Benedikt Ritter
deb045e057
initrd: implement panic-on-fail interpreterless
2025-03-19 10:23:46 +01:00
programmerlexi
1a830fe9d9
nixos/limine: fix the install script
2025-03-18 01:06:55 +05:30
Rane
2cc1d33489
nixos/limine: cast partition index to string ( #390732 )
2025-03-18 01:01:15 +05:30
Florent Charpentier
631bed6ed9
nixos/systemd-repart: add support for repeating settings
...
fix https://github.com/NixOS/nixpkgs/issues/389478
2025-03-14 19:43:28 +01:00
Florian Klink
a8dc55f40b
nixos/logind: add "sleep" option to logindHandlerType ( #388792 )
2025-03-12 17:17:00 +02:00
nixpkgs-ci[bot]
9a807b1916
Merge master into staging-next
2025-03-11 17:36:38 +00:00
Pol Dellaiera
c39e50acb0
nixos/limine: init module ( #386368 )
2025-03-11 14:09:50 +01:00
SebastianStork
e0258ad135
nixos/logind: add "sleep" option to logindHandlerType
...
The "systemctl sleep" command was added in systemd v256.
2025-03-10 19:44:27 +01:00
John Titor
f597c68e7b
nixos/boot/systemd: enable tracefs
...
tracefs is a special-purpose filesystem in Linux used for tracing filesystem and kernel operations.
This was added to the kernel back in 2015 to replace debugfs. For security reasons, some system do not mount debugfs at all. Tracefs reduces the attack surface by allowing to trace without mounting debugfs. Additionally it provides features not supported by debugfs (such as calls for mkdir and rmdir
Debian and Arch Linux both enable this by default.
RHEL 8 and later, they enable tracefs by default.
Signed-off-by: John Titor <50095635+JohnRTitor@users.noreply.github.com>
2025-03-10 22:27:41 +05:30
programmerlexi
12779dc091
nixos/limine: init module
...
Co-Authored-By: Gabriel Waksmundzki <czapek1337@gmail.com>
2025-03-06 08:05:08 +01:00
Samuel Dionne-Riel
6ec6eae586
Revert "nixos/grub: generate BLS entries"
2025-02-28 14:30:10 -05:00
rnhmjoj
435a72e469
nixos/grub: generate BLS entries
2025-02-28 09:51:20 +01:00
Peder Bergebakken Sundt
527be14321
nixos/doc: convert links to manpages
2025-02-21 16:31:09 +01:00
nixpkgs-ci[bot]
3a870eb511
Merge master into staging-next
2025-02-19 18:04:49 +00:00
Jörg Thalheim
39dd19122f
install-grub: add missing rmtree
2025-02-19 14:33:46 +07:00
nixpkgs-ci[bot]
9bd398d5e9
Merge master into staging-next
2025-02-18 12:05:57 +00:00
Michele Guerini Rocco
d05074f981
nixos/getty: only include if config.console.enable == true ( #363533 )
2025-02-18 11:44:42 +01:00
nixpkgs-ci[bot]
83f409d731
Merge master into staging-next
2025-02-18 06:04:52 +00:00
Jörg Thalheim
5be6db6b3d
grub modernize ( #374844 )
2025-02-18 13:03:24 +07:00
nixpkgs-ci[bot]
71e949e746
Merge master into staging-next
2025-02-18 00:14:29 +00:00
Fernando Rodrigues
cf4c8e97ad
nixos/networkd: add new options introduced in systemd 257
...
The Wireguard public key can now be read from a file.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
2025-02-17 21:51:40 +00:00
nixpkgs-ci[bot]
fc7fa5f568
Merge master into staging-next
2025-02-17 00:15:35 +00:00
Arian van Putten
3835432751
systemd-repart: Enable custom --empty flags in initrd ( #373414 )
2025-02-16 20:03:50 +01:00
K900
daadcbdaac
nixos/systemd-stage-1: explicitly add pkgs.runtimeShell dependency
...
Because it's no longer pkgs.bash (which is interactive), and
can be something else on other platforms anyway.
2025-02-16 19:42:14 +03:00
nixpkgs-ci[bot]
43a5de6cbb
Merge master into staging-next
2025-02-14 12:05:56 +00:00
Maximilian Bosch
4eccb53550
nixos/tmpfiles: fix docs
...
Closes #381822
Apparently, I swapped `path` and `tmpfiles-type` in
2be50b1efe🫠
Also giving
`systemd.tmpfiles.settings.<config-name>.<path>.<tmpfiles-type>.type` a
better default in the manual than `‹name›`, i.e. `‹tmpfiles-type›` so
that it corresponds to the placeholders in the attribute path.
2025-02-14 09:42:43 +01:00
Wolfgang Walther
b19d0f6d3d
treewide: replace substituteAll with replaceVars
2025-02-10 22:51:56 +01:00
Arian van Putten
587efe0fd0
Unbork journals audit logs and introduce audit option ( #379629 )
2025-02-10 12:09:32 +01:00
Arian van Putten
ff78e34e0b
services/journald: introduce audit option
...
We default this option to null ; which is different
from upstream which defaults this to true.
Defaulting this to true leads to log-spam in /dev/kmesg
and thus in our opinion is a bad default https://github.com/systemd/systemd/issues/15324
2025-02-07 15:58:19 +01:00
Arian van Putten
13b1062730
services/journald: re-enable systemd-journald-audit.socket
...
This was broken due to https://github.com/systemd/systemd/pull/25687
but we never noticed.
2025-02-07 14:14:53 +01:00
therainisme
0a12b8d03d
systemd: fix typo in boot.kernelParams (hierachy → hierarchy)
2025-02-07 12:06:23 +08:00
Jörg Thalheim
b29c6f5a4a
stage-2-init: fix false positives for RO Nix store mounts ( #375257 )
2025-02-02 08:58:03 +07:00
Franz Pletz
ca0a9a0ed6
nixos/grub: Remove > from submenu title, unbreak grub-reboot ( #284987 )
2025-01-29 09:23:46 +01:00
Wolfgang Walther
b9ea481784
nixos/systemd-boot: replace substituteAll with replaceVarsWith
2025-01-28 22:30:26 +01:00
Peder Bergebakken Sundt
fd60375c7a
nixos/timesyncd: strip man: prefix from manpage links
2025-01-27 02:47:02 +01:00
Peder Bergebakken Sundt
75b2b7e946
nixos/*: undo manual linking to known manpage urls
...
Made with:
jq <doc/manpage-urls.json 'to_entries[] | "rg -F \"[\(.key)](\(.value))\" nixos/ -l | xe sd -F \"[\(.key)](\(.value))\" \"{manpage}`\(.key)`\""' -r | tr \" \' | bash -x
(requires ripgrep, sd and xe)
2025-01-27 02:47:02 +01:00
Peder Bergebakken Sundt
953f72e76e
nixos/*: tag manpage references
2025-01-27 02:47:01 +01:00
Morgan Jones
2f3a80c96f
stage-2-init: fix false positives for RO Nix store mounts
...
We need to take the "top" mount instead of any mount, which is the last
line printed by findmnt. Additionally, make the regex more strict, so we
don't select mount options ending in ro (like `errors=remount-ro` from
ext4, or overlay paths ending in 'ro') and accidentally leave the Nix
store RW after boot.
2025-01-20 00:27:18 -08:00
Yureka
3b6f658130
init-script-builder: fix build ( #375160 )
...
Change-Id: I244160844aad5fcfcab323dd721cfd87e4b8ddc0
2025-01-20 08:29:57 +01:00
Jörg Thalheim
33c2472b69
nixos/install-grub: don't use bare file handles and 3 argument open
...
this is not best practice perl since a long time.
<!-- ps-id: 225e1b18-348c-412f-8ecd-394f3ba9a32d -->
2025-01-18 17:33:53 +01:00
Jörg Thalheim
8d5abcd1bb
nixos/install-grub: use more modern make_path
...
mkpath is a legacy interface.
<!-- ps-id: 0f1e0583-9cc5-4006-a4a2-fd413fe8117e -->
2025-01-18 17:33:53 +01:00
nixpkgs-ci[bot]
31193d78d8
Merge master into staging-next
2025-01-16 18:04:20 +00:00
WilliButz
bc5b78f993
nixos/systemd-tmpfiles: fix ordering of systemd-tmpfiles-setup-sysroot
...
Prior to this change a service failure would occur when this tmpfiles
service did not finish fast enough and receive a SIGTERM from systemd.
Additionally, `initrd-nixos-activation` is already ordered with
`After=initrd-switch-root.target`.
2025-01-15 15:43:36 +01:00
phaer
d2cadf484c
repart: Enable custom --empty flags in initrd
...
By default, systemd-repart refuses to act on empty disk devices, i.e.
those without any existing partition table for safety reasons.
This behaviour can be customized via the `--empty` flag, which we now
expose via the module system. This makes to partition empty disks
on first boot.
2025-01-13 12:13:19 +01:00
github-actions[bot]
74a6c68160
Merge master into staging-next
2025-01-12 18:04:11 +00:00
Christian Kögler
40932c9afa
nixos/luksroot: Check if the device was opened while reading password ( #369627 )
2025-01-12 14:25:08 +01:00
K900
914d17e050
nixos/boot/loader/generic-extlinux-compatible: fix eval on cross as well
2025-01-11 20:47:19 +03:00
K900
fbb4d057d1
nixos/boot/loader/generic-extlinux-compatible: fix eval
2025-01-11 20:42:58 +03:00
K900
350a060f1d
Merge remote-tracking branch 'origin/master' into staging-next
2025-01-09 22:02:14 +03:00
Julien Malka
851f7fc119
nixos/clevis: do not use systemd-udev-settle ( #372374 )
2025-01-09 14:58:13 +01:00
