diff options
author | Frederik Rietdijk <fridh@fridh.nl> | 2019-08-14 13:46:33 +0200 |
---|---|---|
committer | Frederik Rietdijk <fridh@fridh.nl> | 2019-08-14 13:46:33 +0200 |
commit | cff9e6429a4341e924594f5e057b03ca8101b314 (patch) | |
tree | f8c1a31c9ad11b4c417b9c331747f3b3dc47bdf4 /nixos/modules | |
parent | a6055b7d8705d3c3a008e67cde1d43cf5727f76b (diff) | |
parent | 8d56f2472e47a3f1f388b69c0ecc24421910d555 (diff) | |
download | nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar.gz nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar.bz2 nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar.lz nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar.xz nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.tar.zst nixpkgs-cff9e6429a4341e924594f5e057b03ca8101b314.zip |
Merge staging-next into staging
Diffstat (limited to 'nixos/modules')
44 files changed, 712 insertions, 245 deletions
diff --git a/nixos/modules/config/timezone.nix b/nixos/modules/config/locale.nix index b15948f6e2e..6f056588187 100644 --- a/nixos/modules/config/timezone.nix +++ b/nixos/modules/config/locale.nix @@ -9,6 +9,8 @@ let timezone = types.nullOr (types.addCheck types.str nospace) // { description = "null or string without spaces"; }; + lcfg = config.location; + in { @@ -37,12 +39,45 @@ in }; }; + + location = { + + latitude = mkOption { + type = types.float; + description = '' + Your current latitude, between + <literal>-90.0</literal> and <literal>90.0</literal>. Must be provided + along with longitude. + ''; + }; + + longitude = mkOption { + type = types.float; + description = '' + Your current longitude, between + between <literal>-180.0</literal> and <literal>180.0</literal>. Must be + provided along with latitude. + ''; + }; + + provider = mkOption { + type = types.enum [ "manual" "geoclue2" ]; + default = "manual"; + description = '' + The location provider to use for determining your location. If set to + <literal>manual</literal> you must also provide latitude/longitude. + ''; + }; + + }; }; config = { environment.sessionVariables.TZDIR = "/etc/zoneinfo"; + services.geoclue2.enable = mkIf (lcfg.provider == "geoclue2") true; + # This way services are restarted when tzdata changes. systemd.globalEnvironment.TZDIR = tzdir; diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index c3f228c9bcc..25f1c67ce83 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -564,7 +564,10 @@ in { }; }) (filterAttrs (_: u: u.packages != []) cfg.users)); - environment.profiles = [ "/etc/profiles/per-user/$USER" ]; + environment.profiles = [ + "$HOME/.nix-profile" + "/etc/profiles/per-user/$USER" + ]; assertions = [ { assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique); diff --git a/nixos/modules/i18n/input-method/ibus.nix b/nixos/modules/i18n/input-method/ibus.nix index f8e021f551e..8109ef76c40 100644 --- a/nixos/modules/i18n/input-method/ibus.nix +++ b/nixos/modules/i18n/input-method/ibus.nix @@ -55,7 +55,7 @@ in # Without dconf enabled it is impossible to use IBus environment.systemPackages = with pkgs; [ - ibus-qt gnome3.dconf ibusAutostart + gnome3.dconf ibusAutostart ]; environment.variables = { diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index c09def1fcea..cfdbdaabf5c 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -607,90 +607,7 @@ EOF } write_file($fn, <<EOF); -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). - -{ config, pkgs, ... }: - -{ - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ]; - -$bootLoaderConfig - # networking.hostName = "nixos"; # Define your hostname. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password\@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - # i18n = { - # consoleFont = "Lat2-Terminus16"; - # consoleKeyMap = "us"; - # defaultLocale = "en_US.UTF-8"; - # }; - - # Set your time zone. - # time.timeZone = "Europe/Amsterdam"; - - # List packages installed in system profile. To search, run: - # \$ nix search wget - # environment.systemPackages = with pkgs; [ - # wget vim - # ]; - - # Some programs need SUID wrappers, can be configured further or are - # started in user sessions. - # programs.mtr.enable = true; - # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; - - # List services that you want to enable: - - # Enable the OpenSSH daemon. - # services.openssh.enable = true; - - # Open ports in the firewall. - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # sound.enable = true; - # hardware.pulseaudio.enable = true; - - # Enable the X11 windowing system. - # services.xserver.enable = true; - # services.xserver.layout = "us"; - # services.xserver.xkbOptions = "eurosign:e"; - - # Enable touchpad support. - # services.xserver.libinput.enable = true; - - # Enable the KDE Desktop Environment. - # services.xserver.displayManager.sddm.enable = true; - # services.xserver.desktopManager.plasma5.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - # users.users.jane = { - # isNormalUser = true; - # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. - # }; - - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "${\(qw(@release@))}"; # Did you read the comment? - -} +@configuration@ EOF } else { print STDERR "warning: not overwriting existing $fn\n"; diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 59eb4a63af4..05add59117d 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -38,7 +38,7 @@ let src = ./nixos-generate-config.pl; path = lib.optionals (lib.elem "btrfs" config.boot.supportedFilesystems) [ pkgs.btrfs-progs ]; perl = "${pkgs.perl}/bin/perl -I${pkgs.perlPackages.FileSlurp}/${pkgs.perl.libPrefix}"; - inherit (config.system.nixos) release; + inherit (config.system.nixos-generate-config) configuration; }; nixos-option = makeProg { @@ -61,8 +61,111 @@ in { + options.system.nixos-generate-config.configuration = mkOption { + internal = true; + type = types.str; + description = '' + The NixOS module that <literal>nixos-generate-config</literal> + saves to <literal>/etc/nixos/configuration.nix</literal>. + + This is an internal option. No backward compatibility is guaranteed. + Use at your own risk! + + Note that this string gets spliced into a Perl script. The perl + variable <literal>$bootLoaderConfig</literal> can be used to + splice in the boot loader configuration. + ''; + }; + config = { + system.nixos-generate-config.configuration = mkDefault '' + # Edit this configuration file to define what should be installed on + # your system. Help is available in the configuration.nix(5) man page + # and in the NixOS manual (accessible by running ‘nixos-help’). + + { config, pkgs, ... }: + + { + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + $bootLoaderConfig + # networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password\@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n = { + # consoleFont = "Lat2-Terminus16"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # }; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # List packages installed in system profile. To search, run: + # \$ nix search wget + # environment.systemPackages = with pkgs; [ + # wget vim + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable touchpad support. + # services.xserver.libinput.enable = true; + + # Enable the KDE Desktop Environment. + # services.xserver.displayManager.sddm.enable = true; + # services.xserver.desktopManager.plasma5.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.jane = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "${config.system.nixos.release}"; # Did you read the comment? + + } + ''; + environment.systemPackages = [ nixos-build-vms nixos-install diff --git a/nixos/modules/misc/crashdump.nix b/nixos/modules/misc/crashdump.nix index 6e0b49fa9af..3c47e79d051 100644 --- a/nixos/modules/misc/crashdump.nix +++ b/nixos/modules/misc/crashdump.nix @@ -58,7 +58,6 @@ in "crashkernel=${crashdump.reservedMemory}" "nmi_watchdog=panic" "softlockup_panic=1" - "idle=poll" ]; kernelPatches = [ { name = "crashdump-config"; diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index e0c192246c0..afb74581e23 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -19,7 +19,7 @@ let lhs = optCall lhs_ { inherit pkgs; }; rhs = optCall rhs_ { inherit pkgs; }; in - lhs // rhs // + recursiveUpdate lhs rhs // optionalAttrs (lhs ? packageOverrides) { packageOverrides = pkgs: optCall lhs.packageOverrides pkgs // diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 15990177d74..3d4c41bbbdb 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -20,6 +20,7 @@ ./config/iproute2.nix ./config/krb5/default.nix ./config/ldap.nix + ./config/locale.nix ./config/malloc.nix ./config/networking.nix ./config/no-x-libs.nix @@ -33,7 +34,6 @@ ./config/system-environment.nix ./config/system-path.nix ./config/terminfo.nix - ./config/timezone.nix ./config/unix-odbc-drivers.nix ./config/users-groups.nix ./config/vpnc.nix @@ -106,9 +106,14 @@ ./programs/digitalbitbox/default.nix ./programs/dmrconfig.nix ./programs/environment.nix + ./programs/evince.nix + ./programs/file-roller.nix ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix + ./programs/gnome-disks.nix + ./programs/gnome-documents.nix + ./programs/gpaste.nix ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/iftop.nix @@ -209,6 +214,7 @@ ./services/backup/duplicity.nix ./services/backup/mysql-backup.nix ./services/backup/postgresql-backup.nix + ./services/backup/postgresql-wal-receiver.nix ./services/backup/restic.nix ./services/backup/restic-rest-server.nix ./services/backup/rsnapshot.nix @@ -280,12 +286,8 @@ ./services/desktops/pipewire.nix ./services/desktops/gnome3/at-spi2-core.nix ./services/desktops/gnome3/chrome-gnome-shell.nix - ./services/desktops/gnome3/evince.nix ./services/desktops/gnome3/evolution-data-server.nix - ./services/desktops/gnome3/file-roller.nix ./services/desktops/gnome3/glib-networking.nix - ./services/desktops/gnome3/gnome-disks.nix - ./services/desktops/gnome3/gnome-documents.nix ./services/desktops/gnome3/gnome-keyring.nix ./services/desktops/gnome3/gnome-online-accounts.nix ./services/desktops/gnome3/gnome-remote-desktop.nix @@ -293,7 +295,6 @@ ./services/desktops/gnome3/gnome-settings-daemon.nix ./services/desktops/gnome3/gnome-terminal-server.nix ./services/desktops/gnome3/gnome-user-share.nix - ./services/desktops/gnome3/gpaste.nix ./services/desktops/gnome3/gvfs.nix ./services/desktops/gnome3/rygel.nix ./services/desktops/gnome3/seahorse.nix @@ -402,6 +403,7 @@ ./services/misc/couchpotato.nix ./services/misc/devmon.nix ./services/misc/dictd.nix + ./services/misc/dwm-status.nix ./services/misc/dysnomia.nix ./services/misc/disnix.nix ./services/misc/docker-registry.nix @@ -818,6 +820,7 @@ ./services/web-servers/varnish/default.nix ./services/web-servers/zope2.nix ./services/x11/extra-layouts.nix + ./services/x11/clight.nix ./services/x11/colord.nix ./services/x11/compton.nix ./services/x11/unclutter.nix diff --git a/nixos/modules/programs/environment.nix b/nixos/modules/programs/environment.nix index 3c6d356ef99..4d762314298 100644 --- a/nixos/modules/programs/environment.nix +++ b/nixos/modules/programs/environment.nix @@ -23,9 +23,8 @@ in XCURSOR_PATH = [ "$HOME/.icons" ]; }; - environment.profiles = - [ "$HOME/.nix-profile" - "/nix/var/nix/profiles/default" + environment.profiles = mkAfter + [ "/nix/var/nix/profiles/default" "/run/current-system/sw" ]; diff --git a/nixos/modules/services/desktops/gnome3/evince.nix b/nixos/modules/programs/evince.nix index 5f040a16f06..473fddb09d0 100644 --- a/nixos/modules/services/desktops/gnome3/evince.nix +++ b/nixos/modules/programs/evince.nix @@ -6,14 +6,21 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "evince" "enable" ] + [ "programs" "evince" "enable" ]) + ]; + ###### interface options = { - services.gnome3.evince = { + programs.evince = { enable = mkEnableOption - "systemd and dbus services for Evince, the GNOME document viewer"; + "Evince, the GNOME document viewer"; }; @@ -22,7 +29,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.evince.enable { + config = mkIf config.programs.evince.enable { environment.systemPackages = [ pkgs.evince ]; diff --git a/nixos/modules/services/desktops/gnome3/file-roller.nix b/nixos/modules/programs/file-roller.nix index 7fb558a9895..64f6a94e764 100644 --- a/nixos/modules/services/desktops/gnome3/file-roller.nix +++ b/nixos/modules/programs/file-roller.nix @@ -6,11 +6,18 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "file-roller" "enable" ] + [ "programs" "file-roller" "enable" ]) + ]; + ###### interface options = { - services.gnome3.file-roller = { + programs.file-roller = { enable = mkEnableOption "File Roller, an archive manager for GNOME"; @@ -21,7 +28,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.file-roller.enable { + config = mkIf config.programs.file-roller.enable { environment.systemPackages = [ pkgs.gnome3.file-roller ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-disks.nix b/nixos/modules/programs/gnome-disks.nix index 139534cdb89..1cf839a6ddb 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-disks.nix +++ b/nixos/modules/programs/gnome-disks.nix @@ -1,4 +1,4 @@ -# GNOME Disks daemon. +# GNOME Disks. { config, pkgs, lib, ... }: @@ -6,17 +6,24 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-disks" "enable" ] + [ "programs" "gnome-disks" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gnome-disks = { + programs.gnome-disks = { enable = mkOption { type = types.bool; default = false; description = '' - Whether to enable GNOME Disks daemon, a service designed to + Whether to enable GNOME Disks daemon, a program designed to be a UDisks2 graphical front-end. ''; }; @@ -28,7 +35,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.gnome-disks.enable { + config = mkIf config.programs.gnome-disks.enable { environment.systemPackages = [ pkgs.gnome3.gnome-disk-utility ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-documents.nix b/nixos/modules/programs/gnome-documents.nix index f6efb668424..bfa3d409ee3 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-documents.nix +++ b/nixos/modules/programs/gnome-documents.nix @@ -1,4 +1,4 @@ -# GNOME Documents daemon. +# GNOME Documents. { config, pkgs, lib, ... }: @@ -6,17 +6,24 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-documents" "enable" ] + [ "programs" "gnome-documents" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gnome-documents = { + programs.gnome-documents = { enable = mkOption { type = types.bool; default = false; description = '' - Whether to enable GNOME Documents services, a document + Whether to enable GNOME Documents, a document manager application for GNOME. ''; }; @@ -28,7 +35,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.gnome-documents.enable { + config = mkIf config.programs.gnome-documents.enable { environment.systemPackages = [ pkgs.gnome3.gnome-documents ]; diff --git a/nixos/modules/services/desktops/gnome3/gpaste.nix b/nixos/modules/programs/gpaste.nix index 5a8258775e0..4f6deb77e5e 100644 --- a/nixos/modules/services/desktops/gnome3/gpaste.nix +++ b/nixos/modules/programs/gpaste.nix @@ -1,12 +1,20 @@ -# GPaste daemon. +# GPaste. { config, lib, pkgs, ... }: with lib; { + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gpaste" "enable" ] + [ "programs" "gpaste" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gpaste = { + programs.gpaste = { enable = mkOption { type = types.bool; default = false; @@ -18,10 +26,9 @@ with lib; }; ###### implementation - config = mkIf config.services.gnome3.gpaste.enable { + config = mkIf config.programs.gpaste.enable { environment.systemPackages = [ pkgs.gnome3.gpaste ]; services.dbus.packages = [ pkgs.gnome3.gpaste ]; - services.xserver.desktopManager.gnome3.sessionPath = [ pkgs.gnome3.gpaste ]; systemd.packages = [ pkgs.gnome3.gpaste ]; }; } diff --git a/nixos/modules/programs/nylas-mail.nix b/nixos/modules/programs/nylas-mail.nix deleted file mode 100644 index 08a6cd0a604..00000000000 --- a/nixos/modules/programs/nylas-mail.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.nylas-mail; -in { - ###### interface - options = { - services.nylas-mail = { - - enable = mkEnableOption '' - nylas-mail - Open-source mail client built on the modern web with Electron, React, and Flux - ''; - - gnome3-keyring = mkOption { - type = types.bool; - default = true; - description = "Enable gnome3 keyring for nylas-mail."; - }; - }; - }; - - - ###### implementation - - config = mkIf cfg.enable { - - environment.systemPackages = [ pkgs.nylas-mail-bin ]; - - services.gnome3.gnome-keyring = mkIf cfg.gnome3-keyring { - enable = true; - }; - - }; -} diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index e0d64914ef4..5c08a25c128 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -51,6 +51,10 @@ with lib; (mkRemovedOptionModule [ "services" "misc" "nzbget" "openFirewall" ] "The port used by nzbget is managed through the web interface so you should adjust your firewall rules accordingly.") (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "user" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a user setting.") (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "group" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a group setting.") + (mkRemovedOptionModule [ "services" "prometheus2" "alertmanagerURL" ] '' + Due to incompatibility, the alertmanagerURL option has been removed, + please use 'services.prometheus2.alertmanagers' instead. + '') (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ]) (mkRenamedOptionModule [ "services" "vmwareGuest" ] [ "virtualisation" "vmware" "guest" ]) (mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ]) @@ -258,6 +262,20 @@ with lib; (mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ]) (mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ]) + # Redshift + (mkChangedOptionModule [ "services" "redshift" "latitude" ] [ "location" "latitude" ] + (config: + let value = getAttrFromPath [ "services" "redshift" "latitude" ] config; + in if value == null then + throw "services.redshift.latitude is set to null, you can remove this" + else builtins.fromJSON value)) + (mkChangedOptionModule [ "services" "redshift" "longitude" ] [ "location" "longitude" ] + (config: + let value = getAttrFromPath [ "services" "redshift" "longitude" ] config; + in if value == null then + throw "services.redshift.longitude is set to null, you can remove this" + else builtins.fromJSON value)) + ] ++ (flip map [ "blackboxExporter" "collectdExporter" "fritzboxExporter" "jsonExporter" "minioExporter" "nginxExporter" "nodeExporter" "snmpExporter" "unifiExporter" "varnishExporter" ] diff --git a/nixos/modules/services/admin/oxidized.nix b/nixos/modules/services/admin/oxidized.nix index 687cdfb5ba5..39112c3970d 100644 --- a/nixos/modules/services/admin/oxidized.nix +++ b/nixos/modules/services/admin/oxidized.nix @@ -97,8 +97,8 @@ in preStart = '' mkdir -p ${cfg.dataDir}/.config/oxidized - cp -v ${cfg.routerDB} ${cfg.dataDir}/.config/oxidized/router.db - cp -v ${cfg.configFile} ${cfg.dataDir}/.config/oxidized/config + ln -f -s ${cfg.routerDB} ${cfg.dataDir}/.config/oxidized/router.db + ln -f -s ${cfg.configFile} ${cfg.dataDir}/.config/oxidized/config ''; serviceConfig = { diff --git a/nixos/modules/services/backup/automysqlbackup.nix b/nixos/modules/services/backup/automysqlbackup.nix index b845f370fb7..1884f3536a9 100644 --- a/nixos/modules/services/backup/automysqlbackup.nix +++ b/nixos/modules/services/backup/automysqlbackup.nix @@ -41,7 +41,7 @@ in }; config = mkOption { - type = with types; attrsOf (either (either str (either int bool)) (listOf str)); + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); default = {}; description = '' automysqlbackup configuration. Refer to diff --git a/nixos/modules/services/backup/postgresql-wal-receiver.nix b/nixos/modules/services/backup/postgresql-wal-receiver.nix new file mode 100644 index 00000000000..d9a37037992 --- /dev/null +++ b/nixos/modules/services/backup/postgresql-wal-receiver.nix @@ -0,0 +1,203 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + receiverSubmodule = { + options = { + postgresqlPackage = mkOption { + type = types.package; + example = literalExample "pkgs.postgresql_11"; + description = '' + PostgreSQL package to use. + ''; + }; + + directory = mkOption { + type = types.path; + example = literalExample "/mnt/pg_wal/main/"; + description = '' + Directory to write the output to. + ''; + }; + + statusInterval = mkOption { + type = types.int; + default = 10; + description = '' + Specifies the number of seconds between status packets sent back to the server. + This allows for easier monitoring of the progress from server. + A value of zero disables the periodic status updates completely, + although an update will still be sent when requested by the server, to avoid timeout disconnect. + ''; + }; + + slot = mkOption { + type = types.str; + default = ""; + example = "some_slot_name"; + description = '' + Require <command>pg_receivewal</command> to use an existing replication slot (see + <link xlink:href="https://www.postgresql.org/docs/current/warm-standby.html#STREAMING-REPLICATION-SLOTS">Section 26.2.6 of the PostgreSQL manual</link>). + When this option is used, <command>pg_receivewal</command> will report a flush position to the server, + indicating when each segment has been synchronized to disk so that the server can remove that segment if it is not otherwise needed. + + When the replication client of <command>pg_receivewal</command> is configured on the server as a synchronous standby, + then using a replication slot will report the flush position to the server, but only when a WAL file is closed. + Therefore, that configuration will cause transactions on the primary to wait for a long time and effectively not work satisfactorily. + The option <option>synchronous</option> must be specified in addition to make this work correctly. + ''; + }; + + synchronous = mkOption { + type = types.bool; + default = false; + description = '' + Flush the WAL data to disk immediately after it has been received. + Also send a status packet back to the server immediately after flushing, regardless of <option>statusInterval</option>. + + This option should be specified if the replication client of <command>pg_receivewal</command> is configured on the server as a synchronous standby, + to ensure that timely feedback is sent to the server. + ''; + }; + + compress = mkOption { + type = types.ints.between 0 9; + default = 0; + description = '' + Enables gzip compression of write-ahead logs, and specifies the compression level + (<literal>0</literal> through <literal>9</literal>, <literal>0</literal> being no compression and <literal>9</literal> being best compression). + The suffix <literal>.gz</literal> will automatically be added to all filenames. + + This option requires PostgreSQL >= 10. + ''; + }; + + connection = mkOption { + type = types.str; + example = "postgresql://user@somehost"; + description = '' + Specifies parameters used to connect to the server, as a connection string. + See <link xlink:href="https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING">Section 34.1.1 of the PostgreSQL manual</link> for more information. + + Because <command>pg_receivewal</command> doesn't connect to any particular database in the cluster, + database name in the connection string will be ignored. + ''; + }; + + extraArgs = mkOption { + type = with types; listOf str; + default = [ ]; + example = literalExample '' + [ + "--no-sync" + ] + ''; + description = '' + A list of extra arguments to pass to the <command>pg_receivewal</command> command. + ''; + }; + + environment = mkOption { + type = with types; attrsOf str; + default = { }; + example = literalExample '' + { + PGPASSFILE = "/private/passfile"; + PGSSLMODE = "require"; + } + ''; + description = '' + Environment variables passed to the service. + Usable parameters are listed in <link xlink:href="https://www.postgresql.org/docs/current/libpq-envars.html">Section 34.14 of the PostgreSQL manual</link>. + ''; + }; + }; + }; + +in { + options = { + services.postgresqlWalReceiver = { + receivers = mkOption { + type = with types; attrsOf (submodule receiverSubmodule); + default = { }; + example = literalExample '' + { + main = { + postgresqlPackage = pkgs.postgresql_11; + directory = /mnt/pg_wal/main/; + slot = "main_wal_receiver"; + connection = "postgresql://user@somehost"; + }; + } + ''; + description = '' + PostgreSQL WAL receivers. + Stream write-ahead logs from a PostgreSQL server using <command>pg_receivewal</command> (formerly <command>pg_receivexlog</command>). + See <link xlink:href="https://www.postgresql.org/docs/current/app-pgreceivewal.html">the man page</link> for more information. + ''; + }; + }; + }; + + config = let + receivers = config.services.postgresqlWalReceiver.receivers; + in mkIf (receivers != { }) { + users = { + users.postgres = { + uid = config.ids.uids.postgres; + group = "postgres"; + description = "PostgreSQL server user"; + }; + + groups.postgres = { + gid = config.ids.gids.postgres; + }; + }; + + assertions = concatLists (attrsets.mapAttrsToList (name: config: [ + { + assertion = config.compress > 0 -> versionAtLeast config.postgresqlPackage.version "10"; + message = "Invalid configuration for WAL receiver \"${name}\": compress requires PostgreSQL version >= 10."; + } + ]) receivers); + + systemd.tmpfiles.rules = mapAttrsToList (name: config: '' + d ${escapeShellArg config.directory} 0750 postgres postgres - - + '') receivers; + + systemd.services = with attrsets; mapAttrs' (name: config: nameValuePair "postgresql-wal-receiver-${name}" { + description = "PostgreSQL WAL receiver (${name})"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + User = "postgres"; + Group = "postgres"; + KillSignal = "SIGINT"; + Restart = "always"; + RestartSec = 30; + }; + + inherit (config) environment; + + script = let + receiverCommand = postgresqlPackage: + if (versionAtLeast postgresqlPackage.version "10") + then "${postgresqlPackage}/bin/pg_receivewal" + else "${postgresqlPackage}/bin/pg_receivexlog"; + in '' + ${receiverCommand config.postgresqlPackage} \ + --no-password \ + --directory=${escapeShellArg config.directory} \ + --status-interval=${toString config.statusInterval} \ + --dbname=${escapeShellArg config.connection} \ + ${optionalString (config.compress > 0) "--compress=${toString config.compress}"} \ + ${optionalString (config.slot != "") "--slot=${escapeShellArg config.slot}"} \ + ${optionalString config.synchronous "--synchronous"} \ + ${concatStringsSep " " config.extraArgs} + ''; + }) receivers; + }; + + meta.maintainers = with maintainers; [ pacien ]; +} diff --git a/nixos/modules/services/databases/couchdb.nix b/nixos/modules/services/databases/couchdb.nix index 5ddf8ba4bfb..77e404116c8 100644 --- a/nixos/modules/services/databases/couchdb.nix +++ b/nixos/modules/services/databases/couchdb.nix @@ -160,7 +160,7 @@ in { systemd.tmpfiles.rules = [ "d '${dirOf cfg.uriFile}' - ${cfg.user} ${cfg.group} - -" - "d '${dirOf cfg.logFile}' - ${cfg.user} ${cfg.group} - -" + "f '${cfg.logFile}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.databaseDir}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.viewIndexDir}' - ${cfg.user} ${cfg.group} - -" ]; @@ -169,11 +169,9 @@ in { description = "CouchDB Server"; wantedBy = [ "multi-user.target" ]; - preStart = - '' + preStart = '' touch ${cfg.configFile} - touch -a ${cfg.logFile} - ''; + ''; environment = mkIf useVersion2 { # we are actually specifying 4 configuration files: diff --git a/nixos/modules/services/databases/memcached.nix b/nixos/modules/services/databases/memcached.nix index 052ff1f308e..f9e403dfc0c 100644 --- a/nixos/modules/services/databases/memcached.nix +++ b/nixos/modules/services/databases/memcached.nix @@ -86,7 +86,25 @@ in in "${memcached}/bin/memcached ${networking} -m ${toString cfg.maxMemory} -c ${toString cfg.maxConnections} ${concatStringsSep " " cfg.extraOptions}"; User = cfg.user; + + # Filesystem access + ProtectSystem = "strict"; + ProtectHome = true; + PrivateTmp = true; + PrivateDevices = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; RuntimeDirectory = "memcached"; + # Caps + CapabilityBoundingSet = ""; + NoNewPrivileges = true; + # Misc. + LockPersonality = true; + RestrictRealtime = true; + PrivateMounts = true; + PrivateUsers = true; + MemoryDenyWriteExecute = true; }; }; }; diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 7ff899970cc..10250bb5193 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -330,13 +330,13 @@ in fi '' + optionalString (cfg.ensureDatabases != []) '' ${concatMapStrings (database: '' - $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc "CREATE DATABASE ${database}" + $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"' '') cfg.ensureDatabases} '' + '' ${concatMapStrings (user: '' $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc "CREATE USER ${user.name}" ${concatStringsSep "\n" (mapAttrsToList (database: permission: '' - $PSQL -tAc "GRANT ${permission} ON ${database} TO ${user.name}" + $PSQL -tAc 'GRANT ${permission} ON ${database} TO ${user.name}' '') user.ensurePermissions)} '') cfg.ensureUsers} ''; diff --git a/nixos/modules/services/games/minecraft-server.nix b/nixos/modules/services/games/minecraft-server.nix index 39a68f4b553..eb9288fca58 100644 --- a/nixos/modules/services/games/minecraft-server.nix +++ b/nixos/modules/services/games/minecraft-server.nix @@ -118,7 +118,7 @@ in { }; serverProperties = mkOption { - type = with types; attrsOf (either bool (either int str)); + type = with types; attrsOf (oneOf [ bool int str ]); default = {}; example = literalExample '' { diff --git a/nixos/modules/services/mail/davmail.nix b/nixos/modules/services/mail/davmail.nix index 5b5cc294e5c..374a3dd75c1 100644 --- a/nixos/modules/services/mail/davmail.nix +++ b/nixos/modules/services/mail/davmail.nix @@ -7,7 +7,7 @@ let cfg = config.services.davmail; configType = with types; - either (either (attrsOf configType) str) (either int bool) // { + oneOf [ (attrsOf configType) str int bool ] // { description = "davmail config type (str, int, bool or attribute set thereof)"; }; diff --git a/nixos/modules/services/mail/postfix.nix b/nixos/modules/services/mail/postfix.nix index dab1b29aa4b..2b08ab1e6aa 100644 --- a/nixos/modules/services/mail/postfix.nix +++ b/nixos/modules/services/mail/postfix.nix @@ -447,7 +447,7 @@ in }; config = mkOption { - type = with types; attrsOf (either bool (either str (listOf str))); + type = with types; attrsOf (oneOf [ bool str (listOf str) ]); description = '' The main.cf configuration file as key value set. ''; diff --git a/nixos/modules/services/mail/rspamd.nix b/nixos/modules/services/mail/rspamd.nix index 5541b8b79b7..e59d5715de0 100644 --- a/nixos/modules/services/mail/rspamd.nix +++ b/nixos/modules/services/mail/rspamd.nix @@ -331,7 +331,7 @@ in }; config = mkOption { - type = with types; attrsOf (either bool (either str (listOf str))); + type = with types; attrsOf (oneOf [ bool str (listOf str) ]); description = '' Addon to postfix configuration ''; diff --git a/nixos/modules/services/mail/rss2email.nix b/nixos/modules/services/mail/rss2email.nix index a123736005a..df454abc826 100644 --- a/nixos/modules/services/mail/rss2email.nix +++ b/nixos/modules/services/mail/rss2email.nix @@ -30,7 +30,7 @@ in { }; config = mkOption { - type = with types; attrsOf (either str (either int bool)); + type = with types; attrsOf (oneOf [ str int bool ]); default = {}; description = '' The configuration to give rss2email. diff --git a/nixos/modules/services/misc/dwm-status.nix b/nixos/modules/services/misc/dwm-status.nix new file mode 100644 index 00000000000..b98a42e6a6d --- /dev/null +++ b/nixos/modules/services/misc/dwm-status.nix @@ -0,0 +1,73 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.dwm-status; + + order = concatMapStringsSep "," (feature: ''"${feature}"'') cfg.order; + + configFile = pkgs.writeText "dwm-status.toml" '' + order = [${order}] + + ${cfg.extraConfig} + ''; +in + +{ + + ###### interface + + options = { + + services.dwm-status = { + + enable = mkEnableOption "dwm-status user service"; + + package = mkOption { + type = types.package; + default = pkgs.dwm-status; + defaultText = "pkgs.dwm-status"; + example = "pkgs.dwm-status.override { enableAlsaUtils = false; }"; + description = '' + Which dwm-status package to use. + ''; + }; + + order = mkOption { + type = types.listOf (types.enum [ "audio" "backlight" "battery" "cpu_load" "network" "time" ]); + description = '' + List of enabled features in order. + ''; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + Extra config in TOML format. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf cfg.enable { + + services.upower.enable = elem "battery" cfg.order; + + systemd.user.services.dwm-status = { + description = "Highly performant and configurable DWM status service"; + wantedBy = [ "graphical-session.target" ]; + partOf = [ "graphical-session.target" ]; + + serviceConfig.ExecStart = "${cfg.package}/bin/dwm-status ${configFile}"; + }; + + }; + +} diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 2f3f76d79ff..087630f2177 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -502,7 +502,7 @@ in { "d ${cfg.statePath} 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/builds 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/config 0750 ${cfg.user} ${cfg.group} -" - "d ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" + "D ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/db 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/log 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/repositories 2770 ${cfg.user} ${cfg.group} -" diff --git a/nixos/modules/services/monitoring/datadog-agent.nix b/nixos/modules/services/monitoring/datadog-agent.nix index ce3d53fb2c1..7f78db74677 100644 --- a/nixos/modules/services/monitoring/datadog-agent.nix +++ b/nixos/modules/services/monitoring/datadog-agent.nix @@ -42,9 +42,9 @@ let # Apply the configured extraIntegrations to the provided agent # package. See the documentation of `dd-agent/integrations-core.nix` # for detailed information on this. - datadogPkg = cfg.package.overrideAttrs(_: { - python = (pkgs.datadog-integrations-core cfg.extraIntegrations).python; - }); + datadogPkg = cfg.package.override { + pythonPackages = pkgs.datadog-integrations-core cfg.extraIntegrations; + }; in { options.services.datadog-agent = { enable = mkOption { @@ -60,7 +60,7 @@ in { defaultText = "pkgs.datadog-agent"; description = '' Which DataDog v6 agent package to use. Note that the provided - package is expected to have an overridable `python`-attribute + package is expected to have an overridable `pythonPackages`-attribute which configures the Python environment with the Datadog checks. ''; diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index c2f6b585d49..bf1084eecc3 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -503,12 +503,12 @@ in { message = "Cannot set both adminPassword and adminPasswordFile"; } { - assertion = cfg.security.secretKeyFile != opt.security.secretKeyFile.default -> cfg.security.secretKeyFile == null; + assertion = cfg.security.secretKey != opt.security.secretKey.default -> cfg.security.secretKeyFile == null; message = "Cannot set both secretKey and secretKeyFile"; } { assertion = cfg.smtp.password != opt.smtp.password.default -> cfg.smtp.passwordFile == null; - message = "Cannot set both password and secretKeyFile"; + message = "Cannot set both password and passwordFile"; } ]; diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix index d8384e0d35b..647d67533b8 100644 --- a/nixos/modules/services/monitoring/prometheus/default.nix +++ b/nixos/modules/services/monitoring/prometheus/default.nix @@ -79,12 +79,8 @@ let (pkgs.writeText "prometheus.rules" (concatStringsSep "\n" cfg2.rules)) ]); scrape_configs = filterValidPrometheus cfg2.scrapeConfigs; - alerting = optionalAttrs (cfg2.alertmanagerURL != []) { - alertmanagers = [{ - static_configs = [{ - targets = cfg2.alertmanagerURL; - }]; - }]; + alerting = { + inherit (cfg2) alertmanagers; }; }; @@ -738,11 +734,23 @@ in { ''; }; - alertmanagerURL = mkOption { - type = types.listOf types.str; + alertmanagers = mkOption { + type = types.listOf types.attrs; + example = literalExample '' + [ { + scheme = "https"; + path_prefix = "/alertmanager"; + static_configs = [ { + targets = [ + "prometheus.domain.tld" + ]; + } ]; + } ] + ''; default = []; description = '' - List of Alertmanager URLs to send notifications to. + A list of alertmanagers to send alerts to. + See <link xlink:href="https://prometheus.io/docs/prometheus/latest/configuration/configuration/#alertmanager_config">the official documentation</link> for more information. ''; }; diff --git a/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix b/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix index f69b389760f..ca4366121e1 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix @@ -4,6 +4,13 @@ with lib; let cfg = config.services.prometheus.exporters.blackbox; + + checkConfig = file: pkgs.runCommand "checked-blackbox-exporter.conf" { + preferLocalBuild = true; + buildInputs = [ pkgs.buildPackages.prometheus-blackbox-exporter ]; } '' + ln -s ${file} $out + blackbox_exporter --config.check --config.file $out + ''; in { port = 9115; @@ -21,7 +28,7 @@ in ExecStart = '' ${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ - --config.file ${cfg.configFile} \ + --config.file ${checkConfig cfg.configFile} \ ${concatStringsSep " \\\n " cfg.extraFlags} ''; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; diff --git a/nixos/modules/services/networking/znc/default.nix b/nixos/modules/services/networking/znc/default.nix index 46bff6954cd..05f97bfa539 100644 --- a/nixos/modules/services/networking/znc/default.nix +++ b/nixos/modules/services/networking/znc/default.nix @@ -62,9 +62,9 @@ let concatStringsSep "\n" (toLines cfg.config); semanticTypes = with types; rec { - zncAtom = nullOr (either (either int bool) str); + zncAtom = nullOr (oneOf [ int bool str ]); zncAttr = attrsOf (nullOr zncConf); - zncAll = either (either zncAtom (listOf zncAtom)) zncAttr; + zncAll = oneOf [ zncAtom (listOf zncAtom) zncAttr ]; zncConf = attrsOf (zncAll // { # Since this is a recursive type and the description by default contains # the description of its subtypes, infinite recursion would occur without diff --git a/nixos/modules/services/security/bitwarden_rs/default.nix b/nixos/modules/services/security/bitwarden_rs/default.nix index bb036ee020f..80fd65891ff 100644 --- a/nixos/modules/services/security/bitwarden_rs/default.nix +++ b/nixos/modules/services/security/bitwarden_rs/default.nix @@ -36,7 +36,7 @@ in { }; config = mkOption { - type = attrsOf (nullOr (either (either bool int) str)); + type = attrsOf (nullOr (oneOf [ bool int str ])); default = {}; example = literalExample '' { diff --git a/nixos/modules/services/web-apps/limesurvey.nix b/nixos/modules/services/web-apps/limesurvey.nix index 5b2f3875aaa..84a94fc446e 100644 --- a/nixos/modules/services/web-apps/limesurvey.nix +++ b/nixos/modules/services/web-apps/limesurvey.nix @@ -14,7 +14,7 @@ let pkg = pkgs.limesurvey; - configType = with types; either (either (attrsOf configType) str) (either int bool) // { + configType = with types; oneOf [ (attrsOf configType) str int bool ] // { description = "limesurvey config type (str, int, bool or attribute set thereof)"; }; diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index ea9476a7c91..12200c879be 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -336,7 +336,7 @@ let ++ optional enablePerl { name = "perl"; path = "${mod_perl}/modules/mod_perl.so"; } ++ concatMap (svc: svc.extraModules) allSubservices ++ extraForeignModules; - in concatMapStrings load allModules + in concatMapStrings load (unique allModules) } AddHandler type-map var diff --git a/nixos/modules/services/x11/clight.nix b/nixos/modules/services/x11/clight.nix new file mode 100644 index 00000000000..6ec395bb05e --- /dev/null +++ b/nixos/modules/services/x11/clight.nix @@ -0,0 +1,115 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.clight; + + toConf = v: + if builtins.isFloat v then toString v + else if isInt v then toString v + else if isBool v then boolToString v + else if isString v then ''"${escape [''"''] v}"'' + else if isList v then "[ " + concatMapStringsSep ", " toConf v + " ]" + else abort "clight.toConf: unexpected type (v = ${v})"; + + clightConf = pkgs.writeText "clight.conf" + (concatStringsSep "\n" (mapAttrsToList + (name: value: "${toString name} = ${toConf value};") + (filterAttrs + (_: value: value != null) + cfg.settings))); +in { + options.services.clight = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable clight or not. + ''; + }; + + temperature = { + day = mkOption { + type = types.int; + default = 5500; + description = '' + Colour temperature to use during the day, between + <literal>1000</literal> and <literal>25000</literal> K. + ''; + }; + night = mkOption { + type = types.int; + default = 3700; + description = '' + Colour temperature to use at night, between + <literal>1000</literal> and <literal>25000</literal> K. + ''; + }; + }; + + settings = let + validConfigTypes = with types; either int (either str (either bool float)); + in mkOption { + type = with types; attrsOf (nullOr (either validConfigTypes (listOf validConfigTypes))); + default = {}; + example = { captures = 20; gamma_long_transition = true; ac_capture_timeouts = [ 120 300 60 ]; }; + description = '' + Additional configuration to extend clight.conf. See + <link xlink:href="https://github.com/FedeDP/Clight/blob/master/Extra/clight.conf"/> for a + sample configuration file. + ''; + }; + }; + + config = mkIf cfg.enable { + boot.kernelModules = [ "i2c_dev" ]; + environment.systemPackages = with pkgs; [ clight clightd ]; + services.dbus.packages = with pkgs; [ clight clightd ]; + services.upower.enable = true; + + services.clight.settings = { + gamma_temp = with cfg.temperature; mkDefault [ day night ]; + } // (optionalAttrs (config.location.provider == "manual") { + latitude = mkDefault config.location.latitude; + longitude = mkDefault config.location.longitude; + }); + + services.geoclue2.appConfig."clightc" = { + isAllowed = true; + isSystem = true; + }; + + systemd.services.clightd = { + requires = [ "polkit.service" ]; + wantedBy = [ "multi-user.target" ]; + + description = "Bus service to manage various screen related properties (gamma, dpms, backlight)"; + serviceConfig = { + Type = "dbus"; + BusName = "org.clightd.clightd"; + Restart = "on-failure"; + RestartSec = 5; + ExecStart = '' + ${pkgs.clightd}/bin/clightd + ''; + }; + }; + + systemd.user.services.clight = { + after = [ "upower.service" "clightd.service" ]; + wants = [ "upower.service" "clightd.service" ]; + partOf = [ "graphical-session.target" ]; + wantedBy = [ "graphical-session.target" ]; + + description = "C daemon to adjust screen brightness to match ambient brightness, as computed capturing frames from webcam"; + serviceConfig = { + Restart = "on-failure"; + RestartSec = 5; + ExecStart = '' + ${pkgs.clight}/bin/clight --conf-file ${clightConf} + ''; + }; + }; + }; +} diff --git a/nixos/modules/services/x11/compton.nix b/nixos/modules/services/x11/compton.nix index c02c9bfd94e..a94a76ff0c0 100644 --- a/nixos/modules/services/x11/compton.nix +++ b/nixos/modules/services/x11/compton.nix @@ -215,7 +215,7 @@ in { }; settings = let - configTypes = with types; either bool (either int (either float str)); + configTypes = with types; oneOf [ bool int float str ]; # types.loaOf converts lists to sets loaOf = t: with types; either (listOf t) (attrsOf t); in mkOption { diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index cd750242125..5e1e652a508 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -123,12 +123,8 @@ in { services.dleyna-renderer.enable = mkDefault true; services.dleyna-server.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; - services.gnome3.evince.enable = mkDefault true; services.gnome3.evolution-data-server.enable = true; - services.gnome3.file-roller.enable = mkDefault true; services.gnome3.glib-networking.enable = true; - services.gnome3.gnome-disks.enable = mkDefault true; - services.gnome3.gnome-documents.enable = mkDefault true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-online-accounts.enable = mkDefault true; services.gnome3.gnome-remote-desktop.enable = mkDefault true; @@ -157,6 +153,12 @@ in { xdg.portal.enable = true; xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + # Enable default programs + programs.evince.enable = mkDefault true; + programs.file-roller.enable = mkDefault true; + programs.gnome-disks.enable = mkDefault true; + programs.gnome-documents.enable = mkDefault true; + # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; diff --git a/nixos/modules/services/x11/redshift.nix b/nixos/modules/services/x11/redshift.nix index 4345a334808..55f8f75021b 100644 --- a/nixos/modules/services/x11/redshift.nix +++ b/nixos/modules/services/x11/redshift.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.redshift; + lcfg = config.location; in { @@ -18,35 +19,6 @@ in { ''; }; - latitude = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Your current latitude, between - <literal>-90.0</literal> and <literal>90.0</literal>. Must be provided - along with longitude. - ''; - }; - - longitude = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Your current longitude, between - between <literal>-180.0</literal> and <literal>180.0</literal>. Must be - provided along with latitude. - ''; - }; - - provider = mkOption { - type = types.enum [ "manual" "geoclue2" ]; - default = "manual"; - description = '' - The location provider to use for determining your location. If set to - <literal>manual</literal> you must also provide latitude/longitude. - ''; - }; - temperature = { day = mkOption { type = types.int; @@ -106,33 +78,19 @@ in { }; config = mkIf cfg.enable { - assertions = [ - { - assertion = - if cfg.provider == "manual" - then (cfg.latitude != null && cfg.longitude != null) - else (cfg.latitude == null && cfg.longitude == null); - message = "Latitude and longitude must be provided together, and with provider set to null."; - } - ]; - # needed so that .desktop files are installed, which geoclue cares about environment.systemPackages = [ cfg.package ]; - services.geoclue2 = mkIf (cfg.provider == "geoclue2") { - enable = true; - appConfig."redshift" = { - isAllowed = true; - isSystem = true; - }; + services.geoclue2.appConfig."redshift" = { + isAllowed = true; + isSystem = true; }; - systemd.user.services.redshift = + systemd.user.services.redshift = let - providerString = - if cfg.provider == "manual" - then "${cfg.latitude}:${cfg.longitude}" - else cfg.provider; + providerString = if lcfg.provider == "manual" + then "${toString lcfg.latitude}:${toString lcfg.longitude}" + else lcfg.provider; in { description = "Redshift colour temperature adjuster"; diff --git a/nixos/modules/system/boot/binfmt.nix b/nixos/modules/system/boot/binfmt.nix index d6c0f050486..a550ffd6320 100644 --- a/nixos/modules/system/boot/binfmt.nix +++ b/nixos/modules/system/boot/binfmt.nix @@ -115,6 +115,14 @@ let magicOrExtension = ''\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00''; mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff''; }; + wasm32-wasi = { + magicOrExtension = ''\x00asm''; + mask = ''\xff\xff\xff\xff''; + }; + wasm64-wasi = { + magicOrExtension = ''\x00asm''; + mask = ''\xff\xff\xff\xff''; + }; x86_64-windows = { magicOrExtension = ".exe"; recognitionType = "extension"; @@ -226,6 +234,7 @@ in { emulatedSystems = mkOption { default = []; + example = [ "wasm32-wasi" "x86_64-windows" "aarch64-linux" ]; description = '' List of systems to emulate. Will also configure Nix to support your new systems. diff --git a/nixos/modules/system/boot/systemd-unit-options.nix b/nixos/modules/system/boot/systemd-unit-options.nix index ee4ae845a7d..c1f2c98afcd 100644 --- a/nixos/modules/system/boot/systemd-unit-options.nix +++ b/nixos/modules/system/boot/systemd-unit-options.nix @@ -226,7 +226,7 @@ in rec { environment = mkOption { default = {}; - type = with types; attrsOf (nullOr (either str (either path package))); + type = with types; attrsOf (nullOr (oneOf [ str path package ])); example = { PATH = "/foo/bar/bin"; LANG = "nl_NL.UTF-8"; }; description = "Environment variables passed to the service's processes."; }; diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 1025a038c4b..1914827d0e5 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -524,7 +524,7 @@ in }; systemd.globalEnvironment = mkOption { - type = with types; attrsOf (nullOr (either str (either path package))); + type = with types; attrsOf (nullOr (oneOf [ str path package ])); default = {}; example = { TZ = "CET"; }; description = '' |