diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/default.nix | 2 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1803.xml | 22 | ||||
-rw-r--r-- | nixos/lib/testing.nix | 2 | ||||
-rw-r--r-- | nixos/modules/misc/ids.nix | 2 | ||||
-rw-r--r-- | nixos/modules/misc/nixpkgs.nix | 6 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/profiles/clone-config.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/home-assistant.nix | 90 | ||||
-rw-r--r-- | nixos/modules/services/networking/kresd.nix | 6 | ||||
-rw-r--r-- | nixos/modules/services/x11/window-managers/2bwm.nix | 4 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces-scripted.nix | 4 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces-systemd.nix | 24 | ||||
-rw-r--r-- | nixos/modules/tasks/network-interfaces.nix | 10 | ||||
-rw-r--r-- | nixos/release.nix | 1 | ||||
-rw-r--r-- | nixos/tests/home-assistant.nix | 41 | ||||
-rw-r--r-- | nixos/tests/make-test.nix | 2 | ||||
-rw-r--r-- | nixos/tests/networking.nix | 43 |
17 files changed, 229 insertions, 33 deletions
diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index 9bc83be6610..8079a2feb29 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -12,7 +12,7 @@ let substFunction = x: if builtins.isAttrs x then lib.mapAttrs (name: substFunction) x else if builtins.isList x then map substFunction x - else if builtins.isFunction x then "<function>" + else if lib.isFunction x then "<function>" else x; # Clean up declaration sites to not refer to the NixOS source tree. diff --git a/nixos/doc/manual/release-notes/rl-1803.xml b/nixos/doc/manual/release-notes/rl-1803.xml index a67d6939790..46cbeb0a158 100644 --- a/nixos/doc/manual/release-notes/rl-1803.xml +++ b/nixos/doc/manual/release-notes/rl-1803.xml @@ -90,6 +90,28 @@ following incompatible changes:</para> </listitem> <listitem> <para> + Package attributes starting with a digit have been prefixed with an + underscore sign. This is to avoid quoting in the configuration and + other issues with command-line tools like <literal>nix-env</literal>. + The change affects the following packages: + <itemizedlist> + <listitem> + <para><literal>2048-in-terminal</literal> → <literal>_2048-in-terminal</literal></para> + </listitem> + <listitem> + <para><literal>90secondportraits</literal> → <literal>_90secondportraits</literal></para> + </listitem> + <listitem> + <para><literal>2bwm</literal> → <literal>_2bwm</literal></para> + </listitem> + <listitem> + <para><literal>389-ds-base</literal> → <literal>_389-ds-base</literal></para> + </listitem> + </itemizedlist> + </para> + </listitem> + <listitem> + <para> <emphasis role="strong"> The OpenSSH service no longer enables support for DSA keys by default, which could cause a system lock out. Update your keys or, unfavorably, diff --git a/nixos/lib/testing.nix b/nixos/lib/testing.nix index 532fff681d3..cf213d906f5 100644 --- a/nixos/lib/testing.nix +++ b/nixos/lib/testing.nix @@ -85,7 +85,7 @@ rec { testScript' = # Call the test script with the computed nodes. - if builtins.isFunction testScript + if lib.isFunction testScript then testScript { inherit nodes; } else testScript; diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 415be580e97..28ed10a5ece 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -302,6 +302,7 @@ kodi = 283; restya-board = 284; mighttpd2 = 285; + hass = 286; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -572,6 +573,7 @@ kodi = 283; restya-board = 284; mighttpd2 = 285; + hass = 286; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index 6eb42494124..c3e7ab9a666 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -4,10 +4,10 @@ with lib; let isConfig = x: - builtins.isAttrs x || builtins.isFunction x; + builtins.isAttrs x || lib.isFunction x; optCall = f: x: - if builtins.isFunction f + if lib.isFunction f then f x else f; @@ -38,7 +38,7 @@ let overlayType = mkOptionType { name = "nixpkgs-overlay"; description = "nixpkgs overlay"; - check = builtins.isFunction; + check = lib.isFunction; merge = lib.mergeOneOption; }; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 1942cca23d6..2ec8b28c3fc 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -315,6 +315,7 @@ ./services/misc/gogs.nix ./services/misc/gollum.nix ./services/misc/gpsd.nix + ./services/misc/home-assistant.nix ./services/misc/ihaskell.nix ./services/misc/irkerd.nix ./services/misc/jackett.nix diff --git a/nixos/modules/profiles/clone-config.nix b/nixos/modules/profiles/clone-config.nix index 77d86f8d740..5b4e68beb6a 100644 --- a/nixos/modules/profiles/clone-config.nix +++ b/nixos/modules/profiles/clone-config.nix @@ -17,7 +17,7 @@ let # you should use files). moduleFiles = # FIXME: use typeOf (Nix 1.6.1). - filter (x: !isAttrs x && !builtins.isFunction x) modules; + filter (x: !isAttrs x && !lib.isFunction x) modules; # Partition module files because between NixOS and non-NixOS files. NixOS # files may change if the repository is updated. diff --git a/nixos/modules/services/misc/home-assistant.nix b/nixos/modules/services/misc/home-assistant.nix new file mode 100644 index 00000000000..bc463d3e670 --- /dev/null +++ b/nixos/modules/services/misc/home-assistant.nix @@ -0,0 +1,90 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.home-assistant; + + configFile = pkgs.writeText "configuration.yaml" (builtins.toJSON cfg.config); +in { + meta.maintainers = with maintainers; [ dotlambda ]; + + options.services.home-assistant = { + enable = mkEnableOption "Home Assistant"; + + configDir = mkOption { + default = "/var/lib/hass"; + type = types.path; + description = "The config directory, where your <filename>configuration.yaml</filename> is located."; + }; + + config = mkOption { + default = null; + type = with types; nullOr attrs; + example = literalExample '' + { + homeassistant = { + name = "Home"; + time_zone = "UTC"; + }; + frontend = { }; + http = { }; + } + ''; + description = '' + Your <filename>configuration.yaml</filename> as a Nix attribute set. + Beware that setting this option will delete your previous <filename>configuration.yaml</filename>. + ''; + }; + + package = mkOption { + default = pkgs.home-assistant; + defaultText = "pkgs.home-assistant"; + type = types.package; + example = literalExample '' + pkgs.home-assistant.override { + extraPackages = ps: with ps; [ colorlog ]; + } + ''; + description = '' + Home Assistant package to use. + Most Home Assistant components require additional dependencies, + which are best specified by overriding <literal>pkgs.home-assistant</literal>. + You can find the dependencies by searching for failed imports in your log or by looking at this list: + <link xlink:href="https://github.com/home-assistant/home-assistant/blob/master/requirements_all.txt"/> + ''; + }; + }; + + config = mkIf cfg.enable { + systemd.services.home-assistant = { + description = "Home Assistant"; + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + preStart = lib.optionalString (cfg.config != null) '' + rm -f ${cfg.configDir}/configuration.yaml + ln -s ${configFile} ${cfg.configDir}/configuration.yaml + ''; + serviceConfig = { + ExecStart = '' + ${cfg.package}/bin/hass --config "${cfg.configDir}" + ''; + User = "hass"; + Group = "hass"; + Restart = "on-failure"; + ProtectSystem = "strict"; + ReadWritePaths = "${cfg.configDir}"; + PrivateTmp = true; + }; + }; + + users.extraUsers.hass = { + home = cfg.configDir; + createHome = true; + group = "hass"; + uid = config.ids.uids.hass; + }; + + users.extraGroups.hass.gid = config.ids.gids.hass; + }; +} diff --git a/nixos/modules/services/networking/kresd.nix b/nixos/modules/services/networking/kresd.nix index 011a9b2f58e..d0c19c4ecb7 100644 --- a/nixos/modules/services/networking/kresd.nix +++ b/nixos/modules/services/networking/kresd.nix @@ -43,7 +43,7 @@ in type = with types; listOf str; default = [ "::1" "127.0.0.1" ]; description = '' - What addresses the server should listen on. + What addresses the server should listen on. (UDP+TCP 53) ''; }; # TODO: perhaps options for more common stuff like cache size or forwarding @@ -99,9 +99,9 @@ in Restart = "on-failure"; }; + # Trust anchor goes from dns-root-data by default. script = '' - exec '${package}/bin/kresd' --config '${configFile}' \ - -k '${pkgs.dns-root-data}/root.key' + exec '${package}/bin/kresd' --config '${configFile}' --forks=1 ''; requires = [ "kresd.socket" ]; diff --git a/nixos/modules/services/x11/window-managers/2bwm.nix b/nixos/modules/services/x11/window-managers/2bwm.nix index e3f5ec7dbe6..fdbdf35b0f5 100644 --- a/nixos/modules/services/x11/window-managers/2bwm.nix +++ b/nixos/modules/services/x11/window-managers/2bwm.nix @@ -25,12 +25,12 @@ in { name = "2bwm"; start = '' - ${pkgs."2bwm"}/bin/2bwm & + ${pkgs._2bwm}/bin/2bwm & waitPID=$! ''; }; - environment.systemPackages = [ pkgs."2bwm" ]; + environment.systemPackages = [ pkgs._2bwm ]; }; diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index 1f424f84c6e..63d07832d10 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -230,9 +230,7 @@ let RemainAfterExit = true; }; script = '' - ip tuntap add dev "${i.name}" \ - ${optionalString (i.virtualType != null) "mode ${i.virtualType}"} \ - user "${i.virtualOwner}" + ip tuntap add dev "${i.name}" mode "${i.virtualType}" user "${i.virtualOwner}" ''; postStop = '' ip link del ${i.name} || true diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix index a365a01bfb1..5d72ad0f1bd 100644 --- a/nixos/modules/tasks/network-interfaces-systemd.nix +++ b/nixos/modules/tasks/network-interfaces-systemd.nix @@ -74,21 +74,17 @@ in networks."99-main" = genericNetwork mkDefault; } (mkMerge (flip map interfaces (i: { - netdevs = mkIf i.virtual ( - let - devType = if i.virtualType != null then i.virtualType - else (if hasPrefix "tun" i.name then "tun" else "tap"); - in { - "40-${i.name}" = { - netdevConfig = { - Name = i.name; - Kind = devType; - }; - "${devType}Config" = optionalAttrs (i.virtualOwner != null) { - User = i.virtualOwner; - }; + netdevs = mkIf i.virtual ({ + "40-${i.name}" = { + netdevConfig = { + Name = i.name; + Kind = i.virtualType; }; - }); + "${i.virtualType}Config" = optionalAttrs (i.virtualOwner != null) { + User = i.virtualOwner; + }; + }; + }); networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) { name = mkDefault i.name; DHCP = mkForce (dhcpStr diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index b7e85e402aa..f4851988d63 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -273,11 +273,13 @@ let }; virtualType = mkOption { - default = null; - type = with types; nullOr (enum [ "tun" "tap" ]); + default = if hasPrefix "tun" name then "tun" else "tap"; + defaultText = literalExample ''if hasPrefix "tun" name then "tun" else "tap"''; + type = with types; enum [ "tun" "tap" ]; description = '' - The explicit type of interface to create. Accepts tun or tap strings. - Also accepts null to implicitly detect the type of device. + The type of interface to create. + The default is TUN for an interface name starting + with "tun", otherwise TAP. ''; }; diff --git a/nixos/release.nix b/nixos/release.nix index 972c89c1a41..a396eaac9a3 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -267,6 +267,7 @@ in rec { tests.graphite = callTest tests/graphite.nix {}; tests.hardened = callTest tests/hardened.nix { }; tests.hibernate = callTest tests/hibernate.nix {}; + tests.home-assistant = callTest tests/home-assistant.nix { }; tests.hound = callTest tests/hound.nix {}; tests.i3wm = callTest tests/i3wm.nix {}; tests.initrd-network-ssh = callTest tests/initrd-network-ssh {}; diff --git a/nixos/tests/home-assistant.nix b/nixos/tests/home-assistant.nix new file mode 100644 index 00000000000..0e2fee8e808 --- /dev/null +++ b/nixos/tests/home-assistant.nix @@ -0,0 +1,41 @@ +import ./make-test.nix ({ pkgs, ... }: + +let + configDir = "/var/lib/foobar"; + +in { + name = "home-assistant"; + + nodes = { + hass = + { config, pkgs, ... }: + { + services.home-assistant = { + inherit configDir; + enable = true; + config = { + homeassistant = { + name = "Home"; + time_zone = "UTC"; + }; + frontend = { }; + http = { }; + }; + }; + }; + }; + + testScript = '' + startAll; + $hass->waitForUnit("home-assistant.service"); + + # Since config is specified using a Nix attribute set, + # configuration.yaml is a link to the Nix store + $hass->succeed("test -L ${configDir}/configuration.yaml"); + + # Check that Home Assistant's web interface and API can be reached + $hass->waitForOpenPort(8123); + $hass->succeed("curl --fail http://localhost:8123/states"); + $hass->succeed("curl --fail http://localhost:8123/api/ | grep 'API running'"); + ''; +}) diff --git a/nixos/tests/make-test.nix b/nixos/tests/make-test.nix index f3e26aa7e74..ee4ba310ad5 100644 --- a/nixos/tests/make-test.nix +++ b/nixos/tests/make-test.nix @@ -2,4 +2,4 @@ f: { system ? builtins.currentSystem, ... } @ args: with import ../lib/testing.nix { inherit system; }; -makeTest (if builtins.isFunction f then f (args // { inherit pkgs; inherit (pkgs) lib; }) else f) +makeTest (if pkgs.lib.isFunction f then f (args // { inherit pkgs; inherit (pkgs) lib; }) else f) diff --git a/nixos/tests/networking.nix b/nixos/tests/networking.nix index 7708775f73f..182328b3296 100644 --- a/nixos/tests/networking.nix +++ b/nixos/tests/networking.nix @@ -433,6 +433,49 @@ let $client2->succeed("ip addr show dev vlan >&2"); ''; }; + virtual = { + name = "Virtual"; + machine = { + networking.interfaces."tap0" = { + ip4 = [ { address = "192.168.1.1"; prefixLength = 24; } ]; + ip6 = [ { address = "2001:1470:fffd:2096::"; prefixLength = 64; } ]; + virtual = true; + }; + networking.interfaces."tun0" = { + ip4 = [ { address = "192.168.1.2"; prefixLength = 24; } ]; + ip6 = [ { address = "2001:1470:fffd:2097::"; prefixLength = 64; } ]; + virtual = true; + }; + }; + + testScript = '' + my $targetList = <<'END'; + tap0: tap UNKNOWN_FLAGS:800 user 0 + tun0: tun UNKNOWN_FLAGS:800 user 0 + END + + # Wait for networking to come up + $machine->start; + $machine->waitForUnit("network.target"); + + # Test interfaces set up + my $list = $machine->succeed("ip tuntap list | sort"); + "$list" eq "$targetList" or die( + "The list of virtual interfaces does not match the expected one:\n", + "Result:\n", "$list\n", + "Expected:\n", "$targetList\n" + ); + + # Test interfaces clean up + $machine->succeed("systemctl stop network-addresses-tap0"); + $machine->succeed("systemctl stop network-addresses-tun0"); + my $residue = $machine->succeed("ip tuntap list"); + $residue eq "" or die( + "Some virtual interface has not been properly cleaned:\n", + "$residue\n" + ); + ''; + }; }; in mapAttrs (const (attrs: makeTest (attrs // { |