diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2021-07-16 00:05:27 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-16 00:05:27 +0000 |
commit | 049494e76e1be4c9a686bb0b0a5c73b15d1aa54c (patch) | |
tree | f4b1fd65661e8747943c427c5599e04948bb2431 /nixos | |
parent | 65fcd698bb723cc287f7ffd674fbe4ad816be974 (diff) | |
parent | 53079ed913181b2f945cf1580746828b57d47edb (diff) | |
download | nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar.gz nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar.bz2 nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar.lz nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar.xz nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.tar.zst nixpkgs-049494e76e1be4c9a686bb0b0a5c73b15d1aa54c.zip |
Merge master into haskell-updates
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2111.section.xml | 10 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2111.section.md | 2 | ||||
-rw-r--r-- | nixos/modules/programs/xwayland.nix | 22 | ||||
-rw-r--r-- | nixos/modules/services/cluster/k3s/default.nix | 23 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/discourse.nix | 19 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/discourse.xml | 43 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix | 18 |
7 files changed, 101 insertions, 36 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml index 6f2a7fd8dd5..b9967ffb982 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml @@ -486,7 +486,7 @@ </itemizedlist> </listitem> </itemizedlist> - <itemizedlist spacing="compact"> + <itemizedlist> <listitem> <para> <literal>yggdrasil</literal> was upgraded to a new major @@ -495,6 +495,14 @@ changelog</link>. </para> </listitem> + <listitem> + <para> + <literal>icingaweb2</literal> was upgraded to a new release + which requires a manual database upgrade, see + <link xlink:href="https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0">upstream + changelog</link>. + </para> + </listitem> </itemizedlist> </section> <section xml:id="sec-release-21.11-notable-changes"> diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md index 5a1a29c270a..377dbf598d9 100644 --- a/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixos/doc/manual/release-notes/rl-2111.section.md @@ -124,6 +124,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `yggdrasil` was upgraded to a new major release with breaking changes, see [upstream changelog](https://github.com/yggdrasil-network/yggdrasil-go/releases/tag/v0.4.0). +- `icingaweb2` was upgraded to a new release which requires a manual database upgrade, see [upstream changelog](https://github.com/Icinga/icingaweb2/releases/tag/v2.9.0). + ## Other Notable Changes {#sec-release-21.11-notable-changes} - The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets. diff --git a/nixos/modules/programs/xwayland.nix b/nixos/modules/programs/xwayland.nix index 7e9a424a715..cb3c9c5b156 100644 --- a/nixos/modules/programs/xwayland.nix +++ b/nixos/modules/programs/xwayland.nix @@ -10,14 +10,16 @@ in { options.programs.xwayland = { - enable = mkEnableOption '' - Xwayland X server allows running X programs on a Wayland compositor. - ''; + enable = mkEnableOption "Xwayland (an X server for interfacing X11 apps with the Wayland protocol)"; defaultFontPath = mkOption { type = types.str; default = optionalString config.fonts.fontDir.enable "/run/current-system/sw/share/X11/fonts"; + defaultText = literalExample '' + optionalString config.fonts.fontDir.enable + "/run/current-system/sw/share/X11/fonts"; + ''; description = '' Default font path. Setting this option causes Xwayland to be rebuilt. ''; @@ -25,7 +27,15 @@ in package = mkOption { type = types.path; - description = "The Xwayland package"; + default = pkgs.xwayland.override (oldArgs: { + inherit (cfg) defaultFontPath; + }); + defaultText = literalExample '' + pkgs.xwayland.override (oldArgs: { + inherit (config.programs.xwayland) defaultFontPath; + }); + ''; + description = "The Xwayland package to use."; }; }; @@ -37,9 +47,5 @@ in environment.systemPackages = [ cfg.package ]; - programs.xwayland.package = pkgs.xwayland.override (oldArgs: { - inherit (cfg) defaultFontPath; - }); - }; } diff --git a/nixos/modules/services/cluster/k3s/default.nix b/nixos/modules/services/cluster/k3s/default.nix index 300c182406c..d0fb8cc5098 100644 --- a/nixos/modules/services/cluster/k3s/default.nix +++ b/nixos/modules/services/cluster/k3s/default.nix @@ -35,10 +35,20 @@ in token = mkOption { type = types.str; - description = "The k3s token to use when connecting to the server. This option only makes sense for an agent."; + description = '' + The k3s token to use when connecting to the server. This option only makes sense for an agent. + WARNING: This option will expose store your token unencrypted world-readable in the nix store. + If this is undesired use the tokenFile option instead. + ''; default = ""; }; + tokenFile = mkOption { + type = types.nullOr types.path; + description = "File path containing k3s token to use when connecting to the server. This option only makes sense for an agent."; + default = null; + }; + docker = mkOption { type = types.bool; default = false; @@ -68,8 +78,8 @@ in message = "serverAddr should be set if role is 'agent'"; } { - assertion = cfg.role == "agent" -> cfg.token != ""; - message = "token should be set if role is 'agent'"; + assertion = cfg.role == "agent" -> cfg.token != "" || cfg.tokenFile != null; + message = "token or tokenFile should be set if role is 'agent'"; } ]; @@ -105,7 +115,12 @@ in "${cfg.package}/bin/k3s ${cfg.role}" ] ++ (optional cfg.docker "--docker") ++ (optional cfg.disableAgent "--disable-agent") - ++ (optional (cfg.role == "agent") "--server ${cfg.serverAddr} --token ${cfg.token}") + ++ (optional (cfg.role == "agent") "--server ${cfg.serverAddr} ${ + if cfg.tokenFile != null then + "--token-file ${cfg.tokenFile}" + else + "--token ${cfg.token}" + }") ++ [ cfg.extraFlags ] ); }; diff --git a/nixos/modules/services/web-apps/discourse.nix b/nixos/modules/services/web-apps/discourse.nix index d3ae072f86a..8d5302ba267 100644 --- a/nixos/modules/services/web-apps/discourse.nix +++ b/nixos/modules/services/web-apps/discourse.nix @@ -475,21 +475,16 @@ in plugins = lib.mkOption { type = lib.types.listOf lib.types.package; default = []; - example = '' - [ - (pkgs.fetchFromGitHub { - owner = "discourse"; - repo = "discourse-spoiler-alert"; - rev = "e200cfa571d252cab63f3d30d619b370986e4cee"; - sha256 = "0ya69ix5g77wz4c9x9gmng6l25ghb5xxlx3icr6jam16q14dzc33"; - }) + example = lib.literalExample '' + with config.services.discourse.package.plugins; [ + discourse-canned-replies + discourse-github ]; ''; description = '' - <productname>Discourse</productname> plugins to install as a - list of derivations. As long as a plugin supports the - standard install method, packaging it should only require - fetching its source with an appropriate fetcher. + Plugins to install as part of + <productname>Discourse</productname>, expressed as a list of + derivations. ''; }; diff --git a/nixos/modules/services/web-apps/discourse.xml b/nixos/modules/services/web-apps/discourse.xml index bae56242321..1d6866e7b35 100644 --- a/nixos/modules/services/web-apps/discourse.xml +++ b/nixos/modules/services/web-apps/discourse.xml @@ -262,9 +262,31 @@ services.discourse = { <para> You can install <productname>Discourse</productname> plugins using the <xref linkend="opt-services.discourse.plugins" /> - option. As long as a plugin supports the standard install - method, packaging it should only require fetching its source - with an appropriate fetcher. + option. Pre-packaged plugins are provided in + <literal><your_discourse_package_here>.plugins</literal>. If + you want the full suite of plugins provided through + <literal>nixpkgs</literal>, you can also set the <xref + linkend="opt-services.discourse.package" /> option to + <literal>pkgs.discourseAllPlugins</literal>. + </para> + + <para> + Plugins can be built with the + <literal><your_discourse_package_here>.mkDiscoursePlugin</literal> + function. Normally, it should suffice to provide a + <literal>name</literal> and <literal>src</literal> attribute. If + the plugin has Ruby dependencies, however, they need to be + packaged in accordance with the <link + xlink:href="https://nixos.org/manual/nixpkgs/stable/#developing-with-ruby">Developing + with Ruby</link> section of the Nixpkgs manual and the + appropriate gem options set in <literal>bundlerEnvArgs</literal> + (normally <literal>gemdir</literal> is sufficient). A plugin's + Ruby dependencies are listed in its + <filename>plugin.rb</filename> file as function calls to + <literal>gem</literal>. To construct the corresponding + <filename>Gemfile</filename>, run <command>bundle + init</command>, then add the <literal>gem</literal> lines to it + verbatim. </para> <para> @@ -280,7 +302,10 @@ services.discourse = { <para> For example, to add the <link xlink:href="https://github.com/discourse/discourse-spoiler-alert">discourse-spoiler-alert</link> - plugin and disable it by default: + and <link + xlink:href="https://github.com/discourse/discourse-solved">discourse-solved</link> + plugins, and disable <literal>discourse-spoiler-alert</literal> + by default: <programlisting> services.discourse = { @@ -301,13 +326,9 @@ services.discourse = { <link linkend="opt-services.discourse.mail.outgoing.passwordFile">passwordFile</link> = "/path/to/smtp_password_file"; }; <link linkend="opt-services.discourse.mail.incoming.enable">mail.incoming.enable</link> = true; - <link linkend="opt-services.discourse.mail.incoming.enable">plugins</link> = [ - (pkgs.fetchFromGitHub { - owner = "discourse"; - repo = "discourse-spoiler-alert"; - rev = "e200cfa571d252cab63f3d30d619b370986e4cee"; - sha256 = "0ya69ix5g77wz4c9x9gmng6l25ghb5xxlx3icr6jam16q14dzc33"; - }) + <link linkend="opt-services.discourse.mail.incoming.enable">plugins</link> = with config.services.discourse.package.plugins; [ + discourse-spoiler-alert + discourse-solved ]; <link linkend="opt-services.discourse.siteSettings">siteSettings</link> = { plugins = { diff --git a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix index eea49bda283..f8f0854f1bc 100644 --- a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix +++ b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix @@ -23,6 +23,16 @@ in { ''; }; + libraryPaths = mkOption { + type = attrsOf package; + default = { }; + description = '' + Libraries to add to the Icingaweb2 library path. + The name of the attribute is the name of the library, the value + is the package to add. + ''; + }; + virtualHost = mkOption { type = nullOr str; default = "icingaweb2"; @@ -167,6 +177,9 @@ in { services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") { ${poolName} = { user = "icingaweb2"; + phpEnv = { + ICINGAWEB_LIBDIR = toString (pkgs.linkFarm "icingaweb2-libdir" (mapAttrsToList (name: path: { inherit name path; }) cfg.libraryPaths)); + }; phpPackage = pkgs.php.withExtensions ({ enabled, all }: [ all.imagick ] ++ enabled); phpOptions = '' date.timezone = "${cfg.timezone}" @@ -184,6 +197,11 @@ in { }; }; + services.icingaweb2.libraryPaths = { + ipl = pkgs.icingaweb2-ipl; + thirdparty = pkgs.icingaweb2-thirdparty; + }; + systemd.services."phpfpm-${poolName}".serviceConfig.ReadWritePaths = [ "/etc/icingaweb2" ]; services.nginx = { |