RFC: Separate profiles #32776
RFC: Separate profiles #32776
Conversation
There was a problem hiding this comment.
Note: This pr is very easy to review if you go commit by commit, way to go @zimbatm!
This looks amazing, and I completely agree with why you've made the change. I'm slightly concerned about the symlinks, see my comment as to why. However -- the alternative is a bit 😬 .
Updated one good thing about using stub files in place of the symlinks is we have an opportunity to emit a trace saying it has been moved to XYZNEWPATH, meaning we don't have to maintain those stubs / symlinks forever.
| # This module automatically grows the root partition on virtual machines. | ||
| # This allows an instance to be created with a bigger root filesystem | ||
| # than provided by the machine image. | ||
| # This profile is deprecated, use boot.growPartition directly. |
There was a problem hiding this comment.
Perhaps replace this file with an entry in nixos/modules/rename.nix
There was a problem hiding this comment.
Good idea. Addressed in #33521
| @@ -0,0 +1 @@ | |||
| ../profiles/ | |||
There was a problem hiding this comment.
Is this a symlink? One thing to note is nixpkgs currently has no symlinks, and it may be worth a bit of effort to keep it that way. I've considered adding a check for this in Ofborg, because symlinks can evade some of the restricted evaluation settings.
There was a problem hiding this comment.
I can replace the symlinks with stubs that warn + import.
| @@ -155,7 +155,7 @@ look like this: | |||
|
|
|||
| { | |||
| imports = | |||
| [ <nixos/modules/installer/scan/not-detected.nix> | |||
| [ <nixos/profiles/installer/scan/not-detected.nix> | |||
There was a problem hiding this comment.
Would you mind changing the > to a >?
| @@ -0,0 +1 @@ | |||
| ../profiles/installer/ | |||
|
It's going to take a while to do this properly. For example |
Restore from git history if there is interest
This are installed on *all* the systems
This is not installer-specific
Modules should not have side-effects on the system unless explicitly enabled.
zimbatm
force-pushed
the
separate-profiles
branch
from
72820b3
to
bd9a02e
Compare
zimbatm
force-pushed
the
separate-profiles
branch
from
bd9a02e
to
0d9ce1c
Compare
|
Re: files not imported from module-list: note that some of these are transitively imported, for example via |
|
I want to move carefully with this, I will wait until after 18.03 to start working on this again |
|
Checks watch we're way past "after 18.03" ;). Do you think you'll be able to review and shape this up for 19.03? I'm 👍 for the idea and approach. Now that I have commented, this'll be easy to find using |
Motivation for this change
In the
nixos/modulesfolder, it's not always clear what file is meant to be used in an module imports. I call those modules "profiles". Those mutate the system config without a mkEnableOption or similar and generally need to be scrutinized as they may clash with other profiles.To make that separation cleaner, I propose to move them to a new
nixos/profilesfolder. It will make it more evident that they can be imported, and will also expose how many of those exists by not being hidden between the other nixos module files.This is just a start, there are actually more files that are not in the nixos/modules/modules-list:
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)