summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lxc/configuration.nix30
-rw-r--r--lxc/flake.lock84
-rw-r--r--lxc/flake.nix36
-rwxr-xr-xlxc/lxc-import.sh15
-rw-r--r--lxc/lxc.nix5
-rw-r--r--nixos/default.nix2
-rw-r--r--nixos/modules/boot.nix19
-rw-r--r--nixos/modules/openrc.nix59
-rw-r--r--nixos/modules/services.nix93
-rw-r--r--nixos/modules/systemd-compat.nix489
-rw-r--r--pkgs/openrc/default.nix9
11 files changed, 841 insertions, 0 deletions
diff --git a/lxc/configuration.nix b/lxc/configuration.nix
new file mode 100644
index 0000000..7ea0120
--- /dev/null
+++ b/lxc/configuration.nix
@@ -0,0 +1,30 @@
+{ config, lib, pkgs, ... }: {
+ boot.isContainer = true;
+
+ i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "cs_CZ.UTF-8/UTF-8"];
+ nix.extraOptions = "experimental-features = nix-command flakes";
+
+ programs.vim.defaultEditor = true;
+
+ services.openssh = {
+ enable = true;
+ passwordAuthentication = false;
+ };
+
+ environment.systemPackages = with pkgs; [
+ openrc
+ git bash
+ htop
+ ];
+
+ users.users = {
+ cynerd = {
+ uid = 1000;
+ name = "cynerd";
+ shell = pkgs.zsh.out;
+ openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3cs5UOO/epaxSUaO6kDtQlfdS/K5GEJBGK9nH+KcRL4DNQlAGWZsJiJQPuIL3fGlzRLqnPr8YEMbT5sl/moe/gZe2VD5FoAr2dR2fEw5wXXDI90bxbmCWqbyjmRxlKxdKhc6v1BukmuxScsZO0VrUNks1veCGgi1G9w+tY5HevBlMqvDyDpU/H1LN7MVgkCser+ROjRPviDhLaXk6dLKut33SYgce02s5hlvTiWQa+CqeBfRkdiP5VBo/7PQOWsd8GSfCgO0mwhxFowG8cMFyEwMOi70HeNmURtKbd/h6cz0zsdA39fQ8huRWHRd/CQhgIUOsM+W0uPEwkv9HBErx Private key"];
+ isNormalUser = true;
+ createHome = true;
+ };
+ };
+}
diff --git a/lxc/flake.lock b/lxc/flake.lock
new file mode 100644
index 0000000..85229ec
--- /dev/null
+++ b/lxc/flake.lock
@@ -0,0 +1,84 @@
+{
+ "nodes": {
+ "flake-utils": {
+ "locked": {
+ "lastModified": 1644229661,
+ "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
+ "type": "github"
+ },
+ "original": {
+ "id": "flake-utils",
+ "type": "indirect"
+ }
+ },
+ "flake-utils_2": {
+ "locked": {
+ "lastModified": 1644229661,
+ "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
+ "owner": "numtide",
+ "repo": "flake-utils",
+ "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797",
+ "type": "github"
+ },
+ "original": {
+ "id": "flake-utils",
+ "type": "indirect"
+ }
+ },
+ "nixpkgs": {
+ "locked": {
+ "lastModified": 1644151317,
+ "narHash": "sha256-TpXGBYCFKvEN7Q+To45rn4kqTbLPY4f56rF6ymUGGRE=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "942b0817e898262cc6e3f0a5f706ce09d8f749f1",
+ "type": "github"
+ },
+ "original": {
+ "id": "nixpkgs",
+ "type": "indirect"
+ }
+ },
+ "nixpkgs_2": {
+ "locked": {
+ "lastModified": 1645013224,
+ "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=",
+ "owner": "NixOS",
+ "repo": "nixpkgs",
+ "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970",
+ "type": "github"
+ },
+ "original": {
+ "id": "nixpkgs",
+ "type": "indirect"
+ }
+ },
+ "openrc": {
+ "inputs": {
+ "flake-utils": "flake-utils_2",
+ "nixpkgs": "nixpkgs_2"
+ },
+ "locked": {
+ "narHash": "sha256-yf7cvvZACTUsMKhOvIoKHbTCsoFFSxD+qwAxL4stTx8=",
+ "path": "/nix/store/aknx92czbrjr3r238i6ib3h5mvi3qm8g-source",
+ "type": "path"
+ },
+ "original": {
+ "path": "/nix/store/aknx92czbrjr3r238i6ib3h5mvi3qm8g-source",
+ "type": "path"
+ }
+ },
+ "root": {
+ "inputs": {
+ "flake-utils": "flake-utils",
+ "nixpkgs": "nixpkgs",
+ "openrc": "openrc"
+ }
+ }
+ },
+ "root": "root",
+ "version": 7
+}
diff --git a/lxc/flake.nix b/lxc/flake.nix
new file mode 100644
index 0000000..9f6b09d
--- /dev/null
+++ b/lxc/flake.nix
@@ -0,0 +1,36 @@
+{
+ description = "LXC for OpenRC for testing";
+
+ inputs.openrc.url = "..";
+
+ outputs = { self, flake-utils, nixpkgs, openrc, ... }:
+ let
+
+ flakelib = flake-utils.lib;
+
+ nixos = { system, attr }:
+ let
+ nixos = nixpkgs.lib.nixosSystem {
+ system = system;
+ modules = [
+ ./lxc.nix
+ ./configuration.nix
+ openrc.nixosModule
+ ];
+ };
+ in
+ nixos.config.system.build."${attr}";
+
+ in flakelib.eachDefaultSystem (system: {
+ packages = {
+ lxc = nixos {
+ system = system;
+ attr = "tarball";
+ };
+ lxc-metadata = nixos {
+ system = system;
+ attr = "metadata";
+ };
+ };
+ });
+}
diff --git a/lxc/lxc-import.sh b/lxc/lxc-import.sh
new file mode 100755
index 0000000..f4160a4
--- /dev/null
+++ b/lxc/lxc-import.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+set -eu
+alias="${1:-nixos-openrc}"
+
+nix build -o result-metadata .#lxc-metadata
+nix build -o result .#lxc
+
+if lxc image info "$alias" >/dev/null 2>&1; then
+ lxc image delete "$alias"
+fi
+
+lxc image import \
+ --alias "$alias" \
+ result-metadata/tarball/nixos-system-*.tar.xz \
+ result/tarball/nixos-system-*.tar.xz
diff --git a/lxc/lxc.nix b/lxc/lxc.nix
new file mode 100644
index 0000000..9f26f3c
--- /dev/null
+++ b/lxc/lxc.nix
@@ -0,0 +1,5 @@
+{ config, lib, pkgs, modulesPath, ... }: {
+ imports = [
+ "${toString modulesPath}/virtualisation/lxc-container.nix"
+ ];
+}
diff --git a/nixos/default.nix b/nixos/default.nix
index 2c63c08..572ebb3 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -1,2 +1,4 @@
{
+ openrc = import ./modules/openrc.nix;
+ services = import ./modules/services.nix;
}
diff --git a/nixos/modules/boot.nix b/nixos/modules/boot.nix
new file mode 100644
index 0000000..344293f
--- /dev/null
+++ b/nixos/modules/boot.nix
@@ -0,0 +1,19 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ options = {
+
+ };
+
+
+ config = {
+ rc.service.aggety = {
+ description = "start agetty on a terminal line";
+ };
+
+ };
+
+}
diff --git a/nixos/modules/openrc.nix b/nixos/modules/openrc.nix
new file mode 100644
index 0000000..7b68efc
--- /dev/null
+++ b/nixos/modules/openrc.nix
@@ -0,0 +1,59 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ options = {
+
+ rc = {
+ conf = {
+ parallel = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ If you want the rc system to try and start services in parallel for
+ a slight speed improvement. When running in parallel we prefix the
+ service output with its name as the output will get jumbled up.
+ '';
+ };
+ interactive = mkOption {
+ type = types.bool;
+ default = false;
+ description = ''
+ Set to true and you'll be able to press the I key during boot so you
+ can choose to start specific services. Set to false to disable this
+ feature. This feature is automatically disabled if rc_parallel is
+ set to false.
+ '';
+ };
+ logger = mkOption {
+ type = types.bool;
+ default = true;
+ description = ''
+ Logger launches a logging daemon to log the entire rc process to
+ /var/log/rc.log
+ NOTE: Linux systems require the devfs service to be started before
+ logging can take place and as such cannot log the sysinit runlevel.
+ '';
+ };
+ };
+ };
+
+ };
+
+
+ config = let
+
+ rc_bool = enabled: if enabled then "YES" else "NO";
+
+ in {
+ environment.etc."rc.conf".text = ''
+ # Global OpenRC configuration settings
+ rc_parallel="${rc_bool config.rc.conf.parallel}"
+ rc_interactive="${rc_bool config.rc.conf.interactive}"
+ rc_logger="${rc_bool config.rc.conf.logger}"
+ '';
+ };
+
+}
diff --git a/nixos/modules/services.nix b/nixos/modules/services.nix
new file mode 100644
index 0000000..3fa6835
--- /dev/null
+++ b/nixos/modules/services.nix
@@ -0,0 +1,93 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+ upstreamServices = [
+ "aggety"
+ "binfmt"
+ "bootmisc"
+ "cgroups"
+ "consolefont"
+ "devfs"
+ "dmesg"
+ "fsck"
+ "hostname"
+ "hwclock"
+ "keymaps"
+ "killprocs"
+ "local"
+ "localmount"
+ "loopback"
+ "modules"
+ "mount-ro"
+ "mtab"
+ "netmount"
+ "net-online"
+ "network"
+ "numlock"
+ "osclock"
+ "procfs"
+ "root"
+ "runsvdir"
+ "s6-svscan"
+ "savecache"
+ "save-keymaps"
+ "save-termencoding"
+ "staticroute"
+ "swap"
+ "swclock"
+ "sysctl"
+ "sysfs"
+ "termencoding"
+ "urandom"
+ ];
+
+in {
+
+ options = {
+
+ rc = {
+ services = mkOption {
+ default = {};
+ type = types.attrsOf (types.submodule {
+ enable = {
+ type = types.bool;
+ default = false;
+ description = "Enable service spawning.";
+ };
+ runlevel = {
+ type = types.enum [ "boot" "default" "nonetwork" "shutdown" "sysinit" ];
+ default = "default";
+ description = "Select runlevel the services should be activated in.";
+ };
+ description = {
+ type = types.str;
+ description = "Service description.";
+ };
+ command = {
+ type = types.package;
+ description = "Command to be started.";
+ };
+ });
+ description = "Definition of system service.";
+ };
+ };
+
+ };
+
+
+ config = let
+
+ rc_bool = enabled: if enabled then "YES" else "NO";
+
+ in {
+
+ environment.etc."init.d".source = pkgs.runCommand "rc-init.d" {
+ } ''
+ mkdir -p "$out"
+ '';
+ };
+
+}
diff --git a/nixos/modules/systemd-compat.nix b/nixos/modules/systemd-compat.nix
new file mode 100644
index 0000000..5172b78
--- /dev/null
+++ b/nixos/modules/systemd-compat.nix
@@ -0,0 +1,489 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+
+ options = {
+
+ systemd.package = mkOption {
+ default = pkgs.systemd;
+ defaultText = literalExpression "pkgs.systemd";
+ type = types.package;
+ description = "The systemd package.";
+ };
+
+ systemd.units = mkOption {
+ description = "Definition of systemd units.";
+ default = {};
+ type = with types; attrsOf (submodule (
+ { name, config, ... }:
+ { options = concreteUnitOptions;
+ config = {
+ unit = mkDefault (makeUnit name config);
+ };
+ }));
+ };
+
+ systemd.packages = mkOption {
+ default = [];
+ type = types.listOf types.package;
+ example = literalExpression "[ pkgs.systemd-cryptsetup-generator ]";
+ description = "Packages providing systemd units and hooks.";
+ };
+
+ systemd.targets = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = targetOptions; } unitConfig] );
+ description = "Definition of systemd target units.";
+ };
+
+ systemd.services = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ]);
+ description = "Definition of systemd service units.";
+ };
+
+ systemd.sockets = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ]);
+ description = "Definition of systemd socket units.";
+ };
+
+ systemd.timers = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ]);
+ description = "Definition of systemd timer units.";
+ };
+
+ systemd.paths = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = pathOptions; } unitConfig ]);
+ description = "Definition of systemd path units.";
+ };
+
+ systemd.mounts = mkOption {
+ default = [];
+ type = with types; listOf (submodule [ { options = mountOptions; } unitConfig mountConfig ]);
+ description = ''
+ Definition of systemd mount units.
+ This is a list instead of an attrSet, because systemd mandates the names to be derived from
+ the 'where' attribute.
+ '';
+ };
+
+ systemd.automounts = mkOption {
+ default = [];
+ type = with types; listOf (submodule [ { options = automountOptions; } unitConfig automountConfig ]);
+ description = ''
+ Definition of systemd automount units.
+ This is a list instead of an attrSet, because systemd mandates the names to be derived from
+ the 'where' attribute.
+ '';
+ };
+
+ systemd.slices = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = sliceOptions; } unitConfig] );
+ description = "Definition of slice configurations.";
+ };
+
+ systemd.generators = mkOption {
+ type = types.attrsOf types.path;
+ default = {};
+ example = { systemd-gpt-auto-generator = "/dev/null"; };
+ description = ''
+ Definition of systemd generators.
+ For each <literal>NAME = VALUE</literal> pair of the attrSet, a link is generated from
+ <literal>/etc/systemd/system-generators/NAME</literal> to <literal>VALUE</literal>.
+ '';
+ };
+
+ systemd.shutdown = mkOption {
+ type = types.attrsOf types.path;
+ default = {};
+ description = ''
+ Definition of systemd shutdown executables.
+ For each <literal>NAME = VALUE</literal> pair of the attrSet, a link is generated from
+ <literal>/etc/systemd/system-shutdown/NAME</literal> to <literal>VALUE</literal>.
+ '';
+ };
+
+ systemd.defaultUnit = mkOption {
+ default = "multi-user.target";
+ type = types.str;
+ description = "Default unit started when the system boots.";
+ };
+
+ systemd.ctrlAltDelUnit = mkOption {
+ default = "reboot.target";
+ type = types.str;
+ example = "poweroff.target";
+ description = ''
+ Target that should be started when Ctrl-Alt-Delete is pressed.
+ '';
+ };
+
+ systemd.globalEnvironment = mkOption {
+ type = with types; attrsOf (nullOr (oneOf [ str path package ]));
+ default = {};
+ example = { TZ = "CET"; };
+ description = ''
+ Environment variables passed to <emphasis>all</emphasis> systemd units.
+ '';
+ };
+
+ systemd.enableCgroupAccounting = mkOption {
+ default = true;
+ type = types.bool;
+ description = ''
+ Whether to enable cgroup accounting.
+ '';
+ };
+
+ systemd.enableUnifiedCgroupHierarchy = mkOption {
+ default = true;
+ type = types.bool;
+ description = ''
+ Whether to enable the unified cgroup hierarchy (cgroupsv2).
+ '';
+ };
+
+ systemd.coredump.enable = mkOption {
+ default = true;
+ type = types.bool;
+ description = ''
+ Whether core dumps should be processed by
+ <command>systemd-coredump</command>. If disabled, core dumps
+ appear in the current directory of the crashing process.
+ '';
+ };
+
+ systemd.coredump.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "Storage=journal";
+ description = ''
+ Extra config options for systemd-coredump. See coredump.conf(5) man page
+ for available options.
+ '';
+ };
+
+ systemd.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "DefaultLimitCORE=infinity";
+ description = ''
+ Extra config options for systemd. See man systemd-system.conf for
+ available options.
+ '';
+ };
+
+ services.journald.console = mkOption {
+ default = "";
+ type = types.str;
+ description = "If non-empty, write log messages to the specified TTY device.";
+ };
+
+ services.journald.rateLimitInterval = mkOption {
+ default = "30s";
+ type = types.str;
+ description = ''
+ Configures the rate limiting interval that is applied to all
+ messages generated on the system. This rate limiting is applied
+ per-service, so that two services which log do not interfere with
+ each other's limit. The value may be specified in the following
+ units: s, min, h, ms, us. To turn off any kind of rate limiting,
+ set either value to 0.
+
+ See <option>services.journald.rateLimitBurst</option> for important
+ considerations when setting this value.
+ '';
+ };
+
+ services.journald.rateLimitBurst = mkOption {
+ default = 10000;
+ type = types.int;
+ description = ''
+ Configures the rate limiting burst limit (number of messages per
+ interval) that is applied to all messages generated on the system.
+ This rate limiting is applied per-service, so that two services
+ which log do not interfere with each other's limit.
+
+ Note that the effective rate limit is multiplied by a factor derived
+ from the available free disk space for the journal as described on
+ <link xlink:href="https://www.freedesktop.org/software/systemd/man/journald.conf.html">
+ journald.conf(5)</link>.
+
+ Note that the total amount of logs stored is limited by journald settings
+ such as <literal>SystemMaxUse</literal>, which defaults to a 4 GB cap.
+
+ It is thus recommended to compute what period of time that you will be
+ able to store logs for when an application logs at full burst rate.
+ With default settings for log lines that are 100 Bytes long, this can
+ amount to just a few hours.
+ '';
+ };
+
+ services.journald.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "Storage=volatile";
+ description = ''
+ Extra config options for systemd-journald. See man journald.conf
+ for available options.
+ '';
+ };
+
+ services.journald.enableHttpGateway = mkOption {
+ default = false;
+ type = types.bool;
+ description = ''
+ Whether to enable the HTTP gateway to the journal.
+ '';
+ };
+
+ services.journald.forwardToSyslog = mkOption {
+ default = config.services.rsyslogd.enable || config.services.syslog-ng.enable;
+ defaultText = literalExpression "services.rsyslogd.enable || services.syslog-ng.enable";
+ type = types.bool;
+ description = ''
+ Whether to forward log messages to syslog.
+ '';
+ };
+
+ services.logind.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "IdleAction=lock";
+ description = ''
+ Extra config options for systemd-logind. See
+ <link xlink:href="https://www.freedesktop.org/software/systemd/man/logind.conf.html">
+ logind.conf(5)</link> for available options.
+ '';
+ };
+
+ services.logind.killUserProcesses = mkOption {
+ default = false;
+ type = types.bool;
+ description = ''
+ Specifies whether the processes of a user should be killed
+ when the user logs out. If true, the scope unit corresponding
+ to the session and all processes inside that scope will be
+ terminated. If false, the scope is "abandoned" (see
+ <link xlink:href="https://www.freedesktop.org/software/systemd/man/systemd.scope.html#">
+ systemd.scope(5)</link>), and processes are not killed.
+ </para>
+
+ <para>
+ See <link xlink:href="https://www.freedesktop.org/software/systemd/man/logind.conf.html#KillUserProcesses=">logind.conf(5)</link>
+ for more details.
+ '';
+ };
+
+ services.logind.lidSwitch = mkOption {
+ default = "suspend";
+ example = "ignore";
+ type = logindHandlerType;
+
+ description = ''
+ Specifies what to be done when the laptop lid is closed.
+ '';
+ };
+
+ services.logind.lidSwitchDocked = mkOption {
+ default = "ignore";
+ example = "suspend";
+ type = logindHandlerType;
+
+ description = ''
+ Specifies what to be done when the laptop lid is closed
+ and another screen is added.
+ '';
+ };
+
+ services.logind.lidSwitchExternalPower = mkOption {
+ default = config.services.logind.lidSwitch;
+ defaultText = literalExpression "services.logind.lidSwitch";
+ example = "ignore";
+ type = logindHandlerType;
+
+ description = ''
+ Specifies what to do when the laptop lid is closed and the system is
+ on external power. By default use the same action as specified in
+ services.logind.lidSwitch.
+ '';
+ };
+
+ systemd.sleep.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "HibernateDelaySec=1h";
+ description = ''
+ Extra config options for systemd sleep state logic.
+ See sleep.conf.d(5) man page for available options.
+ '';
+ };
+
+ systemd.user.extraConfig = mkOption {
+ default = "";
+ type = types.lines;
+ example = "DefaultCPUAccounting=yes";
+ description = ''
+ Extra config options for systemd user instances. See man systemd-user.conf for
+ available options.
+ '';
+ };
+
+ systemd.tmpfiles.rules = mkOption {
+ type = types.listOf types.str;
+ default = [];
+ example = [ "d /tmp 1777 root root 10d" ];
+ description = ''
+ Rules for creation, deletion and cleaning of volatile and temporary files
+ automatically. See
+ <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for the exact format.
+ '';
+ };
+
+ systemd.tmpfiles.packages = mkOption {
+ type = types.listOf types.package;
+ default = [];
+ example = literalExpression "[ pkgs.lvm2 ]";
+ apply = map getLib;
+ description = ''
+ List of packages containing <command>systemd-tmpfiles</command> rules.
+
+ All files ending in .conf found in
+ <filename><replaceable>pkg</replaceable>/lib/tmpfiles.d</filename>
+ will be included.
+ If this folder does not exist or does not contain any files an error will be returned instead.
+
+ If a <filename>lib</filename> output is available, rules are searched there and only there.
+ If there is no <filename>lib</filename> output it will fall back to <filename>out</filename>
+ and if that does not exist either, the default output will be used.
+ '';
+ };
+
+ systemd.user.units = mkOption {
+ description = "Definition of systemd per-user units.";
+ default = {};
+ type = with types; attrsOf (submodule (
+ { name, config, ... }:
+ { options = concreteUnitOptions;
+ config = {
+ unit = mkDefault (makeUnit name config);
+ };
+ }));
+ };
+
+ systemd.user.paths = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = pathOptions; } unitConfig ]);
+ description = "Definition of systemd per-user path units.";
+ };
+
+ systemd.user.services = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = serviceOptions; } unitConfig serviceConfig ] );
+ description = "Definition of systemd per-user service units.";
+ };
+
+ systemd.user.slices = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = sliceOptions; } unitConfig ] );
+ description = "Definition of systemd per-user slice units.";
+ };
+
+ systemd.user.sockets = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = socketOptions; } unitConfig ] );
+ description = "Definition of systemd per-user socket units.";
+ };
+
+ systemd.user.targets = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = targetOptions; } unitConfig] );
+ description = "Definition of systemd per-user target units.";
+ };
+
+ systemd.user.timers = mkOption {
+ default = {};
+ type = with types; attrsOf (submodule [ { options = timerOptions; } unitConfig ] );
+ description = "Definition of systemd per-user timer units.";
+ };
+
+ systemd.additionalUpstreamSystemUnits = mkOption {
+ default = [ ];
+ type = types.listOf types.str;
+ example = [ "debug-shell.service" "systemd-quotacheck.service" ];
+ description = ''
+ Additional units shipped with systemd that shall be enabled.
+ '';
+ };
+
+ systemd.suppressedSystemUnits = mkOption {
+ default = [ ];
+ type = types.listOf types.str;
+ example = [ "systemd-backlight@.service" ];
+ description = ''
+ A list of units to suppress when generating system systemd configuration directory. This has
+ priority over upstream units, <option>systemd.units</option>, and
+ <option>systemd.additionalUpstreamSystemUnits</option>. The main purpose of this is to
+ suppress a upstream systemd unit with any modifications made to it by other NixOS modules.
+ '';
+ };
+
+ systemd.watchdog.device = mkOption {
+ type = types.nullOr types.path;
+ default = null;
+ example = "/dev/watchdog";
+ description = ''
+ The path to a hardware watchdog device which will be managed by systemd.
+ If not specified, systemd will default to /dev/watchdog.
+ '';
+ };
+
+ systemd.watchdog.runtimeTime = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "30s";
+ description = ''
+ The amount of time which can elapse before a watchdog hardware device
+ will automatically reboot the system. Valid time units include "ms",
+ "s", "min", "h", "d", and "w".
+ '';
+ };
+
+ systemd.watchdog.rebootTime = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "10m";
+ description = ''
+ The amount of time which can elapse after a reboot has been triggered
+ before a watchdog hardware device will automatically reboot the system.
+ Valid time units include "ms", "s", "min", "h", "d", and "w".
+ '';
+ };
+
+ systemd.watchdog.kexecTime = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ example = "10m";
+ description = ''
+ The amount of time which can elapse when kexec is being executed before
+ a watchdog hardware device will automatically reboot the system. This
+ option should only be enabled if reloadTime is also enabled. Valid
+ time units include "ms", "s", "min", "h", "d", and "w".
+ '';
+ };
+
+ };
+
+
+ config = {
+
+ };
+
+}
diff --git a/pkgs/openrc/default.nix b/pkgs/openrc/default.nix
index 8c235e0..3cb6d8e 100644
--- a/pkgs/openrc/default.nix
+++ b/pkgs/openrc/default.nix
@@ -22,6 +22,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ meson ninja pkg-config ];
buildInputs = [ pam ncurses ];
+ outputs = [ "out" "dev" "man" "support" ];
+
preConfigure = "export DESTDIR=/";
mesonFlags = [
"-Dbranding=\"NIXOS\""
@@ -34,4 +36,11 @@ stdenv.mkDerivation rec {
"-Drootprefix=${placeholder "out"}"
"--sysconfdir=${placeholder "out"}/etc"
];
+ postInstall = ''
+ mkdir -p "$support/share/openrc/"
+ mv "$out/share/openrc/support" "$support/share/openrc/"
+
+ #mkdir -p "$etc"
+ #mv "$out/etc" "$etc/"
+ '';
}