diff --git a/modules/boot.nix b/modules/boot/default.nix similarity index 80% rename from modules/boot.nix rename to modules/boot/default.nix index 86a5cb0..ebb8d28 100644 --- a/modules/boot.nix +++ b/modules/boot/default.nix @@ -1,4 +1,12 @@ -_: {lib, ...}: { +_: { + lib, + modulesPath, + ... +}: { + disabledModules = ["${modulesPath}/system/boot/stage-2.nix"]; + imports = [ + ./stage-2.nix + ]; environment.etc = { "issue" = { text = "[?12l[?25h"; @@ -8,7 +16,7 @@ _: {lib, ...}: { boot = { blacklistedKernelModules = ["nouveau" "lbm-nouveau" "pcspkr"]; kernelParams = ["fbcon=nodefer" "bgrt_disable" "quiet" "systemd.show_status=false" "rd.udev.log_level=3" "vt.global_cursor_default=0"]; - consoleLogLevel = 0; + consoleLogLevel = 3; initrd.verbose = false; plymouth = { enable = lib.mkDefault true; diff --git a/modules/boot/stage-2-init.sh b/modules/boot/stage-2-init.sh new file mode 100644 index 0000000..491ddf3 --- /dev/null +++ b/modules/boot/stage-2-init.sh @@ -0,0 +1,131 @@ +#! @shell@ +exec 1<&- +exec 1<>/dev/null +systemConfig=@systemConfig@ + +export HOME=/root PATH="@path@" + + +if [ "${IN_NIXOS_SYSTEMD_STAGE1:-}" != true ]; then + # Process the kernel command line. + for o in $(>>\e[0m" + echo + + + # Normally, stage 1 mounts the root filesystem read/writable. + # However, in some environments, stage 2 is executed directly, and the + # root is read-only. So make it writable here. + if [ -z "$container" ]; then + mount -n -o remount,rw none / + fi +fi + + +# Likewise, stage 1 mounts /proc, /dev and /sys, so if we don't have a +# stage 1, we need to do that here. +if [ ! -e /proc/1 ]; then + specialMount() { + local device="$1" + local mountPoint="$2" + local options="$3" + local fsType="$4" + + # We must not overwrite this mount because it's bind-mounted + # from stage 1's /run + if [ "${IN_NIXOS_SYSTEMD_STAGE1:-}" = true ] && [ "${mountPoint}" = /run ]; then + return + fi + + install -m 0755 -d "$mountPoint" + mount -n -t "$fsType" -o "$options" "$device" "$mountPoint" + } + source @earlyMountScript@ +fi + + +if [ "${IN_NIXOS_SYSTEMD_STAGE1:-}" = true ]; then + echo "booting system configuration ${systemConfig}" +else + echo "booting system configuration $systemConfig" > /dev/kmsg +fi + + +# Make /nix/store a read-only bind mount to enforce immutability of +# the Nix store. Note that we can't use "chown root:nixbld" here +# because users/groups might not exist yet. +# Silence chown/chmod to fail gracefully on a readonly filesystem +# like squashfs. +chown -f 0:30000 /nix/store +chmod -f 1775 /nix/store +if [ -n "@readOnlyNixStore@" ]; then + if ! [[ "$(findmnt --noheadings --output OPTIONS /nix/store)" =~ ro(,|$) ]]; then + if [ -z "$container" ]; then + mount --bind /nix/store /nix/store + else + mount --rbind /nix/store /nix/store + fi + mount -o remount,ro,bind /nix/store + fi +fi + + +if [ "${IN_NIXOS_SYSTEMD_STAGE1:-}" != true ]; then + # Use /etc/resolv.conf supplied by systemd-nspawn, if applicable. + if [ -n "@useHostResolvConf@" ] && [ -e /etc/resolv.conf ]; then + resolvconf -m 1000 -a host &1 {logErrFd}>&2 + if test -w /dev/kmsg; then + exec > >(tee -i /proc/self/fd/"$logOutFd" | while read -r line; do + if test -n "$line"; then + echo "<7>stage-2-init: $line" > /dev/kmsg + fi + done) 2>&1 + else + mkdir -p /run/log + exec > >(tee -i /run/log/stage-2-init.log) 2>&1 + fi +fi +# Required by the activation script +install -m 0755 -d /etc /etc/nixos +install -m 01777 -d /tmp +# Run the script that performs all configuration activation that does +# not have to be done at boot time. +echo "running activation script..." +$systemConfig/activate +# Record the boot configuration. +ln -sfn "$systemConfig" /run/booted-system +# Run any user-specified commands. +@shell@ @postBootCommands@ +# Ensure systemd doesn't try to populate /etc, by forcing its first-boot +# heuristic off. It doesn't matter what's in /etc/machine-id for this purpose, +# and systemd will immediately fill in the file when it starts, so just +# creating it is enough. This `: >>` pattern avoids forking and avoids changing +# the mtime if the file already exists. +: >> /etc/machine-id +# No need to restore the stdout/stderr streams we never redirected and +# especially no need to start systemd +if [ "${IN_NIXOS_SYSTEMD_STAGE1:-}" != true ]; then + # Reset the logging file descriptors. + exec 1>&$logOutFd 2>&$logErrFd + exec {logOutFd}>&- {logErrFd}>&- + # Start systemd in a clean environment. + echo "starting systemd..." + exec @systemdExecutable@ "$@" +fi diff --git a/modules/boot/stage-2.nix b/modules/boot/stage-2.nix new file mode 100644 index 0000000..3020d2d --- /dev/null +++ b/modules/boot/stage-2.nix @@ -0,0 +1,76 @@ +{ + config, + lib, + pkgs, + ... +}: +with lib; let + useHostResolvConf = config.networking.resolvconf.enable && config.networking.useHostResolvConf; + + bootStage2 = pkgs.substituteAll { + src = ./stage-2-init.sh; + shellDebug = "${pkgs.bashInteractive}/bin/bash"; + shell = "${pkgs.bash}/bin/bash"; + inherit (config.boot) readOnlyNixStore systemdExecutable extraSystemdUnitPaths; + inherit (config.system.nixos) distroName; + isExecutable = true; + inherit useHostResolvConf; + inherit (config.system.build) earlyMountScript; + path = lib.makeBinPath ([ + pkgs.coreutils + pkgs.util-linux + ] + ++ lib.optional useHostResolvConf pkgs.openresolv); + postBootCommands = + pkgs.writeText "local-cmds" + '' + ${config.boot.postBootCommands} + ${config.powerManagement.powerUpCommands} + ''; + }; +in { + options = { + boot = { + postBootCommands = mkOption { + default = ""; + example = "rm -f /var/log/messages"; + type = types.lines; + description = lib.mdDoc '' + Shell commands to be executed just before systemd is started. + ''; + }; + + readOnlyNixStore = mkOption { + type = types.bool; + default = true; + description = lib.mdDoc '' + If set, NixOS will enforce the immutability of the Nix store + by making {file}`/nix/store` a read-only bind + mount. Nix will automatically make the store writable when + needed. + ''; + }; + + systemdExecutable = mkOption { + default = "/run/current-system/systemd/lib/systemd/systemd"; + type = types.str; + description = lib.mdDoc '' + The program to execute to start systemd. + ''; + }; + + extraSystemdUnitPaths = mkOption { + default = []; + type = types.listOf types.str; + description = lib.mdDoc '' + Additional paths that get appended to the SYSTEMD_UNIT_PATH environment variable + that can contain mutable unit files. + ''; + }; + }; + }; + + config = { + system.build.bootStage2 = lib.mkForce bootStage2; + }; +} diff --git a/modules/default.nix b/modules/default.nix index 87d55df..729a3f2 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -2,8 +2,8 @@ inputs: { imports = [ (import ./DE inputs) (import ./DM inputs) + (import ./boot inputs) - (import ./boot.nix inputs) (import ./git.nix inputs) (import ./hardware.nix inputs) (import ./misc.nix inputs) diff --git a/systems/gerg-desktop/zfs.nix b/systems/gerg-desktop/zfs.nix index af400e9..0a212e4 100644 --- a/systems/gerg-desktop/zfs.nix +++ b/systems/gerg-desktop/zfs.nix @@ -36,6 +36,10 @@ _: {config, ...}: { devices = ["/dev/disk/by-id/nvme-SHPP41-500GM_SSB4N6719101A4N22"]; } ]; + splashImage = null; + extraConfig = '' + GRUB_TIMEOUT_STYLE=hidden + ''; }; }; };