From e88c68514d8db9eff4b5d38741c2da0ec1f6a608 Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:28:40 +0200
Subject: [PATCH 1/7] nixos/lib/systemd: introduce settingsToSections

---
 nixos/lib/systemd-lib.nix | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/nixos/lib/systemd-lib.nix b/nixos/lib/systemd-lib.nix
index 03d0705b3e92..ba7aa96fb596 100644
--- a/nixos/lib/systemd-lib.nix
+++ b/nixos/lib/systemd-lib.nix
@@ -349,6 +349,15 @@ rec {
       )
     );
 
+  settingsToSections =
+    settings:
+    concatStringsSep "\n" (
+      mapAttrsToList (section_name: section_attrs: ''
+        [${section_name}]
+        ${attrsToSection section_attrs}
+      '') settings
+    );
+
   generateUnits =
     {
       allowCollisions ? true,

From a27a433370f620ef178c3b5c2e01ccebc93b2e6a Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:38:10 +0200
Subject: [PATCH 2/7] nixos/lib/systemd: migrate single-section attrsToSection
 to settingsToSections

---
 nixos/lib/systemd-lib.nix | 45 +++++++++++++++------------------------
 1 file changed, 17 insertions(+), 28 deletions(-)

diff --git a/nixos/lib/systemd-lib.nix b/nixos/lib/systemd-lib.nix
index ba7aa96fb596..43bbd518134e 100644
--- a/nixos/lib/systemd-lib.nix
+++ b/nixos/lib/systemd-lib.nix
@@ -732,10 +732,7 @@ rec {
 
   commonUnitText =
     def: lines:
-    ''
-      [Unit]
-      ${attrsToSection def.unitConfig}
-    ''
+    (settingsToSections { Unit = def.unitConfig; })
     + lines
     + optionalString (def.wantedBy != [ ]) ''
 
@@ -753,10 +750,7 @@ rec {
       enable
       overrideStrategy
       ;
-    text = ''
-      [Unit]
-      ${attrsToSection def.unitConfig}
-    '';
+    text = (settingsToSections { Unit = def.unitConfig; });
   };
 
   serviceToUnit = def: {
@@ -840,10 +834,9 @@ rec {
       enable
       overrideStrategy
       ;
-    text = commonUnitText def ''
-      [Timer]
-      ${attrsToSection def.timerConfig}
-    '';
+    text = commonUnitText def (settingsToSections {
+      Timer = def.timerConfig;
+    });
   };
 
   pathToUnit = def: {
@@ -856,10 +849,9 @@ rec {
       enable
       overrideStrategy
       ;
-    text = commonUnitText def ''
-      [Path]
-      ${attrsToSection def.pathConfig}
-    '';
+    text = commonUnitText def (settingsToSections {
+      Path = def.pathConfig;
+    });
   };
 
   mountToUnit = def: {
@@ -872,10 +864,9 @@ rec {
       enable
       overrideStrategy
       ;
-    text = commonUnitText def ''
-      [Mount]
-      ${attrsToSection def.mountConfig}
-    '';
+    text = commonUnitText def (settingsToSections {
+      Mount = def.mountConfig;
+    });
   };
 
   automountToUnit = def: {
@@ -888,10 +879,9 @@ rec {
       enable
       overrideStrategy
       ;
-    text = commonUnitText def ''
-      [Automount]
-      ${attrsToSection def.automountConfig}
-    '';
+    text = commonUnitText def (settingsToSections {
+      Automount = def.automountConfig;
+    });
   };
 
   sliceToUnit = def: {
@@ -904,10 +894,9 @@ rec {
       enable
       overrideStrategy
       ;
-    text = commonUnitText def ''
-      [Slice]
-      ${attrsToSection def.sliceConfig}
-    '';
+    text = commonUnitText def (settingsToSections {
+      Slice = def.sliceConfig;
+    });
   };
 
   # Create a directory that contains systemd definition files from an attrset

From 98c8230c883eeb9a7bcb22e9aafd7f7f621333c0 Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:39:01 +0200
Subject: [PATCH 3/7] nixos/systemd: write systemd.settings using
 settingsToSections

---
 nixos/modules/system/boot/systemd.nix | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix
index 153ee54cb4b2..492ed14302cc 100644
--- a/nixos/modules/system/boot/systemd.nix
+++ b/nixos/modules/system/boot/systemd.nix
@@ -24,7 +24,7 @@ let
     mountToUnit
     automountToUnit
     sliceToUnit
-    attrsToSection
+    settingsToSections
     ;
 
   upstreamSystemUnits = [
@@ -598,10 +598,7 @@ in
           upstreamWants = upstreamSystemWants;
         };
 
-        "systemd/system.conf".text = ''
-          [Manager]
-          ${attrsToSection cfg.settings.Manager}
-        '';
+        "systemd/system.conf".text = settingsToSections cfg.settings;
 
         "systemd/sleep.conf".text = ''
           [Sleep]

From 51ac6e36ba2de2c9b86d4f0cd7cacb519ff5fc50 Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:39:35 +0200
Subject: [PATCH 4/7] nixos/systemd: write boot.initrd.systemd.settings using
 settingsToSections

---
 nixos/modules/system/boot/systemd/initrd.nix | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/nixos/modules/system/boot/systemd/initrd.nix b/nixos/modules/system/boot/systemd/initrd.nix
index be0b8aaefd51..fff8ab11b0ce 100644
--- a/nixos/modules/system/boot/systemd/initrd.nix
+++ b/nixos/modules/system/boot/systemd/initrd.nix
@@ -22,7 +22,7 @@ let
     timerToUnit
     mountToUnit
     automountToUnit
-    attrsToSection
+    settingsToSections
     ;
 
   cfg = config.boot.initrd.systemd;
@@ -485,10 +485,7 @@ in
         "/init".source = "${cfg.package}/lib/systemd/systemd";
         "/etc/systemd/system".source = stage1Units;
 
-        "/etc/systemd/system.conf".text = ''
-          [Manager]
-          ${attrsToSection cfg.settings.Manager}
-        '';
+        "/etc/systemd/system.conf".text = settingsToSections cfg.settings;
 
         # We can use either ! or * to lock the root account in the
         # console, but some software like OpenSSH won't even allow you

From 55f3ead1941fff22870c8f513b70e6f2b4f38edc Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:42:08 +0200
Subject: [PATCH 5/7] nixos/logind: write services.logind.settings using
 settingsToSections

---
 nixos/modules/system/boot/systemd/logind.nix | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/nixos/modules/system/boot/systemd/logind.nix b/nixos/modules/system/boot/systemd/logind.nix
index 2eff86008e65..d0878542514d 100644
--- a/nixos/modules/system/boot/systemd/logind.nix
+++ b/nixos/modules/system/boot/systemd/logind.nix
@@ -1,7 +1,6 @@
 {
   config,
   lib,
-  pkgs,
   utils,
   ...
 }:
@@ -62,10 +61,8 @@
       "user-runtime-dir@.service"
     ];
 
-    environment.etc."systemd/logind.conf".text = ''
-      [Login]
-      ${utils.systemdUtils.lib.attrsToSection config.services.logind.settings.Login}
-    '';
+    environment.etc."systemd/logind.conf".text =
+      utils.systemdUtils.lib.settingsToSections config.services.logind.settings;
 
     # Restarting systemd-logind breaks X11
     # - upstream commit: https://cgit.freedesktop.org/xorg/xserver/commit/?id=dc48bd653c7e101

From 1f1ef6bd0859099a90b916c0c7333e8539803d6a Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:43:36 +0200
Subject: [PATCH 6/7] nixos/systemd-oomd: migrate extraConfig to
 systemd-respecting rfc42 settings.OOM

---
 nixos/modules/system/boot/systemd/oomd.nix | 50 ++++++++++++++--------
 1 file changed, 32 insertions(+), 18 deletions(-)

diff --git a/nixos/modules/system/boot/systemd/oomd.nix b/nixos/modules/system/boot/systemd/oomd.nix
index 421190e80ed6..c69911da59a3 100644
--- a/nixos/modules/system/boot/systemd/oomd.nix
+++ b/nixos/modules/system/boot/systemd/oomd.nix
@@ -1,4 +1,9 @@
-{ config, lib, ... }:
+{
+  config,
+  lib,
+  utils,
+  ...
+}:
 let
 
   cfg = config.systemd.oomd;
@@ -10,6 +15,7 @@ in
       [ "systemd" "oomd" "enableUserServices" ]
       [ "systemd" "oomd" "enableUserSlices" ]
     )
+    (lib.mkRenamedOptionModule [ "systemd" "oomd" "extraConfig" ] [ "systemd" "oomd" "settings" "OOM" ])
   ];
 
   options.systemd.oomd = {
@@ -23,20 +29,32 @@ in
     enableSystemSlice = lib.mkEnableOption "oomd on the system slice (`system.slice`)";
     enableUserSlices = lib.mkEnableOption "oomd on all user slices (`user@.slice`) and all user owned slices";
 
-    extraConfig = lib.mkOption {
-      type =
-        with lib.types;
-        attrsOf (oneOf [
-          str
-          int
-          bool
-        ]);
-      default = { };
-      example = lib.literalExpression ''{ DefaultMemoryPressureDurationSec = "20s"; }'';
+    settings.OOM = lib.mkOption {
       description = ''
-        Extra config options for `systemd-oomd`. See {command}`man oomd.conf`
-        for available options.
+        Settings option for systemd-oomd.
+        See {manpage}`oomd.conf(5)` for available options.
       '';
+      type = lib.types.submodule {
+        freeformType = lib.types.attrsOf utils.systemdUtils.unitOptions.unitOption;
+        options.DefaultMemoryPressureDurationSec = lib.mkOption {
+          type = lib.types.nonEmptyStr;
+          default = "20s";
+          description = ''
+            Sets the amount of time a unit's control group needs to have exceeded memory pressure limits before systemd-oomd will take action.
+            A unit can override this value with ManagedOOMMemoryPressureDurationSec=.
+            Memory pressure limits are defined by DefaultMemoryPressureLimit= and ManagedOOMMemoryPressureLimit=.
+            Must be set to 0, or at least 1 second. Defaults to 30 seconds when unset or 0.
+
+            See {manpage}`oomd.conf(5)` for more details.
+
+            Set to default to 20s in NixOS following the default set by Fedora.
+          '';
+        };
+      };
+      default = { };
+      example = {
+        DefaultMemoryPressureLimit = "60%";
+      };
     };
   };
 
@@ -49,11 +67,7 @@ in
     systemd.services.systemd-oomd.after = [ "systemd-sysusers.service" ];
     systemd.services.systemd-oomd.wantedBy = [ "multi-user.target" ];
 
-    environment.etc."systemd/oomd.conf".text = lib.generators.toINI { } {
-      OOM = cfg.extraConfig;
-    };
-
-    systemd.oomd.extraConfig.DefaultMemoryPressureDurationSec = lib.mkDefault "20s"; # Fedora default
+    environment.etc."systemd/oomd.conf".text = utils.systemdUtils.lib.settingsToSections cfg.settings;
 
     users.users.systemd-oom = {
       description = "systemd-oomd service user";

From 1dfd249772354e4d323ec2ac59c507279b68ea36 Mon Sep 17 00:00:00 2001
From: Grimmauld <Grimmauld@grimmauld.de>
Date: Wed, 27 Aug 2025 12:55:53 +0200
Subject: [PATCH 7/7] nixos/systemd-oomd: align
 DefaultMemoryPressureDurationSec with upstream systemd

---
 nixos/modules/system/boot/systemd/oomd.nix | 14 --------------
 1 file changed, 14 deletions(-)

diff --git a/nixos/modules/system/boot/systemd/oomd.nix b/nixos/modules/system/boot/systemd/oomd.nix
index c69911da59a3..7a7876b76558 100644
--- a/nixos/modules/system/boot/systemd/oomd.nix
+++ b/nixos/modules/system/boot/systemd/oomd.nix
@@ -36,20 +36,6 @@ in
       '';
       type = lib.types.submodule {
         freeformType = lib.types.attrsOf utils.systemdUtils.unitOptions.unitOption;
-        options.DefaultMemoryPressureDurationSec = lib.mkOption {
-          type = lib.types.nonEmptyStr;
-          default = "20s";
-          description = ''
-            Sets the amount of time a unit's control group needs to have exceeded memory pressure limits before systemd-oomd will take action.
-            A unit can override this value with ManagedOOMMemoryPressureDurationSec=.
-            Memory pressure limits are defined by DefaultMemoryPressureLimit= and ManagedOOMMemoryPressureLimit=.
-            Must be set to 0, or at least 1 second. Defaults to 30 seconds when unset or 0.
-
-            See {manpage}`oomd.conf(5)` for more details.
-
-            Set to default to 20s in NixOS following the default set by Fedora.
-          '';
-        };
       };
       default = { };
       example = {