[RFC22, RFC78] NixOS a la carte (proof of concept)

lib/default.nix

@@ -34,6 +34,9 @@ let
     options = callLibs ./options.nix;
     types = callLibs ./types.nix;
 
+    # NixOS
+    nixos = callLibs ../nixos/nixos-core.nix;
+
     # constants
     licenses = callLibs ./licenses.nix;
     systems = callLibs ./systems;

nixos/modules/config/binsh.nix

@@ -0,0 +1,40 @@
+{ config, lib, utils, pkgs, ... }:
+
+with lib;
+
+let
+
+  cfg = config.environment;
+in
+{
+  options = {
+    environment.binsh = mkOption {
+      default = "${config.system.build.binsh}/bin/sh";
+      defaultText = literalExpression ''"''${config.system.build.binsh}/bin/sh"'';
+      example = literalExpression ''"''${pkgs.dash}/bin/dash"'';
+      type = types.path;
+      visible = false;
+      description = ''
+        The shell executable that is linked system-wide to
+        <literal>/bin/sh</literal>. Please note that NixOS assumes all
+        over the place that shell to be Bash, so override the default
+        setting only if you know exactly what you're doing.
+      '';
+    };
+  };
+
+
+  config = {
+    system.build.binsh = pkgs.bashInteractive;
+
+    system.activationScripts.binsh = stringAfter [ "stdio" ]
+      ''
+        # Create the required /bin/sh symlink; otherwise lots of things
+        # (notably the system() function) won't work.
+        mkdir -m 0755 -p /bin
+        ln -sfn "${cfg.binsh}" /bin/.sh.tmp
+        mv /bin/.sh.tmp /bin/sh # atomically replace /bin/sh
+      '';
+
+  };
+}

nixos/modules/config/environment-variables.nix

@@ -0,0 +1,27 @@
+{ config, lib, ... }:
+let
+  inherit (lib)
+    mkOption
+    types
+    isList
+    mapAttrs
+    concatStringsSep
+    ;
+in
+{
+  options = {
+    environment.variables = mkOption {
+      default = { };
+      example = { EDITOR = "nvim"; VISUAL = "nvim"; };
+      description = ''
+        A set of environment variables used in the global environment.
+        These variables will be set on shell initialisation (e.g. in /etc/profile).
+        The value of each variable can be either a string or a list of
+        strings.  The latter is concatenated, interspersed with colon
+        characters.
+      '';
+      type = with types; attrsOf (either str (listOf str));
+      apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
+    };
+  };
+}

nixos/modules/config/shells-environment.nix

@@ -30,21 +30,9 @@ in
 
 {
 
-  options = {
+  imports = [ ./environment-variables.nix ];
 
-    environment.variables = mkOption {
-      default = {};
-      example = { EDITOR = "nvim"; VISUAL = "nvim"; };
-      description = ''
-        A set of environment variables used in the global environment.
-        These variables will be set on shell initialisation (e.g. in /etc/profile).
-        The value of each variable can be either a string or a list of
-        strings.  The latter is concatenated, interspersed with colon
-        characters.
-      '';
-      type = with types; attrsOf (either str (listOf str));
-      apply = mapAttrs (n: v: if isList v then concatStringsSep ":" v else v);
-    };
+  options = {
 
     environment.profiles = mkOption {
       default = [];
@@ -134,20 +122,6 @@ in
       type = types.bool;
     };
 
-    environment.binsh = mkOption {
-      default = "${config.system.build.binsh}/bin/sh";
-      defaultText = literalExpression ''"''${config.system.build.binsh}/bin/sh"'';
-      example = literalExpression ''"''${pkgs.dash}/bin/dash"'';
-      type = types.path;
-      visible = false;
-      description = ''
-        The shell executable that is linked system-wide to
-        <literal>/bin/sh</literal>. Please note that NixOS assumes all
-        over the place that shell to be Bash, so override the default
-        setting only if you know exactly what you're doing.
-      '';
-    };
-
     environment.shells = mkOption {
       default = [];
       example = literalExpression "[ pkgs.bashInteractive pkgs.zsh ]";
@@ -163,8 +137,6 @@ in
 
   config = {
 
-    system.build.binsh = pkgs.bashInteractive;
-
     # Set session variables in the shell as well. This is usually
     # unnecessary, but it allows changes to session variables to take
     # effect without restarting the session (e.g. by opening a new
@@ -210,15 +182,6 @@ in
         ''}
       '';
 
-    system.activationScripts.binsh = stringAfter [ "stdio" ]
-      ''
-        # Create the required /bin/sh symlink; otherwise lots of things
-        # (notably the system() function) won't work.
-        mkdir -m 0755 -p /bin
-        ln -sfn "${cfg.binsh}" /bin/.sh.tmp
-        mv /bin/.sh.tmp /bin/sh # atomically replace /bin/sh
-      '';
-
   };
 
 }

nixos/modules/config/system-path-core.nix

@@ -0,0 +1,87 @@
+{ config, lib, pkgs, ... }:
+let
+  inherit (lib)
+    mkOption
+    types
+    literalExpression
+    ;
+in
+{
+  options = {
+
+    environment = {
+
+      systemPackages = mkOption {
+        type = types.listOf types.package;
+        default = [ ];
+        example = literalExpression "[ pkgs.firefox pkgs.htop ]";
+        description = ''
+          The set of packages that appear in
+          /run/current-system/sw.  These packages are
+          automatically available to all users, and are
+          automatically updated every time you rebuild the system
+          configuration.  (The latter is the main difference with
+          installing them in the default profile,
+          <filename>/nix/var/nix/profiles/default</filename>.
+        '';
+      };
+
+      pathsToLink = mkOption {
+        type = types.listOf types.str;
+        # Note: We need `/lib' to be among `pathsToLink' for NSS modules
+        # to work.
+        default = [ ];
+        example = [ "/" ];
+        description = "List of directories to be symlinked in <filename>/run/current-system/sw</filename>.";
+      };
+
+      extraOutputsToInstall = mkOption {
+        type = types.listOf types.str;
+        default = [ ];
+        example = [ "doc" "info" "devdoc" ];
+        description = "List of additional package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
+      };
+
+      extraSetup = mkOption {
+        type = types.lines;
+        default = "";
+        description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
+      };
+
+    };
+
+    system = {
+
+      path = mkOption {
+        internal = true;
+        description = ''
+          The packages you want in the boot environment.
+        '';
+      };
+
+    };
+
+  };
+  config = {
+    environment.pathsToLink = [
+      "/bin"
+    ];
+
+    system.path = pkgs.buildEnv {
+      name = "system-path";
+      paths = config.environment.systemPackages;
+      inherit (config.environment) pathsToLink extraOutputsToInstall;
+      ignoreCollisions = true;
+      # !!! Hacky, should modularise.
+      # outputs TODO: note that the tools will often not be linked by default
+      postBuild =
+        ''
+          # Remove wrapped binaries, they shouldn't be accessible via PATH.
+          find $out/bin -maxdepth 1 -name ".*-wrapped" -type l -delete
+
+          ${config.environment.extraSetup}
+        '';
+    };
+
+  };
+}

nixos/modules/config/system-path.nix

@@ -51,25 +51,12 @@ let
 in
 
 {
+  imports = [ ./system-path-core.nix ];
+
   options = {
 
     environment = {
 
-      systemPackages = mkOption {
-        type = types.listOf types.package;
-        default = [];
-        example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
-        description = ''
-          The set of packages that appear in
-          /run/current-system/sw.  These packages are
-          automatically available to all users, and are
-          automatically updated every time you rebuild the system
-          configuration.  (The latter is the main difference with
-          installing them in the default profile,
-          <filename>/nix/var/nix/profiles/default</filename>.
-        '';
-      };
-
       defaultPackages = mkOption {
         type = types.listOf types.package;
         default = defaultPackages;
@@ -93,39 +80,6 @@ in
         '';
       };
 
-      pathsToLink = mkOption {
-        type = types.listOf types.str;
-        # Note: We need `/lib' to be among `pathsToLink' for NSS modules
-        # to work.
-        default = [];
-        example = ["/"];
-        description = "List of directories to be symlinked in <filename>/run/current-system/sw</filename>.";
-      };
-
-      extraOutputsToInstall = mkOption {
-        type = types.listOf types.str;
-        default = [ ];
-        example = [ "doc" "info" "devdoc" ];
-        description = "List of additional package outputs to be symlinked into <filename>/run/current-system/sw</filename>.";
-      };
-
-      extraSetup = mkOption {
-        type = types.lines;
-        default = "";
-        description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
-      };
-
-    };
-
-    system = {
-
-      path = mkOption {
-        internal = true;
-        description = ''
-          The packages you want in the boot environment.
-        '';
-      };
-
     };
 
   };
@@ -135,8 +89,7 @@ in
     environment.systemPackages = requiredPackages ++ config.environment.defaultPackages;
 
     environment.pathsToLink =
-      [ "/bin"
-        "/etc/xdg"
+      [ "/etc/xdg"
         "/etc/gtk-2.0"
         "/etc/gtk-3.0"
         "/lib" # FIXME: remove and update debug-info.nix
@@ -155,25 +108,11 @@ in
         "/share/thumbnailers"
       ];
 
-    system.path = pkgs.buildEnv {
-      name = "system-path";
-      paths = config.environment.systemPackages;
-      inherit (config.environment) pathsToLink extraOutputsToInstall;
-      ignoreCollisions = true;
-      # !!! Hacky, should modularise.
-      # outputs TODO: note that the tools will often not be linked by default
-      postBuild =
-        ''
-          # Remove wrapped binaries, they shouldn't be accessible via PATH.
-          find $out/bin -maxdepth 1 -name ".*-wrapped" -type l -delete
-
-          if [ -x $out/bin/glib-compile-schemas -a -w $out/share/glib-2.0/schemas ]; then
-              $out/bin/glib-compile-schemas $out/share/glib-2.0/schemas
-          fi
-
-          ${config.environment.extraSetup}
-        '';
-    };
+    environment.extraSetup = ''
+      if [ -x $out/bin/glib-compile-schemas -a -w $out/share/glib-2.0/schemas ]; then
+          $out/bin/glib-compile-schemas $out/share/glib-2.0/schemas
+      fi
+    '';
 
   };
 }

nixos/modules/config/update-users-groups.pl

@@ -306,6 +306,7 @@ sub parseUser {
     my $uid = getpwnam "root";
     my $gid = getgrnam "shadow";
     my $path = "/etc/shadow";
+    $gid = 0 unless defined $gid;
     (chown($uid, $gid, $path) || die "Failed to change ownership of $path: $!") unless $is_dry;
 }
 

nixos/modules/config/user-profiles.nix

@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+let
+  inherit (lib)
+    mapAttrs'
+    filterAttrs
+    ;
+in
+{
+  config = {
+    environment.etc = mapAttrs' (_: { packages, name, ... }: {
+      name = "profiles/per-user/${name}";
+      value.source = pkgs.buildEnv {
+        name = "user-environment";
+        paths = packages;
+        inherit (config.environment) pathsToLink extraOutputsToInstall;
+        inherit (config.system.path) ignoreCollisions postBuild;
+      };
+    }) (filterAttrs (_: u: u.packages != []) config.users.users);
+
+    environment.profiles = [
+      "$HOME/.nix-profile"
+      "/etc/profiles/per-user/$USER"
+    ];
+  };
+}