nixos/system-path: add corePackages option

This allows users to override all packages. This is useful to build minimal systems that really don't required these packages that previously were "required".
2025-08-10 22:47:37 +02:00 · 2025-08-10 22:47:37 +02:00 · 42cf56db09
commit 42cf56db09
parent f087e5c94b
2 changed files with 70 additions and 36 deletions
--- a/nixos/modules/config/system-path.nix
+++ b/nixos/modules/config/system-path.nix
@ -8,41 +8,47 @@
 }:
 let

-  requiredPackages =
-    map (pkg: lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
-      [
-        pkgs.acl
-        pkgs.attr
-        pkgs.bashInteractive # bash with ncurses support
-        pkgs.bzip2
-        pkgs.coreutils-full
-        pkgs.cpio
-        pkgs.curl
-        pkgs.diffutils
-        pkgs.findutils
-        pkgs.gawk
-        pkgs.stdenv.cc.libc
-        pkgs.getent
-        pkgs.getconf
-        pkgs.gnugrep
-        pkgs.gnupatch
-        pkgs.gnused
-        pkgs.gnutar
-        pkgs.gzip
-        pkgs.xz
-        pkgs.less
-        pkgs.libcap
-        pkgs.ncurses
-        pkgs.netcat
-        config.programs.ssh.package
-        pkgs.mkpasswd
-        pkgs.procps
-        pkgs.su
-        pkgs.time
-        pkgs.util-linux
-        pkgs.which
-        pkgs.zstd
-      ];
+  corePackageNames = [
+    "acl"
+    "attr"
+    "bashInteractive" # bash with ncurses support
+    "bzip2"
+    "coreutils-full"
+    "cpio"
+    "curl"
+    "diffutils"
+    "findutils"
+    "gawk"
+    "getent"
+    "getconf"
+    "gnugrep"
+    "gnupatch"
+    "gnused"
+    "gnutar"
+    "gzip"
+    "xz"
+    "less"
+    "libcap"
+    "ncurses"
+    "netcat"
+    "mkpasswd"
+    "procps"
+    "su"
+    "time"
+    "util-linux"
+    "which"
+    "zstd"
+  ];
+  corePackages =
+    (map (
+      n:
+      let
+        pkg = pkgs.${n};
+      in
+      lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg
+    ) corePackageNames)
+    ++ [ pkgs.stdenv.cc.libc ];
+  corePackagesText = "[ ${lib.concatMapStringsSep " " (n: "pkgs.${n}") corePackageNames} ]";

  defaultPackageNames = [
    "perl"
@ -80,6 +86,28 @@ in
        '';
      };

+      corePackages = lib.mkOption {
+        type = lib.types.listOf lib.types.package;
+        defaultText = lib.literalMD ''
+          these packages, with their `meta.priority` numerically increased
+          (thus lowering their installation priority):
+
+              ${corePackagesText}
+        '';
+        example = [ ];
+        description = ''
+          Set of core packages for a normal interactive system.
+
+          Only change this if you know what you're doing!
+
+          Like with systemPackages, packages are installed to
+          {file}`/run/current-system/sw`. They are
+          automatically available to all users, and are
+          automatically updated every time you rebuild the system
+          configuration.
+        '';
+      };
+
      defaultPackages = lib.mkOption {
        type = lib.types.listOf lib.types.package;
        default = defaultPackages;
@ -151,7 +179,11 @@ in

  config = {

-    environment.systemPackages = requiredPackages ++ config.environment.defaultPackages;
+    # Set this here so that it has the right priority and allows ergonomic
+    # merging.
+    environment.corePackages = corePackages;
+
+    environment.systemPackages = config.environment.corePackages ++ config.environment.defaultPackages;

    environment.pathsToLink = [
      "/bin"
--- a/nixos/modules/programs/ssh.nix
+++ b/nixos/modules/programs/ssh.nix
@ -335,6 +335,8 @@ in
      }
    );

+    environment.corePackages = [ cfg.package ];
+
    # SSH configuration. Slight duplication of the sshd_config
    # generation in the sshd service.
    environment.etc."ssh/ssh_config".text = ''