2024-04-28 18:31:09 +02:00
|
|
|
|
{
|
|
|
|
|
|
config,
|
|
|
|
|
|
lib,
|
|
|
|
|
|
pkgs,
|
|
|
|
|
|
...
|
|
|
|
|
|
}:
|
2022-03-17 20:46:25 +01:00
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
with lib;
|
2022-03-17 20:46:25 +01:00
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
let
|
2022-03-17 20:46:25 +01:00
|
|
|
|
cfg = config.systemd.tmpfiles;
|
2024-04-28 18:31:09 +02:00
|
|
|
|
initrdCfg = config.boot.initrd.systemd.tmpfiles;
|
2022-03-17 20:25:12 +01:00
|
|
|
|
systemd = config.systemd.package;
|
2024-04-28 18:31:09 +02:00
|
|
|
|
|
2024-12-10 15:48:34 +01:00
|
|
|
|
attrsWith' =
|
|
|
|
|
|
placeholder: elemType:
|
|
|
|
|
|
types.attrsWith {
|
|
|
|
|
|
inherit elemType placeholder;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2025-03-19 18:00:44 +01:00
|
|
|
|
escapeArgument = lib.strings.escapeC [
|
|
|
|
|
|
"\t"
|
|
|
|
|
|
"\n"
|
|
|
|
|
|
"\r"
|
|
|
|
|
|
" "
|
|
|
|
|
|
"\\"
|
|
|
|
|
|
];
|
|
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
settingsOption = {
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Declare systemd-tmpfiles rules to create, delete, and clean up volatile
|
|
|
|
|
|
and temporary files and directories.
|
|
|
|
|
|
|
|
|
|
|
|
Even though the service is called `*tmp*files` you can also create
|
|
|
|
|
|
persistent files.
|
|
|
|
|
|
'';
|
|
|
|
|
|
example = {
|
|
|
|
|
|
"10-mypackage" = {
|
|
|
|
|
|
"/var/lib/my-service/statefolder".d = {
|
|
|
|
|
|
mode = "0755";
|
|
|
|
|
|
user = "root";
|
|
|
|
|
|
group = "root";
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
default = { };
|
2025-02-14 09:42:43 +01:00
|
|
|
|
type = attrsWith' "config-name" (
|
|
|
|
|
|
attrsWith' "path" (
|
|
|
|
|
|
attrsWith' "tmpfiles-type" (
|
|
|
|
|
|
types.submodule (
|
|
|
|
|
|
{ name, config, ... }:
|
|
|
|
|
|
{
|
2024-04-28 18:31:09 +02:00
|
|
|
|
options.type = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = name;
|
2025-02-14 09:42:43 +01:00
|
|
|
|
defaultText = "‹tmpfiles-type›";
|
2024-04-28 18:31:09 +02:00
|
|
|
|
example = "d";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
The type of operation to perform on the file.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
The type consists of a single letter and optionally one or more
|
|
|
|
|
|
modifier characters.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
Please see the upstream documentation for the available types and
|
|
|
|
|
|
more details:
|
2025-02-21 16:31:09 +01:00
|
|
|
|
{manpage}`tmpfiles.d(5)`
|
2024-04-28 18:31:09 +02:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
options.mode = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = "-";
|
|
|
|
|
|
example = "0755";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
The file access mode to use when creating this file or directory.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
options.user = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = "-";
|
|
|
|
|
|
example = "root";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
The user of the file.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
This may either be a numeric ID or a user/group name.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
If omitted or when set to `"-"`, the user and group of the user who
|
|
|
|
|
|
invokes systemd-tmpfiles is used.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
options.group = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = "-";
|
|
|
|
|
|
example = "root";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
The group of the file.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
This may either be a numeric ID or a user/group name.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
If omitted or when set to `"-"`, the user and group of the user who
|
|
|
|
|
|
invokes systemd-tmpfiles is used.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
options.age = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = "-";
|
|
|
|
|
|
example = "10d";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Delete a file when it reaches a certain age.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
If a file or directory is older than the current time minus the age
|
|
|
|
|
|
field, it is deleted.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
If set to `"-"` no automatic clean-up is done.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
options.argument = mkOption {
|
|
|
|
|
|
type = types.str;
|
|
|
|
|
|
default = "";
|
|
|
|
|
|
example = "";
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
An argument whose meaning depends on the type of operation.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
Please see the upstream documentation for the meaning of this
|
|
|
|
|
|
parameter in different situations:
|
2025-02-21 16:31:09 +01:00
|
|
|
|
{manpage}`tmpfiles.d(5)`
|
2024-04-28 18:31:09 +02:00
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
}
|
2025-04-01 20:10:43 +02:00
|
|
|
|
)
|
|
|
|
|
|
)
|
|
|
|
|
|
)
|
2024-04-28 18:31:09 +02:00
|
|
|
|
);
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# generates a single entry for a tmpfiles.d rule
|
|
|
|
|
|
settingsEntryToRule = path: entry: ''
|
2025-03-19 18:00:44 +01:00
|
|
|
|
'${entry.type}' '${path}' '${entry.mode}' '${entry.user}' '${entry.group}' '${entry.age}' ${escapeArgument entry.argument}
|
2024-04-28 18:31:09 +02:00
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
|
|
# generates a list of tmpfiles.d rules from the attrs (paths) under tmpfiles.settings.<name>
|
|
|
|
|
|
pathsToRules = mapAttrsToList (
|
|
|
|
|
|
path: types: concatStrings (mapAttrsToList (_type: settingsEntryToRule path) types)
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
mkRuleFileContent = paths: concatStrings (pathsToRules paths);
|
2022-03-17 20:25:12 +01:00
|
|
|
|
in
|
|
|
|
|
|
{
|
|
|
|
|
|
options = {
|
|
|
|
|
|
systemd.tmpfiles.rules = mkOption {
|
|
|
|
|
|
type = types.listOf types.str;
|
|
|
|
|
|
default = [ ];
|
|
|
|
|
|
example = [ "d /tmp 1777 root root 10d" ];
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
Rules for creation, deletion and cleaning of volatile and temporary files
|
|
|
|
|
|
automatically. See
|
|
|
|
|
|
{manpage}`tmpfiles.d(5)`
|
|
|
|
|
|
for the exact format.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
systemd.tmpfiles.settings = mkOption settingsOption;
|
|
|
|
|
|
|
|
|
|
|
|
boot.initrd.systemd.tmpfiles.settings = mkOption (
|
|
|
|
|
|
settingsOption
|
|
|
|
|
|
// {
|
2023-10-21 19:02:32 +01:00
|
|
|
|
description = ''
|
2024-04-28 18:31:09 +02:00
|
|
|
|
Similar to {option}`systemd.tmpfiles.settings` but the rules are
|
|
|
|
|
|
only applied by systemd-tmpfiles before `initrd-switch-root.target`.
|
2023-10-21 19:02:32 +01:00
|
|
|
|
|
2024-04-28 18:31:09 +02:00
|
|
|
|
See {manpage}`bootup(7)`.
|
2023-10-21 19:02:32 +01:00
|
|
|
|
'';
|
2024-04-28 18:31:09 +02:00
|
|
|
|
}
|
|
|
|
|
|
);
|
2023-10-21 19:02:32 +01:00
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
systemd.tmpfiles.packages = mkOption {
|
|
|
|
|
|
type = types.listOf types.package;
|
|
|
|
|
|
default = [ ];
|
|
|
|
|
|
example = literalExpression "[ pkgs.lvm2 ]";
|
|
|
|
|
|
apply = map getLib;
|
|
|
|
|
|
description = ''
|
|
|
|
|
|
List of packages containing {command}`systemd-tmpfiles` rules.
|
|
|
|
|
|
|
|
|
|
|
|
All files ending in .conf found in
|
2022-08-03 01:57:59 +02:00
|
|
|
|
{file}`«pkg»/lib/tmpfiles.d`
|
2022-03-17 20:25:12 +01:00
|
|
|
|
will be included.
|
|
|
|
|
|
If this folder does not exist or does not contain any files an error will be returned instead.
|
|
|
|
|
|
|
|
|
|
|
|
If a {file}`lib` output is available, rules are searched there and only there.
|
|
|
|
|
|
If there is no {file}`lib` output it will fall back to {file}`out`
|
|
|
|
|
|
and if that does not exist either, the default output will be used.
|
|
|
|
|
|
'';
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
config = {
|
2024-09-04 12:17:39 +02:00
|
|
|
|
warnings =
|
|
|
|
|
|
let
|
|
|
|
|
|
paths = lib.filter (path: path != null && lib.hasPrefix "/etc/tmpfiles.d/" path) (
|
|
|
|
|
|
map (path: path.target) config.boot.initrd.systemd.storePaths
|
|
|
|
|
|
);
|
|
|
|
|
|
in
|
|
|
|
|
|
lib.optional (lib.length paths > 0) (
|
|
|
|
|
|
lib.concatStringsSep " " [
|
|
|
|
|
|
"Files inside /etc/tmpfiles.d in the initrd need to be created with"
|
|
|
|
|
|
"boot.initrd.systemd.tmpfiles.settings."
|
|
|
|
|
|
"Creating them by hand using boot.initrd.systemd.contents or"
|
|
|
|
|
|
"boot.initrd.systemd.storePaths will lead to errors in the future."
|
|
|
|
|
|
"Found these problematic files: ${lib.concatStringsSep ", " paths}"
|
|
|
|
|
|
]
|
2025-03-19 18:00:44 +01:00
|
|
|
|
)
|
|
|
|
|
|
++ (lib.flatten (
|
|
|
|
|
|
lib.mapAttrsToList (
|
|
|
|
|
|
name: paths:
|
|
|
|
|
|
lib.mapAttrsToList (
|
|
|
|
|
|
path: entries:
|
|
|
|
|
|
lib.mapAttrsToList (
|
|
|
|
|
|
type': entry:
|
|
|
|
|
|
lib.optional (lib.match ''.*\\([nrt]|x[0-9A-Fa-f]{2}).*'' entry.argument != null) (
|
|
|
|
|
|
lib.concatStringsSep " " [
|
|
|
|
|
|
"The argument option of ${name}.${type'}.${path} appears to"
|
|
|
|
|
|
"contain escape sequences, which will be escaped again."
|
|
|
|
|
|
"Unescape them if this is not intended: \"${entry.argument}\""
|
|
|
|
|
|
]
|
|
|
|
|
|
)
|
|
|
|
|
|
) entries
|
|
|
|
|
|
) paths
|
|
|
|
|
|
) cfg.settings
|
|
|
|
|
|
));
|
2024-09-04 12:17:39 +02:00
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
systemd.additionalUpstreamSystemUnits = [
|
|
|
|
|
|
"systemd-tmpfiles-clean.service"
|
|
|
|
|
|
"systemd-tmpfiles-clean.timer"
|
2024-04-28 18:31:09 +02:00
|
|
|
|
"systemd-tmpfiles-setup-dev-early.service"
|
2022-03-17 20:25:12 +01:00
|
|
|
|
"systemd-tmpfiles-setup-dev.service"
|
2024-04-28 18:31:09 +02:00
|
|
|
|
"systemd-tmpfiles-setup.service"
|
2022-03-17 20:25:12 +01:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
systemd.additionalUpstreamUserUnits = [
|
|
|
|
|
|
"systemd-tmpfiles-clean.service"
|
|
|
|
|
|
"systemd-tmpfiles-clean.timer"
|
|
|
|
|
|
"systemd-tmpfiles-setup.service"
|
|
|
|
|
|
];
|
|
|
|
|
|
|
2023-11-25 21:31:09 +01:00
|
|
|
|
# Allow systemd-tmpfiles to be restarted by switch-to-configuration. This
|
|
|
|
|
|
# service is not pulled into the normal boot process. It only exists for
|
|
|
|
|
|
# switch-to-configuration.
|
|
|
|
|
|
#
|
|
|
|
|
|
# This needs to be a separate unit because it does not execute
|
|
|
|
|
|
# systemd-tmpfiles with `--boot` as that is supposed to only be executed
|
|
|
|
|
|
# once at boot time.
|
|
|
|
|
|
#
|
|
|
|
|
|
# Keep this aligned with the upstream `systemd-tmpfiles-setup.service` unit.
|
|
|
|
|
|
systemd.services."systemd-tmpfiles-resetup" = {
|
|
|
|
|
|
description = "Re-setup tmpfiles on a system that is already running.";
|
|
|
|
|
|
|
|
|
|
|
|
requiredBy = [ "sysinit-reactivation.target" ];
|
|
|
|
|
|
after = [
|
|
|
|
|
|
"local-fs.target"
|
|
|
|
|
|
"systemd-sysusers.service"
|
|
|
|
|
|
"systemd-journald.service"
|
|
|
|
|
|
];
|
|
|
|
|
|
before = [
|
|
|
|
|
|
"sysinit-reactivation.target"
|
|
|
|
|
|
"shutdown.target"
|
2025-04-01 20:10:43 +02:00
|
|
|
|
];
|
2023-11-25 21:31:09 +01:00
|
|
|
|
conflicts = [ "shutdown.target" ];
|
|
|
|
|
|
restartTriggers = [ config.environment.etc."tmpfiles.d".source ];
|
|
|
|
|
|
|
|
|
|
|
|
unitConfig.DefaultDependencies = false;
|
|
|
|
|
|
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
|
RemainAfterExit = true;
|
|
|
|
|
|
ExecStart = "systemd-tmpfiles --create --remove --exclude-prefix=/dev";
|
|
|
|
|
|
SuccessExitStatus = "DATAERR CANTCREAT";
|
|
|
|
|
|
ImportCredential = [
|
|
|
|
|
|
"tmpfiles.*"
|
|
|
|
|
|
"loging.motd"
|
|
|
|
|
|
"login.issue"
|
|
|
|
|
|
"network.hosts"
|
|
|
|
|
|
"ssh.authorized_keys.root"
|
|
|
|
|
|
];
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
environment.etc = {
|
|
|
|
|
|
"tmpfiles.d".source =
|
|
|
|
|
|
(pkgs.symlinkJoin {
|
|
|
|
|
|
name = "tmpfiles.d";
|
2022-03-17 20:46:25 +01:00
|
|
|
|
paths = map (p: p + "/lib/tmpfiles.d") cfg.packages;
|
2022-03-17 20:25:12 +01:00
|
|
|
|
postBuild =
|
|
|
|
|
|
''
|
|
|
|
|
|
for i in $(cat $pathsPath); do
|
|
|
|
|
|
(test -d "$i" && test $(ls "$i"/*.conf | wc -l) -ge 1) || (
|
|
|
|
|
|
echo "ERROR: The path '$i' from systemd.tmpfiles.packages contains no *.conf files."
|
|
|
|
|
|
exit 1
|
|
|
|
|
|
)
|
|
|
|
|
|
done
|
|
|
|
|
|
''
|
|
|
|
|
|
+ concatMapStrings (
|
|
|
|
|
|
name:
|
|
|
|
|
|
optionalString (hasPrefix "tmpfiles.d/" name) ''
|
|
|
|
|
|
rm -f $out/${removePrefix "tmpfiles.d/" name}
|
|
|
|
|
|
''
|
|
|
|
|
|
) config.system.build.etc.passthru.targets;
|
|
|
|
|
|
})
|
|
|
|
|
|
+ "/*";
|
2024-08-07 16:09:52 +02:00
|
|
|
|
"mtab" = {
|
|
|
|
|
|
mode = "direct-symlink";
|
|
|
|
|
|
source = "/proc/mounts";
|
|
|
|
|
|
};
|
2022-03-17 20:25:12 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
systemd.tmpfiles.packages =
|
|
|
|
|
|
[
|
|
|
|
|
|
# Default tmpfiles rules provided by systemd
|
|
|
|
|
|
(pkgs.runCommand "systemd-default-tmpfiles" { } ''
|
|
|
|
|
|
mkdir -p $out/lib/tmpfiles.d
|
|
|
|
|
|
cd $out/lib/tmpfiles.d
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2022-03-17 20:25:12 +01:00
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/home.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/journal-nocow.conf"
|
2022-09-29 12:36:05 +02:00
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/portables.conf"
|
2022-03-17 20:25:12 +01:00
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/static-nodes-permissions.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/systemd.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/systemd-nologin.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/systemd-nspawn.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/systemd-tmp.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/tmp.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/var.conf"
|
|
|
|
|
|
ln -s "${systemd}/example/tmpfiles.d/x11.conf"
|
|
|
|
|
|
'')
|
|
|
|
|
|
# User-specified tmpfiles rules
|
|
|
|
|
|
(pkgs.writeTextFile {
|
|
|
|
|
|
name = "nixos-tmpfiles.d";
|
|
|
|
|
|
destination = "/lib/tmpfiles.d/00-nixos.conf";
|
|
|
|
|
|
text = ''
|
|
|
|
|
|
# This file is created automatically and should not be modified.
|
|
|
|
|
|
# Please change the option ‘systemd.tmpfiles.rules’ instead.
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2022-03-17 20:46:25 +01:00
|
|
|
|
${concatStringsSep "\n" cfg.rules}
|
2022-03-17 20:25:12 +01:00
|
|
|
|
'';
|
|
|
|
|
|
})
|
2023-10-21 19:02:32 +01:00
|
|
|
|
]
|
|
|
|
|
|
++ (mapAttrsToList (
|
2024-04-28 18:31:09 +02:00
|
|
|
|
name: paths: pkgs.writeTextDir "lib/tmpfiles.d/${name}.conf" (mkRuleFileContent paths)
|
2023-10-21 19:02:32 +01:00
|
|
|
|
) cfg.settings);
|
2025-04-01 20:10:43 +02:00
|
|
|
|
|
2022-03-24 21:00:37 +01:00
|
|
|
|
systemd.tmpfiles.rules =
|
|
|
|
|
|
[
|
|
|
|
|
|
"d /run/lock 0755 root root - -"
|
|
|
|
|
|
"d /var/db 0755 root root - -"
|
|
|
|
|
|
"L /var/lock - - - - ../run/lock"
|
2024-09-22 12:00:48 -07:00
|
|
|
|
]
|
|
|
|
|
|
++ lib.optionals config.nix.enable [
|
|
|
|
|
|
"d /nix/var 0755 root root - -"
|
|
|
|
|
|
"L+ /nix/var/nix/gcroots/booted-system 0755 root root - /run/booted-system"
|
|
|
|
|
|
]
|
|
|
|
|
|
# Boot-time cleanup
|
|
|
|
|
|
++ [
|
2022-03-24 21:00:37 +01:00
|
|
|
|
"R! /etc/group.lock - - - - -"
|
|
|
|
|
|
"R! /etc/passwd.lock - - - - -"
|
|
|
|
|
|
"R! /etc/shadow.lock - - - - -"
|
2024-09-22 12:00:48 -07:00
|
|
|
|
]
|
|
|
|
|
|
++ lib.optionals config.nix.enable [
|
2022-03-24 21:00:37 +01:00
|
|
|
|
"R! /nix/var/nix/gcroots/tmp - - - - -"
|
|
|
|
|
|
"R! /nix/var/nix/temproots - - - - -"
|
|
|
|
|
|
];
|
2024-04-28 18:31:09 +02:00
|
|
|
|
|
|
|
|
|
|
boot.initrd.systemd = {
|
|
|
|
|
|
additionalUpstreamUnits = [
|
|
|
|
|
|
"systemd-tmpfiles-setup-dev-early.service"
|
|
|
|
|
|
"systemd-tmpfiles-setup-dev.service"
|
|
|
|
|
|
"systemd-tmpfiles-setup.service"
|
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
# override to exclude the prefix /sysroot, because it is not necessarily set up when the unit starts
|
|
|
|
|
|
services.systemd-tmpfiles-setup.serviceConfig = {
|
|
|
|
|
|
ExecStart = [
|
|
|
|
|
|
""
|
|
|
|
|
|
"systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev --exclude-prefix=/sysroot"
|
|
|
|
|
|
];
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
# sets up files under the prefix /sysroot, after the hierarchy is available and before nixos activation
|
|
|
|
|
|
services.systemd-tmpfiles-setup-sysroot = {
|
|
|
|
|
|
description = "Create Volatile Files and Directories in the Real Root";
|
|
|
|
|
|
after = [ "initrd-fs.target" ];
|
|
|
|
|
|
before = [
|
2025-01-15 15:34:42 +01:00
|
|
|
|
"initrd.target"
|
2024-04-28 18:31:09 +02:00
|
|
|
|
"shutdown.target"
|
|
|
|
|
|
"initrd-switch-root.target"
|
2025-04-01 20:10:43 +02:00
|
|
|
|
];
|
2024-04-28 18:31:09 +02:00
|
|
|
|
conflicts = [
|
|
|
|
|
|
"shutdown.target"
|
|
|
|
|
|
"initrd-switch-root.target"
|
|
|
|
|
|
];
|
|
|
|
|
|
wantedBy = [ "initrd.target" ];
|
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
|
Type = "oneshot";
|
|
|
|
|
|
RemainAfterExit = true;
|
|
|
|
|
|
ExecStart = "systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev --prefix=/sysroot";
|
|
|
|
|
|
SuccessExitStatus = [ "DATAERR CANTCREAT" ];
|
|
|
|
|
|
ImportCredential = [
|
|
|
|
|
|
"tmpfiles.*"
|
|
|
|
|
|
"login.motd"
|
|
|
|
|
|
"login.issue"
|
|
|
|
|
|
"network.hosts"
|
|
|
|
|
|
"ssh.authorized_keys.root"
|
|
|
|
|
|
];
|
|
|
|
|
|
};
|
|
|
|
|
|
unitConfig = {
|
|
|
|
|
|
DefaultDependencies = false;
|
|
|
|
|
|
RefuseManualStop = true;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
contents."/etc/tmpfiles.d" = mkIf (initrdCfg.settings != { }) {
|
|
|
|
|
|
source = pkgs.linkFarm "initrd-tmpfiles.d" (
|
|
|
|
|
|
mapAttrsToList (name: paths: {
|
|
|
|
|
|
name = "${name}.conf";
|
|
|
|
|
|
path = pkgs.writeText "${name}.conf" (mkRuleFileContent paths);
|
|
|
|
|
|
}) initrdCfg.settings
|
|
|
|
|
|
);
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
2022-03-17 20:25:12 +01:00
|
|
|
|
};
|
|
|
|
|
|
}
|
