Compare commits
11 Commits
master
...
shared-nix
Author | SHA1 | Date | |
---|---|---|---|
e065cde376 | |||
3bb0b550aa | |||
e4cbcab81c | |||
77b41a90e2 | |||
1fc6891dc6 | |||
8c11c7460a | |||
e6014511f5 | |||
320c58ce48 | |||
d145ee9b2c | |||
140178d58e | |||
d48f3b989a |
@ -45,6 +45,8 @@
|
||||
bsc.osumb
|
||||
];
|
||||
|
||||
programs.direnv.enable = true;
|
||||
|
||||
systemd.services."serial-getty@ttyS0" = {
|
||||
enable = true;
|
||||
wantedBy = [ "getty.target" ];
|
||||
|
@ -2,7 +2,6 @@
|
||||
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
direnv
|
||||
zsh-completions
|
||||
nix-zsh-completions
|
||||
];
|
||||
|
69
m/module/shared-nix-store.nix
Normal file
69
m/module/shared-nix-store.nix
Normal file
@ -0,0 +1,69 @@
|
||||
{ ... }:
|
||||
{
|
||||
# Don't make the nix store read-only, as this would prevent the overlay FS
|
||||
# from being able to mount it.
|
||||
boot.readOnlyNixStore = false;
|
||||
|
||||
# The nix-daemon.socket has an unnecessary dependency over the /nix/store
|
||||
# mount point. But that mount point won't be provided until the network is
|
||||
# ready. However, the network-address-eno1.service, has a dependency over
|
||||
# sockets.target, causing a cycle.
|
||||
# One solution is to make the nix-daemon.socket depend only on the socket
|
||||
# patch (which is already covered by ConditionPathIsReadWrite =
|
||||
# /nix/var/nix/daemon-socket), instead on the /nix/store.
|
||||
#
|
||||
# Using systemd.sockets.nix-daemon.unitConfig.RequiresMountsFor =
|
||||
# "/nix/var/nix/daemon-socket" doesn't work, as the the mount options get
|
||||
# added by systemd when the override config is merged with the one that Nix
|
||||
# provides:
|
||||
#
|
||||
# owl2% sudo systemctl show nix-daemon.socket | grep RequiresMountsFor
|
||||
# RequiresMountsFor=/nix/store /nix/var/nix/daemon-socket/socket /nix/var/nix/daemon-socket
|
||||
#
|
||||
# To fix this, the Nix package is patched to only depend on /nix/var instead.
|
||||
# See ../../pkgs/overlay.nix for details.
|
||||
|
||||
# Mount the hut nix store via NFS in read-only mode.
|
||||
fileSystems."/mnt/hut-nix-store" = {
|
||||
device = "hut:/nix/store";
|
||||
fsType = "nfs";
|
||||
options = [ "ro" ];
|
||||
};
|
||||
|
||||
# A workdir is also needed, so setup a permanent dir using tmpfiles.
|
||||
systemd.tmpfiles.rules = [
|
||||
"d /mnt/nix-work 0700 root root -"
|
||||
];
|
||||
|
||||
# Mount an overlay in /nix/store using as lower layer the NFS store and upper
|
||||
# layer the disk nix store. The destination is still the nix store in
|
||||
# /nix/store (confusing). We need rw access, as the daemon need to write the
|
||||
# lock files to build derivations locally. Use a systemd mount unit directly
|
||||
# so we can specify the LazyUmount option and we avoid having it mounted
|
||||
# in the stage1 before systemd.
|
||||
systemd.mounts = [
|
||||
{
|
||||
what = "overlay";
|
||||
type = "overlay";
|
||||
where = "/nix/store";
|
||||
# We need the local-fs.target to be ready, so the network interfaces can
|
||||
# be configured to the network.target is reached. So make this a netdev
|
||||
# mount.
|
||||
options = "_netdev,lowerdir=/mnt/hut-nix-store,upperdir=/nix/store,workdir=/mnt/nix-work";
|
||||
description = "Overlay /nix/store mount";
|
||||
mountConfig = {
|
||||
LazyUnmount = true;
|
||||
};
|
||||
|
||||
# Run the unit after remote-fs-pre.target but before the remote-fs.target
|
||||
after = [ "remote-fs-pre.target"];
|
||||
before = [ "umount.target" "remote-fs.target" ];
|
||||
# Install by using wantedBy over remote-fs.target
|
||||
wantedBy = [ "remote-fs.target" ];
|
||||
unitConfig = {
|
||||
# We need to wait for the NFS mount
|
||||
RequiresMountsFor = "/nix/store /mnt/hut-nix-store";
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
@ -5,6 +5,7 @@
|
||||
../common/main.nix
|
||||
../module/ceph.nix
|
||||
../module/slurm-firewall.nix
|
||||
../module/shared-nix-store.nix
|
||||
];
|
||||
|
||||
# Select the this using the ID to avoid mismatches
|
||||
|
@ -5,6 +5,7 @@
|
||||
../common/main.nix
|
||||
../module/ceph.nix
|
||||
../module/slurm-firewall.nix
|
||||
../module/shared-nix-store.nix
|
||||
];
|
||||
|
||||
# Select the this using the ID to avoid mismatches
|
||||
|
11
pkgs/nix-socket.patch
Normal file
11
pkgs/nix-socket.patch
Normal file
@ -0,0 +1,11 @@
|
||||
--- a/misc/systemd/nix-daemon.socket.in 1970-01-01 01:00:01.000000000 +0100
|
||||
+++ b/misc/systemd/nix-daemon.socket.in 2023-09-18 17:53:32.351760208 +0200
|
||||
@@ -1,7 +1,7 @@
|
||||
[Unit]
|
||||
Description=Nix Daemon Socket
|
||||
Before=multi-user.target
|
||||
-RequiresMountsFor=@storedir@
|
||||
+RequiresMountsFor=@localstatedir@
|
||||
ConditionPathIsReadWrite=@localstatedir@/nix/daemon-socket
|
||||
|
||||
[Socket]
|
@ -32,4 +32,8 @@ final: prev:
|
||||
lua = prev.lua5_4;
|
||||
fmt = prev.fmt_8;
|
||||
}) ceph ceph-client;
|
||||
|
||||
nix = prev.nix.overrideAttrs (old: {
|
||||
patches = old.patches ++ [ ./nix-socket.patch ];
|
||||
});
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user