diff --git a/modules/services/networking/ssh/sshd.nix b/modules/services/networking/ssh/sshd.nix index 9710082f4207..5a924361761c 100644 --- a/modules/services/networking/ssh/sshd.nix +++ b/modules/services/networking/ssh/sshd.nix @@ -317,13 +317,15 @@ in } ]; - boot.systemd.units."sshd.service" = + boot.systemd.units."sshd.service".text = '' [Unit] Description=SSH daemon [Service] Environment=PATH=${pkgs.coreutils}/bin:${pkgs.openssh}/bin + Environment=LD_LIBRARY_PATH=${nssModulesPath} + Environment=LOCALE_ARCHIVE=/var/run/current-system/sw/lib/locale/locale-archive ExecStartPre=${preStart} ExecStart=\ ${pkgs.openssh}/sbin/sshd -h ${cfg.hostKeyPath} \ @@ -334,39 +336,8 @@ in PIDFile=/run/sshd.pid ''; - jobs.sshd = - { description = "OpenSSH server"; - - startOn = "started network-interfaces"; - - environment = { - LD_LIBRARY_PATH = nssModulesPath; - # Duplicated from bashrc. OpenSSH needs a patch for this. - LOCALE_ARCHIVE = "/var/run/current-system/sw/lib/locale/locale-archive"; - }; - - path = [ pkgs.openssh pkgs.gnused ]; - - preStart = - '' - ${mkAuthkeyScript} - - mkdir -m 0755 -p /etc/ssh - - if ! test -f ${cfg.hostKeyPath}; then - ssh-keygen -t ${hktn} -b ${toString hktb} -f ${cfg.hostKeyPath} -N "" - fi - ''; - - daemonType = "fork"; - - exec = - '' - ${pkgs.openssh}/sbin/sshd -h ${cfg.hostKeyPath} \ - -f ${pkgs.writeText "sshd_config" cfg.extraConfig} - ''; - }; - + boot.systemd.units."sshd.service".wantedBy = [ "multi-user.target" ]; + networking.firewall.allowedTCPPorts = cfg.ports; services.openssh.extraConfig = diff --git a/modules/services/system/dbus.nix b/modules/services/system/dbus.nix index 8659c784483f..bd5c290d5826 100644 --- a/modules/services/system/dbus.nix +++ b/modules/services/system/dbus.nix @@ -118,7 +118,7 @@ in # FIXME: these are copied verbatim from the dbus source tree. We # should install and use the originals. - boot.systemd.units."dbus.socket" = + boot.systemd.units."dbus.socket".text = '' [Unit] Description=D-Bus System Message Bus Socket @@ -127,7 +127,7 @@ in ListenStream=/var/run/dbus/system_bus_socket ''; - boot.systemd.units."dbus.service" = + boot.systemd.units."dbus.service".text = '' [Unit] Description=D-Bus System Message Bus @@ -142,6 +142,7 @@ in OOMScoreAdjust=-900 ''; + /* jobs.dbus = { startOn = "started udev and started syslogd"; @@ -164,15 +165,6 @@ in exec = "dbus-daemon --system"; - /* - postStart = - '' - # Signal Upstart to connect to the system bus. This - # allows ‘initctl’ to work for non-root users. - kill -USR1 1 - ''; - */ - postStop = '' # !!! Hack: doesn't belong here. @@ -183,6 +175,7 @@ in fi ''; }; + */ security.setuidOwners = singleton { program = "dbus-daemon-launch-helper"; diff --git a/modules/system/boot/systemd.nix b/modules/system/boot/systemd.nix index c5a646208cb0..d75572b2789d 100644 --- a/modules/system/boot/systemd.nix +++ b/modules/system/boot/systemd.nix @@ -4,10 +4,12 @@ with pkgs.lib; let + cfg = config.boot.systemd; + systemd = pkgs.systemd; - makeUnit = name: text: - pkgs.writeTextFile { name = "unit"; inherit text; destination = "/${name}"; }; + makeUnit = name: unit: + pkgs.writeTextFile { name = "unit"; inherit (unit) text; destination = "/${name}"; }; upstreamUnits = [ # Targets. @@ -109,7 +111,7 @@ let "shutdown.target.wants" ]; - nixosUnits = mapAttrsToList makeUnit config.boot.systemd.units; + nixosUnits = mapAttrsToList makeUnit cfg.units; units = pkgs.runCommand "units" { preferLocalBuild = true; } '' @@ -123,6 +125,7 @@ let ln -s $fn $out/system fi done + for i in ${toString upstreamWants}; do fn=${systemd}/example/systemd/system/$i [ -e $fn ] @@ -134,9 +137,18 @@ let if ! [ -e $y ]; then rm -v $y; fi done done + for i in ${toString nixosUnits}; do cp $i/* $out/system done + + ${concatStrings (mapAttrsToList (name: unit: + concatMapStrings (name2: '' + mkdir -p $out/system/${name2}.wants + ln -sfn ../${name} $out/system/${name2}.wants/ + '') unit.wantedBy) cfg.units)} + + ln -s ${cfg.defaultUnit} $out/system/default.target ''; # */ in @@ -148,10 +160,28 @@ in options = { boot.systemd.units = mkOption { - default = {} ; - description = "Systemd units."; + default = {}; + type = types.attrsOf types.optionSet; + options = { + text = mkOption { + types = types.uniq types.string; + description = "Text of this systemd unit."; + }; + wantedBy = mkOption { + default = []; + types = types.listOf types.string; + description = "Units that want (i.e. depend on) this unit."; + }; + }; + description = "Definition of systemd units."; }; + boot.systemd.defaultUnit = mkOption { + default = "multi-user.target"; + type = types.uniq types.string; + description = "Default unit started when the system boots."; + }; + }; @@ -171,18 +201,7 @@ in } ]; - boot.systemd.units."default.target" = - '' - [Unit] - Description=Default System - Requires=multi-user.target - After=multi-user.target - Conflicts=rescue.target - AllowIsolate=yes - Wants=sshd.service - ''; - - boot.systemd.units."getty@.service" = + boot.systemd.units."getty@.service".text = '' [Unit] Description=Getty on %I @@ -218,7 +237,7 @@ in KillSignal=SIGHUP ''; - boot.systemd.units."rescue.service" = + boot.systemd.units."rescue.service".text = '' [Unit] Description=Rescue Shell diff --git a/modules/system/upstart/upstart.nix b/modules/system/upstart/upstart.nix index b09fdc7d676f..2e57ac358da6 100644 --- a/modules/system/upstart/upstart.nix +++ b/modules/system/upstart/upstart.nix @@ -51,6 +51,7 @@ let #! ${pkgs.stdenv.shell} -e ${job.postStop} ''; + in { text = '' @@ -93,6 +94,13 @@ let ${optionalString (!job.task && job.respawn) "Restart=always"} ''; + wantedBy = + if job.startOn == "" then [ ] + else if job.startOn == "startup" then [ "basic.target" ] + else [ "multi-user.target" ]; + + }; + /* text = '' @@ -189,8 +197,6 @@ let ''; */ - in text; - # Shell functions for use in Upstart jobs. jobHelpers = pkgs.writeText "job-helpers.sh" @@ -440,10 +446,9 @@ let options = { - unitText = mkOption { + unit = mkOption { default = makeUnit config; - type = types.uniq types.string; - description = "Generated text of the systemd unit corresponding to this job."; + description = "Generated definition of the systemd unit corresponding to this job."; }; }; @@ -504,7 +509,7 @@ in boot.systemd.units = flip mapAttrs' config.jobs (name: job: - nameValuePair "${job.name}.service" job.unitText); + nameValuePair "${job.name}.service" job.unit); }; diff --git a/modules/tasks/lvm.nix b/modules/tasks/lvm.nix index 635146ac889b..7773a2c79e31 100644 --- a/modules/tasks/lvm.nix +++ b/modules/tasks/lvm.nix @@ -14,8 +14,6 @@ # Make all logical volumes on all volume groups available, i.e., # make them appear in /dev. ${pkgs.lvm2}/sbin/vgchange --available y - - initctl emit -n new-devices ''; task = true;