nixos: switch to switch-to-configuration-ng by default

The Rust `switch-to-configuration-ng` rewrite was carefully written
to be compatible with the original Perl script, has been checked
against NixOS VM tests, and has been available on an opt‐in basis
for testing for the 24.05 release cycle.

The next step towards replacing the Perl script entirely is to
switch it on by default so that we can get real‐world testing from
a much greater number of users. Maintaining two implementations in
parallel is becoming a burden; we are having to adjust the systemd
service activation behaviour slightly to fix a long‐standing bug,
and backporting the changes to the Perl script is an unpleasant
process. We will do it anyway to ensure that the Rust and Perl
implementations keep parity with each other throughout the 24.11
release cycle, but we think the time has come to flip the switch.

Taking this step now will give us two to three months to test this in
the wild before the 24.11 release and gain confidence that there are
no regressions. If any non‐trivial problems arise before the final
release, we will revert to the Perl implementation by default. Doing
this switch ASAP will help to disentangle any problems that might
arise from the Rust implementation from problems that arise from the
systemd service activation changes, or the upcoming switch to using
systemd in stage 1 by default.

The main concern that was raised about replacing the Perl script in the
PR that added `switch-to-configuration-ng` was that it is currently
possible to run NixOS on systems that cannot natively host a Rust
compiler. This does not apply to any platforms that have official
support from NixOS, and as far as I know we do not know of any such
systems with users that are not cross‐compiling anyway.

My understanding is that these systems are already broken by default
anyway, as `systemd.shutdownRamfs.enable` is on by default and uses
`make-initrd-ng`, which is also written in Rust. Switching the default
while keeping the Perl implementation around will give us at least
an entire release cycle to find out if there are any users that will
be affected by this and decide what to do about it if so.

There is currently one known inconsistency between
the Perl and Rust implementations, as documented in
<https://github.com/NixOS/nixpkgs/issues/312297>; the Rust
implementation has more accurate handling of failed systemd units.

We slightly adjust the semantics of `system.switch.enable{,Ng}` to
not conflict with each other, so that `system.switch.enableNg` is
on by default, but turning off `system.switch.enable` still results
in no `switch-to-configuration` implementation being used. This
won’t break the configuration of anyone who already opted in to
`system.switch.enableNg` and is probably how the option should have
worked to begin with.
This commit is contained in:
Emily 2024-09-05 06:47:55 +01:00
parent 182b7164cc
commit 56dea6da87
2 changed files with 15 additions and 21 deletions

View File

@ -34,6 +34,10 @@
Users that want to keep PulseAudio will want to set `services.pipewire.enable = false;` and `hardware.pulseaudio.enable = true;`. Users that want to keep PulseAudio will want to set `services.pipewire.enable = false;` and `hardware.pulseaudio.enable = true;`.
There is currently no plan to fully deprecate and remove PulseAudio, however, PipeWire should generally be preferred for new installs. There is currently no plan to fully deprecate and remove PulseAudio, however, PipeWire should generally be preferred for new installs.
- The Rust rewrite of the `switch-to-configuration` program is now used for system activation by default.
If you experience any issues, please report them.
The original Perl script can still be used for now by setting `system.switch.enableNg` to `false`.
## New Modules {#sec-release-24.11-new-modules} ## New Modules {#sec-release-24.11-new-modules}
- [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwariror 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver). - [TaskChampion Sync-Server](https://github.com/GothenburgBitFactory/taskchampion-sync-server), a [Taskwariror 3](https://taskwarrior.org/docs/upgrade-3/) sync server, replacing Taskwarrior 2's sync server named [`taskserver`](https://github.com/GothenburgBitFactory/taskserver).

View File

@ -4,14 +4,6 @@ let
perlWrapped = pkgs.perl.withPackages (p: with p; [ ConfigIniFiles FileSlurp ]); perlWrapped = pkgs.perl.withPackages (p: with p; [ ConfigIniFiles FileSlurp ]);
description = extra: ''
Whether to include the capability to switch configurations.
Disabling this makes the system unable to be reconfigured via `nixos-rebuild`.
${extra}
'';
in in
{ {
@ -20,7 +12,11 @@ in
enable = lib.mkOption { enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = true; default = true;
description = description '' description = ''
Whether to include the capability to switch configurations.
Disabling this makes the system unable to be reconfigured via `nixos-rebuild`.
This is good for image based appliances where updates are handled This is good for image based appliances where updates are handled
outside the image. Reducing features makes the image lighter and outside the image. Reducing features makes the image lighter and
slightly more secure. slightly more secure.
@ -29,23 +25,17 @@ in
enableNg = lib.mkOption { enableNg = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = config.system.switch.enable;
description = description '' defaultText = lib.literalExpression "config.system.switch.enable";
Whether to use `switch-to-configuration-ng`, an experimental description = ''
re-implementation of `switch-to-configuration` with the goal of Whether to use `switch-to-configuration-ng`, the Rust-based
replacing the original. re-implementation of the original Perl `switch-to-configuration`.
''; '';
}; };
}; };
config = lib.mkMerge [ config = lib.mkMerge [
{ (lib.mkIf (config.system.switch.enable && !config.system.switch.enableNg) {
assertions = [{
assertion = with config.system.switch; enable -> !enableNg;
message = "Only one of system.switch.enable and system.switch.enableNg may be enabled at a time";
}];
}
(lib.mkIf config.system.switch.enable {
system.activatableSystemBuilderCommands = '' system.activatableSystemBuilderCommands = ''
mkdir $out/bin mkdir $out/bin
substitute ${./switch-to-configuration.pl} $out/bin/switch-to-configuration \ substitute ${./switch-to-configuration.pl} $out/bin/switch-to-configuration \