14:10 +01:00
Eelco Dolstra
2b1f212494 Disable various services when running inside a container 2013-11-26 18:19:45 +01:00
William A. Kennington III
f48af13c5a Add a nix module for AMD Hybrid Graphics 2013-11-20 11:27:28 -06:00
Bjørn Forsman
dc352536a8 nixos: capitalize a bunch of service descriptions
(systemd service descriptions that is, not service descriptions in "man
configuration.nix".)

Capitalizing each word in the description seems to be the accepted
standard.

Also shorten these descriptions:
 * "Munin node, the agent process" => "Munin Node"
 * "Planet Venus, an awesome ‘river of news’ feed reader" => "Planet Venus Feed Reader"
2013-11-09 20:45:50 +01:00
Eelco Dolstra
408b8b5725 Add lots of missing option types 2013-10-30 18:47:43 +01:00
Eelco Dolstra
d5047faede Remove uses of the "merge" option attribute
It's redundant because you can (and should) specify an option type, or
an apply function.
2013-10-28 22:45:56 +01:00
Eelco Dolstra
5c1f8cbc70 Move all of NixOS to nixos/ in preparation of the repository merge 2013-10-10 13:28:20 +02:00