Revert "nixos: allow more things to be disabled"

nixos/modules/config/system-path.nix

@@ -8,47 +8,41 @@
 }:
 let
 
-  corePackageNames = [
+  requiredPackages =
-    "acl"
+    map (pkg: lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
-    "attr"
+      [
-    "bashInteractive" # bash with ncurses support
+        pkgs.acl
-    "bzip2"
+        pkgs.attr
-    "coreutils-full"
+        pkgs.bashInteractive # bash with ncurses support
-    "cpio"
+        pkgs.bzip2
-    "curl"
+        pkgs.coreutils-full
-    "diffutils"
+        pkgs.cpio
-    "findutils"
+        pkgs.curl
-    "gawk"
+        pkgs.diffutils
-    "getent"
+        pkgs.findutils
-    "getconf"
+        pkgs.gawk
-    "gnugrep"
+        pkgs.stdenv.cc.libc
-    "gnupatch"
+        pkgs.getent
-    "gnused"
+        pkgs.getconf
-    "gnutar"
+        pkgs.gnugrep
-    "gzip"
+        pkgs.gnupatch
-    "xz"
+        pkgs.gnused
-    "less"
+        pkgs.gnutar
-    "libcap"
+        pkgs.gzip
-    "ncurses"
+        pkgs.xz
-    "netcat"
+        pkgs.less
-    "mkpasswd"
+        pkgs.libcap
-    "procps"
+        pkgs.ncurses
-    "su"
+        pkgs.netcat
-    "time"
+        config.programs.ssh.package
-    "util-linux"
+        pkgs.mkpasswd
-    "which"
+        pkgs.procps
-    "zstd"
+        pkgs.su
+        pkgs.time
+        pkgs.util-linux
+        pkgs.which
+        pkgs.zstd
       ];
-  corePackages =
-    (map (
-      n:
-      let
-        pkg = pkgs.${n};
-      in
-      lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg
-    ) corePackageNames)
-    ++ [ pkgs.stdenv.cc.libc ];
-  corePackagesText = "[ ${lib.concatMapStringsSep " " (n: "pkgs.${n}") corePackageNames} ]";
 
   defaultPackageNames = [
     "perl"
@@ -86,29 +80,6 @@ in
         '';
       };
 
-      corePackages = lib.mkOption {
-        type = lib.types.listOf lib.types.package;
-        default = corePackages;
-        defaultText = lib.literalMD ''
-          these packages, with their `meta.priority` numerically increased
-          (thus lowering their installation priority):
-
-              ${corePackagesText}
-        '';
-        example = [ ];
-        description = ''
-          Set of core packages for a normal interactive system.
-
-          Only change this if you know what you're doing!
-
-          Like with systemPackages, packages are installed to
-          {file}`/run/current-system/sw`. They are
-          automatically available to all users, and are
-          automatically updated every time you rebuild the system
-          configuration.
-        '';
-      };
-
       defaultPackages = lib.mkOption {
         type = lib.types.listOf lib.types.package;
         default = defaultPackages;
@@ -180,7 +151,7 @@ in
 
   config = {
 
-    environment.systemPackages = config.environment.corePackages ++ config.environment.defaultPackages;
+    environment.systemPackages = requiredPackages ++ config.environment.defaultPackages;
 
     environment.pathsToLink = [
       "/bin"

nixos/modules/programs/bash/bash.nix

@@ -23,11 +23,15 @@ let
 in
 
 {
+  imports = [
+    (lib.mkRemovedOptionModule [ "programs" "bash" "enable" ] "")
+  ];
 
   options = {
 
     programs.bash = {
 
+      /*
         enable = lib.mkOption {
           default = true;
           description = ''
@@ -40,6 +44,7 @@ in
           '';
           type = lib.types.bool;
         };
+      */
 
       shellAliases = lib.mkOption {
         default = { };
@@ -124,7 +129,8 @@ in
 
   };
 
-  config = lib.mkIf cfg.enable {
+  config = # lib.mkIf cfg.enable
+    {
 
       programs.bash = {
 

nixos/modules/programs/fuse.nix

@@ -1,9 +1,4 @@
-{
+{ config, lib, ... }:
-  config,
-  lib,
-  pkgs,
-  ...
-}:
 
 let
   cfg = config.programs.fuse;
@@ -12,10 +7,6 @@ in
   meta.maintainers = with lib.maintainers; [ ];
 
   options.programs.fuse = {
-    enable = lib.mkEnableOption "fuse" // {
-      default = true;
-    };
-
     mountMax = lib.mkOption {
       # In the C code it's an "int" (i.e. signed and at least 16 bit), but
       # negative numbers obviously make no sense:
@@ -36,30 +27,10 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
+  config = {
-    environment.systemPackages = [
-      pkgs.fuse
-      pkgs.fuse3
-    ];
-
-    security.wrappers =
-      let
-        mkSetuidRoot = source: {
-          setuid = true;
-          owner = "root";
-          group = "root";
-          inherit source;
-        };
-      in
-      {
-        fusermount = mkSetuidRoot "${lib.getBin pkgs.fuse}/bin/fusermount";
-        fusermount3 = mkSetuidRoot "${lib.getBin pkgs.fuse3}/bin/fusermount3";
-      };
-
     environment.etc."fuse.conf".text = ''
       ${lib.optionalString (!cfg.userAllowOther) "#"}user_allow_other
       mount_max = ${builtins.toString cfg.mountMax}
     '';
-
   };
 }

nixos/modules/programs/ssh.nix

@@ -335,8 +335,6 @@ in
       }
     );
 
-    environment.corePackages = [ cfg.package ];
-
     # SSH configuration. Slight duplication of the sshd_config
     # generation in the sshd service.
     environment.etc."ssh/ssh_config".text = ''

nixos/modules/security/wrappers/default.nix

@@ -266,6 +266,8 @@ in
       in
       {
         # These are mount related wrappers that require the +s permission.
+        fusermount = mkSetuidRoot "${lib.getBin pkgs.fuse}/bin/fusermount";
+        fusermount3 = mkSetuidRoot "${lib.getBin pkgs.fuse3}/bin/fusermount3";
         mount = mkSetuidRoot "${lib.getBin pkgs.util-linux}/bin/mount";
         umount = mkSetuidRoot "${lib.getBin pkgs.util-linux}/bin/umount";
       };

nixos/modules/system/activation/activation-script.nix

@@ -317,7 +317,7 @@ in
       source ${config.system.build.earlyMountScript}
     '';
 
-    systemd.user = lib.mkIf config.system.activatable {
+    systemd.user = {
       services.nixos-activation = {
         description = "Run user-specific NixOS activation";
         script = config.system.userActivationScripts.script;

nixos/modules/system/boot/kernel.nix

@@ -414,9 +414,7 @@ in
 
           ln -s ${initrdPath} $out/initrd
 
-          ${optionalString (config.boot.initrd.secrets != { }) ''
           ln -s ${config.system.build.initialRamdiskSecretAppender}/bin/append-initrd-secrets $out
-          ''}
 
           ln -s ${config.hardware.firmware}/lib/firmware $out/firmware
         '';

nixos/modules/system/boot/kexec.nix

@@ -1,22 +1,7 @@
-{
+{ pkgs, lib, ... }:
-  config,
-  pkgs,
-  lib,
-  ...
-}:
 
-let
-  cfg = config.boot.kexec;
-in
 {
-  options.boot.kexec = {
+  config = lib.mkIf (lib.meta.availableOn pkgs.stdenv.hostPlatform pkgs.kexec-tools) {
-    enable = lib.mkEnableOption "kexec" // {
-      default = lib.meta.availableOn pkgs.stdenv.hostPlatform pkgs.kexec-tools;
-      defaultText = lib.literalExpression ''lib.meta.availableOn pkgs.stdenv.hostPlatform pkgs.kexec-tools'';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
     environment.systemPackages = [ pkgs.kexec-tools ];
 
     systemd.services.prepare-kexec = {

nixos/modules/tasks/filesystems.nix

@@ -461,7 +461,13 @@ in
     # Add the mount helpers to the system path so that `mount' can find them.
     system.fsPackages = [ pkgs.dosfstools ];
 
-    environment.systemPackages = config.system.fsPackages;
+    environment.systemPackages =
+      with pkgs;
+      [
+        fuse3
+        fuse
+      ]
+      ++ config.system.fsPackages;
 
     environment.etc.fstab.text =
       let

nixos/modules/tasks/network-interfaces.nix

@@ -1767,8 +1767,7 @@ in
       text = cfg.hostName + "\n";
     };
 
-    environment.corePackages = lib.mkOptionDefault (
+    environment.systemPackages = [
-      [
       pkgs.host
       pkgs.hostname-debian
       pkgs.iproute2
@@ -1778,8 +1777,7 @@ in
       pkgs.wirelesstools # FIXME: obsolete?
       pkgs.iw
     ]
-      ++ bridgeStp
+    ++ bridgeStp;
-    );
 
     # Wake-on-LAN configuration is shared by the scripted and networkd backends.
     systemd.network.links = pipe interfaces [