nixos/filesystems: make supportedFilesystems an attrset
this lets us *dis*able filesystem explicitly, as is required by e.g. the zfs-less installer images. currently that specifically is only easily possible by adding an overlay that stubs out `zfs`, with the obvious side-effect of also removing tooling that could run without the kernel module loaded.
This commit is contained in:
pennae
parent
13e47eaa46
commit
258b935d70
29 changed files with 73 additions and 72 deletions
|
|
@ -105,6 +105,8 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
|
|||
|
||||
- `nitter` requires a `guest_accounts.jsonl` to be provided as a path or loaded into the default location at `/var/lib/nitter/guest_accounts.jsonl`. See [Guest Account Branch Deployment](https://github.com/zedeus/nitter/wiki/Guest-Account-Branch-Deployment) for details.
|
||||
|
||||
- `boot.supportedFilesystems` and `boot.initrd.supportedFilesystems` are now attribute sets instead of lists. Assignment from lists as done previously is still supported, but checking whether a filesystem is enabled must now by done using `supportedFilesystems.fs or false` instead of using `lib.elem "fs" supportedFilesystems` as was done previously.
|
||||
|
||||
- `services.aria2.rpcSecret` has been replaced with `services.aria2.rpcSecretFile`.
|
||||
This was done so that secrets aren't stored in the world-readable nix store.
|
||||
To migrate, you will have create a file with the same exact string, and change
|
||||
|
|
|
|||
|
|
@ -1,15 +1,7 @@
|
|||
{ pkgs, ... }:
|
||||
{ lib, ... }:
|
||||
|
||||
{
|
||||
imports = [ ./installation-cd-minimal-new-kernel.nix ];
|
||||
|
||||
# Makes `availableOn` fail for zfs, see <nixos/modules/profiles/base.nix>.
|
||||
# This is a workaround since we cannot remove the `"zfs"` string from `supportedFilesystems`.
|
||||
# The proper fix would be to make `supportedFilesystems` an attrset with true/false which we
|
||||
# could then `lib.mkForce false`
|
||||
nixpkgs.overlays = [(final: super: {
|
||||
zfs = super.zfs.overrideAttrs(_: {
|
||||
meta.platforms = [];
|
||||
});
|
||||
})];
|
||||
boot.supportedFilesystems.zfs = lib.mkForce false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,15 +1,7 @@
|
|||
{ pkgs, ... }:
|
||||
{ lib, ... }:
|
||||
|
||||
{
|
||||
imports = [ ./sd-image-aarch64-new-kernel-installer.nix ];
|
||||
|
||||
# Makes `availableOn` fail for zfs, see <nixos/modules/profiles/base.nix>.
|
||||
# This is a workaround since we cannot remove the `"zfs"` string from `supportedFilesystems`.
|
||||
# The proper fix would be to make `supportedFilesystems` an attrset with true/false which we
|
||||
# could then `lib.mkForce false`
|
||||
nixpkgs.overlays = [(final: super: {
|
||||
zfs = super.zfs.overrideAttrs(_: {
|
||||
meta.platforms = [];
|
||||
});
|
||||
})];
|
||||
boot.supportedFilesystems.zfs = lib.mkForce false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
# the modules necessary to mount the root file system, then calls the
|
||||
# init in the root file system to start the second boot stage.
|
||||
|
||||
{ config, lib, utils, pkgs, ... }:
|
||||
{ config, options, lib, utils, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
|
|
@ -636,10 +636,8 @@ in
|
|||
};
|
||||
|
||||
boot.initrd.supportedFilesystems = mkOption {
|
||||
default = [ ];
|
||||
example = [ "btrfs" ];
|
||||
type = types.listOf types.str;
|
||||
description = lib.mdDoc "Names of supported filesystem types in the initial ramdisk.";
|
||||
default = { };
|
||||
inherit (options.boot.supportedFilesystems) example type description;
|
||||
};
|
||||
|
||||
boot.initrd.verbose = mkOption {
|
||||
|
|
|
|||
|
|
@ -246,10 +246,23 @@ in
|
|||
};
|
||||
|
||||
boot.supportedFilesystems = mkOption {
|
||||
default = [ ];
|
||||
example = [ "btrfs" ];
|
||||
type = types.listOf types.str;
|
||||
description = lib.mdDoc "Names of supported filesystem types.";
|
||||
default = { };
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
btrfs = true;
|
||||
zfs = lib.mkForce false;
|
||||
}
|
||||
'';
|
||||
type = types.coercedTo
|
||||
(types.listOf types.str)
|
||||
(enabled: lib.listToAttrs (map (fs: lib.nameValuePair fs true) enabled))
|
||||
(types.attrsOf types.bool);
|
||||
description = lib.mdDoc ''
|
||||
Names of supported filesystem types, or an attribute set of file system types
|
||||
and their state. The set form may be used together with `lib.mkForce` to
|
||||
explicitly disable support for specific filesystems, e.g. to disable ZFS
|
||||
with an unsupported kernel.
|
||||
'';
|
||||
};
|
||||
|
||||
boot.specialFileSystems = mkOption {
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "apfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.apfs or false;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "apfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.apfs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.apfsprogs ];
|
||||
|
||||
|
|
|
|||
|
|
@ -118,7 +118,7 @@ let
|
|||
in
|
||||
|
||||
{
|
||||
config = lib.mkIf (lib.elem "bcachefs" config.boot.supportedFilesystems) (lib.mkMerge [
|
||||
config = lib.mkIf (config.boot.supportedFilesystems.bcachefs or false) (lib.mkMerge [
|
||||
{
|
||||
inherit assertions;
|
||||
# needed for systemd-remount-fs
|
||||
|
|
@ -133,7 +133,7 @@ in
|
|||
};
|
||||
}
|
||||
|
||||
(lib.mkIf ((lib.elem "bcachefs" config.boot.initrd.supportedFilesystems) || (bootFs != {})) {
|
||||
(lib.mkIf ((config.boot.initrd.supportedFilesystems.bcachefs or false) || (bootFs != {})) {
|
||||
inherit assertions;
|
||||
# chacha20 and poly1305 are required only for decryption attempts
|
||||
boot.initrd.availableKernelModules = [ "bcachefs" "sha256" "chacha20" "poly1305" ];
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "btrfs") config.boot.initrd.supportedFilesystems;
|
||||
inSystem = any (fs: fs == "btrfs") config.boot.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.btrfs or false;
|
||||
inSystem = config.boot.supportedFilesystems.btrfs or false;
|
||||
|
||||
cfgScrub = config.services.btrfs.autoScrub;
|
||||
|
||||
|
|
|
|||
|
|
@ -4,14 +4,14 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "cifs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.cifs or false;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
config = {
|
||||
|
||||
system.fsPackages = mkIf (any (fs: fs == "cifs") config.boot.supportedFilesystems) [ pkgs.cifs-utils ];
|
||||
system.fsPackages = mkIf (config.boot.supportedFilesystems.cifs or false) [ pkgs.cifs-utils ];
|
||||
|
||||
boot.initrd.availableKernelModules = mkIf inInitrd
|
||||
[ "cifs" "nls_utf8" "hmac" "md4" "ecb" "des_generic" "sha256" ];
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
with lib;
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "ecryptfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.ecryptfs or false) {
|
||||
system.fsPackages = [ pkgs.ecryptfs ];
|
||||
security.wrappers = {
|
||||
"mount.ecryptfs_private" =
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@
|
|||
|
||||
let
|
||||
|
||||
inInitrd = lib.any (fs: fs == "erofs") config.boot.initrd.supportedFilesystems;
|
||||
inSystem = lib.any (fs: fs == "erofs") config.boot.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.erofs or false;
|
||||
inSystem = config.boot.supportedFilesystems.erofs or false;
|
||||
|
||||
in
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
with lib;
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "exfat") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.exfat or false) {
|
||||
system.fsPackages = if config.boot.kernelPackages.kernelOlder "5.7" then [
|
||||
pkgs.exfat # FUSE
|
||||
] else [
|
||||
|
|
|
|||
|
|
@ -2,8 +2,10 @@
|
|||
|
||||
let
|
||||
|
||||
inInitrd = lib.any (fs: fs == "ext2" || fs == "ext3" || fs == "ext4") config.boot.initrd.supportedFilesystems;
|
||||
inSystem = lib.any (fs: fs == "ext2" || fs == "ext3" || fs == "ext4") config.boot.supportedFilesystems;
|
||||
hasExtX = s: s.ext2 or s.ext3 or s.ext4 or false;
|
||||
|
||||
inInitrd = hasExtX config.boot.initrd.supportedFilesystems;
|
||||
inSystem = hasExtX config.boot.supportedFilesystems;
|
||||
|
||||
in
|
||||
|
||||
|
|
|
|||
|
|
@ -3,11 +3,10 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
inInitrd = any (fs: fs == "f2fs") config.boot.initrd.supportedFilesystems;
|
||||
fileSystems = filter (x: x.fsType == "f2fs") config.system.build.fileSystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.f2fs or false;
|
||||
in
|
||||
{
|
||||
config = mkIf (any (fs: fs == "f2fs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.f2fs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.f2fs-tools ];
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
with lib;
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "glusterfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.glusterfs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.glusterfs ];
|
||||
|
||||
|
|
|
|||
|
|
@ -3,10 +3,10 @@
|
|||
with lib;
|
||||
|
||||
let
|
||||
inInitrd = any (fs: fs == "jfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.jfs or false;
|
||||
in
|
||||
{
|
||||
config = mkIf (any (fs: fs == "jfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.jfs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.jfsutils ];
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "nfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.nfs or false;
|
||||
|
||||
nfsStateDir = "/var/lib/nfs";
|
||||
|
||||
|
|
@ -58,7 +58,7 @@ in
|
|||
|
||||
###### implementation
|
||||
|
||||
config = mkIf (any (fs: fs == "nfs" || fs == "nfs4") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.nfs or config.boot.supportedFilesystems.nfs4 or false) {
|
||||
|
||||
services.rpcbind.enable = true;
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
with lib;
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "ntfs" || fs == "ntfs-3g") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.ntfs or config.boot.supportedFilesystems.ntfs-3g or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.ntfs3g ];
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "reiserfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.reiserfs or false;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "reiserfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.reiserfs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.reiserfsprogs ];
|
||||
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
let
|
||||
|
||||
inInitrd = lib.any (fs: fs == "squashfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.squashfs or false;
|
||||
|
||||
in
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,11 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
config = lib.mkIf (lib.any (fs: fs == "sshfs" || fs == "fuse.sshfs") config.boot.supportedFilesystems) {
|
||||
config = lib.mkIf
|
||||
(config.boot.supportedFilesystems.sshfs
|
||||
or config.boot.supportedFilesystems."fuse.sshfs"
|
||||
or false)
|
||||
{
|
||||
system.fsPackages = [ pkgs.sshfs ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
{
|
||||
config = lib.mkMerge [
|
||||
|
||||
(lib.mkIf (lib.any (fs: fs == "unionfs-fuse") config.boot.initrd.supportedFilesystems) {
|
||||
(lib.mkIf (config.boot.initrd.supportedFilesystems.unionfs-fuse or false) {
|
||||
boot.initrd.kernelModules = [ "fuse" ];
|
||||
|
||||
boot.initrd.extraUtilsCommands = lib.mkIf (!config.boot.initrd.systemd.enable) ''
|
||||
|
|
@ -35,7 +35,7 @@
|
|||
};
|
||||
})
|
||||
|
||||
(lib.mkIf (lib.any (fs: fs == "unionfs-fuse") config.boot.supportedFilesystems) {
|
||||
(lib.mkIf (config.boot.supportedFilesystems.unionfs-fuse or false) {
|
||||
system.fsPackages = [ pkgs.unionfs-fuse ];
|
||||
})
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "vboxsf") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.vboxsf or false;
|
||||
|
||||
package = pkgs.runCommand "mount.vboxsf" { preferLocalBuild = true; } ''
|
||||
mkdir -p $out/bin
|
||||
|
|
@ -13,7 +13,7 @@ let
|
|||
in
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "vboxsf") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.vboxsf or false) {
|
||||
|
||||
system.fsPackages = [ package ];
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "vfat") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.vfat or false;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "vfat") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.vfat or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.dosfstools pkgs.mtools ];
|
||||
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@ with lib;
|
|||
|
||||
let
|
||||
|
||||
inInitrd = any (fs: fs == "xfs") config.boot.initrd.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.xfs or false;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
config = mkIf (any (fs: fs == "xfs") config.boot.supportedFilesystems) {
|
||||
config = mkIf (config.boot.supportedFilesystems.xfs or false) {
|
||||
|
||||
system.fsPackages = [ pkgs.xfsprogs.bin ];
|
||||
|
||||
|
|
|
|||
|
|
@ -20,8 +20,8 @@ let
|
|||
clevisDatasets = map (e: e.device) (filter (e: e.device != null && (hasAttr e.device config.boot.initrd.clevis.devices) && e.fsType == "zfs" && (fsNeededForBoot e)) config.system.build.fileSystems);
|
||||
|
||||
|
||||
inInitrd = any (fs: fs == "zfs") config.boot.initrd.supportedFilesystems;
|
||||
inSystem = any (fs: fs == "zfs") config.boot.supportedFilesystems;
|
||||
inInitrd = config.boot.initrd.supportedFilesystems.zfs or false;
|
||||
inSystem = config.boot.supportedFilesystems.zfs or false;
|
||||
|
||||
autosnapPkg = pkgs.zfstools.override {
|
||||
zfs = cfgZfs.package;
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ let
|
|||
|
||||
crioPackage = pkgs.cri-o.override {
|
||||
extraPackages = cfg.extraPackages
|
||||
++ lib.optional (builtins.elem "zfs" config.boot.supportedFilesystems) config.boot.zfs.package;
|
||||
++ lib.optional (config.boot.supportedFilesystems.zfs or false) config.boot.zfs.package;
|
||||
};
|
||||
|
||||
format = pkgs.formats.toml { };
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ let
|
|||
extraPackages = cfg.extraPackages
|
||||
# setuid shadow
|
||||
++ [ "/run/wrappers" ]
|
||||
++ lib.optional (builtins.elem "zfs" config.boot.supportedFilesystems) config.boot.zfs.package;
|
||||
++ lib.optional (config.boot.supportedFilesystems.zfs or false) config.boot.zfs.package;
|
||||
});
|
||||
|
||||
# Provides a fake "docker" binary mapping to podman
|
||||
|
|
|
|||
|
|
@ -526,8 +526,7 @@ let
|
|||
curl
|
||||
]
|
||||
++ optionals (bootLoader == "grub") (let
|
||||
zfsSupport = lib.any (x: x == "zfs")
|
||||
(extraInstallerConfig.boot.supportedFilesystems or []);
|
||||
zfsSupport = extraInstallerConfig.boot.supportedFilesystems.zfs or false;
|
||||
in [
|
||||
(pkgs.grub2.override { inherit zfsSupport; })
|
||||
(pkgs.grub2_efi.override { inherit zfsSupport; })
|
||||
|
|
|
|||
Loading…
Reference in a new issue