New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC: Separate profiles #32776
RFC: Separate profiles #32776
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Note: This pr is very easy to review if you go commit by commit, way to go @zimbatm!
This looks amazing, and I completely agree with why you've made the change. I'm slightly concerned about the symlinks, see my comment as to why. However -- the alternative is a bit 😬 .
Updated one good thing about using stub files in place of the symlinks is we have an opportunity to emit a trace saying it has been moved to XYZNEWPATH, meaning we don't have to maintain those stubs / symlinks forever.
# This module automatically grows the root partition on virtual machines. | ||
# This allows an instance to be created with a bigger root filesystem | ||
# than provided by the machine image. | ||
# This profile is deprecated, use boot.growPartition directly. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps replace this file with an entry in nixos/modules/rename.nix
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea. Addressed in #33521
@@ -0,0 +1 @@ | |||
../profiles/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this a symlink? One thing to note is nixpkgs currently has no symlinks, and it may be worth a bit of effort to keep it that way. I've considered adding a check for this in Ofborg, because symlinks can evade some of the restricted evaluation settings.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I can replace the symlinks with stubs that warn + import.
@@ -155,7 +155,7 @@ look like this: | |||
|
|||
{ | |||
imports = | |||
[ <nixos/modules/installer/scan/not-detected.nix> | |||
[ <nixos/profiles/installer/scan/not-detected.nix> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Would you mind changing the >
to a >
?
@@ -0,0 +1 @@ | |||
../profiles/installer/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(see my other symlink comment)
It's going to take a while to do this properly. For example |
Restore from git history if there is interest
This are installed on *all* the systems
This is not installer-specific
Modules should not have side-effects on the system unless explicitly enabled.
72820b3
to
bd9a02e
Compare
bd9a02e
to
0d9ce1c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I consent with the idea. I have not tested the correctness of this pull request.
Re: files not imported from module-list: note that some of these are transitively imported, for example via |
I want to move carefully with this, I will wait until after 18.03 to start working on this again |
Checks watch we're way past "after 18.03" ;). Do you think you'll be able to review and shape this up for 19.03? I'm 👍 for the idea and approach. Now that I have commented, this'll be easy to find using |
Motivation for this change
In the
nixos/modules
folder, it's not always clear what file is meant to be used in an module imports. I call those modules "profiles". Those mutate the system config without a mkEnableOption or similar and generally need to be scrutinized as they may clash with other profiles.To make that separation cleaner, I propose to move them to a new
nixos/profiles
folder. It will make it more evident that they can be imported, and will also expose how many of those exists by not being hidden between the other nixos module files.This is just a start, there are actually more files that are not in the nixos/modules/modules-list:
Things done
build-use-sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)