Build logs show:
> configure: WARNING: non-linux system; not building mount
> configure: WARNING: non-linux system; not building swapon
So skip these on non-Linux
Using getOutput prevents eval failures on other platforms.
Things should stay eval'able with NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=1
Co-authored-by: Artturin <Artturin@artturin.com>
got broken in 6ea1a2a1be which changed
runCommandCC to runCommand but was not
noticed because it was failing silently
runCommand doesn't include CC or bintools
Example 10. of man page of systemd.network(5) shows:
```
Example 10. MacVTap
This brings up a network interface "macvtap-test" and attaches it to "enp0s25".
# /usr/lib/systemd/network/25-macvtap.network
[Match]
Name=enp0s25
[Network]
MACVTAP=macvtap-test
```
Which is a MACVTAP example and is currently unsupported in NixOS.
This is useful for people using "modern" technologies with virtual machines.
The whole option set was recommended against since mid-2019, and never
worked with the Raspberry Pi 4 family of devices.
We should have deprecated it in early 2020 for removal by 2021. At the
time I did not feel confident in making such a decision, and never
ended-up getting around to it.
The ***only*** supported-by-NixOS boot methods for AArch64 are
standards-based boot methods, namely UEFI or the pragmatically
almost-standard extlinux-compatible for U-Boot.
You can quote me on that.
According to networkd netdev's manpage:
```
Independent=
Takes a boolean. When true, the vxlan interface is created without any underlying network interface. Defaults to false, which means that a .network
file that requests this VXLAN interface using VXLAN= is required for the VXLAN to be created.
```
is a valid option for [VXLAN] section.
According to systemd.netdev manpage:
```
MACAddress=
Specifies the MAC address to use for the device, or takes the special value "none". When "none", systemd-networkd does not request the MAC address for
the device, and the kernel will assign a random MAC address. For "tun", "tap", or "l2tp" devices, the MACAddress= setting in the [NetDev] section is
not supported and will be ignored. Please specify it in the [Link] section of the corresponding systemd.network(5) file. If this option is not set,
"vlan" device inherits the MAC address of the master interface. For other kind of netdevs, if this option is not set, then the MAC address is
generated based on the interface name and the machine-id(5).
Note, even if "none" is specified, systemd-udevd will assign the persistent MAC address for the device, as 99-default.link has
MACAddressPolicy=persistent. So, it is also necessary to create a custom .link file for the device, if the MAC address assignment is not desired.
```
Therefore, `none` is an acceptable value.
These variables were previously used by the activation script
build commands, but are now embedded into those commands for
to improve reusability for an upcoming addition.
Without this change, GRUB installation on non-PC systems (such as
aarch64-linux) only works if boot.loader.grub.devices is set to exactly
`["nodev"]`. If boot.loader.grub.devices was any other value (including
the default `[]`), users got the error:
Died at /nix/store/an9ngv2vg95bdcy0ifsxlbkasprm4dcw-install-grub.pl line 586.
install-grub.pl verifies that if both $grub and $grubEfi are set, then
$grubTarget (e.g. i386-pc) and $grubTargetEfi (e.g. x86_64-efi) must
both be set, or the script will `die`. On non-PC systems, $grubTarget
is "".
When boot.loader.grub.devices is ["nodev"], $grub is set to null,
disabling non-EFI installation. But if a user has devices set for an
x86_64 config, or is using only mirroredBoots without setting devices,
they will hit this `die`.
This change sets $grub to "" if $grubTarget is "".
This helps with understanding the code.
We might make this not depend on environment variables later.
systemBuilderArgs is a form of global state, which isn't helpful.
This essentially backports
https://github.com/systemd/systemd/pull/27791. `systemd-networkd.service`
is sent the `SIGTERM` signal, but it is not required to be stopped
before `initrd-switch-root.target` is reached, despite the use of
`systemctl isolate initrd-switch-root.target`. This is because when
there is no ordering at all between two units, and a transaction stops
one and starts the other, the two operations can happen
simultaneously. This means the service could still be running when
`switch-root` actually occurs. Then, stage 2 systemd will see the
service still running and decide it doesn't need to add a start
operation for it to its initial transaction. Finally, the service
exits, but only after it's already too late. If, however, there is any
ordering at all between a stopping unit and a starting unit, then the
stop operation will be done first. This way, we ensure that the
service is properly exited before doing `switch-root`.
This is something to keep in mind going forward. There may be other
services that need this treatment. These `before` and `conflicts`
definitions are the correct way to ensure a unit is actually stopped
before you reach initrd-switch-root
This patch fixes "Argument list too long" build failure when passing a
list of store paths to system.extraDependencies that exceeds Linux'
MAX_ARG_STRLEN limit of 128 KiB. With the shortest possible derivation
names (one byte), the 128 KiB limit is equivalent to about 2850
derivations. With longer derivations names, the limit is hit earlier.
Fix this restriction.
it is now possible to supply a stratis pool uuid
for every filesystem, and if that filesystem
is required for boot, the relevant pool will be
started in the initramfs.
Enable using an erofs filesystem as one of the filesystems needed to
boot the system. This is useful for example in image based deployments
where the Nix store is mounted read only.
[erofs](https://docs.kernel.org/filesystems/erofs.html) offers multiple
benefits over older filesystems like squashfs. Skip fsck.erofs because
it is still experimental.
Note that this does not add to the `forbiddenDependenciesRegex`
code because that code check should be unaffected as it only checks
output dependencies, not build dependencies.
Build deps are added after that check, if those are enabled in the
first place.
Store the definition files in the initrd instead of reading them from
the Nix store in /sysroot.
This way, the initrd has to be re-generated every time the definition
files change. When the path to the defintion files instead of the
definition files themselves are embedded in the initrd, however, the
initrd also has to be re-generated every time. In this regard, this
change does not improve the status quo.
However, now systemd-repart also works reliable when the Nix store is
mounted separately from the root partition.
This change also enables new use-cases like creating partitions
necessary to boot the system. However, by default, the root partition
cannot be created on first boot because the systemd-repart service
requires a /sysroot to be mounted. Otherwise, systemd-repart cannot
determine the device to operate on.
Since v253, systemd-repart tries to create temporary directories in
/var/tmp. However, this directory doesn't exist in the initrd. This
commit adds an enviroment variable to re-use the existing /tmp directory
instead of /var/tmp.
When `nixpkgs.hostPlatform` != `nixpkgs.buildPlatform`, building the
top-level attribute fails since the bootspec portion of the system
builder tries to reference the host platform's `jq`. Change this to
reference the build platform's `jq`.
The `B` in bridge should be capitalized.
It currently leads to an evuluation error:
```
error: attribute 'sectionbridgeVLAN' missing
at /nix/store/7wmrwj0sgwg1iivxk43lpkqjhji57mq7-source/nixos/modules/system/boot/networkd.nix:2386:56:
2385| example = { VLAN = "10-20"; };
2386| type = types.addCheck (types.attrsOf unitOption) check.network.sectionbridgeVLAN;
| ^
2387| description = lib.mdDoc ''
Did you mean sectionBridgeVLAN?
```
This removes the feature preview warning, enable by default bootspec,
adds a validation flag to prevent Go to go into build-time closure.
This will break all downstream users of bootspec as those changes are
not backward-compatible.
