Merge pull request NixOS#9 from tenx-tech/bump-upstream

Sync with upstream

doc/coding-conventions.xml

@@ -56,25 +56,30 @@ foo { arg = ...; }
      or list elements should be aligned:
 <programlisting>
 # A long list.
-list =
-  [ elem1
-    elem2
-    elem3
-  ];
+list = [
+  elem1
+  elem2
+  elem3
+];
 
 # A long attribute set.
-attrs =
-  { attr1 = short_expr;
-    attr2 =
-      if true then big_expr else big_expr;
-  };
-
-# Alternatively:
 attrs = {
   attr1 = short_expr;
   attr2 =
     if true then big_expr else big_expr;
 };
+
+# Combined
+listOfAttrs = [
+  {
+    attr1 = 3;
+    attr2 = "fff";
+  }
+  {
+    attr1 = 5;
+    attr2 = "ggg";
+  }
+];
 </programlisting>
     </para>
    </listitem>

doc/stdenv.xml

@@ -2428,12 +2428,31 @@ addEnvHooks "$hostOffset" myBashFunction
       <para>
        This is a special setup hook which helps in packaging proprietary
        software in that it automatically tries to find missing shared library
-       dependencies of ELF files. All packages within the
-       <envar>runtimeDependencies</envar> environment variable are
-       unconditionally added to executables, which is useful for programs that
-       use <citerefentry>
-       <refentrytitle>dlopen</refentrytitle>
-       <manvolnum>3</manvolnum> </citerefentry> to load libraries at runtime.
+       dependencies of ELF files based on the given
+       <varname>buildInputs</varname> and <varname>nativeBuildInputs</varname>.
+      </para>
+      <para>
+       You can also specify a <envar>runtimeDependencies</envar> environment
+       variable which lists dependencies that are unconditionally added to all
+       executables.
+      </para>
+      <para>
+       This is useful for programs that use <citerefentry>
+        <refentrytitle>dlopen</refentrytitle>
+        <manvolnum>3</manvolnum>
+       </citerefentry> to load libraries at runtime.
+      </para>
+      <para>
+        In certain situations you may want to run the main command
+        (<command>autoPatchelf</command>) of the setup hook on a file or a set
+        of directories instead of unconditionally patching all outputs. This
+        can be done by setting the <envar>dontAutoPatchelf</envar> environment
+        variable to a non-empty value.
+      </para>
+      <para>
+        The <command>autoPatchelf</command> command also recognizes a
+        <parameter class="command">--no-recurse</parameter> command line flag,
+        which prevents it from recursing into subdirectories.
       </para>
      </listitem>
     </varlistentry>
@@ -2455,7 +2474,17 @@ addEnvHooks "$hostOffset" myBashFunction
        use the cntr exec subcommand. Note that <command>cntr</command> also
        needs to be executed on the machine that is doing the build, which might
        be not the case when remote builders are enabled.
-       <command>cntr</command> is only supported on linux based platforms.
+       <command>cntr</command> is only supported on Linux-based platforms. To
+       use it first add <literal>cntr</literal> to your
+       <literal>environment.systemPackages</literal> on NixOS or alternatively to
+       the root user on non-NixOS systems. Then in the package that is supposed
+       to be inspected, add <literal>breakpointHook</literal> to
+       <literal>nativeBuildInputs</literal>.
+<programlisting>
+         nativeBuildInputs = [ breakpointHook ];
+       </programlisting>
+       When a build failure happens there will be an instruction printed that
+       shows how to attach with <literal>cntr</literal> to the build sandbox.
       </para>
      </listitem>
     </varlistentry>

nixos/lib/make-system-tarball.nix

@@ -1,4 +1,4 @@
-{ stdenv, perl, pixz, pathsFromGraph
+{ stdenv, closureInfo, pixz
 
 , # The file name of the resulting tarball
   fileName ? "nixos-system-${stdenv.hostPlatform.system}"
@@ -29,24 +29,28 @@
 , extraInputs ? [ pixz ]
 }:
 
+let
+  symlinks = map (x: x.symlink) storeContents;
+  objects = map (x: x.object) storeContents;
+in
+
 stdenv.mkDerivation {
   name = "tarball";
   builder = ./make-system-tarball.sh;
-  buildInputs = [ perl ] ++ extraInputs;
+  buildInputs = extraInputs;
 
-  inherit fileName pathsFromGraph extraArgs extraCommands compressCommand;
+  inherit fileName extraArgs extraCommands compressCommand;
 
   # !!! should use XML.
   sources = map (x: x.source) contents;
   targets = map (x: x.target) contents;
 
   # !!! should use XML.
-  objects = map (x: x.object) storeContents;
-  symlinks = map (x: x.symlink) storeContents;
+  inherit symlinks objects;
 
-  # For obtaining the closure of `storeContents'.
-  exportReferencesGraph =
-    map (x: [("closure-" + baseNameOf x.object) x.object]) storeContents;
+  closureInfo = closureInfo {
+    rootPaths = objects;
+  };
 
   extension = compressionExtension;
 }

nixos/lib/make-system-tarball.sh

@@ -3,7 +3,6 @@ source $stdenv/setup
 sources_=($sources)
 targets_=($targets)
 
-echo $objects
 objects=($objects)
 symlinks=($symlinks)
 
@@ -14,8 +13,6 @@ stripSlash() {
     if test "${res:0:1}" = /; then res=${res:1}; fi
 }
 
-touch pathlist
-
 # Add the individual files.
 for ((i = 0; i < ${#targets_[@]}; i++)); do
     stripSlash "${targets_[$i]}"
@@ -25,17 +22,17 @@ done
 
 
 # Add the closures of the top-level store objects.
+chmod +w .
 mkdir -p nix/store
-storePaths=$(perl $pathsFromGraph closure-*)
-for i in $storePaths; do
+for i in $(< $closureInfo/store-paths); do
     cp -a "$i" "${i:1}"
 done
 
 
 # TODO tar ruxo
 # Also include a manifest of the closures in a format suitable for
 # nix-store --load-db.
-printRegistration=1 perl $pathsFromGraph closure-* > nix-path-registration
+cp $closureInfo/registration nix-path-registration
 
 # Add symlinks to the top-level store objects.
 for ((n = 0; n < ${#objects[*]}; n++)); do

nixos/lib/testing.nix

@@ -1,5 +1,5 @@
 { system
-, pkgs
+, pkgs ? import ../.. { inherit system config; }
   # Use a minimal kernel?
 , minimal ? false
   # Ignored

nixos/maintainers/scripts/gce/create-gce.sh

@@ -7,9 +7,9 @@ BUCKET_NAME="${BUCKET_NAME:-nixos-cloud-images}"
 TIMESTAMP="$(date +%Y%m%d%H%M)"
 export TIMESTAMP
 
-nix-build '<nixpkgs/nixos>' \
+nix-build '<nixpkgs/nixos/lib/eval-config.nix>' \
    -A config.system.build.googleComputeImage \
-   --arg configuration "{ imports = [ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]; }" \
+   --arg modules "[ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ]" \
    --argstr system x86_64-linux \
    -o gce \
    -j 10

nixos/modules/misc/ids.nix

@@ -632,13 +632,10 @@
       slurm = 307;
       kapacitor = 308;
       solr = 309;
-<<<<<<< HEAD
       alerta = 310;
       minetest = 311;
       rss2email = 312;
-=======
-      concourse = 310;
->>>>>>> 556a42405b34295fb672d4f4b75ef30487d70922
+      concourse = 313;
 
       # When adding a gid, make sure it doesn't match an existing
       # uid. Users and groups with the same name should have equal

nixos/modules/profiles/docker-container.nix

@@ -15,15 +15,19 @@ in {
 
   # Create the tarball
   system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix {
-    contents = [];
+    contents = [
+      {
+        source = "${config.system.build.toplevel}/.";
+        target = "./";
+      }
+    ];
     extraArgs = "--owner=0";
 
     # Add init script to image
-    storeContents = [
-      { object = config.system.build.toplevel + "/init";
-        symlink = "/init";
-      }
-    ] ++ (pkgs2storeContents [ pkgs.stdenv ]);
+    storeContents = pkgs2storeContents [
+      config.system.build.toplevel
+      pkgs.stdenv
+    ];
 
     # Some container managers like lxc need these
     extraCommands = "mkdir -p proc sys dev";

nixos/modules/programs/sway-beta.nix

@@ -8,7 +8,7 @@ let
 
   swayWrapped = pkgs.writeShellScriptBin "sway" ''
     ${cfg.extraSessionCommands}
-    exec ${pkgs.dbus.dbus-launch} --exit-with-session ${swayPackage}/bin/sway
+    exec ${pkgs.dbus.dbus-launch} --exit-with-session ${swayPackage}/bin/sway "$@"
   '';
   swayJoined = pkgs.symlinkJoin {
     name = "sway-joined";

nixos/modules/services/cluster/kubernetes/default.nix

@@ -784,7 +784,7 @@ in {
     clusterCidr = mkOption {
       description = "Kubernetes controller manager and proxy CIDR Range for Pods in cluster.";
       default = "10.1.0.0/16";
-      type = types.str;
+      type = types.nullOr types.str;
     };
 
     flannel.enable = mkOption {
@@ -1018,9 +1018,9 @@ in {
             ${if (cfg.controllerManager.rootCaFile!=null)
               then "--root-ca-file=${cfg.controllerManager.rootCaFile}"
               else "--root-ca-file=/var/run/kubernetes/apiserver.crt"} \
-            ${optionalString (cfg.clusterCidr!=null)
-              "--cluster-cidr=${cfg.clusterCidr}"} \
-            --allocate-node-cidrs=true \
+            ${if (cfg.clusterCidr!=null)
+              then "--cluster-cidr=${cfg.clusterCidr} --allocate-node-cidrs=true"
+              else "--allocate-node-cidrs=false"} \
             ${optionalString (cfg.controllerManager.featureGates != [])
               "--feature-gates=${concatMapStringsSep "," (feature: "${feature}=true") cfg.controllerManager.featureGates}"} \
             ${optionalString cfg.verbose "--v=6"} \

nixos/modules/services/databases/postgresql.nix

@@ -238,6 +238,9 @@ in
             User = "postgres";
             Group = "postgres";
             PermissionsStartOnly = true;
+            Type = if lib.versionAtLeast cfg.package.version "9.6"
+                   then "notify"
+                   else "simple";
 
             # Shut down Postgres using SIGINT ("Fast Shutdown mode").  See
             # http://www.postgresql.org/docs/current/static/server-shutdown.html

nixos/modules/system/boot/systemd-nspawn.nix

@@ -112,7 +112,7 @@ in {
 
       environment.etc."systemd/nspawn".source = generateUnits "nspawn" units [] [];
 
-      systemd.targets."multi-user".wants = [ "machines.target "];
+      systemd.targets."multi-user".wants = [ "machines.target" ];
   };
 
 }

nixos/modules/virtualisation/container-config.nix

@@ -22,12 +22,8 @@ with lib;
     # Not supported in systemd-nspawn containers.
     security.audit.enable = false;
 
-    # Make sure that root user in container will talk to host nix-daemon
-    environment.etc."profile".text = ''
-    export NIX_REMOTE=daemon
-    '';
-
-
+    # Use the host's nix-daemon.
+    environment.variables.NIX_REMOTE = "daemon";
 
   };
 

nixos/modules/virtualisation/docker-image.nix

@@ -17,3 +17,41 @@
   # Socket activated ssh presents problem in Docker.
   services.openssh.startWhenNeeded = false;
 }
+
+# Example usage:
+#
+## default.nix
+# let
+#   nixos = import <nixpkgs/nixos> {
+#     configuration = ./configuration.nix;
+#     system = "x86_64-linux";
+#   };
+# in
+# nixos.config.system.build.tarball
+#
+## configuration.nix
+# { pkgs, config, lib, ... }:
+# {
+#   imports = [
+#     <nixpkgs/nixos/modules/virtualisation/docker-image.nix>
+#     <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
+#   ];
+#
+#   documentation.doc.enable = false;
+#
+#   environment.systemPackages = with pkgs; [
+#     bashInteractive
+#     cacert
+#     nix
+#   ];
+# }
+#
+## Run
+# Build the tarball:
+# $ nix-build default.nix
+# Load into docker:
+# $ docker import result/tarball/nixos-system-*.tar.xz nixos-docker
+# Boots into systemd
+# $ docker run --privileged -it nixos-docker /init
+# Log into the container
+# $ docker exec -it <container-name> /run/current-system/sw/bin/bash