Compare commits
No commits in common. "841e642e7f5f64de386a99bbf526425147ee5f5e" and "5f531791f770eac993eade181df809f6ceef2f5b" have entirely different histories.
841e642e7f
...
5f531791f7
12 changed files with 1843 additions and 31 deletions
8
lock.nix
8
lock.nix
|
@ -4,11 +4,11 @@
|
|||
sha256 = "1rq8mrlmbzpcbv9ys0x88alw30ks70jlmvnfr2j8v830yy5wvw7h";
|
||||
};
|
||||
nixpkgs = {
|
||||
revision = "62c435d93bf046a5396f3016472e8f7c8e2aed65";
|
||||
sha256 = "0zpvadqbs19jblnd0j2rfs9m7j0n5spx0vilq8907g2gqrx63fqp";
|
||||
revision = "e8c38b73aeb218e27163376a2d617e61a2ad9b59";
|
||||
sha256 = "1n6gdjny8k5rwkxh6sp1iwg1y3ni1pm7lvh9sisifgjb18jdvzbm";
|
||||
};
|
||||
cosmic-modules = {
|
||||
revision = "e468c8b79dd55f1ce8803887d3593fb0016f1f81";
|
||||
sha256 = "0dhna0amd9pddac6mbx9wziq5mnwsjanda0wsn55ffmiq6cs92n2";
|
||||
revision = "7dc8180bce46f1ed1446371369faf237e3a3eb15";
|
||||
sha256 = "13v4k0qx1c9j2fgz05prvq81s73v4gjk113dchl9pci0xcy3n698";
|
||||
};
|
||||
}
|
||||
|
|
|
@ -8,6 +8,7 @@
|
|||
config = {
|
||||
services.printing.enable = true;
|
||||
|
||||
sound.enable = false;
|
||||
hardware.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
|
|
|
@ -29,8 +29,7 @@ in
|
|||
];
|
||||
|
||||
# kernel
|
||||
# FIXME: current cosmic-greeter (2024-12-02) fails to start with kernel 6.12
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_11;
|
||||
boot.kernelPackages = pkgs.linuxPackages_latest;
|
||||
|
||||
# Enable networking
|
||||
networking.networkmanager.enable = true;
|
||||
|
|
|
@ -26,8 +26,7 @@ let
|
|||
}) cfg.settings.script-opts;
|
||||
};
|
||||
|
||||
wrappedMpv = cfg.package.wrapper {
|
||||
mpv = cfg.package;
|
||||
wrappedMpv = pkgs.wrapMpv cfg.package {
|
||||
youtubeSupport = cfg.youtubeSupport;
|
||||
scripts = cfg.scripts;
|
||||
extraMakeWrapperArgs = lib.optionals (lib.any (x: x) [
|
||||
|
|
|
@ -1,9 +1,10 @@
|
|||
{ config, lib, pkgs, ...}:
|
||||
|
||||
{
|
||||
hardware.graphics = {
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
enable32Bit = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
};
|
||||
|
||||
# Workaround for nvidia driver ghost display
|
||||
|
@ -15,21 +16,21 @@
|
|||
powerManagement.enable = true;
|
||||
open = false;
|
||||
nvidiaSettings = true;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
|
||||
version = "565.57.01";
|
||||
sha256_64bit = "sha256-buvpTlheOF6IBPWnQVLfQUiHv4GcwhvZW3Ks0PsYLHo=";
|
||||
sha256_aarch64 = "sha256-aDVc3sNTG4O3y+vKW87mw+i9AqXCY29GVqEIUlsvYfE=";
|
||||
openSha256 = "sha256-/tM3n9huz1MTE6KKtTCBglBMBGGL/GOHi5ZSUag4zXA=";
|
||||
settingsSha256 = "sha256-H7uEe34LdmUFcMcS6bz7sbpYhg9zPCb/5AmZZFTx1QA=";
|
||||
persistencedSha256 = "sha256-hdszsACWNqkCh8G4VBNitDT85gk9gJe1BlQ8LdrYIkg=";
|
||||
patches = [
|
||||
(pkgs.fetchpatch {
|
||||
# Kernel 6.12 compatibility
|
||||
# https://forums.developer.nvidia.com/t/patch-for-565-57-01-linux-kernel-6-12/313260
|
||||
url = "https://github.com/Binary-Eater/open-gpu-kernel-modules/commit/8ac26d3c66ea88b0f80504bdd1e907658b41609d.patch";
|
||||
hash = "sha256-+SfIu3uYNQCf/KXhv4PWvruTVKQSh4bgU1moePhe57U=";
|
||||
})
|
||||
];
|
||||
package = let
|
||||
nvidiaDrivers = config.boot.kernelPackages.nvidiaPackages.mkDriver {
|
||||
version = "565.57.01";
|
||||
sha256_64bit = "sha256-buvpTlheOF6IBPWnQVLfQUiHv4GcwhvZW3Ks0PsYLHo=";
|
||||
sha256_aarch64 = "sha256-aDVc3sNTG4O3y+vKW87mw+i9AqXCY29GVqEIUlsvYfE=";
|
||||
openSha256 = "sha256-/tM3n9huz1MTE6KKtTCBglBMBGGL/GOHi5ZSUag4zXA=";
|
||||
settingsSha256 = "sha256-H7uEe34LdmUFcMcS6bz7sbpYhg9zPCb/5AmZZFTx1QA=";
|
||||
persistencedSha256 = "sha256-hdszsACWNqkCh8G4VBNitDT85gk9gJe1BlQ8LdrYIkg=";
|
||||
};
|
||||
# TODO: Remove after updating nixpkgs to 24.11
|
||||
# https://github.com/NixOS/nixpkgs/commit/0384602eac8bc57add3227688ec242667df3ffe3
|
||||
in nvidiaDrivers // {
|
||||
settings = nvidiaDrivers.settings.overrideAttrs (oldAttrs: {
|
||||
buildInputs = oldAttrs.buildInputs ++ [ pkgs.vulkan-headers ];
|
||||
});
|
||||
};
|
||||
};
|
||||
nixpkgs.config.nvidia.acceptLicense = true;
|
||||
|
|
|
@ -18,7 +18,7 @@ let
|
|||
] ++ old.propagatedBuildInputs;
|
||||
});
|
||||
aliasDrag = pkgs.writeScriptBin "drag" ''
|
||||
${pkgs.ripdrag}/bin/ripdrag -Axd $@
|
||||
${unstablePkgs.ripdrag}/bin/ripdrag -Axd $@
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
@ -65,7 +65,7 @@ in
|
|||
set vcs_aware true
|
||||
set show_hidden true
|
||||
|
||||
alias drag shell ${pkgs.ripdrag}/bin/ripdrag -Axd %p &
|
||||
alias drag shell ${unstablePkgs.ripdrag}/bin/ripdrag -Axd %p &
|
||||
map <C-d> drag
|
||||
'';
|
||||
|
||||
|
|
165
pkgs/by-name/ni/nixos-rebuild/_nixos-rebuild
Normal file
165
pkgs/by-name/ni/nixos-rebuild/_nixos-rebuild
Normal file
|
@ -0,0 +1,165 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# We're faking a `nix build` command-line to re-use Nix's own completion
|
||||
# for the few options passed through to Nix.
|
||||
_nixos-rebuild_pretend-nix() {
|
||||
COMP_LINE="nix build ${COMP_LINE}"
|
||||
# number of prepended chars
|
||||
(( COMP_POINT = COMP_POINT + 10))
|
||||
|
||||
COMP_WORDS=(
|
||||
nix build
|
||||
"${COMP_WORDS[@]}"
|
||||
)
|
||||
# Add the amount of prepended words
|
||||
(( COMP_CWORD = COMP_CWORD + 2))
|
||||
_complete_nix "nix"
|
||||
}
|
||||
|
||||
_nixos-rebuild() {
|
||||
local curr="$2"
|
||||
local prev="$3"
|
||||
local subcommandGiven=0
|
||||
local word
|
||||
local subcommand
|
||||
|
||||
__load_completion nix
|
||||
|
||||
# Arrays are re-ordered by the completion, so it's fine to sort them in logical chunks
|
||||
local all_args=(
|
||||
--verbose -v
|
||||
|
||||
# nixos-rebuild options
|
||||
--fast
|
||||
--no-build-nix
|
||||
--profile-name -p # name
|
||||
--rollback
|
||||
--specialisation -c # name
|
||||
--use-remote-sudo
|
||||
--build-host # host
|
||||
--target-host # host
|
||||
# Used with list-generations
|
||||
--json
|
||||
|
||||
# generation switching options
|
||||
--install-bootloader
|
||||
|
||||
# nix-channel options
|
||||
--upgrade
|
||||
--upgrade-all
|
||||
|
||||
# flakes options
|
||||
--commit-lock-file
|
||||
--flake # flake-uri
|
||||
--override-input # input-name flake-uri
|
||||
--recreate-lock-file
|
||||
--update-input
|
||||
--no-flake
|
||||
--no-registries
|
||||
--no-update-lock-file
|
||||
--no-write-lock-file
|
||||
|
||||
# Nix-copy options
|
||||
--use-substitutes --substitute-on-destination -s
|
||||
|
||||
# Nix options
|
||||
--option
|
||||
--impure
|
||||
--builders # builder-spec
|
||||
--show-trace
|
||||
--keep-failed -K
|
||||
--keep-going -k
|
||||
--max-jobs -j # number
|
||||
--log-format # format
|
||||
-I # NIX_PATH
|
||||
)
|
||||
|
||||
local all_subcommands=(
|
||||
boot
|
||||
build
|
||||
build-vm
|
||||
build-vm-with-bootloader
|
||||
dry-activate
|
||||
dry-build
|
||||
edit
|
||||
list-generations
|
||||
switch
|
||||
test
|
||||
)
|
||||
|
||||
# Suggest arguments that can be consumed under some conditions only
|
||||
for word in "${COMP_WORDS[@]}"; do
|
||||
for subcommand in "${all_subcommands[@]}"; do
|
||||
if [[ "$word" == "$subcommand" ]]; then
|
||||
subcommandGiven=1
|
||||
fi
|
||||
done
|
||||
done
|
||||
|
||||
# Fake out a way to complete the second arg to some options
|
||||
case "${COMP_WORDS[COMP_CWORD-2]}" in
|
||||
"--override-input")
|
||||
prev="--override-input_2"
|
||||
;;
|
||||
"--option")
|
||||
prev="--option_2"
|
||||
;;
|
||||
esac
|
||||
|
||||
case "$prev" in
|
||||
--max-jobs|-j)
|
||||
COMPREPLY=( )
|
||||
;;
|
||||
|
||||
--profile-name|-p)
|
||||
if [[ "$curr" == "" ]]; then
|
||||
COMPREPLY=( /nix/var/nix/profiles/* )
|
||||
else
|
||||
COMPREPLY=( "$curr"* )
|
||||
fi
|
||||
;;
|
||||
|
||||
--build-host|--target-host|-t|-h)
|
||||
_known_hosts_real "$curr"
|
||||
;;
|
||||
|
||||
--specialisation|-c)
|
||||
COMPREPLY=()
|
||||
;;
|
||||
|
||||
-I)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--builders)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--flake)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--override-input)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--override-input_2)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--log-format)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--option)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
--option_2)
|
||||
_nixos-rebuild_pretend-nix
|
||||
;;
|
||||
|
||||
*)
|
||||
if [[ "$curr" == -* ]] || (( subcommandGiven )); then
|
||||
COMPREPLY=( $(compgen -W "${all_args[*]}" -- "$2") )
|
||||
else
|
||||
COMPREPLY=( $(compgen -W "${all_subcommands[*]}" -- "$2") )
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
complete -F _nixos-rebuild nixos-rebuild
|
558
pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.8
Normal file
558
pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.8
Normal file
|
@ -0,0 +1,558 @@
|
|||
.Dd January 1, 1980
|
||||
.Dt nixos-rebuild 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm nixos-rebuild
|
||||
.Nd reconfigure a NixOS machine
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Bro
|
||||
.Cm switch | boot | test | build | dry-build | dry-activate | edit | repl | build-vm | build-vm-with-bootloader | list-generations Op Fl -json
|
||||
.Brc
|
||||
.br
|
||||
.Op Fl -upgrade | -upgrade-all
|
||||
.Op Fl -install-bootloader
|
||||
.Op Fl -no-build-nix
|
||||
.Op Fl -fast
|
||||
.Op Fl -rollback
|
||||
.br
|
||||
.Op Fl -file | F Ar path
|
||||
.Op Fl -attr | A Ar attrPath
|
||||
.Op Fl -flake Ar flake-uri
|
||||
.Op Fl -no-flake
|
||||
.Op Fl -recreate-lock-file
|
||||
.Op Fl -no-update-lock-file
|
||||
.Op Fl -no-write-lock-file
|
||||
.Op Fl -no-registries
|
||||
.Op Fl -commit-lock-file
|
||||
.Op Fl -update-input Ar input-path
|
||||
.Op Fl -override-input Ar input-path flake-url
|
||||
.br
|
||||
.Op Fl -profile-name | p Ar name
|
||||
.Op Fl -specialisation | c Ar name
|
||||
.br
|
||||
.Op Fl -build-host Va host
|
||||
.Op Fl -target-host Va host
|
||||
.Op Fl -use-remote-sudo
|
||||
.br
|
||||
.Op Fl -verbose | v
|
||||
.Op Fl -quiet
|
||||
.Op Fl -log-format Ar format
|
||||
.Op Fl -no-build-output | Q
|
||||
.Op Fl -max-jobs | j Va number
|
||||
.Op Fl -cores Va number
|
||||
.Op Fl -keep-going | k
|
||||
.Op Fl -keep-failed | K
|
||||
.Op Fl -fallback
|
||||
.Op Fl I Va NIX_PATH
|
||||
.Op Fl -option Ar name value
|
||||
.Op Fl -repair
|
||||
.Op Fl -builders Va builder-spec
|
||||
.Op Fl -accept-flake-config
|
||||
.Op Fl -print-build-logs | L
|
||||
.Op Fl -show-trace
|
||||
.Op Fl -refresh
|
||||
.Op Fl -impure
|
||||
.Op Fl -offline
|
||||
.Op Fl -no-net
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh DESCRIPTION
|
||||
This command updates the system so that it corresponds to the
|
||||
configuration specified in
|
||||
.Pa /etc/nixos/configuration.nix Ns
|
||||
,
|
||||
.Pa /etc/nixos/flake.nix
|
||||
or the file and attribute specified by the
|
||||
.Fl -file
|
||||
and/or
|
||||
.Fl -attr
|
||||
options. Thus, every time you modify the configuration or any other NixOS
|
||||
module, you must run
|
||||
.Nm
|
||||
to make the changes take effect. It builds the new system in
|
||||
.Pa /nix/store Ns
|
||||
, runs its activation script, and stop and (re)starts any system services if
|
||||
needed. Please note that user services need to be started manually as they
|
||||
aren't detected by the activation script at the moment.
|
||||
.
|
||||
.Pp
|
||||
This command has one required argument, which specifies the desired
|
||||
operation. It must be one of the following:
|
||||
.Bl -tag -width indent
|
||||
.It Cm switch
|
||||
Build and activate the new configuration, and make it the boot default. That
|
||||
is, the configuration is added to the GRUB boot menu as the default
|
||||
menu entry, so that subsequent reboots will boot the system into the new
|
||||
configuration. Previous configurations activated with
|
||||
.Ic nixos-rebuild switch
|
||||
or
|
||||
.Ic nixos-rebuild boot
|
||||
remain available in the GRUB menu.
|
||||
.Pp
|
||||
Note that if you are using specializations, running just
|
||||
.Ic nixos-rebuild switch
|
||||
will switch you back to the unspecialized, base system \(em in that case, you
|
||||
might want to use this instead:
|
||||
.Bd -literal -offset indent
|
||||
$ nixos-rebuild switch --specialisation your-specialisation-name
|
||||
.Ed
|
||||
.Pp
|
||||
This command will build all specialisations and make them bootable just
|
||||
like regular
|
||||
.Ic nixos-rebuild switch
|
||||
does \(em the only thing different is that it will switch to given
|
||||
specialisation instead of the base system; it can be also used to switch from
|
||||
the base system into a specialised one, or to switch between specialisations.
|
||||
.
|
||||
.It Cm boot
|
||||
Build the new configuration and make it the boot default (as with
|
||||
.Ic nixos-rebuild switch Ns
|
||||
), but do not activate it. That is, the system continues to run the previous
|
||||
configuration until the next reboot.
|
||||
.
|
||||
.It Cm test
|
||||
Build and activate the new configuration, but do not add it to the GRUB
|
||||
boot menu. Thus, if you reboot the system (or if it crashes), you will
|
||||
automatically revert to the default configuration (i.e. the
|
||||
configuration resulting from the last call to
|
||||
.Ic nixos-rebuild switch
|
||||
or
|
||||
.Ic nixos-rebuild boot Ns
|
||||
).
|
||||
.Pp
|
||||
Note that if you are using specialisations, running just
|
||||
.Ic nixos-rebuild test
|
||||
will activate the unspecialised, base system \(em in that case, you might want
|
||||
to use this instead:
|
||||
.Bd -literal -offset indent
|
||||
$ nixos-rebuild test --specialisation your-specialisation-name
|
||||
.Ed
|
||||
.Pp
|
||||
This command can be also used to switch from the base system into a
|
||||
specialised one, or to switch between specialisations.
|
||||
.
|
||||
.It Cm build
|
||||
Build the new configuration, but neither activate it nor add it to the
|
||||
GRUB boot menu. It leaves a symlink named
|
||||
.Pa result
|
||||
in the current directory, which points to the output of the top-level
|
||||
.Dq system
|
||||
derivation. This is essentially the same as doing
|
||||
.Bd -literal -offset indent
|
||||
$ nix-build /path/to/nixpkgs/nixos -A system
|
||||
.Ed
|
||||
.Pp
|
||||
Note that you do not need to be root to run
|
||||
.Ic nixos-rebuild build Ns
|
||||
\&.
|
||||
.
|
||||
.It Cm dry-build
|
||||
Show what store paths would be built or downloaded by any of the
|
||||
operations above, but otherwise do nothing.
|
||||
.
|
||||
.It Cm dry-activate
|
||||
Build the new configuration, but instead of activating it, show what
|
||||
changes would be performed by the activation (i.e. by
|
||||
.Ic nixos-rebuild test Ns
|
||||
). For instance, this command will print which systemd units would be restarted.
|
||||
The list of changes is not guaranteed to be complete.
|
||||
.
|
||||
.It Cm edit
|
||||
Opens
|
||||
.Pa configuration.nix
|
||||
in the default editor.
|
||||
.
|
||||
.It Cm repl
|
||||
Opens the configuration in
|
||||
.Ic nix repl Ns .
|
||||
.
|
||||
.It Cm build-vm
|
||||
Build a script that starts a NixOS virtual machine with the desired
|
||||
configuration. It leaves a symlink
|
||||
.Pa result
|
||||
in the current directory that points (under
|
||||
.Ql result/bin/run\- Ns Va hostname Ns \-vm Ns
|
||||
)
|
||||
at the script that starts the VM. Thus, to test a NixOS configuration in
|
||||
a virtual machine, you should do the following:
|
||||
.Bd -literal -offset indent
|
||||
$ nixos-rebuild build-vm
|
||||
$ ./result/bin/run-*-vm
|
||||
.Ed
|
||||
.Pp
|
||||
The VM is implemented using the
|
||||
.Ql qemu
|
||||
package. For best performance, you should load the
|
||||
.Ql kvm-intel
|
||||
or
|
||||
.Ql kvm-amd
|
||||
kernel modules to get hardware virtualisation.
|
||||
.Pp
|
||||
The VM mounts the Nix store of the host through the 9P file system. The
|
||||
host Nix store is read-only, so Nix commands that modify the Nix store
|
||||
will not work in the VM. This includes commands such as
|
||||
.Nm Ns
|
||||
; to change the VM’s configuration, you must halt the VM and re-run the commands
|
||||
above.
|
||||
.Pp
|
||||
The VM has its own ext3 root file system, which is automatically created when
|
||||
the VM is first started, and is persistent across reboots of the VM. It is
|
||||
stored in
|
||||
.Ql ./ Ns Va hostname Ns .qcow2 Ns
|
||||
\&.
|
||||
.\" The entire file system hierarchy of the host is available in
|
||||
.\" the VM under
|
||||
.\" .Pa /hostfs Ns
|
||||
.\" .
|
||||
.
|
||||
.It Cm build-vm-with-bootloader
|
||||
Like
|
||||
.Cm build-vm Ns
|
||||
, but boots using the regular boot loader of your configuration (e.g. GRUB 1 or
|
||||
2), rather than booting directly into the kernel and initial ramdisk of the
|
||||
system. This allows you to test whether the boot loader works correctly. \
|
||||
However, it does not guarantee that your NixOS configuration will boot
|
||||
successfully on the host hardware (i.e., after running
|
||||
.Ic nixos-rebuild switch Ns
|
||||
), because the hardware and boot loader configuration in the VM are different.
|
||||
The boot loader is installed on an automatically generated virtual disk
|
||||
containing a
|
||||
.Pa /boot
|
||||
partition.
|
||||
.
|
||||
.It Cm list-generations Op Fl -json
|
||||
List the available generations in a similar manner to the boot loader
|
||||
menu. It shows the generation number, build date and time, NixOS version,
|
||||
kernel version and the configuration revision.
|
||||
There is also a json version of output available.
|
||||
.El
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh OPTIONS
|
||||
.Bl -tag -width indent
|
||||
.It Fl -upgrade , -upgrade-all
|
||||
Update the root user's channel named
|
||||
.Ql nixos
|
||||
before rebuilding the system.
|
||||
.Pp
|
||||
In addition to the
|
||||
.Ql nixos
|
||||
channel, the root user's channels which have a file named
|
||||
.Ql .update-on-nixos-rebuild
|
||||
in their base directory will also be updated.
|
||||
.Pp
|
||||
Passing
|
||||
.Fl -upgrade-all
|
||||
updates all of the root user's channels.
|
||||
.
|
||||
.It Fl -install-bootloader
|
||||
Causes the boot loader to be (re)installed on the device specified by the
|
||||
relevant configuration options.
|
||||
.
|
||||
.It Fl -no-build-nix
|
||||
Normally,
|
||||
.Nm
|
||||
first builds the
|
||||
.Ql nixUnstable
|
||||
attribute in Nixpkgs, and uses the resulting instance of the Nix package manager
|
||||
to build the new system configuration. This is necessary if the NixOS modules
|
||||
use features not provided by the currently installed version of Nix. This option
|
||||
disables building a new Nix.
|
||||
.
|
||||
.It Fl -fast
|
||||
Equivalent to
|
||||
.Fl -no-build-nix Ns
|
||||
\&. This option is useful if you call
|
||||
.Nm
|
||||
frequently (e.g. if you’re hacking on a NixOS module).
|
||||
.
|
||||
.It Fl -rollback
|
||||
Instead of building a new configuration as specified by
|
||||
.Pa /etc/nixos/configuration.nix Ns
|
||||
, roll back to the previous configuration. (The previous configuration is
|
||||
defined as the one before the “current” generation of the Nix profile
|
||||
.Pa /nix/var/nix/profiles/system Ns
|
||||
\&.)
|
||||
.
|
||||
.It Fl -builders Ar builder-spec
|
||||
Allow ad-hoc remote builders for building the new system. This requires
|
||||
the user executing
|
||||
.Nm
|
||||
(usually root) to be configured as a trusted user in the Nix daemon. This can be
|
||||
achieved by using the
|
||||
.Va nix.settings.trusted-users
|
||||
NixOS option. Examples values for that option are described in the
|
||||
.Dq Remote builds
|
||||
chapter in the Nix manual, (i.e.
|
||||
.Ql --builders \(dqssh://bigbrother x86_64-linux\(dq Ns
|
||||
). By specifying an empty string existing builders specified in
|
||||
.Pa /etc/nix/machines
|
||||
can be ignored:
|
||||
.Ql --builders \(dq\(dq
|
||||
for example when they are not reachable due to network connectivity.
|
||||
.
|
||||
.It Fl -profile-name Ar name , Fl p Ar name
|
||||
Instead of using the Nix profile
|
||||
.Pa /nix/var/nix/profiles/system
|
||||
to keep track of the current and previous system configurations, use
|
||||
.Pa /nix/var/nix/profiles/system-profiles/ Ns Va name Ns
|
||||
\&. When you use GRUB 2, for every system profile created with this flag, NixOS
|
||||
will create a submenu named
|
||||
.Dq NixOS - Profile Va name
|
||||
in GRUB’s boot menu, containing the current and previous configurations of this profile.
|
||||
.Pp
|
||||
For instance, if you want to test a configuration file named
|
||||
.Pa test.nix
|
||||
without affecting the default system profile, you would do:
|
||||
.Bd -literal -offset indent
|
||||
$ nixos-rebuild switch -p test -I nixos-config=./test.nix
|
||||
.Ed
|
||||
.Pp
|
||||
The new configuration will appear in the GRUB 2 submenu
|
||||
.Dq NixOS - Profile 'test' Ns
|
||||
\&.
|
||||
.
|
||||
.It Fl -specialisation Ar name , Fl c Ar name
|
||||
Activates given specialisation; when not specified, switching and testing
|
||||
will activate the base, unspecialised system.
|
||||
.
|
||||
.It Fl -build-host Ar host
|
||||
Instead of building the new configuration locally, use the specified host
|
||||
to perform the build. The host needs to be accessible with
|
||||
.Ic ssh Ns ,
|
||||
and must be able to perform Nix builds. If the option
|
||||
.Fl -target-host
|
||||
is not set, the build will be copied back to the local machine when done.
|
||||
.Pp
|
||||
Note that, if
|
||||
.Fl -no-build-nix
|
||||
is not specified, Nix will be built both locally and remotely. This is because
|
||||
the configuration will always be evaluated locally even though the building
|
||||
might be performed remotely.
|
||||
.Pp
|
||||
You can include a remote user name in the host name
|
||||
.Ns ( Va user@host Ns
|
||||
). You can also set ssh options by defining the
|
||||
.Ev NIX_SSHOPTS
|
||||
environment variable.
|
||||
.
|
||||
.It Fl -target-host Ar host
|
||||
Specifies the NixOS target host. By setting this to something other than an
|
||||
empty string, the system activation will happen on the remote host instead of
|
||||
the local machine. The remote host needs to be accessible over
|
||||
.Ic ssh Ns ,
|
||||
and for the commands
|
||||
.Cm switch Ns
|
||||
,
|
||||
.Cm boot
|
||||
and
|
||||
.Cm test
|
||||
you need root access.
|
||||
.Pp
|
||||
If
|
||||
.Fl -build-host
|
||||
is not explicitly specified or empty, building will take place locally.
|
||||
.Pp
|
||||
You can include a remote user name in the host name
|
||||
.Ns ( Va user@host Ns
|
||||
). You can also set ssh options by defining the
|
||||
.Ev NIX_SSHOPTS
|
||||
environment variable.
|
||||
.Pp
|
||||
Note that
|
||||
.Nm
|
||||
honors the
|
||||
.Va nixpkgs.crossSystem
|
||||
setting of the given configuration but disregards the true architecture of the
|
||||
target host. Hence the
|
||||
.Va nixpkgs.crossSystem
|
||||
setting has to match the target platform or else activation will fail.
|
||||
.
|
||||
.It Fl -use-substitutes
|
||||
When set, nixos-rebuild will add
|
||||
.Fl -use-substitutes
|
||||
to each invocation of nix-copy-closure. This will only affect the behavior of
|
||||
nixos-rebuild if
|
||||
.Fl -target-host
|
||||
or
|
||||
.Fl -build-host
|
||||
is also set. This is useful when the target-host connection to cache.nixos.org
|
||||
is faster than the connection between hosts.
|
||||
.
|
||||
.It Fl -use-remote-sudo
|
||||
When set, nixos-rebuild prefixes activation commands that run on the
|
||||
.Fl -target-host
|
||||
system with
|
||||
.Ic sudo Ns
|
||||
\&. Setting this option allows deploying as a non-root user.
|
||||
.
|
||||
.It Fl -file Ar path , Fl F Ar path
|
||||
Enable and build the NixOS system from the specified file. The file must
|
||||
evaluate to an attribute set, and it must contain a valid NixOS configuration
|
||||
at attribute
|
||||
.Va attrPath Ns
|
||||
\&. This is useful for building a NixOS system from a nix file that is not
|
||||
a flake or a NixOS configuration module. Attribute set a with valid NixOS
|
||||
configuration can be made using
|
||||
.Va nixos
|
||||
function in nixpkgs or importing and calling
|
||||
.Pa nixos/lib/eval-config.nix
|
||||
from nixpkgs. If specified without
|
||||
.Fl -attr
|
||||
option, builds the configuration from the top-level
|
||||
attribute of the file.
|
||||
.
|
||||
.It Fl -attr Ar attrPath , Fl A Ar attrPath
|
||||
Enable and build the NixOS system from nix file and use the specified attribute
|
||||
path from file specified by the
|
||||
.Fl -file
|
||||
option. If specified without
|
||||
.Fl -file
|
||||
option, uses
|
||||
.Pa default.nix
|
||||
in current directory.
|
||||
.
|
||||
.It Fl -flake Va flake-uri Ns Op Va #name
|
||||
Build the NixOS system from the specified flake. It defaults to the directory
|
||||
containing the target of the symlink
|
||||
.Pa /etc/nixos/flake.nix Ns
|
||||
, if it exists. The flake must contain an output named
|
||||
.Ql nixosConfigurations. Ns Va name Ns
|
||||
\&. If
|
||||
.Va name
|
||||
is omitted, it default to the current host name.
|
||||
.
|
||||
.It Fl -no-flake
|
||||
Do not imply
|
||||
.Fl -flake
|
||||
if
|
||||
.Pa /etc/nixos/flake.nix
|
||||
exists. With this option, it is possible to build non-flake NixOS configurations
|
||||
even if the current NixOS systems uses flakes.
|
||||
.El
|
||||
.Pp
|
||||
In addition,
|
||||
.Nm
|
||||
accepts following options from nix commands that the tool calls:
|
||||
.
|
||||
.Pp
|
||||
flake-related options:
|
||||
.Bd -offset indent
|
||||
.Fl -recreate-lock-file Ns ,
|
||||
.Fl -no-update-lock-file Ns ,
|
||||
.Fl -no-write-lock-file Ns ,
|
||||
.Fl -no-registries Ns ,
|
||||
.Fl -commit-lock-file Ns ,
|
||||
.Fl -update-input Ar input-path Ns ,
|
||||
.Fl -override-input Ar input-path flake-url Ns
|
||||
.Ed
|
||||
.
|
||||
.Pp
|
||||
Builder options:
|
||||
.Bd -offset indent
|
||||
.Fl -verbose Ns ,
|
||||
.Fl v Ns ,
|
||||
.Fl -quiet Ns ,
|
||||
.Fl -log-format Ns ,
|
||||
.Fl -no-build-output Ns ,
|
||||
.Fl Q Ns ,
|
||||
.Fl -max-jobs Ns ,
|
||||
.Fl j Ns ,
|
||||
.Fl -cores Ns ,
|
||||
.Fl -keep-going Ns ,
|
||||
.Fl k Ns ,
|
||||
.Fl -keep-failed Ns ,
|
||||
.Fl K Ns ,
|
||||
.Fl -fallback Ns ,
|
||||
.Fl I Ns ,
|
||||
.Fl -option Ns
|
||||
.Fl -repair Ns ,
|
||||
.Fl -builders Ns ,
|
||||
.Fl -accept-flake-config Ns ,
|
||||
.Fl -print-build-logs Ns ,
|
||||
.Fl L Ns ,
|
||||
.Fl -show-trace Ns ,
|
||||
.Fl -refresh Ns ,
|
||||
.Fl -impure Ns ,
|
||||
.Fl -offline Ns ,
|
||||
.Fl -no-net Ns
|
||||
.Ed
|
||||
.
|
||||
.Pp
|
||||
See the Nix manual,
|
||||
.Ic nix flake lock --help
|
||||
or
|
||||
.Ic nix-build --help
|
||||
for details.
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh ENVIRONMENT
|
||||
.Bl -tag -width indent
|
||||
.It Ev NIXOS_CONFIG
|
||||
Path to the main NixOS configuration module. Defaults to
|
||||
.Pa /etc/nixos/configuration.nix Ns
|
||||
\&.
|
||||
.
|
||||
.It Ev NIX_PATH
|
||||
A colon-separated list of directories used to look up Nix expressions enclosed
|
||||
in angle brackets (e.g. <nixpkgs>). Example:
|
||||
.Bd -literal -offset indent
|
||||
nixpkgs=./my-nixpkgs
|
||||
.Ed
|
||||
.
|
||||
.It Ev NIX_SSHOPTS
|
||||
Additional options to be passed to
|
||||
.Ic ssh
|
||||
on the command line.
|
||||
.Ed
|
||||
.
|
||||
.It Ev NIXOS_SWITCH_USE_DIRTY_ENV
|
||||
Expose the the current environment variables to post activation scripts. Will
|
||||
skip usage of
|
||||
.Ic systemd-run
|
||||
during system activation. Possibly dangerous, specially in remote environments
|
||||
(e.g.: via SSH). Will be removed in the future.
|
||||
.El
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh FILES
|
||||
.Bl -tag -width indent
|
||||
.It Pa /etc/nixos/flake.nix
|
||||
If this file exists, then
|
||||
.Nm
|
||||
will use it as if the
|
||||
.Fl -flake
|
||||
option was given. This file may be a symlink to a
|
||||
.Pa flake.nix
|
||||
in an actual flake; thus
|
||||
.Pa /etc/nixos
|
||||
need not be a flake.
|
||||
.
|
||||
.It Pa /run/current-system
|
||||
A symlink to the currently active system configuration in the Nix store.
|
||||
.
|
||||
.It Pa /nix/var/nix/profiles/system
|
||||
The Nix profile that contains the current and previous system
|
||||
configurations. Used to generate the GRUB boot menu.
|
||||
.El
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh BUGS
|
||||
This command should be renamed to something more descriptive.
|
||||
.
|
||||
.
|
||||
.
|
||||
.Sh AUTHORS
|
||||
.An -nosplit
|
||||
.An Eelco Dolstra
|
||||
and
|
||||
.An the Nixpkgs/NixOS contributors
|
874
pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.sh
Executable file
874
pkgs/by-name/ni/nixos-rebuild/nixos-rebuild.sh
Executable file
|
@ -0,0 +1,874 @@
|
|||
#! @runtimeShell@
|
||||
# shellcheck shell=bash
|
||||
|
||||
if [ -x "@runtimeShell@" ]; then export SHELL="@runtimeShell@"; fi;
|
||||
|
||||
set -e
|
||||
set -o pipefail
|
||||
shopt -s inherit_errexit
|
||||
|
||||
export PATH=@path@:$PATH
|
||||
|
||||
showSyntax() {
|
||||
exec man nixos-rebuild
|
||||
exit 1
|
||||
}
|
||||
|
||||
|
||||
# Parse the command line.
|
||||
origArgs=("$@")
|
||||
copyFlags=()
|
||||
extraBuildFlags=()
|
||||
lockFlags=()
|
||||
flakeFlags=(--extra-experimental-features 'nix-command flakes')
|
||||
action=
|
||||
buildNix=1
|
||||
fast=
|
||||
rollback=
|
||||
upgrade=
|
||||
upgrade_all=
|
||||
profile=/nix/var/nix/profiles/system
|
||||
specialisation=
|
||||
buildHost=
|
||||
targetHost=
|
||||
remoteSudo=
|
||||
verboseScript=
|
||||
noFlake=
|
||||
attr=
|
||||
buildFile=default.nix
|
||||
buildingAttribute=1
|
||||
installBootloader=
|
||||
json=
|
||||
|
||||
# log the given argument to stderr
|
||||
log() {
|
||||
echo "$@" >&2
|
||||
}
|
||||
|
||||
while [ "$#" -gt 0 ]; do
|
||||
i="$1"; shift 1
|
||||
case "$i" in
|
||||
--help)
|
||||
showSyntax
|
||||
;;
|
||||
switch|boot|test|build|edit|repl|dry-build|dry-run|dry-activate|build-vm|build-vm-with-bootloader|list-generations)
|
||||
if [ "$i" = dry-run ]; then i=dry-build; fi
|
||||
if [ "$i" = list-generations ]; then
|
||||
buildNix=
|
||||
fast=1
|
||||
fi
|
||||
# exactly one action mandatory, bail out if multiple are given
|
||||
if [ -n "$action" ]; then showSyntax; fi
|
||||
action="$i"
|
||||
;;
|
||||
--file|-f)
|
||||
if [ -z "$1" ]; then
|
||||
log "$0: ‘--file’ requires an argument"
|
||||
exit 1
|
||||
fi
|
||||
buildFile="$1"
|
||||
buildingAttribute=
|
||||
shift 1
|
||||
;;
|
||||
--attr|-A)
|
||||
if [ -z "$1" ]; then
|
||||
log "$0: ‘--attr’ requires an argument"
|
||||
exit 1
|
||||
fi
|
||||
attr="$1"
|
||||
buildingAttribute=
|
||||
shift 1
|
||||
;;
|
||||
--install-grub)
|
||||
log "$0: --install-grub deprecated, use --install-bootloader instead"
|
||||
installBootloader=1
|
||||
;;
|
||||
--install-bootloader)
|
||||
installBootloader=1
|
||||
;;
|
||||
--no-build-nix)
|
||||
buildNix=
|
||||
;;
|
||||
--rollback)
|
||||
rollback=1
|
||||
;;
|
||||
--upgrade)
|
||||
upgrade=1
|
||||
;;
|
||||
--upgrade-all)
|
||||
upgrade=1
|
||||
upgrade_all=1
|
||||
;;
|
||||
--use-substitutes|--substitute-on-destination|-s)
|
||||
copyFlags+=("-s")
|
||||
;;
|
||||
-I|--max-jobs|-j|--cores|--builders|--log-format)
|
||||
j="$1"; shift 1
|
||||
extraBuildFlags+=("$i" "$j")
|
||||
;;
|
||||
--accept-flake-config|-j*|--quiet|--print-build-logs|-L|--no-build-output|-Q| --show-trace|--keep-going|-k|--keep-failed|-K|--fallback|--refresh|--repair|--impure|--offline|--no-net)
|
||||
extraBuildFlags+=("$i")
|
||||
;;
|
||||
--verbose|-v|-vv|-vvv|-vvvv|-vvvvv)
|
||||
verboseScript="true"
|
||||
extraBuildFlags+=("$i")
|
||||
;;
|
||||
--option)
|
||||
j="$1"; shift 1
|
||||
k="$1"; shift 1
|
||||
extraBuildFlags+=("$i" "$j" "$k")
|
||||
;;
|
||||
--fast)
|
||||
buildNix=
|
||||
fast=1
|
||||
;;
|
||||
--profile-name|-p)
|
||||
if [ -z "$1" ]; then
|
||||
log "$0: ‘--profile-name’ requires an argument"
|
||||
exit 1
|
||||
fi
|
||||
if [ "$1" != system ]; then
|
||||
profile="/nix/var/nix/profiles/system-profiles/$1"
|
||||
mkdir -p -m 0755 "$(dirname "$profile")"
|
||||
fi
|
||||
shift 1
|
||||
;;
|
||||
--specialisation|-c)
|
||||
if [ -z "$1" ]; then
|
||||
log "$0: ‘--specialisation’ requires an argument"
|
||||
exit 1
|
||||
fi
|
||||
specialisation="$1"
|
||||
shift 1
|
||||
;;
|
||||
--build-host)
|
||||
buildHost="$1"
|
||||
shift 1
|
||||
;;
|
||||
--target-host)
|
||||
targetHost="$1"
|
||||
shift 1
|
||||
;;
|
||||
--use-remote-sudo)
|
||||
remoteSudo=1
|
||||
;;
|
||||
--flake)
|
||||
flake="$1"
|
||||
shift 1
|
||||
;;
|
||||
--no-flake)
|
||||
noFlake=1
|
||||
;;
|
||||
--recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file)
|
||||
lockFlags+=("$i")
|
||||
;;
|
||||
--update-input)
|
||||
j="$1"; shift 1
|
||||
lockFlags+=("$i" "$j")
|
||||
;;
|
||||
--override-input)
|
||||
j="$1"; shift 1
|
||||
k="$1"; shift 1
|
||||
lockFlags+=("$i" "$j" "$k")
|
||||
;;
|
||||
--json)
|
||||
json=1
|
||||
;;
|
||||
*)
|
||||
log "$0: unknown option \`$i'"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
if [[ -n "$SUDO_USER" ]]; then
|
||||
useSudo=1
|
||||
fi
|
||||
|
||||
# log the given argument to stderr if verbose mode is on
|
||||
logVerbose() {
|
||||
if [ -n "$verboseScript" ]; then
|
||||
echo "$@" >&2
|
||||
fi
|
||||
}
|
||||
|
||||
# Run a command, logging it first if verbose mode is on
|
||||
runCmd() {
|
||||
logVerbose "$" "$@"
|
||||
"$@"
|
||||
}
|
||||
|
||||
buildHostCmd() {
|
||||
local c
|
||||
if [[ "${useSudo:-x}" = 1 ]]; then
|
||||
c=("sudo")
|
||||
else
|
||||
c=()
|
||||
fi
|
||||
|
||||
if [ -z "$buildHost" ]; then
|
||||
runCmd "$@"
|
||||
elif [ -n "$remoteNix" ]; then
|
||||
runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" env PATH="$remoteNix":'$PATH' "$@"
|
||||
else
|
||||
runCmd ssh $SSHOPTS "$buildHost" "${c[@]}" "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
targetHostCmd() {
|
||||
local c
|
||||
if [[ "${useSudo:-x}" = 1 ]]; then
|
||||
c=("sudo")
|
||||
else
|
||||
c=()
|
||||
fi
|
||||
|
||||
if [ -z "$targetHost" ]; then
|
||||
runCmd "${c[@]}" "$@"
|
||||
else
|
||||
runCmd ssh $SSHOPTS "$targetHost" "${c[@]}" "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
targetHostSudoCmd() {
|
||||
if [ -n "$remoteSudo" ]; then
|
||||
useSudo=1 SSHOPTS="$SSHOPTS -t" targetHostCmd "$@"
|
||||
else
|
||||
# While a tty might not be necessary, we apply it to be consistent with
|
||||
# sudo usage, and an experience that is more consistent with local deployment.
|
||||
SSHOPTS="$SSHOPTS -t" targetHostCmd "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
copyToTarget() {
|
||||
if ! [ "$targetHost" = "$buildHost" ]; then
|
||||
if [ -z "$targetHost" ]; then
|
||||
logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS"
|
||||
NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyFlags[@]}" --from "$buildHost" "$1"
|
||||
elif [ -z "$buildHost" ]; then
|
||||
logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS"
|
||||
NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure "${copyFlags[@]}" --to "$targetHost" "$1"
|
||||
else
|
||||
buildHostCmd nix-copy-closure "${copyFlags[@]}" --to "$targetHost" "$1"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
nixBuild() {
|
||||
logVerbose "Building in legacy (non-flake) mode."
|
||||
if [ -z "$buildHost" ]; then
|
||||
logVerbose "No --build-host given, running nix-build locally"
|
||||
runCmd nix-build "$@"
|
||||
else
|
||||
logVerbose "buildHost set to \"$buildHost\", running nix-build remotely"
|
||||
local instArgs=()
|
||||
local buildArgs=()
|
||||
local drv=
|
||||
|
||||
while [ "$#" -gt 0 ]; do
|
||||
local i="$1"; shift 1
|
||||
case "$i" in
|
||||
-o)
|
||||
local out="$1"; shift 1
|
||||
buildArgs+=("--add-root" "$out" "--indirect")
|
||||
;;
|
||||
-A)
|
||||
local j="$1"; shift 1
|
||||
instArgs+=("$i" "$j")
|
||||
;;
|
||||
-I) # We don't want this in buildArgs
|
||||
shift 1
|
||||
;;
|
||||
--no-out-link) # We don't want this in buildArgs
|
||||
;;
|
||||
"<"*) # nix paths
|
||||
instArgs+=("$i")
|
||||
;;
|
||||
*)
|
||||
buildArgs+=("$i")
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
drv="$(runCmd nix-instantiate "${instArgs[@]}" "${extraBuildFlags[@]}")"
|
||||
if [ -a "$drv" ]; then
|
||||
logVerbose "Running nix-copy-closure with these NIX_SSHOPTS: $SSHOPTS"
|
||||
NIX_SSHOPTS=$SSHOPTS runCmd nix-copy-closure --to "$buildHost" "$drv"
|
||||
buildHostCmd nix-store -r "$drv" "${buildArgs[@]}"
|
||||
else
|
||||
log "nix-instantiate failed"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
nixFlakeBuild() {
|
||||
logVerbose "Building in flake mode."
|
||||
if [[ -z "$buildHost" && -z "$targetHost" && "$action" != switch && "$action" != boot && "$action" != test && "$action" != dry-activate ]]
|
||||
then
|
||||
runCmd nix "${flakeFlags[@]}" build "$@"
|
||||
readlink -f ./result
|
||||
elif [ -z "$buildHost" ]; then
|
||||
runCmd nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result"
|
||||
readlink -f "${tmpDir}/result"
|
||||
else
|
||||
local attr="$1"
|
||||
shift 1
|
||||
local evalArgs=()
|
||||
local buildArgs=()
|
||||
local drv=
|
||||
|
||||
while [ "$#" -gt 0 ]; do
|
||||
local i="$1"; shift 1
|
||||
case "$i" in
|
||||
--recreate-lock-file|--no-update-lock-file|--no-write-lock-file|--no-registries|--commit-lock-file)
|
||||
evalArgs+=("$i")
|
||||
;;
|
||||
--update-input)
|
||||
local j="$1"; shift 1
|
||||
evalArgs+=("$i" "$j")
|
||||
;;
|
||||
--override-input)
|
||||
local j="$1"; shift 1
|
||||
local k="$1"; shift 1
|
||||
evalArgs+=("$i" "$j" "$k")
|
||||
;;
|
||||
--impure) # We don't want this in buildArgs, it's only needed at evaluation time, and unsupported during realisation
|
||||
;;
|
||||
*)
|
||||
buildArgs+=("$i")
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
drv="$(runCmd nix "${flakeFlags[@]}" eval --raw "${attr}.drvPath" "${evalArgs[@]}" "${extraBuildFlags[@]}")"
|
||||
if [ -a "$drv" ]; then
|
||||
logVerbose "Running nix with these NIX_SSHOPTS: $SSHOPTS"
|
||||
NIX_SSHOPTS=$SSHOPTS runCmd nix "${flakeFlags[@]}" copy "${copyFlags[@]}" --derivation --to "ssh://$buildHost" "$drv"
|
||||
buildHostCmd nix-store -r "$drv" "${buildArgs[@]}"
|
||||
else
|
||||
log "nix eval failed"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
if [ -z "$action" ]; then showSyntax; fi
|
||||
|
||||
# Only run shell scripts from the Nixpkgs tree if the action is
|
||||
# "switch", "boot", or "test". With other actions (such as "build"),
|
||||
# the user may reasonably expect that no code from the Nixpkgs tree is
|
||||
# executed, so it's safe to run nixos-rebuild against a potentially
|
||||
# untrusted tree.
|
||||
canRun=
|
||||
if [[ "$action" = switch || "$action" = boot || "$action" = test ]]; then
|
||||
canRun=1
|
||||
fi
|
||||
|
||||
# Verify that user is not trying to use attribute building and flake
|
||||
# at the same time
|
||||
if [[ -z $buildingAttribute && -n $flake ]]; then
|
||||
log "error: '--flake' cannot be used with '--file' or '--attr'"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# If ‘--upgrade’ or `--upgrade-all` is given,
|
||||
# run ‘nix-channel --update nixos’.
|
||||
if [[ -n $upgrade && -z $_NIXOS_REBUILD_REEXEC && -z $flake ]]; then
|
||||
# If --upgrade-all is passed, or there are other channels that
|
||||
# contain a file called ".update-on-nixos-rebuild", update them as
|
||||
# well. Also upgrade the nixos channel.
|
||||
|
||||
for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do
|
||||
channel_name=$(basename "$channelpath")
|
||||
|
||||
if [[ "$channel_name" == "nixos" ]]; then
|
||||
runCmd nix-channel --update "$channel_name"
|
||||
elif [ -e "$channelpath/.update-on-nixos-rebuild" ]; then
|
||||
runCmd nix-channel --update "$channel_name"
|
||||
elif [[ -n $upgrade_all ]] ; then
|
||||
runCmd nix-channel --update "$channel_name"
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# Make sure that we use the Nix package we depend on, not something
|
||||
# else from the PATH for nix-{env,instantiate,build}. This is
|
||||
# important, because NixOS defaults the architecture of the rebuilt
|
||||
# system to the architecture of the nix-* binaries used. So if on an
|
||||
# amd64 system the user has an i686 Nix package in her PATH, then we
|
||||
# would silently downgrade the whole system to be i686 NixOS on the
|
||||
# next reboot.
|
||||
if [ -z "$_NIXOS_REBUILD_REEXEC" ]; then
|
||||
export PATH=@nix@/bin:$PATH
|
||||
fi
|
||||
|
||||
# Use /etc/nixos/flake.nix if it exists. It can be a symlink to the
|
||||
# actual flake.
|
||||
if [[ -z $flake && -e /etc/nixos/flake.nix && -z $noFlake ]]; then
|
||||
flake="$(dirname "$(readlink -f /etc/nixos/flake.nix)")"
|
||||
fi
|
||||
|
||||
# For convenience, use the hostname as the default configuration to
|
||||
# build from the flake.
|
||||
if [[ -n $flake ]]; then
|
||||
if [[ $flake =~ ^(.*)\#([^\#\"]*)$ ]]; then
|
||||
flake="${BASH_REMATCH[1]}"
|
||||
flakeAttr="${BASH_REMATCH[2]}"
|
||||
fi
|
||||
if [[ -z $flakeAttr ]]; then
|
||||
hostname="$(targetHostCmd cat /proc/sys/kernel/hostname)"
|
||||
if [[ -z $hostname ]]; then
|
||||
hostname=default
|
||||
fi
|
||||
flakeAttr="nixosConfigurations.\"$hostname\""
|
||||
else
|
||||
flakeAttr="nixosConfigurations.\"$flakeAttr\""
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ ! -z "$specialisation" && ! "$action" = switch && ! "$action" = test ]]; then
|
||||
log "error: ‘--specialisation’ can only be used with ‘switch’ and ‘test’"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
tmpDir=$(mktemp -t -d nixos-rebuild.XXXXXX)
|
||||
|
||||
if [[ ${#tmpDir} -ge 60 ]]; then
|
||||
# Very long tmp dirs lead to "too long for Unix domain socket"
|
||||
# SSH ControlPath errors. Especially macOS sets long TMPDIR paths.
|
||||
rmdir "$tmpDir"
|
||||
tmpDir=$(TMPDIR= mktemp -t -d nixos-rebuild.XXXXXX)
|
||||
fi
|
||||
|
||||
cleanup() {
|
||||
for ctrl in "$tmpDir"/ssh-*; do
|
||||
ssh -o ControlPath="$ctrl" -O exit dummyhost 2>/dev/null || true
|
||||
done
|
||||
rm -rf "$tmpDir"
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
|
||||
# Re-execute nixos-rebuild from the Nixpkgs tree.
|
||||
if [[ -z $_NIXOS_REBUILD_REEXEC && -n $canRun && -z $fast ]]; then
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
p=$(runCmd nix-build --no-out-link $buildFile -A "${attr:+$attr.}config.system.build.nixos-rebuild" "${extraBuildFlags[@]}")
|
||||
SHOULD_REEXEC=1
|
||||
elif [[ -z $flake ]]; then
|
||||
if p=$(runCmd nix-build --no-out-link --expr 'with import <nixpkgs/nixos> {}; config.system.build.nixos-rebuild' "${extraBuildFlags[@]}"); then
|
||||
SHOULD_REEXEC=1
|
||||
fi
|
||||
else
|
||||
runCmd nix "${flakeFlags[@]}" build --out-link "${tmpDir}/nixos-rebuild" "$flake#$flakeAttr.config.system.build.nixos-rebuild" "${extraBuildFlags[@]}" "${lockFlags[@]}"
|
||||
if p=$(readlink -e "${tmpDir}/nixos-rebuild"); then
|
||||
SHOULD_REEXEC=1
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -n $SHOULD_REEXEC ]]; then
|
||||
export _NIXOS_REBUILD_REEXEC=1
|
||||
# Manually call cleanup as the EXIT trap is not triggered when using exec
|
||||
cleanup
|
||||
runCmd exec "$p/bin/nixos-rebuild" "${origArgs[@]}"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# Find configuration.nix and open editor instead of building.
|
||||
if [ "$action" = edit ]; then
|
||||
if [[ -n $attr || -n $buildFile ]]; then
|
||||
log "error: '--file' and '--attr' are not supported with 'edit'"
|
||||
exit 1
|
||||
elif [[ -z $flake ]]; then
|
||||
NIXOS_CONFIG=${NIXOS_CONFIG:-$(runCmd nix-instantiate --find-file nixos-config)}
|
||||
if [[ -d $NIXOS_CONFIG ]]; then
|
||||
NIXOS_CONFIG=$NIXOS_CONFIG/default.nix
|
||||
fi
|
||||
runCmd exec ${EDITOR:-nano} "$NIXOS_CONFIG"
|
||||
else
|
||||
runCmd exec nix "${flakeFlags[@]}" edit "${lockFlags[@]}" -- "$flake#$flakeAttr"
|
||||
fi
|
||||
exit 1
|
||||
fi
|
||||
|
||||
SSHOPTS="$NIX_SSHOPTS -o ControlMaster=auto -o ControlPath=$tmpDir/ssh-%n -o ControlPersist=60"
|
||||
|
||||
# First build Nix, since NixOS may require a newer version than the
|
||||
# current one.
|
||||
if [[ -n "$rollback" || "$action" = dry-build ]]; then
|
||||
buildNix=
|
||||
fi
|
||||
|
||||
nixSystem() {
|
||||
machine="$(uname -m)"
|
||||
if [[ "$machine" =~ i.86 ]]; then
|
||||
machine=i686
|
||||
fi
|
||||
echo $machine-linux
|
||||
}
|
||||
|
||||
prebuiltNix() {
|
||||
machine="$1"
|
||||
if [ "$machine" = x86_64 ]; then
|
||||
echo @nix_x86_64_linux@
|
||||
elif [[ "$machine" =~ i.86 ]]; then
|
||||
echo @nix_i686_linux@
|
||||
elif [[ "$machine" = aarch64 ]]; then
|
||||
echo @nix_aarch64_linux@
|
||||
else
|
||||
log "$0: unsupported platform"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
getNixDrv() {
|
||||
nixDrv=
|
||||
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
if nixDrv="$(runCmd nix-instantiate $buildFile --add-root "$tmpDir/nix.drv" --indirect -A ${attr:+$attr.}config.nix.package.out "${extraBuildFlags[@]}")"; then return; fi
|
||||
fi
|
||||
if nixDrv="$(runCmd nix-instantiate '<nixpkgs/nixos>' --add-root "$tmpDir/nix.drv" --indirect -A config.nix.package.out "${extraBuildFlags[@]}")"; then return; fi
|
||||
if nixDrv="$(runCmd nix-instantiate '<nixpkgs>' --add-root "$tmpDir/nix.drv" --indirect -A nix "${extraBuildFlags[@]}")"; then return; fi
|
||||
|
||||
if ! nixStorePath="$(runCmd nix-instantiate --eval '<nixpkgs/nixos/modules/installer/tools/nix-fallback-paths.nix>' -A "$(nixSystem)" | sed -e 's/^"//' -e 's/"$//')"; then
|
||||
nixStorePath="$(prebuiltNix "$(uname -m)")"
|
||||
fi
|
||||
if ! runCmd nix-store -r "$nixStorePath" --add-root "${tmpDir}/nix" --indirect \
|
||||
--option extra-binary-caches https://cache.nixos.org/; then
|
||||
log "warning: don't know how to get latest Nix"
|
||||
fi
|
||||
# Older version of nix-store -r don't support --add-root.
|
||||
[ -e "$tmpDir/nix" ] || ln -sf "$nixStorePath" "$tmpDir/nix"
|
||||
if [ -n "$buildHost" ]; then
|
||||
remoteNixStorePath="$(runCmd prebuiltNix "$(buildHostCmd uname -m)")"
|
||||
remoteNix="$remoteNixStorePath/bin"
|
||||
if ! buildHostCmd nix-store -r "$remoteNixStorePath" \
|
||||
--option extra-binary-caches https://cache.nixos.org/ >/dev/null; then
|
||||
remoteNix=
|
||||
log "warning: don't know how to get latest Nix"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
if [[ -n $buildNix && -z $flake ]]; then
|
||||
log "building Nix..."
|
||||
getNixDrv
|
||||
if [ -a "$nixDrv" ]; then
|
||||
nix-store -r "$nixDrv"'!'"out" --add-root "$tmpDir/nix" --indirect >/dev/null
|
||||
if [ -n "$buildHost" ]; then
|
||||
nix-copy-closure "${copyFlags[@]}" --to "$buildHost" "$nixDrv"
|
||||
# The nix build produces multiple outputs, we add them all to the remote path
|
||||
for p in $(buildHostCmd nix-store -r "$(readlink "$nixDrv")" "${buildArgs[@]}"); do
|
||||
remoteNix="$remoteNix${remoteNix:+:}$p/bin"
|
||||
done
|
||||
fi
|
||||
fi
|
||||
PATH="$tmpDir/nix/bin:$PATH"
|
||||
fi
|
||||
|
||||
|
||||
# Update the version suffix if we're building from Git (so that
|
||||
# nixos-version shows something useful).
|
||||
if [[ -n $canRun && -z $flake ]]; then
|
||||
if nixpkgs=$(runCmd nix-instantiate --find-file nixpkgs "${extraBuildFlags[@]}"); then
|
||||
suffix=$(runCmd $SHELL "$nixpkgs/nixos/modules/installer/tools/get-version-suffix" "${extraBuildFlags[@]}" || true)
|
||||
if [ -n "$suffix" ]; then
|
||||
echo -n "$suffix" > "$nixpkgs/.version-suffix" || true
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
if [ "$action" = dry-build ]; then
|
||||
extraBuildFlags+=(--dry-run)
|
||||
fi
|
||||
|
||||
if [ "$action" = repl ]; then
|
||||
# This is a very end user command, implemented using sub-optimal means.
|
||||
# You should feel free to improve its behavior, as well as resolve tech
|
||||
# debt in "breaking" ways. Humans adapt quite well.
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
exec nix repl --file $buildFile $attr "${extraBuildFlags[@]}"
|
||||
elif [[ -z $flake ]]; then
|
||||
exec nix repl '<nixpkgs/nixos>' "${extraBuildFlags[@]}"
|
||||
else
|
||||
if [[ -n "${lockFlags[0]}" ]]; then
|
||||
# nix repl itself does not support locking flags
|
||||
log "nixos-rebuild repl does not support locking flags yet"
|
||||
exit 1
|
||||
fi
|
||||
d='$'
|
||||
q='"'
|
||||
bold="$(echo -e '\033[1m')"
|
||||
blue="$(echo -e '\033[34;1m')"
|
||||
attention="$(echo -e '\033[35;1m')"
|
||||
reset="$(echo -e '\033[0m')"
|
||||
if [[ -e $flake ]]; then
|
||||
flakePath=$(realpath "$flake")
|
||||
else
|
||||
flakePath=$flake
|
||||
fi
|
||||
# This nix repl invocation is impure, because usually the flakeref is.
|
||||
# For a solution that preserves the motd and custom scope, we need
|
||||
# something like https://github.com/NixOS/nix/issues/8679.
|
||||
exec nix repl --impure --expr "
|
||||
let flake = builtins.getFlake ''$flakePath'';
|
||||
configuration = flake.$flakeAttr;
|
||||
motd = ''
|
||||
$d{$q\n$q}
|
||||
Hello and welcome to the NixOS configuration
|
||||
$flakeAttr
|
||||
in $flake
|
||||
|
||||
The following is loaded into nix repl's scope:
|
||||
|
||||
- ${blue}config${reset} All option values
|
||||
- ${blue}options${reset} Option data and metadata
|
||||
- ${blue}pkgs${reset} Nixpkgs package set
|
||||
- ${blue}lib${reset} Nixpkgs library functions
|
||||
- other module arguments
|
||||
|
||||
- ${blue}flake${reset} Flake outputs, inputs and source info of $flake
|
||||
|
||||
Use tab completion to browse around ${blue}config${reset}.
|
||||
|
||||
Use ${bold}:r${reset} to ${bold}reload${reset} everything after making a change in the flake.
|
||||
(assuming $flake is a mutable flake ref)
|
||||
|
||||
See ${bold}:?${reset} for more repl commands.
|
||||
|
||||
${attention}warning:${reset} nixos-rebuild repl does not currently enforce pure evaluation.
|
||||
'';
|
||||
scope =
|
||||
assert configuration._type or null == ''configuration'';
|
||||
assert configuration.class or ''nixos'' == ''nixos'';
|
||||
configuration._module.args //
|
||||
configuration._module.specialArgs //
|
||||
{
|
||||
inherit (configuration) config options;
|
||||
lib = configuration.lib or configuration.pkgs.lib;
|
||||
inherit flake;
|
||||
};
|
||||
in builtins.seq scope builtins.trace motd scope
|
||||
" "${extraBuildFlags[@]}"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ "$action" = list-generations ]; then
|
||||
if [ ! -L "$profile" ]; then
|
||||
log "No profile \`$(basename "$profile")' found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
generation_from_dir() {
|
||||
generation_dir="$1"
|
||||
generation_base="$(basename "$generation_dir")" # Has the format "system-123-link" for generation 123
|
||||
no_link_gen="${generation_base%-link}" # remove the "-link"
|
||||
echo "${no_link_gen##*-}" # remove everything before the last dash
|
||||
}
|
||||
describe_generation(){
|
||||
generation_dir="$1"
|
||||
generation_number="$(generation_from_dir "$generation_dir")"
|
||||
nixos_version="$(cat "$generation_dir/nixos-version" 2> /dev/null || echo "Unknown")"
|
||||
|
||||
kernel_dir="$(dirname "$(realpath "$generation_dir/kernel")")"
|
||||
kernel_version="$(ls "$kernel_dir/lib/modules" || echo "Unknown")"
|
||||
|
||||
configurationRevision="$("$generation_dir/sw/bin/nixos-version" --configuration-revision 2> /dev/null || true)"
|
||||
|
||||
# Old nixos-version output ignored unknown flags and just printed the version
|
||||
# therefore the following workaround is done not to show the default output
|
||||
nixos_version_default="$("$generation_dir/sw/bin/nixos-version")"
|
||||
if [ "$configurationRevision" == "$nixos_version_default" ]; then
|
||||
configurationRevision=""
|
||||
fi
|
||||
|
||||
# jq automatically quotes the output => don't try to quote it in output!
|
||||
build_date="$(stat "$generation_dir" --format=%W | jq 'todate')"
|
||||
|
||||
pushd "$generation_dir/specialisation/" > /dev/null || :
|
||||
specialisation_list=(*)
|
||||
popd > /dev/null || :
|
||||
|
||||
specialisations="$(jq --compact-output --null-input '$ARGS.positional' --args -- "${specialisation_list[@]}")"
|
||||
|
||||
if [ "$(basename "$generation_dir")" = "$(readlink "$profile")" ]; then
|
||||
current_generation_tag="true"
|
||||
else
|
||||
current_generation_tag="false"
|
||||
fi
|
||||
|
||||
# Escape userdefined strings
|
||||
nixos_version="$(jq -aR <<< "$nixos_version")"
|
||||
kernel_version="$(jq -aR <<< "$kernel_version")"
|
||||
configurationRevision="$(jq -aR <<< "$configurationRevision")"
|
||||
cat << EOF
|
||||
{
|
||||
"generation": $generation_number,
|
||||
"date": $build_date,
|
||||
"nixosVersion": $nixos_version,
|
||||
"kernelVersion": $kernel_version,
|
||||
"configurationRevision": $configurationRevision,
|
||||
"specialisations": $specialisations,
|
||||
"current": $current_generation_tag
|
||||
}
|
||||
EOF
|
||||
}
|
||||
|
||||
find "$(dirname "$profile")" -regex "$profile-[0-9]+-link" |
|
||||
sort -Vr |
|
||||
while read -r generation_dir; do
|
||||
describe_generation "$generation_dir"
|
||||
done |
|
||||
if [ -z "$json" ]; then
|
||||
jq --slurp -r '.[] | [
|
||||
([.generation, (if .current == true then "current" else "" end)] | join(" ")),
|
||||
(.date | fromdate | strflocaltime("%Y-%m-%d %H:%M:%S")),
|
||||
.nixosVersion, .kernelVersion, .configurationRevision,
|
||||
(.specialisations | join(" "))
|
||||
] | @tsv' |
|
||||
column --separator $'\t' --table --table-columns "Generation,Build-date,NixOS version,Kernel,Configuration Revision,Specialisation" |
|
||||
${PAGER:cat}
|
||||
else
|
||||
jq --slurp .
|
||||
fi
|
||||
exit 0
|
||||
fi
|
||||
|
||||
|
||||
# Either upgrade the configuration in the system profile (for "switch"
|
||||
# or "boot"), or just build it and create a symlink "result" in the
|
||||
# current directory (for "build" and "test").
|
||||
if [ -z "$rollback" ]; then
|
||||
log "building the system configuration..."
|
||||
if [[ "$action" = switch || "$action" = boot ]]; then
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.toplevel" "${extraBuildFlags[@]}")"
|
||||
elif [[ -z $flake ]]; then
|
||||
pathToConfig="$(nixBuild '<nixpkgs/nixos>' --no-out-link -A system "${extraBuildFlags[@]}")"
|
||||
else
|
||||
pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}")"
|
||||
fi
|
||||
copyToTarget "$pathToConfig"
|
||||
targetHostSudoCmd nix-env -p "$profile" --set "$pathToConfig"
|
||||
elif [[ "$action" = test || "$action" = build || "$action" = dry-build || "$action" = dry-activate ]]; then
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.toplevel" "${extraBuildFlags[@]}")"
|
||||
elif [[ -z $flake ]]; then
|
||||
pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A system -k "${extraBuildFlags[@]}")"
|
||||
else
|
||||
pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.toplevel" "${extraBuildFlags[@]}" "${lockFlags[@]}")"
|
||||
fi
|
||||
elif [ "$action" = build-vm ]; then
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.vm" "${extraBuildFlags[@]}")"
|
||||
elif [[ -z $flake ]]; then
|
||||
pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A vm -k "${extraBuildFlags[@]}")"
|
||||
else
|
||||
pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.vm" "${extraBuildFlags[@]}" "${lockFlags[@]}")"
|
||||
fi
|
||||
elif [ "$action" = build-vm-with-bootloader ]; then
|
||||
if [[ -z $buildingAttribute ]]; then
|
||||
pathToConfig="$(nixBuild $buildFile -A "${attr:+$attr.}config.system.build.vmWithBootLoader" "${extraBuildFlags[@]}")"
|
||||
elif [[ -z $flake ]]; then
|
||||
pathToConfig="$(nixBuild '<nixpkgs/nixos>' -A vmWithBootLoader -k "${extraBuildFlags[@]}")"
|
||||
else
|
||||
pathToConfig="$(nixFlakeBuild "$flake#$flakeAttr.config.system.build.vmWithBootLoader" "${extraBuildFlags[@]}" "${lockFlags[@]}")"
|
||||
fi
|
||||
else
|
||||
showSyntax
|
||||
fi
|
||||
# Copy build to target host if we haven't already done it
|
||||
if ! [[ "$action" = switch || "$action" = boot ]]; then
|
||||
copyToTarget "$pathToConfig"
|
||||
fi
|
||||
else # [ -n "$rollback" ]
|
||||
if [[ "$action" = switch || "$action" = boot ]]; then
|
||||
targetHostSudoCmd nix-env --rollback -p "$profile"
|
||||
pathToConfig="$profile"
|
||||
elif [[ "$action" = test || "$action" = build ]]; then
|
||||
systemNumber=$(
|
||||
targetHostCmd nix-env -p "$profile" --list-generations |
|
||||
sed -n '/current/ {g; p;}; s/ *\([0-9]*\).*/\1/; h'
|
||||
)
|
||||
pathToConfig="$profile"-${systemNumber}-link
|
||||
if [ -z "$targetHost" ]; then
|
||||
ln -sT "$pathToConfig" ./result
|
||||
fi
|
||||
else
|
||||
showSyntax
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
# If we're not just building, then make the new configuration the boot
|
||||
# default and/or activate it now.
|
||||
if [[ "$action" = switch || "$action" = boot || "$action" = test || "$action" = dry-activate ]]; then
|
||||
# Using systemd-run here to protect against PTY failures/network
|
||||
# disconnections during rebuild.
|
||||
# See: https://github.com/NixOS/nixpkgs/issues/39118
|
||||
cmd=(
|
||||
"systemd-run"
|
||||
"-E" "LOCALE_ARCHIVE" # Will be set to new value early in switch-to-configuration script, but interpreter starts out with old value
|
||||
"-E" "NIXOS_INSTALL_BOOTLOADER=$installBootloader"
|
||||
"--collect"
|
||||
"--no-ask-password"
|
||||
"--pipe"
|
||||
"--quiet"
|
||||
"--same-dir"
|
||||
"--service-type=exec"
|
||||
"--unit=nixos-rebuild-switch-to-configuration"
|
||||
"--wait"
|
||||
)
|
||||
# Check if we have a working systemd-run. In chroot environments we may have
|
||||
# a non-working systemd, so we fallback to not using systemd-run.
|
||||
# You may also want to explicitly set NIXOS_SWITCH_USE_DIRTY_ENV environment
|
||||
# variable, since systemd-run runs inside an isolated environment and
|
||||
# this may break some post-switch scripts. However keep in mind that this
|
||||
# may be dangerous in remote access (e.g. SSH).
|
||||
if [[ -n "$NIXOS_SWITCH_USE_DIRTY_ENV" ]]; then
|
||||
log "warning: skipping systemd-run since NIXOS_SWITCH_USE_DIRTY_ENV is set. This environment variable will be ignored in the future"
|
||||
cmd=("env" "NIXOS_INSTALL_BOOTLOADER=$installBootloader")
|
||||
elif ! targetHostSudoCmd "${cmd[@]}" true; then
|
||||
logVerbose "Skipping systemd-run to switch configuration since it is not working in target host."
|
||||
cmd=(
|
||||
"env"
|
||||
"-i"
|
||||
"LOCALE_ARCHIVE=$LOCALE_ARCHIVE"
|
||||
"NIXOS_INSTALL_BOOTLOADER=$installBootloader"
|
||||
)
|
||||
else
|
||||
logVerbose "Using systemd-run to switch configuration."
|
||||
fi
|
||||
if [[ -z "$specialisation" ]]; then
|
||||
cmd+=("$pathToConfig/bin/switch-to-configuration")
|
||||
else
|
||||
cmd+=("$pathToConfig/specialisation/$specialisation/bin/switch-to-configuration")
|
||||
|
||||
if [ -z "$targetHost" ]; then
|
||||
specialisationExists=$(test -f "${cmd[-1]}")
|
||||
else
|
||||
specialisationExists=$(targetHostCmd test -f "${cmd[-1]}")
|
||||
fi
|
||||
|
||||
if ! $specialisationExists; then
|
||||
log "error: specialisation not found: $specialisation"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
if ! targetHostSudoCmd "${cmd[@]}" "$action"; then
|
||||
log "warning: error(s) occurred while switching to the new configuration"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
if [[ "$action" = build-vm || "$action" = build-vm-with-bootloader ]]; then
|
||||
cat >&2 <<EOF
|
||||
|
||||
Done. The virtual machine can be started by running $(echo "${pathToConfig}/bin/"run-*-vm)
|
||||
EOF
|
||||
fi
|
59
pkgs/by-name/ni/nixos-rebuild/package.nix
Normal file
59
pkgs/by-name/ni/nixos-rebuild/package.nix
Normal file
|
@ -0,0 +1,59 @@
|
|||
{ callPackage
|
||||
, substitute
|
||||
, runtimeShell
|
||||
, coreutils
|
||||
, gnused
|
||||
, gnugrep
|
||||
, jq
|
||||
, util-linux
|
||||
, nix
|
||||
, lib
|
||||
, nixosTests
|
||||
, installShellFiles
|
||||
}:
|
||||
let
|
||||
fallback = import "${(import ../../../../inputs.nix {}).nixpkgs}/nixos/modules/installer/tools/nix-fallback-paths.nix";
|
||||
in
|
||||
substitute {
|
||||
name = "nixos-rebuild";
|
||||
src = ./nixos-rebuild.sh;
|
||||
dir = "bin";
|
||||
isExecutable = true;
|
||||
|
||||
substitutions = [
|
||||
"--subst-var-by" "runtimeShell" runtimeShell
|
||||
"--subst-var-by" "nix" nix
|
||||
"--subst-var-by" "nix_x86_64_linux" fallback.x86_64-linux
|
||||
"--subst-var-by" "nix_i686_linux" fallback.i686-linux
|
||||
"--subst-var-by" "nix_aarch64_linux" fallback.aarch64-linux
|
||||
"--subst-var-by" "path" (lib.makeBinPath [ coreutils gnused gnugrep jq util-linux ])
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
installShellFiles
|
||||
];
|
||||
|
||||
postInstall = ''
|
||||
installManPage ${./nixos-rebuild.8}
|
||||
|
||||
installShellCompletion \
|
||||
--bash ${./_nixos-rebuild}
|
||||
'';
|
||||
|
||||
# run some a simple installer tests to make sure nixos-rebuild still works for them
|
||||
passthru.tests = {
|
||||
install-bootloader = nixosTests.nixos-rebuild-install-bootloader;
|
||||
repl = callPackage ./test/repl.nix {};
|
||||
simple-installer = nixosTests.installer.simple;
|
||||
specialisations = nixosTests.nixos-rebuild-specialisations;
|
||||
target-host = nixosTests.nixos-rebuild-target-host;
|
||||
};
|
||||
|
||||
meta = {
|
||||
description = "Rebuild your NixOS configuration and switch to it, on local hosts and remote";
|
||||
homepage = "https://github.com/NixOS/nixpkgs/tree/master/pkgs/os-specific/linux/nixos-rebuild";
|
||||
license = lib.licenses.mit;
|
||||
maintainers = [ lib.maintainers.Profpatsch ];
|
||||
mainProgram = "nixos-rebuild";
|
||||
};
|
||||
}
|
159
pkgs/by-name/ni/nixos-rebuild/test/repl.nix
Normal file
159
pkgs/by-name/ni/nixos-rebuild/test/repl.nix
Normal file
|
@ -0,0 +1,159 @@
|
|||
{ lib,
|
||||
expect,
|
||||
nix,
|
||||
nixos-rebuild,
|
||||
path,
|
||||
runCommand,
|
||||
stdenv,
|
||||
writeText,
|
||||
}:
|
||||
let
|
||||
# Arguably not true, but it holds up for now.
|
||||
escapeExpect = lib.strings.escapeNixString;
|
||||
|
||||
expectSetup = ''
|
||||
set timeout 180
|
||||
proc expect_simple { pattern } {
|
||||
puts "Expecting: $pattern"
|
||||
expect {
|
||||
timeout {
|
||||
puts "\nTimeout waiting for: $pattern\n"
|
||||
exit 1
|
||||
}
|
||||
$pattern
|
||||
}
|
||||
}
|
||||
'';
|
||||
|
||||
# In case we want/need to evaluate packages or the assertions or whatever,
|
||||
# we want to have a linux system.
|
||||
# TODO: make the non-flake test use thise.
|
||||
linuxSystem = lib.replaceStrings ["darwin"] ["linux"] stdenv.hostPlatform.system;
|
||||
|
||||
in
|
||||
runCommand "test-nixos-rebuild-repl" {
|
||||
nativeBuildInputs = [
|
||||
expect
|
||||
nix
|
||||
nixos-rebuild
|
||||
];
|
||||
nixpkgs =
|
||||
if builtins.pathExists (path + "/.git")
|
||||
then lib.cleanSource path
|
||||
else path;
|
||||
} ''
|
||||
export HOME=$(mktemp -d)
|
||||
export TEST_ROOT=$PWD/test-tmp
|
||||
|
||||
# Prepare for running Nix in sandbox
|
||||
export NIX_BUILD_HOOK=
|
||||
export NIX_CONF_DIR=$TEST_ROOT/etc
|
||||
export NIX_LOCALSTATE_DIR=$TEST_ROOT/var
|
||||
export NIX_LOG_DIR=$TEST_ROOT/var/log/nix
|
||||
export NIX_STATE_DIR=$TEST_ROOT/var/nix
|
||||
export NIX_STORE_DIR=$TEST_ROOT/store
|
||||
export PAGER=cat
|
||||
mkdir -p $TEST_ROOT $NIX_CONF_DIR
|
||||
|
||||
echo General setup
|
||||
##################
|
||||
|
||||
export NIX_PATH=nixpkgs=$nixpkgs:nixos-config=$HOME/configuration.nix
|
||||
cat >> ~/configuration.nix <<EOF
|
||||
{
|
||||
boot.loader.grub.enable = false;
|
||||
fileSystems."/".device = "x";
|
||||
imports = [ ./hardware-configuration.nix ];
|
||||
}
|
||||
EOF
|
||||
|
||||
echo '{ }' > ~/hardware-configuration.nix
|
||||
|
||||
|
||||
echo Test traditional NixOS configuration
|
||||
#########################################
|
||||
|
||||
expect ${writeText "test-nixos-rebuild-repl-expect" ''
|
||||
${expectSetup}
|
||||
spawn nixos-rebuild repl --fast
|
||||
|
||||
expect "nix-repl> "
|
||||
|
||||
send "config.networking.hostName\n"
|
||||
expect "\"nixos\""
|
||||
''}
|
||||
|
||||
|
||||
echo Test flake based NixOS configuration
|
||||
#########################################
|
||||
|
||||
# Switch to flake flavored environment
|
||||
unset NIX_PATH
|
||||
cat > $NIX_CONF_DIR/nix.conf <<EOF
|
||||
experimental-features = nix-command flakes
|
||||
EOF
|
||||
|
||||
# Make the config pure
|
||||
echo '{ nixpkgs.hostPlatform = "${linuxSystem}"; }' > ~/hardware-configuration.nix
|
||||
|
||||
cat >~/flake.nix <<EOF
|
||||
{
|
||||
inputs.nixpkgs.url = "path:$nixpkgs";
|
||||
outputs = { nixpkgs, ... }: {
|
||||
nixosConfigurations.testconf = nixpkgs.lib.nixosSystem {
|
||||
modules = [
|
||||
./configuration.nix
|
||||
# Let's change it up a bit
|
||||
{ networking.hostName = "itsme"; }
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
||||
EOF
|
||||
|
||||
# cat -n ~/flake.nix
|
||||
|
||||
expect ${writeText "test-nixos-rebuild-repl-absolute-path-expect" ''
|
||||
${expectSetup}
|
||||
spawn sh -c "nixos-rebuild repl --fast --flake path:\$HOME#testconf"
|
||||
|
||||
expect_simple "nix-repl>"
|
||||
|
||||
send "config.networking.hostName\n"
|
||||
expect_simple "itsme"
|
||||
|
||||
expect_simple "nix-repl>"
|
||||
send "lib.version\n"
|
||||
expect_simple ${escapeExpect (
|
||||
# The version string is a bit different in the flake lib, so we expect a prefix and ignore the rest
|
||||
# Furthermore, including the revision (suffix) would cause unnecessary rebuilds.
|
||||
# Note that a length of 4 only matches e.g. "24.
|
||||
lib.strings.substring 0 4 (lib.strings.escapeNixString lib.version))}
|
||||
|
||||
# Make sure it's the right lib - should be the flake lib, not Nixpkgs lib.
|
||||
expect_simple "nix-repl>"
|
||||
send "lib?nixosSystem\n"
|
||||
expect_simple "true"
|
||||
expect_simple "nix-repl>"
|
||||
send "lib?nixos\n"
|
||||
expect_simple "true"
|
||||
''}
|
||||
|
||||
pushd "$HOME"
|
||||
expect ${writeText "test-nixos-rebuild-repl-relative-path-expect" ''
|
||||
${expectSetup}
|
||||
spawn sh -c "nixos-rebuild repl --fast --flake .#testconf"
|
||||
|
||||
expect_simple "nix-repl>"
|
||||
|
||||
send "config.networking.hostName\n"
|
||||
expect_simple "itsme"
|
||||
''}
|
||||
popd
|
||||
|
||||
echo
|
||||
|
||||
#########
|
||||
echo Done
|
||||
touch $out
|
||||
''
|
|
@ -7,10 +7,7 @@ in
|
|||
self: super: {
|
||||
selfExpr = let
|
||||
config = builtins.removeAttrs self.config [ "_undeclared" ];
|
||||
configJson = self.lib.pipe config [
|
||||
(self.lib.filterAttrsRecursive (_: v: !self.lib.isFunction v))
|
||||
builtins.toJSON
|
||||
];
|
||||
configJson = builtins.toJSON config;
|
||||
|
||||
getSelfExpr = {
|
||||
useConfig ? true,
|
||||
|
|
Loading…
Reference in a new issue