yggdrasil-wg: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-10-17 20:50:47 +0200
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-10-17 20:50:47 +0200
commit: 3a2161ef205c432db0053e9a82893069b54e55ed (patch)
tree: 4557c7c6c97fba7de6585729210a0ab8c1eec3cf /modules/networkd/systemd-lib.nix
parent: 65d0b738ab8e25042f1568ed313b001101c3f628 (diff)
download: nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar
nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.gz
nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.bz2
nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.xz
nixos-3a2161ef205c432db0053e9a82893069b54e55ed.zip
1 files changed, 237 insertions, 0 deletions
diff --git a/modules/networkd/systemd-lib.nix b/modules/networkd/systemd-lib.nix
new file mode 100644
index 00000000..2dbf1503
--- /dev/null
+++ b/modules/networkd/systemd-lib.nix
@@ -0,0 +1,237 @@
+{ config, lib, pkgs }:
+with lib;
+let
+  cfg = config.systemd;
+  lndir = "${pkgs.xorg.lndir}/bin/lndir";
+in rec {
+  shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
+  mkPathSafeName = lib.replaceChars ["@" ":" "\\" "[" "]"] ["-" "-" "-" "" ""];
+  makeUnit = name: unit:
+    if unit.enable then
+      pkgs.runCommand "unit-${mkPathSafeName name}"
+        { preferLocalBuild = true;
+          allowSubstitutes = false;
+          inherit (unit) text;
+        }
+        ''
+          mkdir -p $out
+          echo -n "$text" > $out/${shellEscape name}
+        ''
+    else
+      pkgs.runCommand "unit-${mkPathSafeName name}-disabled"
+        { preferLocalBuild = true;
+          allowSubstitutes = false;
+        }
+        ''
+          mkdir -p $out
+          ln -s /dev/null $out/${shellEscape name}
+        '';
+  boolValues = [true false "yes" "no"];
+  digits = map toString (range 0 9);
+  isByteFormat = s:
+    let
+      l = reverseList (stringToCharacters s);
+      suffix = head l;
+      nums = tail l;
+    in elem suffix (["K" "M" "G" "T"] ++ digits)
+      && all (num: elem num digits) nums;
+  assertByteFormat = name: group: attr:
+    optional (attr ? ${name} && ! isByteFormat attr.${name})
+      "Systemd ${group} field `${name}' must be in byte format [0-9]+[KMGT].";
+  hexChars = stringToCharacters "0123456789abcdefABCDEF";
+  isMacAddress = s: stringLength s == 17
+    && flip all (splitString ":" s) (bytes:
+      all (byte: elem byte hexChars) (stringToCharacters bytes)
+    );
+  assertMacAddress = name: group: attr:
+    optional (attr ? ${name} && ! isMacAddress attr.${name})
+      "Systemd ${group} field `${name}' must be a valid mac address.";
+  isPort = i: i >= 0 && i <= 65535;
+  assertPort = name: group: attr:
+    optional (attr ? ${name} && ! isPort attr.${name})
+      "Error on the systemd ${group} field `${name}': ${attr.name} is not a valid port number.";
+  assertValueOneOf = name: values: group: attr:
+    optional (attr ? ${name} && !elem attr.${name} values)
+      "Systemd ${group} field `${name}' cannot have value `${toString attr.${name}}'.";
+  assertHasField = name: group: attr:
+    optional (!(attr ? ${name}))
+      "Systemd ${group} field `${name}' must exist.";
+  assertRange = name: min: max: group: attr:
+    optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name}))
+      "Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]";
+  assertMinimum = name: min: group: attr:
+    optional (attr ? ${name} && attr.${name} < min)
+      "Systemd ${group} field `${name}' must be greater than or equal to ${toString min}";
+  assertOnlyFields = fields: group: attr:
+    let badFields = filter (name: ! elem name fields) (attrNames attr); in
+    optional (badFields != [ ])
+      "Systemd ${group} has extra fields [${concatStringsSep " " badFields}].";
+  assertInt = name: group: attr:
+    optional (attr ? ${name} && !isInt attr.${name})
+      "Systemd ${group} field `${name}' is not an integer";
+  checkUnitConfig = group: checks: attrs: let
+    # We're applied at the top-level type (attrsOf unitOption), so the actual
+    # unit options might contain attributes from mkOverride and mkIf that we need to
+    # convert into single values before checking them.
+    defs = mapAttrs (const (v:
+      if v._type or "" == "override" then v.content
+      else if v._type or "" == "if" then v.content
+      else v
+    )) attrs;
+    errors = concatMap (c: c group defs) checks;
+  in if errors == [] then true
+     else builtins.trace (concatStringsSep "\n" errors) false;
+  toOption = x:
+    if x == true then "true"
+    else if x == false then "false"
+    else toString x;
+  attrsToSection = as:
+    concatStrings (concatLists (mapAttrsToList (name: value:
+      map (x: ''
+          ${name}=${toOption x}
+        '')
+        (if isList value then value else [value]))
+        as));
+  generateUnits = generateUnits' true;
+  generateUnits' = allowCollisions: type: units: upstreamUnits: upstreamWants:
+    pkgs.runCommand "${type}-units"
+      { preferLocalBuild = true;
+        allowSubstitutes = false;
+      } ''
+      mkdir -p $out
+      # Copy the upstream systemd units we're interested in.
+      for i in ${toString upstreamUnits}; do
+        fn=${cfg.package}/example/systemd/${type}/$i
+        if ! [ -e $fn ]; then echo "missing $fn"; false; fi
+        if [ -L $fn ]; then
+          target="$(readlink "$fn")"
+          if [ ''${target:0:3} = ../ ]; then
+            ln -s "$(readlink -f "$fn")" $out/
+          else
+            cp -pd $fn $out/
+          fi
+        else
+          ln -s $fn $out/
+        fi
+      done
+      # Copy .wants links, but only those that point to units that
+      # we're interested in.
+      for i in ${toString upstreamWants}; do
+        fn=${cfg.package}/example/systemd/${type}/$i
+        if ! [ -e $fn ]; then echo "missing $fn"; false; fi
+        x=$out/$(basename $fn)
+        mkdir $x
+        for i in $fn/*; do
+          y=$x/$(basename $i)
+          cp -pd $i $y
+          if ! [ -e $y ]; then rm $y; fi
+        done
+      done
+      # Symlink all units provided listed in systemd.packages.
+      packages="${toString cfg.packages}"
+      # Filter duplicate directories
+      declare -A unique_packages
+      for k in $packages ; do unique_packages[$k]=1 ; done
+      for i in ''${!unique_packages[@]}; do
+        for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
+          if ! [[ "$fn" =~ .wants$ ]]; then
+            if [[ -d "$fn" ]]; then
+              targetDir="$out/$(basename "$fn")"
+              mkdir -p "$targetDir"
+              ${lndir} "$fn" "$targetDir"
+            else
+              ln -s $fn $out/
+            fi
+          fi
+        done
+      done
+      # Symlink all units defined by systemd.units. If these are also
+      # provided by systemd or systemd.packages, then add them as
+      # <unit-name>.d/overrides.conf, which makes them extend the
+      # upstream unit.
+      for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
+        fn=$(basename $i/*)
+        if [ -e $out/$fn ]; then
+          if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
+            ln -sfn /dev/null $out/$fn
+          else
+            ${if allowCollisions then ''
+              mkdir -p $out/$fn.d
+              ln -s $i/$fn $out/$fn.d/overrides.conf
+            '' else ''
+              echo "Found multiple derivations configuring $fn!"
+              exit 1
+            ''}
+          fi
+       else
+          ln -fs $i/$fn $out/
+        fi
+      done
+      # Create service aliases from aliases option.
+      ${concatStrings (mapAttrsToList (name: unit:
+          concatMapStrings (name2: ''
+            ln -sfn '${name}' $out/'${name2}'
+          '') unit.aliases) units)}
+      # Create .wants and .requires symlinks from the wantedBy and
+      # requiredBy options.
+      ${concatStrings (mapAttrsToList (name: unit:
+          concatMapStrings (name2: ''
+            mkdir -p $out/'${name2}.wants'
+            ln -sfn '../${name}' $out/'${name2}.wants'/
+          '') unit.wantedBy) units)}
+      ${concatStrings (mapAttrsToList (name: unit:
+          concatMapStrings (name2: ''
+            mkdir -p $out/'${name2}.requires'
+            ln -sfn '../${name}' $out/'${name2}.requires'/
+          '') unit.requiredBy) units)}
+      ${optionalString (type == "system") ''
+        # Stupid misc. symlinks.
+        ln -s ${cfg.defaultUnit} $out/default.target
+        ln -s ${cfg.ctrlAltDelUnit} $out/ctrl-alt-del.target
+        ln -s rescue.target $out/kbrequest.target
+        mkdir -p $out/getty.target.wants/
+        ln -s ../autovt@tty1.service $out/getty.target.wants/
+        ln -s ../local-fs.target ../remote-fs.target \
+        ../nss-lookup.target ../nss-user-lookup.target ../swap.target \
+        $out/multi-user.target.wants/
+      ''}
+    ''; # */
+}
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-10-17 20:50:47 +0200
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-10-17 20:50:47 +0200
commit	3a2161ef205c432db0053e9a82893069b54e55ed (patch)
tree	4557c7c6c97fba7de6585729210a0ab8c1eec3cf /modules/networkd/systemd-lib.nix
parent	65d0b738ab8e25042f1568ed313b001101c3f628 (diff)
download	nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.gz nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.bz2 nixos-3a2161ef205c432db0053e9a82893069b54e55ed.tar.xz nixos-3a2161ef205c432db0053e9a82893069b54e55ed.zip

diff --git a/modules/networkd/systemd-lib.nix b/modules/networkd/systemd-lib.nix new file mode 100644 index 00000000..2dbf1503 --- /dev/null +++ b/modules/networkd/systemd-lib.nix
@@ -0,0 +1,237 @@
	1	{ config, lib, pkgs }:
	2
	3	with lib;
	4
	5	let
	6	cfg = config.systemd;
	7	lndir = "${pkgs.xorg.lndir}/bin/lndir";
	8	in rec {
	9
	10	shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
	11
	12	mkPathSafeName = lib.replaceChars ["@" ":" "\\" "[" "]"] ["-" "-" "-" "" ""];
	13
	14	makeUnit = name: unit:
	15	if unit.enable then
	16	pkgs.runCommand "unit-${mkPathSafeName name}"
	17	{ preferLocalBuild = true;
	18	allowSubstitutes = false;
	19	inherit (unit) text;
	20	}
	21	''
	22	mkdir -p $out
	23	echo -n "$text" > $out/${shellEscape name}
	24	''
	25	else
	26	pkgs.runCommand "unit-${mkPathSafeName name}-disabled"
	27	{ preferLocalBuild = true;
	28	allowSubstitutes = false;
	29	}
	30	''
	31	mkdir -p $out
	32	ln -s /dev/null $out/${shellEscape name}
	33	'';
	34
	35	boolValues = [true false "yes" "no"];
	36
	37	digits = map toString (range 0 9);
	38
	39	isByteFormat = s:
	40	let
	41	l = reverseList (stringToCharacters s);
	42	suffix = head l;
	43	nums = tail l;
	44	in elem suffix (["K" "M" "G" "T"] ++ digits)
	45	&& all (num: elem num digits) nums;
	46
	47	assertByteFormat = name: group: attr:
	48	optional (attr ? ${name} && ! isByteFormat attr.${name})
	49	"Systemd ${group} field `${name}' must be in byte format [0-9]+[KMGT].";
	50
	51	hexChars = stringToCharacters "0123456789abcdefABCDEF";
	52
	53	isMacAddress = s: stringLength s == 17
	54	&& flip all (splitString ":" s) (bytes:
	55	all (byte: elem byte hexChars) (stringToCharacters bytes)
	56	);
	57
	58	assertMacAddress = name: group: attr:
	59	optional (attr ? ${name} && ! isMacAddress attr.${name})
	60	"Systemd ${group} field `${name}' must be a valid mac address.";
	61
	62	isPort = i: i >= 0 && i <= 65535;
	63
	64	assertPort = name: group: attr:
	65	optional (attr ? ${name} && ! isPort attr.${name})
	66	"Error on the systemd ${group} field `${name}': ${attr.name} is not a valid port number.";
	67
	68	assertValueOneOf = name: values: group: attr:
	69	optional (attr ? ${name} && !elem attr.${name} values)
	70	"Systemd ${group} field `${name}' cannot have value `${toString attr.${name}}'.";
	71
	72	assertHasField = name: group: attr:
	73	optional (!(attr ? ${name}))
	74	"Systemd ${group} field `${name}' must exist.";
	75
	76	assertRange = name: min: max: group: attr:
	77	optional (attr ? ${name} && !(min <= attr.${name} && max >= attr.${name}))
	78	"Systemd ${group} field `${name}' is outside the range [${toString min},${toString max}]";
	79
	80	assertMinimum = name: min: group: attr:
	81	optional (attr ? ${name} && attr.${name} < min)
	82	"Systemd ${group} field `${name}' must be greater than or equal to ${toString min}";
	83
	84	assertOnlyFields = fields: group: attr:
	85	let badFields = filter (name: ! elem name fields) (attrNames attr); in
	86	optional (badFields != [ ])
	87	"Systemd ${group} has extra fields [${concatStringsSep " " badFields}].";
	88
	89	assertInt = name: group: attr:
	90	optional (attr ? ${name} && !isInt attr.${name})
	91	"Systemd ${group} field `${name}' is not an integer";
	92
	93	checkUnitConfig = group: checks: attrs: let
	94	# We're applied at the top-level type (attrsOf unitOption), so the actual
	95	# unit options might contain attributes from mkOverride and mkIf that we need to
	96	# convert into single values before checking them.
	97	defs = mapAttrs (const (v:
	98	if v._type or "" == "override" then v.content
	99	else if v._type or "" == "if" then v.content
	100	else v
	101	)) attrs;
	102	errors = concatMap (c: c group defs) checks;
	103	in if errors == [] then true
	104	else builtins.trace (concatStringsSep "\n" errors) false;
	105
	106	toOption = x:
	107	if x == true then "true"
	108	else if x == false then "false"
	109	else toString x;
	110
	111	attrsToSection = as:
	112	concatStrings (concatLists (mapAttrsToList (name: value:
	113	map (x: ''
	114	${name}=${toOption x}
	115	'')
	116	(if isList value then value else [value]))
	117	as));
	118
	119	generateUnits = generateUnits' true;
	120
	121	generateUnits' = allowCollisions: type: units: upstreamUnits: upstreamWants:
	122	pkgs.runCommand "${type}-units"
	123	{ preferLocalBuild = true;
	124	allowSubstitutes = false;
	125	} ''
	126	mkdir -p $out
	127
	128	# Copy the upstream systemd units we're interested in.
	129	for i in ${toString upstreamUnits}; do
	130	fn=${cfg.package}/example/systemd/${type}/$i
	131	if ! [ -e $fn ]; then echo "missing $fn"; false; fi
	132	if [ -L $fn ]; then
	133	target="$(readlink "$fn")"
	134	if [ ''${target:0:3} = ../ ]; then
	135	ln -s "$(readlink -f "$fn")" $out/
	136	else
	137	cp -pd $fn $out/
	138	fi
	139	else
	140	ln -s $fn $out/
	141	fi
	142	done
	143
	144	# Copy .wants links, but only those that point to units that
	145	# we're interested in.
	146	for i in ${toString upstreamWants}; do
	147	fn=${cfg.package}/example/systemd/${type}/$i
	148	if ! [ -e $fn ]; then echo "missing $fn"; false; fi
	149	x=$out/$(basename $fn)
	150	mkdir $x
	151	for i in $fn/*; do
	152	y=$x/$(basename $i)
	153	cp -pd $i $y
	154	if ! [ -e $y ]; then rm $y; fi
	155	done
	156	done
	157
	158	# Symlink all units provided listed in systemd.packages.
	159	packages="${toString cfg.packages}"
	160
	161	# Filter duplicate directories
	162	declare -A unique_packages
	163	for k in $packages ; do unique_packages[$k]=1 ; done
	164
	165	for i in ''${!unique_packages[@]}; do
	166	for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
	167	if ! [[ "$fn" =~ .wants$ ]]; then
	168	if [[ -d "$fn" ]]; then
	169	targetDir="$out/$(basename "$fn")"
	170	mkdir -p "$targetDir"
	171	${lndir} "$fn" "$targetDir"
	172	else
	173	ln -s $fn $out/
	174	fi
	175	fi
	176	done
	177	done
	178
	179	# Symlink all units defined by systemd.units. If these are also
	180	# provided by systemd or systemd.packages, then add them as
	181	# <unit-name>.d/overrides.conf, which makes them extend the
	182	# upstream unit.
	183	for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
	184	fn=$(basename $i/*)
	185	if [ -e $out/$fn ]; then
	186	if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
	187	ln -sfn /dev/null $out/$fn
	188	else
	189	${if allowCollisions then ''
	190	mkdir -p $out/$fn.d
	191	ln -s $i/$fn $out/$fn.d/overrides.conf
	192	'' else ''
	193	echo "Found multiple derivations configuring $fn!"
	194	exit 1
	195	''}
	196	fi
	197	else
	198	ln -fs $i/$fn $out/
	199	fi
	200	done
	201
	202	# Create service aliases from aliases option.
	203	${concatStrings (mapAttrsToList (name: unit:
	204	concatMapStrings (name2: ''
	205	ln -sfn '${name}' $out/'${name2}'
	206	'') unit.aliases) units)}
	207
	208	# Create .wants and .requires symlinks from the wantedBy and
	209	# requiredBy options.
	210	${concatStrings (mapAttrsToList (name: unit:
	211	concatMapStrings (name2: ''
	212	mkdir -p $out/'${name2}.wants'
	213	ln -sfn '../${name}' $out/'${name2}.wants'/
	214	'') unit.wantedBy) units)}
	215
	216	${concatStrings (mapAttrsToList (name: unit:
	217	concatMapStrings (name2: ''
	218	mkdir -p $out/'${name2}.requires'
	219	ln -sfn '../${name}' $out/'${name2}.requires'/
	220	'') unit.requiredBy) units)}
	221
	222	${optionalString (type == "system") ''
	223	# Stupid misc. symlinks.
	224	ln -s ${cfg.defaultUnit} $out/default.target
	225	ln -s ${cfg.ctrlAltDelUnit} $out/ctrl-alt-del.target
	226	ln -s rescue.target $out/kbrequest.target
	227
	228	mkdir -p $out/getty.target.wants/
	229	ln -s ../autovt@tty1.service $out/getty.target.wants/
	230
	231	ln -s ../local-fs.target ../remote-fs.target \
	232	../nss-lookup.target ../nss-user-lookup.target ../swap.target \
	233	$out/multi-user.target.wants/
	234	''}
	235	''; # */
	236
	237	}