commit 0bdba6c99bc6db6fd8ea15de3fa10a3c0563ef9f · pyrox.dev/nixpkgs

+14

nixos/doc/manual/release-notes/rl-2311.section.md

···

       45
        
       - A new option was added to the virtualisation module that enables specifying explicitly named network interfaces in QEMU VMs. The existing `virtualisation.vlans` is still supported for cases where the name of the network interface is irrelevant.

     

       46
        
       

     

       47
        
       - `services.nginx` gained a `defaultListen` option at server-level with support for PROXY protocol listeners, also `proxyProtocol` is now exposed in `services.nginx.virtualHosts.<name>.listen` option. It is now possible to run PROXY listeners and non-PROXY listeners at a server-level, see [#213510](https://github.com/NixOS/nixpkgs/pull/213510/) for more details.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0

···

       45
        
       - A new option was added to the virtualisation module that enables specifying explicitly named network interfaces in QEMU VMs. The existing `virtualisation.vlans` is still supported for cases where the name of the network interface is irrelevant.

     

       46
        
       

     

       47
        
       - `services.nginx` gained a `defaultListen` option at server-level with support for PROXY protocol listeners, also `proxyProtocol` is now exposed in `services.nginx.virtualHosts.<name>.listen` option. It is now possible to run PROXY listeners and non-PROXY listeners at a server-level, see [#213510](https://github.com/NixOS/nixpkgs/pull/213510/) for more details.

     

       48
       +
       

     

       49
       +
       ## Nixpkgs internals {#sec-release-23.11-nixpkgs-internals}

     

       50
       +
       

     

       51
       +
       - The `qemu-vm.nix` module by default now identifies block devices via

     

       52
       +
         persistent names available in `/dev/disk/by-*`. Because the rootDevice is

     

       53
       +
         identfied by its filesystem label, it needs to be formatted before the VM is

     

       54
       +
         started. The functionality of automatically formatting the rootDevice in the

     

       55
       +
         initrd is removed from the QEMU module. However, for tests that depend on

     

       56
       +
         this functionality, a test utility for the scripted initrd is added

     

       57
       +
         (`nixos/tests/common/auto-format-root-device.nix`). To use this in a NixOS

     

       58
       +
         test, import the module, e.g. `imports = [

     

       59
       +
         ./common/auto-format-root-device.nix ];` When you use the systemd initrd, you

     

       60
       +
         can automatically format the root device by setting

     

       61
       +
         `virtualisation.fileSystems."/".autoFormat = true;`.

nixos/lib/make-disk-image.nix

···

       573
        
               # In this throwaway resource, we only have /dev/vda, but the actual VM may refer to another disk for bootloader, e.g. /dev/vdb

     

       574
        
               # Use this option to create a symlink from vda to any arbitrary device you want.

     

       575
        
               ${optionalString (config.boot.loader.grub.device != "/dev/vda") ''

     

       0
        
       
     

       576
        
                   ln -s /dev/vda ${config.boot.loader.grub.device}

     

       577
        
               ''}

     

       578

···

       573
        
               # In this throwaway resource, we only have /dev/vda, but the actual VM may refer to another disk for bootloader, e.g. /dev/vdb

     

       574
        
               # Use this option to create a symlink from vda to any arbitrary device you want.

     

       575
        
               ${optionalString (config.boot.loader.grub.device != "/dev/vda") ''

     

       576
       +
                   mkdir -p $(dirname ${config.boot.loader.grub.device})

     

       577
        
                   ln -s /dev/vda ${config.boot.loader.grub.device}

     

       578
        
               ''}

     

       579

+63 -96

nixos/modules/virtualisation/qemu-vm.nix

···

       81
        
       

     

       82
        
         drivesCmdLine = drives: concatStringsSep "\\\n    " (imap1 driveCmdline drives);

     

       83
        
       

     

       84
       -
       

     

       85
       -
         # Creates a device name from a 1-based a numerical index, e.g.

     

       86
       -
         # * `driveDeviceName 1` -> `/dev/vda`

     

       87
       -
         # * `driveDeviceName 2` -> `/dev/vdb`

     

       88
       -
         driveDeviceName = idx:

     

       89
       -
           let letter = elemAt lowerChars (idx - 1);

     

       90
       -
           in if cfg.qemu.diskInterface == "scsi" then

     

       91
       -
             "/dev/sd${letter}"

     

       92
       -
           else

     

       93
       -
             "/dev/vd${letter}";

     

       94
       -
       

     

       95
       -
         lookupDriveDeviceName = driveName: driveList:

     

       96
       -
           (findSingle (drive: drive.name == driveName)

     

       97
       -
             (throw "Drive ${driveName} not found")

     

       98
       -
             (throw "Multiple drives named ${driveName}") driveList).device;

     

       99
       -
       

     

       100
       -
         addDeviceNames =

     

       101
       -
           imap1 (idx: drive: drive // { device = driveDeviceName idx; });

     

       102
       -
       

     

       103
        
         # Shell script to start the VM.

     

       104
        
         startVM =

     

       105
        
           ''

     
···

       109
        
       

     

       110
        
             set -e

     

       111
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       112
        
             NIX_DISK_IMAGE=$(readlink -f "''${NIX_DISK_IMAGE:-${toString config.virtualisation.diskImage}}") || test -z "$NIX_DISK_IMAGE"

     

       113
        
       

     

       114
        
             if test -n "$NIX_DISK_IMAGE" && ! test -e "$NIX_DISK_IMAGE"; then

     

       115
        
                 echo "Disk image do not exist, creating the virtualisation disk image..."

     

       116
       -
                 # If we are using a bootloader and default filesystems layout.

     

       117
       -
                 # We have to reuse the system image layout as a backing image format (CoW)

     

       118
       -
                 # So we can write on the top of it.

     

       119
        
       

     

       120
       -
                 # If we are not using the default FS layout, potentially, we are interested into

     

       121
       -
                 # performing operations in postDeviceCommands or at early boot on the raw device.

     

       122
       -
                 # We can still boot through QEMU direct kernel boot feature.

     

       123
        
       

     

       124
       -
                 # CoW prevent size to be attributed to an image.

     

       125
       -
                 # FIXME: raise this issue to upstream.

     

       126
       -
                 ${qemu}/bin/qemu-img create \

     

       127
       -
                 ${concatStringsSep " \\\n" ([ "-f qcow2" ]

     

       128
       -
                 ++ optional (cfg.useBootLoader && cfg.useDefaultFilesystems) "-F qcow2 -b ${systemImage}/nixos.qcow2"

     

       129
       -
                 ++ optional (!(cfg.useBootLoader && cfg.useDefaultFilesystems)) "-o size=${toString config.virtualisation.diskSize}M"

     

       130
       -
                 ++ [ ''"$NIX_DISK_IMAGE"'' ])}

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       131
        
                 echo "Virtualisation disk image created."

     

       132
        
             fi

     

       133
        
       

     
···

       148
        
                     ${pkgs.erofs-utils}/bin/mkfs.erofs \

     

       149
        
                       --force-uid=0 \

     

       150
        
                       --force-gid=0 \

     

       0
        
       
     

       151
        
                       -U eb176051-bd15-49b7-9e6b-462e0b467019 \

     

       152
        
                       -T 0 \

     

       153
        
                       --exclude-regex="$(

     
···

       218
        
       

     

       219
        
         regInfo = pkgs.closureInfo { rootPaths = config.virtualisation.additionalPaths; };

     

       220
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       221
        
         # System image is akin to a complete NixOS install with

     

       222
        
         # a boot partition and root partition.

     

       223
        
         systemImage = import ../../lib/make-disk-image.nix {

     
···

       225
        
           additionalPaths = [ regInfo ];

     

       226
        
           format = "qcow2";

     

       227
        
           onlyNixStore = false;

     

       0
        
       
     

       228
        
           partitionTableType = selectPartitionTableLayout { inherit (cfg) useDefaultFilesystems useEFIBoot; };

     

       229
        
           # Bootloader should be installed on the system image only if we are booting through bootloaders.

     

       230
        
           # Though, if a user is not using our default filesystems, it is possible to not have any ESP

     
···

       247
        
           additionalPaths = [ regInfo ];

     

       248
        
           format = "qcow2";

     

       249
        
           onlyNixStore = true;

     

       0
        
       
     

       250
        
           partitionTableType = "none";

     

       251
        
           installBootLoader = false;

     

       252
        
           touchEFIVars = false;

     
···

       255
        
           copyChannel = false;

     

       256
        
         };

     

       257
        
       

     

       258
       -
         bootConfiguration =

     

       259
       -
           if cfg.useDefaultFilesystems

     

       260
       -
           then

     

       261
       -
             if cfg.useBootLoader

     

       262
       -
             then

     

       263
       -
               if cfg.useEFIBoot then "efi_bootloading_with_default_fs"

     

       264
       -
               else "legacy_bootloading_with_default_fs"

     

       265
       -
             else

     

       266
       -
               if cfg.directBoot.enable then "direct_boot_with_default_fs"

     

       267
       -
               else "custom"

     

       268
       -
           else

     

       269
       -
             "custom";

     

       270
       -
         suggestedRootDevice = {

     

       271
       -
           "efi_bootloading_with_default_fs" = "${cfg.bootLoaderDevice}2";

     

       272
       -
           "legacy_bootloading_with_default_fs" = "${cfg.bootLoaderDevice}1";

     

       273
       -
           "direct_boot_with_default_fs" = cfg.bootLoaderDevice;

     

       274
       -
           # This will enforce a NixOS module type checking error

     

       275
       -
           # to ask explicitly the user to set a rootDevice.

     

       276
       -
           # As it will look like `rootDevice = lib.mkDefault null;` after

     

       277
       -
           # all "computations".

     

       278
       -
           "custom" = null;

     

       279
       -
         }.${bootConfiguration};

     

       280
        
       in

     

       281
        
       

     

       282
        
       {

     
···

       343
        
           virtualisation.bootLoaderDevice =

     

       344
        
             mkOption {

     

       345
        
               type = types.path;

     

       346
       -
               default = lookupDriveDeviceName "root" cfg.qemu.drives;

     

       347
       -
               defaultText = literalExpression ''lookupDriveDeviceName "root" cfg.qemu.drives'';

     

       348
       -
               example = "/dev/vda";

     

       349
        
               description =

     

       350
        
                 lib.mdDoc ''

     

       351
       -
                   The disk to be used for the boot filesystem.

     

       352
       -
                   By default, it is the same disk as the root filesystem.

     

       353
        
                 '';

     

       354
        
               };

     

       355
        
       

     

       356
        
           virtualisation.bootPartition =

     

       357
        
             mkOption {

     

       358
        
               type = types.nullOr types.path;

     

       359
       -
               default = if cfg.useEFIBoot then "${cfg.bootLoaderDevice}1" else null;

     

       360
       -
               defaultText = literalExpression ''if cfg.useEFIBoot then "''${cfg.bootLoaderDevice}1" else null'';

     

       361
       -
               example = "/dev/vda1";

     

       362
        
               description =

     

       363
        
                 lib.mdDoc ''

     

       364
       -
                   The boot partition to be used to mount /boot filesystem.

     

       365
       -
                   In legacy boots, this should be null.

     

       366
       -
                   By default, in EFI boot, it is the first partition of the boot device.

     

       0
        
       
     

       367
        
                 '';

     

       368
        
             };

     

       369
        
       

     

       370
        
           virtualisation.rootDevice =

     

       371
        
             mkOption {

     

       372
        
               type = types.nullOr types.path;

     

       373
       -
               example = "/dev/vda2";

     

       0
        
       
     

       0
        
       
     

       374
        
               description =

     

       375
        
                 lib.mdDoc ''

     

       376
       -
                   The disk or partition to be used for the root filesystem.

     

       377
       -
                   By default (read the source code for more details):

     

       378
       -
       

     

       379
       -
                   - under EFI with a bootloader: 2nd partition of the boot disk

     

       380
       -
                   - in legacy boot with a bootloader: 1st partition of the boot disk

     

       381
       -
                   - in direct boot (i.e. without a bootloader): whole disk

     

       382
       -
       

     

       383
       -
                   In case you are not using a default boot device or a default filesystem, you have to set explicitly your root device.

     

       384
        
                 '';

     

       385
        
             };

     

       386
        
       

     
···

       711
        
               mkOption {

     

       712
        
                 type = types.listOf (types.submodule driveOpts);

     

       713
        
                 description = lib.mdDoc "Drives passed to qemu.";

     

       714
       -
                 apply = addDeviceNames;

     

       715
        
               };

     

       716
        
       

     

       717
        
             diskInterface =

     
···

       975
        
           # FIXME: make a sense of this mess wrt to multiple ESP present in the system, probably use boot.efiSysMountpoint?

     

       976
        
           boot.loader.grub.device = mkVMOverride (if cfg.useEFIBoot then "nodev" else cfg.bootLoaderDevice);

     

       977
        
           boot.loader.grub.gfxmodeBios = with cfg.resolution; "${toString x}x${toString y}";

     

       978
       -
           virtualisation.rootDevice = mkDefault suggestedRootDevice;

     

       979
        
       

     

       980
        
           boot.initrd.kernelModules = optionals (cfg.useNixStoreImage && !cfg.writableStore) [ "erofs" ];

     

       981
        
       

     

       982
        
           boot.loader.supportsInitrdSecrets = mkIf (!cfg.useBootLoader) (mkVMOverride false);

     

       983
        
       

     

       984
       -
           boot.initrd.extraUtilsCommands = lib.mkIf (cfg.useDefaultFilesystems && !config.boot.initrd.systemd.enable)

     

       985
       -
             ''

     

       986
       -
               # We need mke2fs in the initrd.

     

       987
       -
               copy_bin_and_libs ${pkgs.e2fsprogs}/bin/mke2fs

     

       988
       -
             '';

     

       989
       -
       

     

       990
       -
           boot.initrd.postDeviceCommands = lib.mkIf (cfg.useDefaultFilesystems && !config.boot.initrd.systemd.enable)

     

       991
       -
             ''

     

       992
       -
               # If the disk image appears to be empty, run mke2fs to

     

       993
       -
               # initialise.

     

       994
       -
               FSTYPE=$(blkid -o value -s TYPE ${cfg.rootDevice} || true)

     

       995
       -
               PARTTYPE=$(blkid -o value -s PTTYPE ${cfg.rootDevice} || true)

     

       996
       -
               if test -z "$FSTYPE" -a -z "$PARTTYPE"; then

     

       997
       -
                   mke2fs -t ext4 ${cfg.rootDevice}

     

       998
       -
               fi

     

       999
       -
             '';

     

       1000
       -
       

     

       1001
        
           boot.initrd.postMountCommands = lib.mkIf (!config.boot.initrd.systemd.enable)

     

       1002
        
             ''

     

       1003
        
               # Mark this as a NixOS machine.

     
···

       1112
        
               driveExtraOpts.cache = "writeback";

     

       1113
        
               driveExtraOpts.werror = "report";

     

       1114
        
               deviceExtraOpts.bootindex = "1";

     

       0
        
       
     

       1115
        
             }])

     

       1116
        
             (mkIf cfg.useNixStoreImage [{

     

       1117
        
               name = "nix-store";

     
···

       1154
        
               } else {

     

       1155
        
                 device = cfg.rootDevice;

     

       1156
        
                 fsType = "ext4";

     

       1157
       -
                 autoFormat = true;

     

       1158
        
               });

     

       1159
        
               "/tmp" = lib.mkIf config.boot.tmp.useTmpfs {

     

       1160
        
                 device = "tmpfs";

     
···

       1164
        
                 options = [ "mode=1777" "strictatime" "nosuid" "nodev" "size=${toString config.boot.tmp.tmpfsSize}" ];

     

       1165
        
               };

     

       1166
        
               "/nix/${if cfg.writableStore then ".ro-store" else "store"}" = lib.mkIf cfg.useNixStoreImage {

     

       1167
       -
                 device = "${lookupDriveDeviceName "nix-store" cfg.qemu.drives}";

     

       1168
        
                 neededForBoot = true;

     

       1169
        
                 options = [ "ro" ];

     

       1170
        
               };

     
···

       1174
        
                 neededForBoot = true;

     

       1175
        
               };

     

       1176
        
               "/boot" = lib.mkIf (cfg.useBootLoader && cfg.bootPartition != null) {

     

       1177
       -
                 device = cfg.bootPartition; # 1 for e.g. `vda1`, as created in `systemImage`

     

       1178
        
                 fsType = "vfat";

     

       1179
        
                 noCheck = true; # fsck fails on a r/o filesystem

     

       1180
        
               };

···

       81
        
       

     

       82
        
         drivesCmdLine = drives: concatStringsSep "\\\n    " (imap1 driveCmdline drives);

     

       83
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       84
        
         # Shell script to start the VM.

     

       85
        
         startVM =

     

       86
        
           ''

     
···

       90
        
       

     

       91
        
             set -e

     

       92
        
       

     

       93
       +
             # Create an empty ext4 filesystem image. A filesystem image does not

     

       94
       +
             # contain a partition table but just a filesystem.

     

       95
       +
             createEmptyFilesystemImage() {

     

       96
       +
               local name=$1

     

       97
       +
               local size=$2

     

       98
       +
               local temp=$(mktemp)

     

       99
       +
               ${qemu}/bin/qemu-img create -f raw "$temp" "$size"

     

       100
       +
               ${pkgs.e2fsprogs}/bin/mkfs.ext4 -L ${rootFilesystemLabel} "$temp"

     

       101
       +
               ${qemu}/bin/qemu-img convert -f raw -O qcow2 "$temp" "$name"

     

       102
       +
               rm "$temp"

     

       103
       +
             }

     

       104
       +
       

     

       105
        
             NIX_DISK_IMAGE=$(readlink -f "''${NIX_DISK_IMAGE:-${toString config.virtualisation.diskImage}}") || test -z "$NIX_DISK_IMAGE"

     

       106
        
       

     

       107
        
             if test -n "$NIX_DISK_IMAGE" && ! test -e "$NIX_DISK_IMAGE"; then

     

       108
        
                 echo "Disk image do not exist, creating the virtualisation disk image..."

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       109
        
       

     

       110
       +
                 ${if (cfg.useBootLoader && cfg.useDefaultFilesystems) then ''

     

       111
       +
                   # Create a writable qcow2 image using the systemImage as a backing

     

       112
       +
                   # image.

     

       113
        
       

     

       114
       +
                   # CoW prevent size to be attributed to an image.

     

       115
       +
                   # FIXME: raise this issue to upstream.

     

       116
       +
                   ${qemu}/bin/qemu-img create \

     

       117
       +
                     -f qcow2 \

     

       118
       +
                     -b ${systemImage}/nixos.qcow2 \

     

       119
       +
                     -F qcow2 \

     

       120
       +
                     "$NIX_DISK_IMAGE"

     

       121
       +
                 '' else if cfg.useDefaultFilesystems then ''

     

       122
       +
                   createEmptyFilesystemImage "$NIX_DISK_IMAGE" "${toString cfg.diskSize}M"

     

       123
       +
                 '' else ''

     

       124
       +
                   # Create an empty disk image without a filesystem.

     

       125
       +
                   ${qemu}/bin/qemu-img create -f qcow2 "$NIX_DISK_IMAGE" "${toString cfg.diskSize}M"

     

       126
       +
                 ''

     

       127
       +
                 }

     

       128
        
                 echo "Virtualisation disk image created."

     

       129
        
             fi

     

       130
        
       

     
···

       145
        
                     ${pkgs.erofs-utils}/bin/mkfs.erofs \

     

       146
        
                       --force-uid=0 \

     

       147
        
                       --force-gid=0 \

     

       148
       +
                       -L ${nixStoreFilesystemLabel} \

     

       149
        
                       -U eb176051-bd15-49b7-9e6b-462e0b467019 \

     

       150
        
                       -T 0 \

     

       151
        
                       --exclude-regex="$(

     
···

       216
        
       

     

       217
        
         regInfo = pkgs.closureInfo { rootPaths = config.virtualisation.additionalPaths; };

     

       218
        
       

     

       219
       +
         # Use well-defined and persistent filesystem labels to identify block devices.

     

       220
       +
         rootFilesystemLabel = "nixos";

     

       221
       +
         espFilesystemLabel = "ESP"; # Hard-coded by make-disk-image.nix

     

       222
       +
         nixStoreFilesystemLabel = "nix-store";

     

       223
       +
       

     

       224
       +
         # The root drive is a raw disk which does not necessarily contain a

     

       225
       +
         # filesystem or partition table. It thus cannot be identified via the typical

     

       226
       +
         # persistent naming schemes (e.g. /dev/disk/by-{label, uuid, partlabel,

     

       227
       +
         # partuuid}. Instead, supply a well-defined and persistent serial attribute

     

       228
       +
         # via QEMU. Inside the running system, the disk can then be identified via

     

       229
       +
         # the /dev/disk/by-id scheme.

     

       230
       +
         rootDriveSerialAttr = "root";

     

       231
       +
       

     

       232
        
         # System image is akin to a complete NixOS install with

     

       233
        
         # a boot partition and root partition.

     

       234
        
         systemImage = import ../../lib/make-disk-image.nix {

     
···

       236
        
           additionalPaths = [ regInfo ];

     

       237
        
           format = "qcow2";

     

       238
        
           onlyNixStore = false;

     

       239
       +
           label = rootFilesystemLabel;

     

       240
        
           partitionTableType = selectPartitionTableLayout { inherit (cfg) useDefaultFilesystems useEFIBoot; };

     

       241
        
           # Bootloader should be installed on the system image only if we are booting through bootloaders.

     

       242
        
           # Though, if a user is not using our default filesystems, it is possible to not have any ESP

     
···

       259
        
           additionalPaths = [ regInfo ];

     

       260
        
           format = "qcow2";

     

       261
        
           onlyNixStore = true;

     

       262
       +
           label = nixStoreFilesystemLabel;

     

       263
        
           partitionTableType = "none";

     

       264
        
           installBootLoader = false;

     

       265
        
           touchEFIVars = false;

     
···

       268
        
           copyChannel = false;

     

       269
        
         };

     

       270
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       271
        
       in

     

       272
        
       

     

       273
        
       {

     
···

       334
        
           virtualisation.bootLoaderDevice =

     

       335
        
             mkOption {

     

       336
        
               type = types.path;

     

       337
       +
               default = "/dev/disk/by-id/virtio-${rootDriveSerialAttr}";

     

       338
       +
               defaultText = literalExpression ''/dev/disk/by-id/virtio-${rootDriveSerialAttr}'';

     

       339
       +
               example = "/dev/disk/by-id/virtio-boot-loader-device";

     

       340
        
               description =

     

       341
        
                 lib.mdDoc ''

     

       342
       +
                   The path (inside th VM) to the device to boot from when legacy booting.

     

       0
        
       
     

       343
        
                 '';

     

       344
        
               };

     

       345
        
       

     

       346
        
           virtualisation.bootPartition =

     

       347
        
             mkOption {

     

       348
        
               type = types.nullOr types.path;

     

       349
       +
               default = if cfg.useEFIBoot then "/dev/disk/by-label/${espFilesystemLabel}" else null;

     

       350
       +
               defaultText = literalExpression ''if cfg.useEFIBoot then "/dev/disk/by-label/${espFilesystemLabel}" else null'';

     

       351
       +
               example = "/dev/disk/by-label/esp";

     

       352
        
               description =

     

       353
        
                 lib.mdDoc ''

     

       354
       +
                   The path (inside the VM) to the device containing the EFI System Partition (ESP).

     

       355
       +
       

     

       356
       +
                   If you are *not* booting from a UEFI firmware, this value is, by

     

       357
       +
                   default, `null`. The ESP is mounted under `/boot`.

     

       358
        
                 '';

     

       359
        
             };

     

       360
        
       

     

       361
        
           virtualisation.rootDevice =

     

       362
        
             mkOption {

     

       363
        
               type = types.nullOr types.path;

     

       364
       +
               default = "/dev/disk/by-label/${rootFilesystemLabel}";

     

       365
       +
               defaultText = literalExpression ''/dev/disk/by-label/${rootFilesystemLabel}'';

     

       366
       +
               example = "/dev/disk/by-label/nixos";

     

       367
        
               description =

     

       368
        
                 lib.mdDoc ''

     

       369
       +
                   The path (inside the VM) to the device containing the root filesystem.

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       370
        
                 '';

     

       371
        
             };

     

       372
        
       

     
···

       697
        
               mkOption {

     

       698
        
                 type = types.listOf (types.submodule driveOpts);

     

       699
        
                 description = lib.mdDoc "Drives passed to qemu.";

     

       0
        
       
     

       700
        
               };

     

       701
        
       

     

       702
        
             diskInterface =

     
···

       960
        
           # FIXME: make a sense of this mess wrt to multiple ESP present in the system, probably use boot.efiSysMountpoint?

     

       961
        
           boot.loader.grub.device = mkVMOverride (if cfg.useEFIBoot then "nodev" else cfg.bootLoaderDevice);

     

       962
        
           boot.loader.grub.gfxmodeBios = with cfg.resolution; "${toString x}x${toString y}";

     

       0
        
       
     

       963
        
       

     

       964
        
           boot.initrd.kernelModules = optionals (cfg.useNixStoreImage && !cfg.writableStore) [ "erofs" ];

     

       965
        
       

     

       966
        
           boot.loader.supportsInitrdSecrets = mkIf (!cfg.useBootLoader) (mkVMOverride false);

     

       967
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       968
        
           boot.initrd.postMountCommands = lib.mkIf (!config.boot.initrd.systemd.enable)

     

       969
        
             ''

     

       970
        
               # Mark this as a NixOS machine.

     
···

       1079
        
               driveExtraOpts.cache = "writeback";

     

       1080
        
               driveExtraOpts.werror = "report";

     

       1081
        
               deviceExtraOpts.bootindex = "1";

     

       1082
       +
               deviceExtraOpts.serial = rootDriveSerialAttr;

     

       1083
        
             }])

     

       1084
        
             (mkIf cfg.useNixStoreImage [{

     

       1085
        
               name = "nix-store";

     
···

       1122
        
               } else {

     

       1123
        
                 device = cfg.rootDevice;

     

       1124
        
                 fsType = "ext4";

     

       0
        
       
     

       1125
        
               });

     

       1126
        
               "/tmp" = lib.mkIf config.boot.tmp.useTmpfs {

     

       1127
        
                 device = "tmpfs";

     
···

       1131
        
                 options = [ "mode=1777" "strictatime" "nosuid" "nodev" "size=${toString config.boot.tmp.tmpfsSize}" ];

     

       1132
        
               };

     

       1133
        
               "/nix/${if cfg.writableStore then ".ro-store" else "store"}" = lib.mkIf cfg.useNixStoreImage {

     

       1134
       +
                 device = "/dev/disk/by-label/${nixStoreFilesystemLabel}";

     

       1135
        
                 neededForBoot = true;

     

       1136
        
                 options = [ "ro" ];

     

       1137
        
               };

     
···

       1141
        
                 neededForBoot = true;

     

       1142
        
               };

     

       1143
        
               "/boot" = lib.mkIf (cfg.useBootLoader && cfg.bootPartition != null) {

     

       1144
       +
                 device = cfg.bootPartition;

     

       1145
        
                 fsType = "vfat";

     

       1146
        
                 noCheck = true; # fsck fails on a r/o filesystem

     

       1147
        
               };

+29

nixos/tests/common/auto-format-root-device.nix

···

       1
       +
       # This is a test utility that automatically formats

     

       2
       +
       # `config.virtualisation.rootDevice` in the initrd.

     

       3
       +
       # Note that when you are using

     

       4
       +
       # `boot.initrd.systemd.enable = true`, you can use

     

       5
       +
       # `virtualisation.fileSystems."/".autoFormat = true;`

     

       6
       +
       # instead.

     

       7
       +
       

     

       8
       +
       { config, pkgs, ... }:

     

       9
       +
       

     

       10
       +
       let

     

       11
       +
         rootDevice = config.virtualisation.rootDevice;

     

       12
       +
       in

     

       13
       +
       {

     

       14
       +
       

     

       15
       +
         boot.initrd.extraUtilsCommands = ''

     

       16
       +
           # We need mke2fs in the initrd.

     

       17
       +
           copy_bin_and_libs ${pkgs.e2fsprogs}/bin/mke2fs

     

       18
       +
         '';

     

       19
       +
       

     

       20
       +
         boot.initrd.postDeviceCommands = ''

     

       21
       +
           # If the disk image appears to be empty, run mke2fs to

     

       22
       +
           # initialise.

     

       23
       +
           FSTYPE=$(blkid -o value -s TYPE ${rootDevice} || true)

     

       24
       +
           PARTTYPE=$(blkid -o value -s PTTYPE ${rootDevice} || true)

     

       25
       +
           if test -z "$FSTYPE" -a -z "$PARTTYPE"; then

     

       26
       +
               mke2fs -t ext4 ${rootDevice}

     

       27
       +
           fi

     

       28
       +
         '';

     

       29
       +
       }

+7 -3

nixos/tests/fsck.nix

···

       21
        
           boot.initrd.systemd.enable = systemdStage1;

     

       22
        
         };

     

       23
        
       

     

       24
       -
         testScript = ''

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       25
        
           machine.wait_for_unit("default.target")

     

       26
        
       

     

       27
        
           with subtest("root fs is fsckd"):

     

       28
        
               machine.succeed("journalctl -b | grep '${if systemdStage1

     

       29
       -
                 then "fsck.*vda.*clean"

     

       30
       -
                 else "fsck.ext4.*/dev/vda"}'")

     

       31
        
       

     

       32
        
           with subtest("mnt fs is fsckd"):

     

       33
        
               machine.succeed("journalctl -b | grep 'fsck.*vdb.*clean'")

···

       21
        
           boot.initrd.systemd.enable = systemdStage1;

     

       22
        
         };

     

       23
        
       

     

       24
       +
         testScript =  { nodes, ...}:

     

       25
       +
         let

     

       26
       +
           rootDevice = nodes.machine.virtualisation.rootDevice;

     

       27
       +
         in

     

       28
       +
         ''

     

       29
        
           machine.wait_for_unit("default.target")

     

       30
        
       

     

       31
        
           with subtest("root fs is fsckd"):

     

       32
        
               machine.succeed("journalctl -b | grep '${if systemdStage1

     

       33
       +
                 then "fsck.*${builtins.baseNameOf rootDevice}.*clean"

     

       34
       +
                 else "fsck.ext4.*${rootDevice}"}'")

     

       35
        
       

     

       36
        
           with subtest("mnt fs is fsckd"):

     

       37
        
               machine.succeed("journalctl -b | grep 'fsck.*vdb.*clean'")

nixos/tests/hibernate.nix

···

       50
        
             imports = [

     

       51
        
               ../modules/profiles/installation-device.nix

     

       52
        
               ../modules/profiles/base.nix

     

       0
        
       
     

       53
        
             ];

     

       54
        
       

     

       55
        
             nix.settings = {

···

       50
        
             imports = [

     

       51
        
               ../modules/profiles/installation-device.nix

     

       52
        
               ../modules/profiles/base.nix

     

       53
       +
               ./common/auto-format-root-device.nix

     

       54
        
             ];

     

       55
        
       

     

       56
        
             nix.settings = {

nixos/tests/initrd-luks-empty-passphrase.nix

···

       14
        
         name = "initrd-luks-empty-passphrase";

     

       15
        
       

     

       16
        
         nodes.machine = { pkgs, ... }: {

     

       0
        
       
     

       0
        
       
     

       17
        
           virtualisation = {

     

       18
        
             emptyDiskImages = [ 512 ];

     

       19
        
             useBootLoader = true;

     
···

       23
        
             # the new root device is /dev/vdb

     

       24
        
             # an empty 512MiB drive, containing no Nix store.

     

       25
        
             mountHostNixStore = true;

     

       0
        
       
     

       26
        
           };

     

       27
        
       

     

       28
        
           boot.loader.systemd-boot.enable = true;

···

       14
        
         name = "initrd-luks-empty-passphrase";

     

       15
        
       

     

       16
        
         nodes.machine = { pkgs, ... }: {

     

       17
       +
           imports = lib.optionals (!systemdStage1) [ ./common/auto-format-root-device.nix ];

     

       18
       +
       

     

       19
        
           virtualisation = {

     

       20
        
             emptyDiskImages = [ 512 ];

     

       21
        
             useBootLoader = true;

     
···

       25
        
             # the new root device is /dev/vdb

     

       26
        
             # an empty 512MiB drive, containing no Nix store.

     

       27
        
             mountHostNixStore = true;

     

       28
       +
             fileSystems."/".autoFormat = lib.mkIf systemdStage1 true;

     

       29
        
           };

     

       30
        
       

     

       31
        
           boot.loader.systemd-boot.enable = true;

nixos/tests/installer.nix

···

       298
        
                   ../modules/profiles/installation-device.nix

     

       299
        
                   ../modules/profiles/base.nix

     

       300
        
                   extraInstallerConfig

     

       0
        
       
     

       301
        
                 ];

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       302
        
       

     

       303
        
                 # builds stuff in the VM, needs more juice

     

       304
        
                 virtualisation.diskSize = 8 * 1024;

···

       298
        
                   ../modules/profiles/installation-device.nix

     

       299
        
                   ../modules/profiles/base.nix

     

       300
        
                   extraInstallerConfig

     

       301
       +
                   ./common/auto-format-root-device.nix

     

       302
        
                 ];

     

       303
       +
       

     

       304
       +
                 # In systemdStage1, also automatically format the device backing the

     

       305
       +
                 # root filesystem.

     

       306
       +
                 virtualisation.fileSystems."/".autoFormat = systemdStage1;

     

       307
        
       

     

       308
        
                 # builds stuff in the VM, needs more juice

     

       309
        
                 virtualisation.diskSize = 8 * 1024;

nixos/tests/luks.nix

···

       2
        
         name = "luks";

     

       3
        
       

     

       4
        
         nodes.machine = { pkgs, ... }: {

     

       0
        
       
     

       0
        
       
     

       5
        
           # Use systemd-boot

     

       6
        
           virtualisation = {

     

       7
        
             emptyDiskImages = [ 512 512 ];

···

       2
        
         name = "luks";

     

       3
        
       

     

       4
        
         nodes.machine = { pkgs, ... }: {

     

       5
       +
           imports = [ ./common/auto-format-root-device.nix ];

     

       6
       +
       

     

       7
        
           # Use systemd-boot

     

       8
        
           virtualisation = {

     

       9
        
             emptyDiskImages = [ 512 512 ];

nixos/tests/systemd-initrd-luks-fido2.nix

···

       26
        
               };

     

       27
        
             };

     

       28
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       0
        
       
     

       29
        
           };

     

       30
        
         };

     

       31

···

       26
        
               };

     

       27
        
             };

     

       28
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       29
       +
             virtualisation.fileSystems."/".autoFormat = true;

     

       30
        
           };

     

       31
        
         };

     

       32

nixos/tests/systemd-initrd-luks-keyfile.nix

···

       34
        
               };

     

       35
        
             };

     

       36
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       0
        
       
     

       37
        
             boot.initrd.secrets."/etc/cryptroot.key" = keyfile;

     

       38
        
           };

     

       39
        
         };

···

       34
        
               };

     

       35
        
             };

     

       36
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       37
       +
             virtualisation.fileSystems."/".autoFormat = true;

     

       38
        
             boot.initrd.secrets."/etc/cryptroot.key" = keyfile;

     

       39
        
           };

     

       40
        
         };

nixos/tests/systemd-initrd-luks-password.nix

···

       25
        
               cryptroot2.device = "/dev/vdc";

     

       26
        
             };

     

       27
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       0
        
       
     

       28
        
             # test mounting device unlocked in initrd after switching root

     

       29
        
             virtualisation.fileSystems."/cryptroot2".device = "/dev/mapper/cryptroot2";

     

       30
        
           };

···

       25
        
               cryptroot2.device = "/dev/vdc";

     

       26
        
             };

     

       27
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       28
       +
             virtualisation.fileSystems."/".autoFormat = true;

     

       29
        
             # test mounting device unlocked in initrd after switching root

     

       30
        
             virtualisation.fileSystems."/cryptroot2".device = "/dev/mapper/cryptroot2";

     

       31
        
           };

nixos/tests/systemd-initrd-luks-tpm2.nix

···

       28
        
               };

     

       29
        
             };

     

       30
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       0
        
       
     

       31
        
           };

     

       32
        
         };

     

       33

···

       28
        
               };

     

       29
        
             };

     

       30
        
             virtualisation.rootDevice = "/dev/mapper/cryptroot";

     

       31
       +
             virtualisation.fileSystems."/".autoFormat = true;

     

       32
        
           };

     

       33
        
         };

     

       34

nixos/tests/systemd-initrd-networkd-ssh.nix

···

       17
        
       

     

       18
        
             specialisation.encrypted-root.configuration = {

     

       19
        
               virtualisation.rootDevice = "/dev/mapper/root";

     

       0
        
       
     

       20
        
               boot.initrd.luks.devices = lib.mkVMOverride {

     

       21
        
                 root.device = "/dev/vdb";

     

       22
        
               };

···

       17
        
       

     

       18
        
             specialisation.encrypted-root.configuration = {

     

       19
        
               virtualisation.rootDevice = "/dev/mapper/root";

     

       20
       +
               virtualisation.fileSystems."/".autoFormat = true;

     

       21
        
               boot.initrd.luks.devices = lib.mkVMOverride {

     

       22
        
                 root.device = "/dev/vdb";

     

       23
        
               };