Previously we required network-online.target for multi-user.target. This
has made a lot of people very angry and has been widely regarded as a
bad move (or at least, very nonstandard):
15d761a525 (commitcomment-128564097)
This was done because of fragile tests and services declaring
dependencies on multi-user.target when they meant network-online.target.
Let's rip off the bandaid and fix our tests.
This makes it easier to reason about what variables are inserted during packaging.
We also make sure that template file is also valid python syntax, which makes editor errors go away during development.
Removed patches:
- 0007-Fix-hwdb-paths.patch
The directory we want seems to already be included in the list. Is there
a reason why we want to restrict it further?
- 0010-build-don-t-create-statedir-and-don-t-touch-prefixdi.patch
This patch has little to do with how the meson.build file looks now. The
new patch 0017 is the successor to this one.
- 0015-pkg-config-derive-prefix-from-prefix.patch
This is fixed upstream. We don't need this anymore.
The example systemd-sysupdate transfer name has a ".conf" suffix,
although the files on the final system are already appended with this
suffix, so the file ends up being "transfer-name.conf.conf". Remove the
suffix in the example so that users will get a transfer filename they
expect.
Systemd-repart will use loopback devices for partition creation if it is
able to, and will fallback to doing "offline" partition creation writing
data directly to files. From what I see looking at the repart code,
there are specific features that cannot be taken advantage of when not
using loopback devices (e.g. no BTRFS subvolumes in systemd v255) and in
certain places they have to perform some manual re-sizing work that can
otherwise be avoided.
A bootspec could remove the `initrdSecrets` attribute and is a perfectly valid bootspec, as can be seen
in the bootspec.cue.
This makes the builder not fail upon missing `initrdSecrets`.
When `config.boot.zfs.enableUnstable` is set to true, grub was built with the `zfs` package even though the rest of the system uses the `zfsUnstable` package.
The effect of this can only be seen when `zfs` and `zfsUnstable` actually differ (which is not currently the case), for example when overriding one of them locally.
When a system has a wrong date and time timesyncd is unable to synchronize it
because DNSSEC doesn't work. In order to break this chicken and egg problem
systemd-timesync disables DNSSEC validation by setting
SYSTEMD_NSS_RESOLVE_VALIDATE=0 in the unit file. However, it doesn't work in
NixOS because it uses NSCD. This patch disables NSCD in systemd-timesyncd when
SYSTEMD_NSS_RESOLVE_VALIDATE is set to 0 so that it uses NSS libraries
directly. In order for it to be able to find the libnss_resolve.so.2 library
this patch adds the systemd directory in the nix store to the LD_LIBRARY_PATH.
The previous code did not apply any changes to the upstream defaults on being presented with an empty list.
This changes the code to use the above behaviour on a `null` value while an empty list is passed through as normal which yields a systemd configuration line with empty value which resets it to an empty value.
Signed-off-by: benaryorg <binary@benary.org>
Since 1557027, makeModulesClosure doesn't create a lib/firmware
directory if there is no firmware in the initramfs. If this happens,
systemd-stage-1 fails to build.
/lib only contains /lib/modules and /lib/firmware, both of while are
from modulesClosure. Therefore, we can just add the entirety of
${modulesClosure}/lib to the initramfs to allow for the possibility that
lib/firmware doesn't exist. This also brings systemd-stage-1 in line
with the traditional stage-1.
The CAKE section for systemd.network units allows configuring whether or
not redundant ACKs should be dropped. This option corresponds to the
respective tc-cake(8) params "ack-filter", "ack-filter-aggressive" or
"no-ack-filter".
Add support for these values in the `cakeConfig` module so that users
can configure it.
8f2babd032 was partially reverted by mistake. Original message below
---
On some systems, EFI variables are not supported or otherwise wonky.
bootctl attempting to access them causes failures during bootloader
installations and updates. For such systems, NixOS provides the options
`boot.loader.efi.canTouchEfiVariables` and
`boot.loader.systemd-boot.graceful` which pass flags to bootctl that
change whether and how EFI variables are accessed.
Previously, these flags were only passed to bootctl during an install
operation. However, they also apply during an update operation, which
can cause the same sorts of errors. This change passes the flags during
update operations as well to prevent those errors.
Fixes https://github.com/NixOS/nixpkgs/issues/151336
Previously, all available plymouth renderers were copied to the initrd,
including the X11 one. It is pretty much useless since the initrd is
exceedingly unlikely to run an X server, and causes the initrd closure to grow
by several large libraries (mostly Gtk and dependencies) and thus by a couple
of megabytes (over 5 MiB on my system). Remove it.
