gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/swap: avoid top-level with expressions (#327991)

Browse Source
This commit is contained in:
Philip Taron
2024-07-17 11:23:14 -07:00
committed by GitHub
parent 86abf2f88b
commit 33a4732e46
1 changed files with 20 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
nixos/modules/config/swap.nix
View File

@@ -1,9 +1,7 @@
{ config, lib, pkgs, utils, ... }: { config, lib, pkgs, utils, ... }:
with utils;
with lib;
let let
inherit (lib) mkIf mkOption types;
randomEncryptionCoerce = enable: { inherit enable; }; randomEncryptionCoerce = enable: { inherit enable; };
@@ -188,7 +186,7 @@ let
config = { config = {
device = mkIf options.label.isDefined device = mkIf options.label.isDefined
"/dev/disk/by-label/${config.label}"; "/dev/disk/by-label/${config.label}";
deviceName = lib.replaceStrings ["\\"] [""] (escapeSystemdPath config.device); deviceName = lib.replaceStrings ["\\"] [""] (utils.escapeSystemdPath config.device);
realDevice = if config.randomEncryption.enable then "/dev/mapper/${config.deviceName}" else config.device; realDevice = if config.randomEncryption.enable then "/dev/mapper/${config.deviceName}" else config.device;
}; };
@@ -224,8 +222,8 @@ in
}; };
config = mkIf ((length config.swapDevices) != 0) { config = mkIf ((lib.length config.swapDevices) != 0) {
assertions = map (sw: { assertions = lib.map (sw: {
assertion = sw.randomEncryption.enable -> builtins.match "/dev/disk/by-(uuid|label)/.*" sw.device == null; assertion = sw.randomEncryption.enable -> builtins.match "/dev/disk/by-(uuid|label)/.*" sw.device == null;
message = '' message = ''
You cannot use swap device "${sw.device}" with randomEncryption enabled. You cannot use swap device "${sw.device}" with randomEncryption enabled.
@@ -235,22 +233,22 @@ in
}) config.swapDevices; }) config.swapDevices;
warnings = warnings =
concatMap (sw: lib.concatMap (sw:
if sw.size != null && hasPrefix "/dev/" sw.device if sw.size != null && lib.hasPrefix "/dev/" sw.device
then [ "Setting the swap size of block device ${sw.device} has no effect" ] then [ "Setting the swap size of block device ${sw.device} has no effect" ]
else [ ]) else [ ])
config.swapDevices; config.swapDevices;
system.requiredKernelConfig = with config.lib.kernelConfig; [ system.requiredKernelConfig = [
(isYes "SWAP") (config.lib.kernelConfig.isYes "SWAP")
]; ];
# Create missing swapfiles. # Create missing swapfiles.
systemd.services = systemd.services =
let let
createSwapDevice = sw: createSwapDevice = sw:
let realDevice' = escapeSystemdPath sw.realDevice; let realDevice' = utils.escapeSystemdPath sw.realDevice;
in nameValuePair "mkswap-${sw.deviceName}" in lib.nameValuePair "mkswap-${sw.deviceName}"
{ description = "Initialisation of swap device ${sw.device}"; { description = "Initialisation of swap device ${sw.device}";
# The mkswap service fails for file-backed swap devices if the # The mkswap service fails for file-backed swap devices if the
# loop module has not been loaded before the service runs. # loop module has not been loaded before the service runs.
@@ -261,13 +259,13 @@ in
before = [ "${realDevice'}.swap" "shutdown.target"]; before = [ "${realDevice'}.swap" "shutdown.target"];
conflicts = [ "shutdown.target" ]; conflicts = [ "shutdown.target" ];
path = [ pkgs.util-linux pkgs.e2fsprogs ] path = [ pkgs.util-linux pkgs.e2fsprogs ]
++ optional sw.randomEncryption.enable pkgs.cryptsetup; ++ lib.optional sw.randomEncryption.enable pkgs.cryptsetup;
environment.DEVICE = sw.device; environment.DEVICE = sw.device;
script = script =
'' ''
${optionalString (sw.size != null) '' ${lib.optionalString (sw.size != null) ''
currentSize=$(( $(stat -c "%s" "$DEVICE" 2>/dev/null || echo 0) / 1024 / 1024 )) currentSize=$(( $(stat -c "%s" "$DEVICE" 2>/dev/null || echo 0) / 1024 / 1024 ))
if [[ ! -b "$DEVICE" && "${toString sw.size}" != "$currentSize" ]]; then if [[ ! -b "$DEVICE" && "${toString sw.size}" != "$currentSize" ]]; then
# Disable CoW for CoW based filesystems like BTRFS. # Disable CoW for CoW based filesystems like BTRFS.
@@ -275,15 +273,15 @@ in
chattr +C "$DEVICE" 2>/dev/null || true chattr +C "$DEVICE" 2>/dev/null || true
dd if=/dev/zero of="$DEVICE" bs=1M count=${toString sw.size} dd if=/dev/zero of="$DEVICE" bs=1M count=${toString sw.size}
${optionalString (!sw.randomEncryption.enable) "mkswap ${sw.realDevice}"} ${lib.optionalString (!sw.randomEncryption.enable) "mkswap ${sw.realDevice}"}
fi fi
''} ''}
${optionalString sw.randomEncryption.enable '' ${lib.optionalString sw.randomEncryption.enable ''
cryptsetup plainOpen -c ${sw.randomEncryption.cipher} -d ${sw.randomEncryption.source} \ cryptsetup plainOpen -c ${sw.randomEncryption.cipher} -d ${sw.randomEncryption.source} \
${concatStringsSep " \\\n" (flatten [ ${lib.concatStringsSep " \\\n" (lib.flatten [
(optional (sw.randomEncryption.sectorSize != null) "--sector-size=${toString sw.randomEncryption.sectorSize}") (lib.optional (sw.randomEncryption.sectorSize != null) "--sector-size=${toString sw.randomEncryption.sectorSize}")
(optional (sw.randomEncryption.keySize != null) "--key-size=${toString sw.randomEncryption.keySize}") (lib.optional (sw.randomEncryption.keySize != null) "--key-size=${toString sw.randomEncryption.keySize}")
(optional sw.randomEncryption.allowDiscards "--allow-discards") (lib.optional sw.randomEncryption.allowDiscards "--allow-discards")
])} ${sw.device} ${sw.deviceName} ])} ${sw.device} ${sw.deviceName}
mkswap ${sw.realDevice} mkswap ${sw.realDevice}
''} ''}
@@ -295,12 +293,12 @@ in
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = sw.randomEncryption.enable; RemainAfterExit = sw.randomEncryption.enable;
UMask = "0177"; UMask = "0177";
ExecStop = optionalString sw.randomEncryption.enable "${pkgs.cryptsetup}/bin/cryptsetup luksClose ${sw.deviceName}"; ExecStop = lib.optionalString sw.randomEncryption.enable "${pkgs.cryptsetup}/bin/cryptsetup luksClose ${sw.deviceName}";
}; };
restartIfChanged = false; restartIfChanged = false;
}; };
in listToAttrs (map createSwapDevice (filter (sw: sw.size != null || sw.randomEncryption.enable) config.swapDevices)); in lib.listToAttrs (lib.map createSwapDevice (lib.filter (sw: sw.size != null || sw.randomEncryption.enable) config.swapDevices));
}; };