iso: systemd service startup #194
Comments
|
I have a couple ideas to tackle this, but it might require adding more code. So I think it would be good to get #170 done first. |
|
Per #197 (comment) it was decided to not exempt user systemd services as per the argument made therein:
|
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
To solve divnix#194, we need a way to exclude specifically the host profiles. By proxy, we might be safe to exclude the host configuration as a whole. This change separates the host condfig from other host-local modules so that we can filter it out in the subsequent commit.
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
|
Based on the discussions in the PR's, I think this is an overview of the problems we've run into:
|
|
I'm going to try investigating something that I think was suggested earlier. I want to see if its possible to import everything just as its done right now but find a way to just disable the systemd services defined in profiles. |
IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: divnix#194
|
I haven't written any code for this, but I think I've come up with a method to import everything, including profiles, but disable all systemd services defined in profiles. |
|
This is really finicky and is a bit of an abuse of the module system, but I wrote some code to try and override systemd services: But this has various issues. It only overrides services explicitly defined in profiles as |
|
I've worked out the logic of how to do it in some experiments, but it is a bit involved and I wasn't sure at the time if it was the best way to go. This was for #127 though, so the goal is a bit different. Essentially, we would have to evaluate each module in isolation, with only the base modules included so evaluation doesn't fail. Then we would have to determine with options were set by the default modules and filter them out of the evaluationed module. This may be pretty expensive computationally, I haven't work out the complexity yet, but it seems like it would be, and that's why I stopped there. In theory though, at that point we would be left with just a single modules affect on the overall system after being evaluated. I was wanting this to be able to pull things out of |
202: iso: avoid systemd service startup r=nrdxp a=blaggacao fixes #194 alternative to #197 # Manual Tests <details> <summary>was unrelated</summary> - [ ] `flk install NixOS --impure` correctly onto `/mnt` ❎ (looks like no profile is present) Issue: #204 Upstream Issue: NixOS/nixpkgs#116938 </details> - [x] acceptable build time / closure size ca 850MB (for a simple base OS) ✔️ - [x] local profile with `cage` service is disabled, that is: boots into terminal ✔️ - [x] success: air gapped / offline devshell enter ✔️ - [ ] failure: aire gapped target install: ← non blocking bonus item ❎ ```console $ flk install POS warning: you don't have internet access; disabling some network-dependent features building the flake in path:/iso/devos?narHash=sha265-... warning: you don't have internet access; disabling some network-dependent features error: unable to download 'https://api.github.com/repos/NixOS/nixpkgs/df8e3...': Couldn't resolve host name (6) ``` → detailed rationale in the commit messages :heart: @Pacman99 for the excellent and detailed discussions in #197 and the may ideas, suggestions and code. Co-authored-by: David Arnold <dar@xoe.solutions>
Expected Behavior
The live cd acting as bespoke bootstrapping medium, only a necessary set of systemd modules should be started instead of starting up the complete os
Current Behavior
While all relevant closures are included, and therefore act as a cache to the nixos installer, also all systemd services of the target host configuration are launched.
Possible Solution
Steps to Reproduce
This happens with any current iso live installer.
Context
Just a random example:
/cc @Pacman99
The text was updated successfully, but these errors were encountered: