noXLibs is an advanced option for advanced users which know how to recognize and debug build failures which might be caused by the added overlays.
The minimal profile should be minimal but also save to use for many people and not cause build failures in packages it really shouldn't.
When building an image, rather than operating on a real partition,
there's no need to have sfdisk tell the kernel to reread the partition
table. This also avoids a call to sync(2), which could be very
expensive depending on what other IO is going on on the system at the time.
The comment says this is required by other modules but to be honest, I
cannot see where. Bootloaders will be included automatically by nixos
generation if their `installBootLoader` attribute references it.
This helps us to make kexec images even smaller espeically when
combined with the perlless profile.
Contrary to the official documentation, setting only enable_uart=1 will
not fix VPU core clock frequency for Raspberry Pi 3, which cause the
mini UART serial output to be garbaled. Manually setting core_freq to
the documented value 250 resolves the issue.
these changes were generated with nixq 0.0.2, by running
nixq ">> lib.mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> mdDoc[remove] Argument[keep]" --batchmode nixos/**.nix
nixq ">> Inherit >> mdDoc[remove]" --batchmode nixos/**.nix
two mentions of the mdDoc function remain in nixos/, both of which
are inside of comments.
Since lib.mdDoc is already defined as just id, this commit is a no-op as
far as Nix (and the built manual) is concerned.
PR #256638 inadvertently introduced a bug in `nixos-generate-config` whereby it
would never put `bcache` into the `availableKernelModules` for the initrd.
This is because the `qr` operator in Perl returns a regex object, rather than
matching it; the regex object evaluates to true, making the filter expression
effectively `grep(!true, @bcacheDevices)`, which will always return an empty
list.
Right now the worst case chain of events for building an ISO on Hydra is
- copy everything to squashfs builder
- run squashfs builder
- download squashfs from builder
- compress squashfs
- upload squashfs to S3
- copy squashfs to ISO builder
- run ISO builder
- download ISO from builder
- compress ISO
- upload ISO to S3
This inlines the squashfs build into the ISO build, which makes it
- copy everything to ISO builder
- run ISO builder
- download ISO from builder
- compress ISO
- upload ISO to S3
Which should reduce queue runner load by $alot per ISO, which we have four of on small channels
(one release, one test per arch) and a lot more than four of on large channels (with various desktops)
this lets us *dis*able filesystem explicitly, as is required by e.g. the
zfs-less installer images. currently that specifically is only easily
possible by adding an overlay that stubs out `zfs`, with the obvious
side-effect of also removing tooling that could run without the kernel
module loaded.
When building kexec-based installer every mb saved will reduce the RAM usage and allow to install NixOS on smaller machines.
It also means that less data has to be downloaded from the network.
When using flakes or niv we no longer rely on nix channels beeing present
and when using something like nixos-anywhere, we no longer need to evaluate anything in the installer at all.
This script would always "detect" the "powersave" governor as it is available on
practically all CPUs while the "ondemand" governor is only available on some old
CPUs.
IME the "powersave" governor barely provides any power savings but introduces
massive performance deficits, including noticable stuttering. This is not the
default experience we should offer users, even for those who use laptops.
Use the kernel default (currently "performance", CPU makers may change it in
future) instead.
[Motivation](https://github.com/NixOS/nixpkgs/issues/257817#issuecomment-1741705042):
- Having all the XKB options in the same attribute set clarifies their
relation better than using a common option name prefix ("xkb").
- `services.xserver.layout` is an XKB option, but this is not obvious
from its name. Putting it with the other XKB options clarifies this.
Co-authored-by: Michele Guerini Rocco <rnhmjoj@users.noreply.github.com>
Relying on the built-in UEFI console here was already necessary, so we
are losing nothing by removing the needless `serial` call, which hung
some systems.
This also makes the implementation much easier to understand.
Also, no ugly-font menu anymore!
This helps keep logic simpler, as what we do is forcing text mode, which
means the non-default case is `truthy`, making things easier to digest
in the config file.
Also renaming this option is considered "internal", since it lives only
within the `iso-image` namespace, and also not a breaking change since
it was not part of a stable release.
Which ***anyway*** was not disabled correctly. Following changes will
actually disable it.
What this did was disable the "themed" menu driver, but still continued
relying on the gfxterm infra, which in itself is why things were ugly
and weird.
The `serial` console hangs on some systems. Unknown why.
Anyway, the way this worked right now relied on it telling the user on
the UEFI console how to enable it. So if I understand it correctly, it
will not cause any regression there.
- Move contents of README.md from
nixos/modules/installer/tools/manpages/ to
nixos/doc/manual/contributing-to-this-manual.chapter.md.
- Don't mention DocBook as its obsolete and too specific.
- Rename derivation attribute name of configuration.nix(5) manual page,
both on the `contributing-to-this-manual.chapter.md`, and in other
places.
Since each such `nixos-*` tool has it's own derivation, exposed in pkgs,
There is no point in separating the manuals from the packages. If
someone wishes to have the tools without the manuals, they can use
meta.outputsToInstall to disable the installation of the manpages of
these packages. This Fixes#244450.
After building the target system, `nixos-install` tries to remove `/mnt`
on the target filesystem. And the script may fail without any explanation,
if `/mnt` isn't empty.
This commit makes the installation process carry on even if there are
files under `/mnt`.
See https://github.com/NixOS/nixpkgs/issues/244643.
Although 'lib' isn't needed by the default configuration, new NixOS uses
can get confused when being recommended configuration.nix snippets like
systemd.services.NetworkManager-wait-online.enable = lib.mkForce false;
and have `sudo nixos-rebuild switch` fail with
error: undefined variable 'lib'
swraid support will now only be enabled by default if stateVersion is
older than 23.11. nixos-generate-config will now generate explicit
config for enabling support if needed.
This is copied from isoImage.squashfsCompression. It's useful to be
able to customise, as iteration cycles are very slow with xz, and
subjectively systems booted with less efficiently compressed squashfs
stores appear to have faster reads (although I didn't test that
scientificly so there could be other factors).
The single option tries to do too much work, which just ends up confusing people.
So:
- don't force the console font, the kernel can figure this out as of #210205
- don't force the systemd-boot mode, it's an awkward mode that's not supported
on most things and will break flicker-free boot
- add a separate option for the xorg cursor scaling trick and move it under the xorg namespace
- add a general `fonts.optimizeForVeryHighDPI` option that explicitly says what it does
- alias the old option to that
- don't set any of those automatically in nixos-generate-config
Guest operating systems inside VMs or containers can't update the host CPU's microcode for obvious security reasons, so setting the `hardware.cpu.*.updateMicrocode` options is pointless.
This change adds an option to disable legacy BIOS boot support for ISO
images. The implementation uses syslinux package that currently does not
support non-x86 platforms and thus cannot be cross-compiled, e.g. from
AArch64 system.
adding two graphical programs makes a strong assmuption that users will
use a graphical environment.
add a command line program as an alternative suggestion that is easy to
comment in as a first-steps measure.
This builds on top of nixpkgs mainline 00d8347180
with the following two PRs cherry-picked:
- https://github.com/NixOS/nixpkgs/pull/192670
- https://github.com/NixOS/nixpkgs/pull/192668
using the following command:
```
nix build -f nixos -L \
-I nixos-config=nixos/modules/installer/sd-card/sd-image-powerpc64le.nix \
config.system.build.sdImage
```
I was able to successfully boot the image, although it boots to a login prompt
rather than a shell, and won't accept the empty password for `root`. I guess
I'll have to figure out why that is.
To boot the image: `zstd`-decompress the it, mount it, and use `kexec`:
```
cd boot/nixos
kexec -l \
*-vmlinux \
--initrd *-initrd \
--dt-no-old-root \
--command-line="$(grep APPEND ../extlinux/extlinux.conf | sed 's_^ *APPEND *__')"
```
The machine I used for testing has only one storage device which is completely
allocated to LVM. It appears that the NixOS ISO loader doesn't look for
partition tables within LVM volumes. To work aroundn this, I had to extract the
`ext4` image within the partition table within the `sd-card` image and put that
in its own LVM volume. This likely won't be an obstacle for users who write the
image to a USB stick or similar.
According to the Unicode Standard, you should use U+2019 RIGHT SINGLE
QUOTATION MARK for apostrophes [1]. Before this change, some of the text
in this repo would use U+2018 LEFT SINGLE QUOTATION MARKs instead.
[1]: https://www.unicode.org/versions/Unicode15.0.0/ch06.pdf#G12411
This moves the creation of the bind mount inside the `nixos-enter`
invocation. The command are executed in an unshared mount namespace, so
they can be run as an unprivileged user.
Although we don't really need HTML documentation in the minimal installer,
not including it may cause annoying cache misses in the case of the NixOS manual.
When installing NixOS in the target filesystem /mnt, paths relative to
configuration.nix in `initrd.secrets` are turned by Nix into absolute
paths that reference /mnt. While building the system derivation works,
installing the bootloader fails because the latter process takes place
inside the chroot environment where /mnt does not exist.
Ideally, we would also build the system within chroot, but this greatly
complicates the matter as it requires manually copying over Nix, its
runtime dependencies and all channels. Possibly, this would also break
several assumptions users have about how nixos-install works.
A simpler and safer (but less neat) solution is to temporarily bind
mount all mount points in /mnt under /mnt/mnt to keep the paths
functional while the bootloader is being installed.
This is essentially the workaround described in issue #73404.
