diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2022-12-16 00:02:17 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-12-16 00:02:17 +0000 |
commit | b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4 (patch) | |
tree | 3b2ac0cc3172c03aab1a4b0710decbb194da420b /nixos | |
parent | c2a66b3c22a6188e20175ad564e79b4095739753 (diff) | |
parent | bf012373ca54516c086bed13fad4521766547ae8 (diff) | |
download | nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar.gz nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar.bz2 nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar.lz nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar.xz nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.tar.zst nixpkgs-b9ac6ee4d9d69a9163a2bbaf08a5ff053bec13e4.zip |
Merge master into staging-next
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/lib/systemd-lib.nix | 6 | ||||
-rw-r--r-- | nixos/lib/utils.nix | 6 | ||||
-rw-r--r-- | nixos/modules/config/swap.nix | 2 | ||||
-rw-r--r-- | nixos/modules/programs/xfs_quota.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/mail/listmonk.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/prometheus/default.nix | 18 | ||||
-rw-r--r-- | nixos/modules/services/networking/supplicant.nix | 6 | ||||
-rw-r--r-- | nixos/modules/services/networking/wireguard.nix | 2 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/grub/grub.nix | 2 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 6 | ||||
-rw-r--r-- | nixos/tests/installer.nix | 2 | ||||
-rw-r--r-- | nixos/tests/prometheus-exporters.nix | 4 |
12 files changed, 33 insertions, 25 deletions
diff --git a/nixos/lib/systemd-lib.nix b/nixos/lib/systemd-lib.nix index 4c52643446e..c6c8753d532 100644 --- a/nixos/lib/systemd-lib.nix +++ b/nixos/lib/systemd-lib.nix @@ -8,9 +8,9 @@ let systemd = cfg.package; in rec { - shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s); + shellEscape = s: (replaceStrings [ "\\" ] [ "\\\\" ] s); - mkPathSafeName = lib.replaceChars ["@" ":" "\\" "[" "]"] ["-" "-" "-" "" ""]; + mkPathSafeName = lib.replaceStrings ["@" ":" "\\" "[" "]"] ["-" "-" "-" "" ""]; # a type for options that take a unit name unitNameType = types.strMatching "[a-zA-Z0-9@%:_.\\-]+[.](service|socket|device|mount|automount|swap|target|path|timer|scope|slice)"; @@ -258,7 +258,7 @@ in rec { makeJobScript = name: text: let - scriptName = replaceChars [ "\\" "@" ] [ "-" "_" ] (shellEscape name); + scriptName = replaceStrings [ "\\" "@" ] [ "-" "_" ] (shellEscape name); out = (pkgs.writeShellScriptBin scriptName '' set -e ${text} diff --git a/nixos/lib/utils.nix b/nixos/lib/utils.nix index 9eefa80d1c8..def3aa13f32 100644 --- a/nixos/lib/utils.nix +++ b/nixos/lib/utils.nix @@ -48,7 +48,7 @@ rec { trim = s: removeSuffix "/" (removePrefix "/" s); normalizedPath = strings.normalizePath s; in - replaceChars ["/"] ["-"] + replaceStrings ["/"] ["-"] (replacePrefix "." (strings.escapeC ["."] ".") (strings.escapeC (stringToCharacters " !\"#$%&'()*+,;<=>=@[\\]^`{|}~-") (if normalizedPath == "/" then normalizedPath else trim normalizedPath))); @@ -67,7 +67,7 @@ rec { else if builtins.isInt arg || builtins.isFloat arg then toString arg else throw "escapeSystemdExecArg only allows strings, paths and numbers"; in - replaceChars [ "%" "$" ] [ "%%" "$$" ] (builtins.toJSON s); + replaceStrings [ "%" "$" ] [ "%%" "$$" ] (builtins.toJSON s); # Quotes a list of arguments into a single string for use in a Exec* # line. @@ -112,7 +112,7 @@ rec { else if isAttrs item then map (name: let - escapedName = ''"${replaceChars [''"'' "\\"] [''\"'' "\\\\"] name}"''; + escapedName = ''"${replaceStrings [''"'' "\\"] [''\"'' "\\\\"] name}"''; in recurse (prefix + "." + escapedName) item.${name}) (attrNames item) else if isList item then diff --git a/nixos/modules/config/swap.nix b/nixos/modules/config/swap.nix index 10d52ade288..76a054b100e 100644 --- a/nixos/modules/config/swap.nix +++ b/nixos/modules/config/swap.nix @@ -160,7 +160,7 @@ let config = rec { device = mkIf options.label.isDefined "/dev/disk/by-label/${config.label}"; - deviceName = lib.replaceChars ["\\"] [""] (escapeSystemdPath config.device); + deviceName = lib.replaceStrings ["\\"] [""] (escapeSystemdPath config.device); realDevice = if config.randomEncryption.enable then "/dev/mapper/${deviceName}" else config.device; }; diff --git a/nixos/modules/programs/xfs_quota.nix b/nixos/modules/programs/xfs_quota.nix index a1e9ff941c6..0fc2958b3f3 100644 --- a/nixos/modules/programs/xfs_quota.nix +++ b/nixos/modules/programs/xfs_quota.nix @@ -94,7 +94,7 @@ in ''; wantedBy = [ "multi-user.target" ]; - after = [ ((replaceChars [ "/" ] [ "-" ] opts.fileSystem) + ".mount") ]; + after = [ ((replaceStrings [ "/" ] [ "-" ] opts.fileSystem) + ".mount") ]; restartTriggers = [ config.environment.etc.projects.source ]; diff --git a/nixos/modules/services/mail/listmonk.nix b/nixos/modules/services/mail/listmonk.nix index c4ea6747196..8b636bd5b1f 100644 --- a/nixos/modules/services/mail/listmonk.nix +++ b/nixos/modules/services/mail/listmonk.nix @@ -8,7 +8,7 @@ let # Escaping is done according to https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-CONSTANTS setDatabaseOption = key: value: "UPDATE settings SET value = '${ - lib.replaceChars [ "'" ] [ "''" ] (builtins.toJSON value) + lib.replaceStrings [ "'" ] [ "''" ] (builtins.toJSON value) }' WHERE key = '${key}';"; updateDatabaseConfigSQL = pkgs.writeText "update-database-config.sql" (concatStringsSep "\n" (mapAttrsToList setDatabaseOption diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix index f6bae8f9e96..f516b75ab10 100644 --- a/nixos/modules/services/monitoring/prometheus/default.nix +++ b/nixos/modules/services/monitoring/prometheus/default.nix @@ -3,7 +3,7 @@ with lib; let - json = pkgs.formats.json { }; + yaml = pkgs.formats.yaml { }; cfg = config.services.prometheus; checkConfigEnabled = (lib.isBool cfg.checkConfig && cfg.checkConfig) @@ -11,8 +11,6 @@ let workingDir = "/var/lib/" + cfg.stateDir; - prometheusYmlOut = "${workingDir}/prometheus-substituted.yaml"; - triggerReload = pkgs.writeShellScriptBin "trigger-reload-prometheus" '' PATH="${makeBinPath (with pkgs; [ systemd ])}" if systemctl -q is-active prometheus.service; then @@ -38,7 +36,7 @@ let promtool ${what} $out '' else file; - generatedPrometheusYml = json.generate "prometheus.yml" promConfig; + generatedPrometheusYml = yaml.generate "prometheus.yml" promConfig; # This becomes the main config file for Prometheus promConfig = { @@ -73,7 +71,8 @@ let "--web.listen-address=${cfg.listenAddress}:${builtins.toString cfg.port}" "--alertmanager.notification-queue-capacity=${toString cfg.alertmanagerNotificationQueueCapacity}" ] ++ optional (cfg.webExternalUrl != null) "--web.external-url=${cfg.webExternalUrl}" - ++ optional (cfg.retentionTime != null) "--storage.tsdb.retention.time=${cfg.retentionTime}"; + ++ optional (cfg.retentionTime != null) "--storage.tsdb.retention.time=${cfg.retentionTime}" + ++ optional (cfg.webConfigFile != null) "--web.config.file=${cfg.webConfigFile}"; filterValidPrometheus = filterAttrsListRecursive (n: v: !(n == "_module" || v == null)); filterAttrsListRecursive = pred: x: @@ -1719,6 +1718,15 @@ in ''; }; + webConfigFile = mkOption { + type = types.nullOr types.path; + default = null; + description = lib.mdDoc '' + Specifies which file should be used as web.config.file and be passed on startup. + See https://prometheus.io/docs/prometheus/latest/configuration/https/ for valid options. + ''; + }; + checkConfig = mkOption { type = with types; either bool (enum [ "syntax-only" ]); default = true; diff --git a/nixos/modules/services/networking/supplicant.nix b/nixos/modules/services/networking/supplicant.nix index 0a48e73932e..13d84736e2c 100644 --- a/nixos/modules/services/networking/supplicant.nix +++ b/nixos/modules/services/networking/supplicant.nix @@ -13,7 +13,7 @@ let serviceName = iface: "supplicant-${if (iface=="WLAN") then "wlan@" else ( if (iface=="LAN") then "lan@" else ( if (iface=="DBUS") then "dbus" - else (replaceChars [" "] ["-"] iface)))}"; + else (replaceStrings [" "] ["-"] iface)))}"; # TODO: Use proper privilege separation for wpa_supplicant supplicantService = iface: suppl: @@ -27,7 +27,7 @@ let driverArg = optionalString (suppl.driver != null) "-D${suppl.driver}"; bridgeArg = optionalString (suppl.bridge!="") "-b${suppl.bridge}"; confFileArg = optionalString (suppl.configFile.path!=null) "-c${suppl.configFile.path}"; - extraConfFile = pkgs.writeText "supplicant-extra-conf-${replaceChars [" "] ["-"] iface}" '' + extraConfFile = pkgs.writeText "supplicant-extra-conf-${replaceStrings [" "] ["-"] iface}" '' ${optionalString suppl.userControlled.enable "ctrl_interface=DIR=${suppl.userControlled.socketDir} GROUP=${suppl.userControlled.group}"} ${optionalString suppl.configFile.writable "update_config=1"} ${suppl.extraConf} @@ -223,7 +223,7 @@ in text = '' ${flip (concatMapStringsSep "\n") (filter (n: n!="WLAN" && n!="LAN" && n!="DBUS") (attrNames cfg)) (iface: flip (concatMapStringsSep "\n") (splitString " " iface) (i: '' - ACTION=="add", SUBSYSTEM=="net", ENV{INTERFACE}=="${i}", TAG+="systemd", ENV{SYSTEMD_WANTS}+="supplicant-${replaceChars [" "] ["-"] iface}.service", TAG+="SUPPLICANT_ASSIGNED"''))} + ACTION=="add", SUBSYSTEM=="net", ENV{INTERFACE}=="${i}", TAG+="systemd", ENV{SYSTEMD_WANTS}+="supplicant-${replaceStrings [" "] ["-"] iface}.service", TAG+="SUPPLICANT_ASSIGNED"''))} ${optionalString (hasAttr "WLAN" cfg) '' ACTION=="add", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", TAG!="SUPPLICANT_ASSIGNED", TAG+="systemd", PROGRAM="/run/current-system/systemd/bin/systemd-escape -p %E{INTERFACE}", ENV{SYSTEMD_WANTS}+="supplicant-wlan@$result.service" diff --git a/nixos/modules/services/networking/wireguard.nix b/nixos/modules/services/networking/wireguard.nix index ce5616672c1..9c13f8b847d 100644 --- a/nixos/modules/services/networking/wireguard.nix +++ b/nixos/modules/services/networking/wireguard.nix @@ -315,7 +315,7 @@ let peerUnitServiceName = interfaceName: publicKey: dynamicRefreshEnabled: let - keyToUnitName = replaceChars + keyToUnitName = replaceStrings [ "/" "-" " " "+" "=" ] [ "-" "\\x2d" "\\x20" "\\x2b" "\\x3d" ]; unitName = keyToUnitName publicKey; diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index a67b10608aa..1d266b5a37d 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -38,7 +38,7 @@ let grubConfig = args: let efiSysMountPoint = if args.efiSysMountPoint == null then args.path else args.efiSysMountPoint; - efiSysMountPoint' = replaceChars [ "/" ] [ "-" ] efiSysMountPoint; + efiSysMountPoint' = replaceStrings [ "/" ] [ "-" ] efiSysMountPoint; in pkgs.writeText "grub-config.xml" (builtins.toXML { splashImage = f cfg.splashImage; diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 4c211b74761..4d47a56ccca 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -1377,12 +1377,12 @@ in # networkmanager falls back to "/proc/sys/net/ipv6/conf/default/use_tempaddr" "net.ipv6.conf.default.use_tempaddr" = tempaddrValues.${cfg.tempAddresses}.sysctl; } // listToAttrs (forEach interfaces - (i: nameValuePair "net.ipv4.conf.${replaceChars ["."] ["/"] i.name}.proxy_arp" i.proxyARP)) + (i: nameValuePair "net.ipv4.conf.${replaceStrings ["."] ["/"] i.name}.proxy_arp" i.proxyARP)) // listToAttrs (forEach interfaces (i: let opt = i.tempAddress; val = tempaddrValues.${opt}.sysctl; - in nameValuePair "net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr" val)); + in nameValuePair "net.ipv6.conf.${replaceStrings ["."] ["/"] i.name}.use_tempaddr" val)); security.wrappers = { ping = { @@ -1495,7 +1495,7 @@ in in '' # override to ${msg} for ${i.name} - ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${replaceChars ["."] ["/"] i.name}.use_tempaddr=${val}" + ACTION=="add", SUBSYSTEM=="net", RUN+="${pkgs.procps}/bin/sysctl net.ipv6.conf.${replaceStrings ["."] ["/"] i.name}.use_tempaddr=${val}" '') (filter (i: i.tempAddress != cfg.tempAddresses) interfaces); }) ] ++ lib.optional (cfg.wlanInterfaces != {}) diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 9b3c8a76299..398ad8de19c 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -57,7 +57,7 @@ let hardware.enableAllFirmware = lib.mkForce false; - ${replaceChars ["\n"] ["\n "] extraConfig} + ${replaceStrings ["\n"] ["\n "] extraConfig} } ''; diff --git a/nixos/tests/prometheus-exporters.nix b/nixos/tests/prometheus-exporters.nix index 8b40d7e41c0..fa8c59170bf 100644 --- a/nixos/tests/prometheus-exporters.nix +++ b/nixos/tests/prometheus-exporters.nix @@ -6,7 +6,7 @@ let inherit (import ../lib/testing-python.nix { inherit system pkgs; }) makeTest; inherit (pkgs.lib) concatStringsSep maintainers mapAttrs mkMerge - removeSuffix replaceChars singleton splitString; + removeSuffix replaceStrings singleton splitString; /* * The attrset `exporterTests` contains one attribute @@ -182,7 +182,7 @@ let enable = true; extraFlags = [ "--web.collectd-push-path /collectd" ]; }; - exporterTest = let postData = replaceChars [ "\n" ] [ "" ] '' + exporterTest = let postData = replaceStrings [ "\n" ] [ "" ] '' [{ "values":[23], "dstypes":["gauge"], |