mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-07-12 05:16:25 +03:00
Merge #328673: staging-next 2024-07-20
This commit is contained in:
Vladimír Čunát
commit
a5b2fe7374
942 changed files with 15103 additions and 11914 deletions
|
|
@ -18,12 +18,16 @@ let
|
|||
"ManageForeignRoutes"
|
||||
"RouteTable"
|
||||
"IPv6PrivacyExtensions"
|
||||
"IPv4Forwarding"
|
||||
"IPv6Forwarding"
|
||||
])
|
||||
(assertValueOneOf "SpeedMeter" boolValues)
|
||||
(assertInt "SpeedMeterIntervalSec")
|
||||
(assertValueOneOf "ManageForeignRoutingPolicyRules" boolValues)
|
||||
(assertValueOneOf "ManageForeignRoutes" boolValues)
|
||||
(assertValueOneOf "IPv6PrivacyExtensions" (boolValues ++ ["prefer-public" "kernel"]))
|
||||
(assertValueOneOf "IPv4Forwarding" boolValues)
|
||||
(assertValueOneOf "IPv6Forwarding" boolValues)
|
||||
];
|
||||
|
||||
sectionDHCPv4 = checkUnitConfig "DHCPv4" [
|
||||
|
|
@ -652,6 +656,8 @@ let
|
|||
"DNSDefaultRoute"
|
||||
"NTP"
|
||||
"IPForward"
|
||||
"IPv4Forwarding"
|
||||
"IPv6Forwarding"
|
||||
"IPMasquerade"
|
||||
"IPv6PrivacyExtensions"
|
||||
"IPv6AcceptRA"
|
||||
|
|
@ -700,7 +706,9 @@ let
|
|||
(assertValueOneOf "LLDP" (boolValues ++ ["routers-only"]))
|
||||
(assertValueOneOf "EmitLLDP" (boolValues ++ ["nearest-bridge" "non-tpmr-bridge" "customer-bridge"]))
|
||||
(assertValueOneOf "DNSDefaultRoute" boolValues)
|
||||
(assertValueOneOf "IPForward" (boolValues ++ ["ipv4" "ipv6"]))
|
||||
(assertRemoved "IPForward" "IPv4Forwarding and IPv6Forwarding in systemd.network(5) and networkd.conf(5)")
|
||||
(assertValueOneOf "IPv4Forwarding" boolValues)
|
||||
(assertValueOneOf "IPv6Forwarding" boolValues)
|
||||
(assertValueOneOf "IPMasquerade" (boolValues ++ ["ipv4" "ipv6" "both"]))
|
||||
(assertValueOneOf "IPv6PrivacyExtensions" (boolValues ++ ["prefer-public" "kernel"]))
|
||||
(assertValueOneOf "IPv6AcceptRA" boolValues)
|
||||
|
|
@ -2835,6 +2843,7 @@ let
|
|||
"systemd-networkd-wait-online.service"
|
||||
"systemd-networkd.service"
|
||||
"systemd-networkd.socket"
|
||||
"systemd-networkd-persistent-storage.service"
|
||||
];
|
||||
|
||||
environment.etc."systemd/networkd.conf" = renderConfig cfg.config;
|
||||
|
|
|
|||
|
|
@ -131,6 +131,7 @@ let
|
|||
|
||||
# Copy udev.
|
||||
copy_bin_and_libs ${udev}/bin/udevadm
|
||||
cp ${lib.getLib udev.kmod}/lib/libkmod.so* $out/lib
|
||||
copy_bin_and_libs ${udev}/lib/systemd/systemd-sysctl
|
||||
for BIN in ${udev}/lib/udev/*_id; do
|
||||
copy_bin_and_libs $BIN
|
||||
|
|
|
|||
|
|
@ -37,6 +37,8 @@ let
|
|||
"cryptsetup.target"
|
||||
"cryptsetup-pre.target"
|
||||
"remote-cryptsetup.target"
|
||||
] ++ optionals cfg.package.withTpm2Tss [
|
||||
"tpm2.target"
|
||||
] ++ [
|
||||
"sigpwr.target"
|
||||
"timers.target"
|
||||
|
|
@ -116,6 +118,7 @@ let
|
|||
"sleep.target"
|
||||
"hybrid-sleep.target"
|
||||
"systemd-hibernate.service"
|
||||
"systemd-hibernate-clear.service"
|
||||
"systemd-hybrid-sleep.service"
|
||||
"systemd-suspend.service"
|
||||
"systemd-suspend-then-hibernate.service"
|
||||
|
|
@ -140,6 +143,16 @@ let
|
|||
"systemd-ask-password-wall.path"
|
||||
"systemd-ask-password-wall.service"
|
||||
|
||||
# Varlink APIs
|
||||
"systemd-bootctl@.service"
|
||||
"systemd-bootctl.socket"
|
||||
"systemd-creds@.service"
|
||||
"systemd-creds.socket"
|
||||
] ++ lib.optional cfg.package.withTpm2Tss [
|
||||
"systemd-pcrlock@.service"
|
||||
"systemd-pcrlock.socket"
|
||||
] ++ [
|
||||
|
||||
# Slices / containers.
|
||||
"slices.target"
|
||||
] ++ optionals cfg.package.withImportd [
|
||||
|
|
@ -162,6 +175,7 @@ let
|
|||
] ++ optionals cfg.package.withHostnamed [
|
||||
"dbus-org.freedesktop.hostname1.service"
|
||||
"systemd-hostnamed.service"
|
||||
"systemd-hostnamed.socket"
|
||||
] ++ optionals cfg.package.withPortabled [
|
||||
"dbus-org.freedesktop.portable1.service"
|
||||
"systemd-portabled.service"
|
||||
|
|
|
|||
|
|
@ -70,6 +70,7 @@ let
|
|||
"systemd-tmpfiles-setup-dev.service"
|
||||
"systemd-tmpfiles-setup.service"
|
||||
"timers.target"
|
||||
"tpm2.target"
|
||||
"umount.target"
|
||||
"systemd-bsod.service"
|
||||
] ++ cfg.additionalUpstreamUnits;
|
||||
|
|
@ -111,8 +112,7 @@ let
|
|||
inherit (config.boot.initrd) compressor compressorArgs prepend;
|
||||
inherit (cfg) strip;
|
||||
|
||||
contents = map (path: { object = path; symlink = ""; }) (subtractLists cfg.suppressedStorePaths cfg.storePaths)
|
||||
++ mapAttrsToList (_: v: { object = v.source; symlink = v.target; }) (filterAttrs (_: v: v.enable) cfg.contents);
|
||||
contents = lib.filter ({ source, ... }: !lib.elem source cfg.suppressedStorePaths) cfg.storePaths;
|
||||
};
|
||||
|
||||
in {
|
||||
|
|
@ -171,7 +171,7 @@ in {
|
|||
description = ''
|
||||
Store paths to copy into the initrd as well.
|
||||
'';
|
||||
type = with types; listOf (oneOf [ singleLineStr package ]);
|
||||
type = utils.systemdUtils.types.initrdStorePath;
|
||||
default = [];
|
||||
};
|
||||
|
||||
|
|
@ -344,7 +344,8 @@ in {
|
|||
};
|
||||
|
||||
enableTpm2 = mkOption {
|
||||
default = true;
|
||||
default = cfg.package.withTpm2Tss;
|
||||
defaultText = "boot.initrd.systemd.package.withTpm2Tss";
|
||||
type = types.bool;
|
||||
description = ''
|
||||
Whether to enable TPM2 support in the initrd.
|
||||
|
|
@ -460,6 +461,7 @@ in {
|
|||
"${cfg.package}/lib/systemd/systemd-sulogin-shell"
|
||||
"${cfg.package}/lib/systemd/systemd-sysctl"
|
||||
"${cfg.package}/lib/systemd/systemd-bsod"
|
||||
"${cfg.package}/lib/systemd/systemd-sysroot-fstab-check"
|
||||
|
||||
# generators
|
||||
"${cfg.package}/lib/systemd/system-generators/systemd-debug-generator"
|
||||
|
|
@ -486,7 +488,8 @@ in {
|
|||
# fido2 support
|
||||
"${cfg.package}/lib/cryptsetup/libcryptsetup-token-systemd-fido2.so"
|
||||
"${pkgs.libfido2}/lib/libfido2.so.1"
|
||||
] ++ jobScripts;
|
||||
] ++ jobScripts
|
||||
++ map (c: builtins.removeAttrs c ["text"]) (builtins.attrValues cfg.contents);
|
||||
|
||||
targets.initrd.aliases = ["default.target"];
|
||||
units =
|
||||
|
|
|
|||
|
|
@ -96,6 +96,7 @@ in {
|
|||
"systemd-journald@.service"
|
||||
"systemd-journal-flush.service"
|
||||
"systemd-journal-catalog-update.service"
|
||||
"systemd-journald-sync@.service"
|
||||
] ++ (optional (!config.boot.isContainer) "systemd-journald-audit.socket") ++ [
|
||||
"systemd-journald-dev-log.socket"
|
||||
"syslog.socket"
|
||||
|
|
|
|||
|
|
@ -2,10 +2,7 @@
|
|||
|
||||
cfg = config.systemd.shutdownRamfs;
|
||||
|
||||
ramfsContents = let
|
||||
storePaths = map (p: "${p}\n") cfg.storePaths;
|
||||
contents = lib.mapAttrsToList (_: v: "${v.source}\n${v.target}") (lib.filterAttrs (_: v: v.enable) cfg.contents);
|
||||
in pkgs.writeText "shutdown-ramfs-contents" (lib.concatStringsSep "\n" (storePaths ++ contents));
|
||||
ramfsContents = pkgs.writeText "shutdown-ramfs-contents.json" (builtins.toJSON cfg.storePaths);
|
||||
|
||||
in {
|
||||
options.systemd.shutdownRamfs = {
|
||||
|
|
@ -24,7 +21,7 @@ in {
|
|||
description = ''
|
||||
Store paths to copy into the shutdown ramfs as well.
|
||||
'';
|
||||
type = lib.types.listOf lib.types.singleLineStr;
|
||||
type = utils.systemdUtils.types.initrdStorePath;
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
|
|
@ -35,7 +32,8 @@ in {
|
|||
"/etc/initrd-release".source = config.environment.etc.os-release.source;
|
||||
"/etc/os-release".source = config.environment.etc.os-release.source;
|
||||
};
|
||||
systemd.shutdownRamfs.storePaths = [pkgs.runtimeShell "${pkgs.coreutils}/bin"];
|
||||
systemd.shutdownRamfs.storePaths = [pkgs.runtimeShell "${pkgs.coreutils}/bin"]
|
||||
++ map (c: builtins.removeAttrs c ["text"]) (builtins.attrValues cfg.contents);
|
||||
|
||||
systemd.mounts = [{
|
||||
what = "tmpfs";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue