colin/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
617,926 Commits 126 Branches 0 Tags 3.2 GiB
add9ba5e99
Commit Graph

1753 Commits

Author SHA1 Message Date
Maciej Krüger
39b4c0d686
nixos/lxc-container: link to prepare-root when boot.initrd.systemd.enable is on 
Previously we were doing some parts like activation in the init script,
so linking to that works for non-systemd init

With boot.initrd.systemd.enable we no longer run activation in the init script,
but instead a new script named prepare-root, which is used instead.
 2024-02-20 23:12:41 +01:00
pennae
258b935d70 nixos/filesystems: make supportedFilesystems an attrset 
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
 2024-02-19 11:46:52 +01:00
budimanjojo
fd3fa9f2d3
nixos/oci-containers: check if image exists locally before failing 
Signed-off-by: budimanjojo <budimanjojo@gmail.com>
 2024-02-19 10:38:26 +07:00
Maciej Krüger
a6e237a86a
modules/incus: add ui flag 2024-02-17 16:49:32 +01:00
Rafael Fernández López
fd464f0543
virtualisation/containers: add support for providing static CDI definitions 2024-02-17 16:34:12 +01:00
Shea Levy
9188bb5186
OVMF: Add test with secure boot enabled 
Co-authored-by: Arthur Gautier <arthur.gautier@arista.com>
 2024-02-15 12:13:05 -05:00
Sandro
886449aef2
Merge pull request #268979 from con-f-use/warn_docker_storage_driver 
nixos/docker: warn about changing storageDriver and remove `devicemapper` value
 2024-02-12 19:46:05 +01:00
Will Fancher
d4ee957afa
Merge pull request #287445 from fricklerhandwerk/qemu-env-vars 
doc: expand on parameters passed to QEMU VMs
 2024-02-10 22:12:06 -05:00
Peder Bergebakken Sundt
c43fd32e03
Merge pull request #248315 from apeschar/oci-containers-backend-stop 
nixos/oci-containers: stop container using backend
 2024-02-10 17:12:56 +01:00
Arian van Putten
a1232992ac nixos/amazon-image: Take over maintainership 
I am actively working on bringing back Amazon Images for 24.05.
Please track progress in https://github.com/nixos/amis
 2024-02-09 18:02:40 +01:00
Valentin Gagarin
e385b36a32
Merge pull request #287438 from fricklerhandwerk/qemu-docs-link 2024-02-09 15:37:35 +01:00
Valentin Gagarin
85f4b05e39 doc: add link to QEMU reference documentation in QEMU module 2024-02-09 11:21:07 +01:00
Valentin Gagarin
11c26d4cc5 use code for env var notation 2024-02-09 11:16:28 +01:00
Valentin Gagarin
d9009e0028 doc: expand on parameters passed to QEMU VMs 2024-02-09 10:48:52 +01:00
WilliButz
0139970416
nixos/qemu-vm: convert tmpfiles rules to settings 
This change replaces the previously hard-coded `/boot` path with a
reference to `efiSysMountPoint` and more importantly this change makes
it possible to override these rules in scenarios in which they are not
desired.

One such scenario would be when `systemd-gpt-auto-generator(8)` is used
to automount the ESP. Consider this section from the mentioned manpage:

> The ESP is mounted to /boot/ if that directory exists and is not used
> for XBOOTLDR, and otherwise to /efi/. Same as for /boot/, an automount
> unit is used. The mount point will be created if necessary.

Prior to this change, the ESP would be automounted under `/efi` on first
boot, then the previous tmpfiles rules caused `/boot` to be created.
Following the quote above, this meant that the ESP is mounted under
`/boot` for each subsequent boot.
 2024-02-07 16:25:30 +01:00
Izorkin
9ad115e5f3
nixos/libvirt: changing process priority for oom killer 2024-02-04 19:54:02 +03:00
Adam Stephens
7585f26855
nixos/incus: add zfs/lib/udev to path 
Incus needs to find zvol_id for some operations, but zfs does not put
this executable in the bin directory. Exposing lib/udev into the Incus
path solves discovery of the executable

e5690705e8/internal/server/storage/drivers/driver_zfs_volumes.go (L1820C1-L1820C41)
 2024-02-02 12:36:41 -05:00
Franz Pletz
e7279b9102
Merge pull request #281186 from Sohalt/podman-dns-firewall 2024-01-19 17:01:23 +01:00
Jade Lovelace
fe474ed61a nixos: fix remaining services for network-online dep fix 2024-01-19 00:11:34 -08:00
Jade Lovelace
6c5ab28fce nixos: fix a bunch of services missing dep on network-online.target 
This was done by generating a truly hilarious configuration:

rg 'services\.[^.]+\.enable\t' opts-tags | cut -f1 > allonconfig.nix

The following were not tested due to other evaluation errors. They
should probably be manually audited.
services.amule
services.castopod
services.ceph
services.chatgpt-retrieval-plugin
services.clamsmtp
services.clight
services.dante
services.dex
services.discourse
services.dwm-status
services.engelsystem
services.foundationdb
services.frigate
services.frp
services.grocy
services.guacamole-client
services.hedgedoc
services.home-assistant
services.honk
services.imaginary
services.jitsi-meet
services.kerberos_server
services.limesurvey
services.mastodon
services.mediawiki
services.mobilizon
services.moodle
services.mosquitto
services.nextcloud
services.nullmailer
services.patroni
services.pfix-srsd
services.pgpkeyserver-lite
services.postfixadmin
services.roundcube
services.schleuder
services.self-deploy
services.slskd
services.spacecookie
services.statsd
services.step-ca
services.sympa
services.tsmBackup
services.vdirsyncer
services.vikunja
services.yandex-disk
services.zabbixWeb
 2024-01-19 00:11:34 -08:00
Adam C. Stephens
887d3f54c6
Merge pull request #278753 from adamcstephens/incus/migrate-test 
incus, lxd: ensure lxd->incus migration is supported and tested
 2024-01-18 08:01:23 -05:00
sohalt
38b2778765 nixos/podman: open firewall for aardvark-dns 2024-01-15 18:43:48 +01:00
Adam Stephens
ffdcec2d94
nixos/tests/incus: add lxd-to-incus migration test 2024-01-14 09:26:49 -05:00
Alois Wohlschlager
77e5fa5ea6 nixos/libvirtd: support out-of-tree vhost-user drivers 
Add an option allowing packages containing out-of-tree vhost-user drivers for
QEMU to be specified. The relevant configurations are then linked at runtime
where libvirt expects them.
An example use case for this is virtiofs.
 2024-01-13 00:39:33 +01:00
Peder Bergebakken Sundt
92327152cd
Merge pull request #274813 from pbsds/lxd-package-option-fix 
nixos/lxd: convert cfg.package and company to mkPackageOption
 2024-01-09 23:36:42 +01:00
Philip Taron
da90576aac
nixos/lxd-agent: fix evaluation regression caused by nixos/nixpkgs#271326 2023-12-30 08:45:30 -08:00
nikstur
682cb1d640 nixos/vmware-host: replace activationScript 
Replace with a dedicated system servie ordered before the other VMWare
services.
 2023-12-29 03:16:03 +01:00
Adam Stephens
3f8b1d2d26
nixos/lxd-agent: add system path for exec 2023-12-28 14:27:05 -05:00
nikstur
c9569af3e0
Merge pull request #271326 from philiptaron/shutdown.target 
treewide: depend on `shutdown.target` if `DefaultDependencies=no` in almost every case
 2023-12-27 08:33:26 +01:00
Mihai-Drosi Câju
800af4240b nixos/waydroid: Replace requirement for ASHMEM with MEMFD_CREATE 
* fixes #250302
* ASHMEM was removed in Linux 5.18 and waydroid can use MEMFD instead.
  MEMFD is enabled by default in 4.18 and later kernels while we
  already require this version for namespace support.
 2023-12-24 16:04:20 +02:00
Florian Klink
b6cad0fd94
Merge pull request #274220 from flokli/waagent-cleanups 
waagent: cleanups
 2023-12-19 19:19:40 +02:00
Adam C. Stephens
6b43e4b0bc
Merge pull request #260128 from adamcstephens/lxd/no-restart-agent 
nixos/lxd-agent: prevent restarting on change
 2023-12-19 08:41:21 -05:00
Florian Klink
f1c8d0709b nixos/waagent: provide waagent udev rules in initrd 
This should make /dev/disk/azure appear in-initrd too.
 2023-12-18 13:18:11 +02:00
Florian Klink
276939e0a1 nixos/waagent: move runtime dependencies to systemd service 
The udev rules shell out to chmod, cut and readlink, which are available
for udev rules (see https://github.com/NixOS/nixpkgs/pull/274236).
 2023-12-18 13:18:11 +02:00
Peder Bergebakken Sundt
4071c294ac nixos/lxd: convert cfg.package to mkPackageOption 
Also fixes the documentation of `virtualisation.lxd.ui.package`, which currently says the package is `pkgs.ui`
 2023-12-16 21:30:18 +01:00
Adam Stephens
27064dd722
nixos/lxc: remove with lib 2023-12-04 10:06:54 -05:00
Adam Stephens
ccb7b8e309
nixos/lxcfs: remove with lib 2023-12-04 10:06:52 -05:00
Adam Stephens
6765aac154
treewide/lxc: set lxc team as maintainer 2023-12-04 10:06:50 -05:00
Silvan Mosberger
54c8a15650
Merge pull request #271247 from h7x4/treewide-mkpackageoptionmd-to-mkpackageoption 
treewide: replace `mkPackageOptionMD` with `mkPackageOption`
 2023-12-01 02:09:10 +01:00
Philip Taron
0a226a0639
nixos/qemu: ensure correct ordering w.r.t. shutdown.target 2023-11-30 15:44:36 -08:00
Philip Taron
07004b46ac
nixos/lxd-agent: ensure correct ordering w.r.t. shutdown.target 2023-11-30 15:42:49 -08:00
Franz Pletz
9619439772
Merge pull request #270004 from Stunkymonkey/libvirtd-add-netcat 2023-11-30 21:04:02 +01:00
Franz Pletz
32caf62376
Merge pull request #268887 from jchw-forks/libvirt-nss 2023-11-30 20:48:24 +01:00
h7x4
79d3d59f58
treewide: replace mkPackageOptionMD with mkPackageOption 2023-11-30 19:03:14 +01:00
Maciej Krüger
50bb5d3338
Merge pull request #264929 from adamcstephens/incus/generator 2023-11-30 16:01:35 +01:00
Weijia Wang
feeae486de
Merge pull request #261702 from h7x4/replace-mkoption-with-mkpackageoption 
treewide: use `mkPackageOption`
 2023-11-30 02:49:30 +01:00
Adam Stephens
0fdef67e07
nixos/lxc-container: add adamcstephens as maintainer 2023-11-28 15:14:45 -05:00
Adam Stephens
2cd9619801
nixos/lxc-container: use lxc systemd generator 2023-11-28 15:14:43 -05:00
h7x4
0a37316d6c
treewide: use mkPackageOption 
This commit replaces a lot of usages of `mkOption` with the package
type, to be `mkPackageOption`, in order to reduce the amount of code.
 2023-11-27 01:28:36 +01:00
Robert Hensing
ecef65f019
Merge pull request #269970 from emilylange/nixos-containers-warning 
nixos/containers: warn if containers are used but disabled
 2023-11-26 19:39:32 +01:00
Mihai-Drosi Câju
be6ac65b52 nixos/waydroid: remove with lib; and friends 2023-11-26 17:13:15 +02:00
Felix Buehler
1b5617e25b nixos/libvirtd: add netcat and support 
see: https://github.com/NixOS/nixpkgs/issues/180806
 2023-11-25 23:45:18 +01:00
emilylange
1c404d2584
nixos/containers: warn if containers are used but disabled 
This is a follow-up to 8dfe8e447e.
 2023-11-25 20:01:42 +01:00
con-f-use
5254684a0f nixos/docker: warn about changing storageDriver 
Add warning to the documentation of
`virtualisation.docker.storageDriver` that changing will cause any
existing containers and images to become inaccessible.
 2023-11-21 16:00:36 +01:00
John Chadwick
412543ddd8 nixos/libvirtd: add support for nss modules 2023-11-21 01:39:02 -05:00
Yang, Bo
6d69feb35e google-compute-image: add the missing /boot filesystem 2023-11-18 13:37:42 +01:00
Yang, Bo
bff548fef1 waagent: enable provisioning 2023-11-14 19:47:27 +01:00
Maciej Krüger
c647a12d7f
Merge pull request #265725 from nbraud/nixos/sudo-rs/gce 2023-11-11 18:09:20 +01:00
Thiago Kenji Okada
da8c62363e
Merge pull request #266310 from Atry/patch-4 
azure-agent: add dependencies for its extensions
 2023-11-09 09:52:10 +00:00
Yang, Bo
1ce985242c google-compute-image: support NVMe and UEFI 2023-11-08 21:05:21 +01:00
Yang, Bo
c4086e5ce9 azure-agent: add dependencies for its extensions 
waagent's extension `Microsoft.OSTCExtensions.VMAccessForLinux` requires Python, otherwise it would be failed to install with the following error message in `/var/log/waagent.log`:

```
No Python interpreter found on the box
```

waagent's extension `Microsoft.CPlat.Core.RunCommandLinux` needs lsof, otherwise it would produce the following error message in `/var/log/waagent.log`:

```
/var/lib/waagent/Microsoft.Azure.Extensions.CustomScript-2.1.10/bin/custom-script-shim: line 60: lsof: command not found
```
 2023-11-08 17:54:08 +00:00
Florian Brandes
2ed7a5ab59 nixos/virtualization: fix shellcheck login 
fixes https://www.shellcheck.net/wiki/SC2002

Signed-off-by: Florian Brandes <florian.brandes@posteo.de>
 2023-11-07 13:40:42 +01:00
Alyssa Ross
8ab2f09522 nixos/qemu-vm: fix infinite recursion 
The virtualisation.directBoot.initrd option was added for netboot
images, but the assertion to check directBoot enabled if it was used
caused an infinite recursion if it was.  Minimal reproduction:

	import nixos/tests/make-test-python.nix ({ pkgs, ... }: {
	  name = "";

	  nodes = {
	    machine = { config, ...}: {
	      imports = [ nixos/modules/installer/netboot/netboot-minimal.nix ];

	      virtualisation.directBoot = {
	        enable = true;
	        initrd = "${config.system.build.netbootRamdisk}/${config.system.boot.loader.initrdFile}";
	      };
	    };
	  };
	  testScript = "";
	}) {}

The fix is to swap the two conditions, so that cfg.directBoot.enable
is checked first, and the initrd comparision will be short circuited.

This wasn't noticed during review because in earlier versions of the
virtualisation.directBoot patch, the assertion was accidentally in the
conditional above, so wasn't evaluated unless port forwarding was in
use.
 2023-11-06 13:49:31 +01:00
nicoo
89fd59c12a nixos/vagrant-guest: Set security.sudo-rs.wheelNeedsPassword too 2023-11-06 12:39:04 +01:00
adisbladis
a1592fb410
Merge pull request #258299 from Arcayr/virtualisation-hostname 
nixos/virtualisation: add hostname option to oci-containers.
 2023-11-06 10:44:26 +13:00
nicoo
326904b128 nixos/google-compute-config: Add sudo-rs rules 2023-11-05 20:33:19 +00:00
Lily Foster
5c5d730067
Merge pull request #262347 from adamcstephens/incus/module 
nixos/incus: init module and tests
 2023-11-03 09:42:24 -04:00
Adam Stephens
3132ba6cda
nixos/incus: shutdown instances on service stop 2023-11-02 19:54:11 -04:00
Adam Stephens
3087595a6b
nixos/incus: preseed should not trigger socket-activation 2023-11-02 19:54:04 -04:00
Adam Stephens
1fff6a9031
nixos/incus: init module and tests 2023-11-02 19:54:02 -04:00
Franz Pletz
265ca81834
Merge pull request #241908 from picnoir/nin/oci-container-pre-start-list 2023-10-31 15:53:35 +01:00
K900
6f06066e94 nixos/containers: use latest stateVersion as example 
Hopefully this way we don't confuse people into thinking you have to set it to 21.05.
 2023-10-27 12:56:12 +03:00
Albert Peschar
6ed6953e22 nixos/oci-containers: stop container using backend 
Make systemd actually call `podman stop` when stopping a container unit.

Fixes #249332
 2023-10-26 12:52:59 +00:00
Robert Hensing
5dfc78a8ad
Merge pull request #262021 from Enzime/linux-builder-cross 
linux-builder: support `x86_64-linux` on `aarch64`
 2023-10-24 14:34:29 +02:00
Michael Hoang
ab1f45f3d3 linux-builder: support x86_64-linux on aarch64 2023-10-24 13:35:37 +02:00
Maciej Krüger
1ecbbb6e3f
Merge pull request #260595 from adamcstephens/lxc/squashfs 
lxc-container: add squashfs image support and release output
 2023-10-24 02:06:36 +02:00
Ryan Lahfa
b9337215cd
Merge pull request #229035 from NixOS/qemu-vm/tpm 
qemu-vm: support TPM usecases
 2023-10-23 10:10:27 +01:00
Arthur Gautier
08f4fe2087 qemu-vm: stop the swtpm once qemu stops 
The idea is to run an async process waiting for swtpm
and we have to ensure that `FD_CLOEXEC` is cleared on this process'
stdin file descriptor, we use `fdflags` for this, a loadable builtin in
Bash ≥ 5.

The async process when exited will terminate `swtpm`, we bind the
termination of the async process to the termination of QEMU by virtue of
having `qemu` exec in that Bash script.

Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
Co-authored-by: Raito Bezarius <masterancpp@gmail.com>
 2023-10-23 01:02:24 +02:00
Raito Bezarius
25872524f0 nixos/qemu-vm: add virtualisation.tpm for running TPM in QEMU infrastructure 2023-10-22 16:01:37 +02:00
Maciej Krüger
49bc1a76e0
Merge pull request #261692 from josephst/fix-lxc-container-bootloader 
nixos/lxc-container: use absolute path for ln in install-lxc-sbin-init.sh
 2023-10-22 13:47:14 +02:00
grindhold
108a6f181a nixos/containers: check nixos-container names for underscores 2023-10-22 09:45:41 +02:00
Joseph Stahl
d156ab6c9c nixos/lxc-container: use absolute path for ln in install-lxc-sbin-init.sh 
Recent change to nixos-rebuild (https://github.com/NixOS/nixpkgs/pull/258571)
adds systemd-run, which brings with it a cleaner environment
(ie $PATH not available).
Workaround: use absolute path for ln to avoid command-not-found error
 2023-10-22 03:18:15 +03:00
Robert Hensing
7096340f9e nixos/qemu-vm: Rename nixos-disk-image -> nix-store-image 
For the image that's actually a store image only.
Helps with visibility. The name "nixos-disk-image" has no special
significance, by grepping nixpkgs.
 2023-10-21 19:13:58 +02:00
Lin Jian
fbc62319f1
Merge pull request #260291 from donovanglover/nixos-containers/optional-restart 
nixos/nixos-containers: add restartIfChanged option
 2023-10-16 20:41:32 +08:00
Maciej Krüger
afc33ef9d2
Merge pull request #260687 from mkg20001/lxd-ui 
nixos/lxd: fix ui.enable desc
 2023-10-16 01:30:58 +02:00
Adam Stephens
dbeeeb8e06
nixos/lxc-container: enable udev-trigger for nested containers 2023-10-12 15:11:09 -04:00
Adam Stephens
c2ff509e66
lxc-container: add squashfs image support and release output 2023-10-12 10:52:05 -04:00
Maciej Krüger
d934d20cd3
nixos/lxd: fix ui.enable desc 
Otherwise it would show up as "Whether to enable Enables the (experimental) LXD UI. ."

Now is just "Whether to enable (experimental) LXD UI."
 2023-10-12 15:24:01 +02:00
Donovan Glover
fd7daf9fc4
nixos/nixos-containers: add restartIfChanged option 
This commit makes auto-restarting declarative containers optional.

This is useful when you don't want changes to your config to automatically
restart the container and thus stop any applications running inside it.
 2023-10-11 21:53:42 -04:00
Adam Stephens
eb221a898f
nixos/lxd-agent: prevent restarting on change 2023-10-09 23:54:53 -04:00
Sarah Brofeldt
a655e7a1aa
Merge pull request #259240 from haenoe/oci-containers-labels-option 
nixos/oci-containers: add labels option
 2023-10-09 18:52:20 +02:00
HaeNoe
2f021def6e nixos/oci-containers: add labels option 2023-10-09 10:43:29 +02:00
ners
dccd00027e
nixos/azure: add contents module option (#244364) 2023-10-08 19:35:14 +02:00
nikstur
62e95d095d nixos/qemu-vm: optionally disable overriding fileSystems 
Allow the user to disable overriding the fileSystems option with
virtualisation.fileSystems by setting
`virtualisation.fileSystems = lib.mkForce { };`.

With this change you can use the qemu-vm module to boot from an external
image that was not produced by the qemu-vm module itself. The user can
now re-use the modularly set fileSystems option instead of having to
reproduce it in virtualisation.fileSystems.
 2023-10-02 11:13:26 +02:00
K900
e53c99eb17 treewide: use pkgs.config instead of config.nixpkgs.config 
`pkgs` may be passed in externally, in which case `config.nixpkgs.config` will not be set.

Follow-up to #257458.
 2023-10-01 20:48:40 +03:00
Elliot Speck (Arcayr)
3782b3b5d9 nixos/virtualisation: add hostname option to oci-containers. 2023-10-01 05:17:44 +11:00
Thiago Kenji Okada
e514178339 nixos/virtualisation: use mkDefault in networking.useNetworkd in oci-common 
To make it easier to disable for those folks who don't want to use
systemd-networkd.
 2023-09-28 22:05:34 +01:00
Adam Stephens
b1237da5b2
systemd: revert allow udev-trigger for lxd nested containers 2023-09-28 13:58:11 -04:00
Mario Rodas
25b9f4d2b6
Merge pull request #255116 from adamcstephens/lxd/udev-container 
systemd: allow udev-trigger to run on lxd containers with nesting
 2023-09-28 02:17:27 -05:00
Thiago Kenji Okada
d5d4b08488 nixos/virtualisation: always use EFI for OCI 2023-09-21 22:57:39 +01:00