diff options
Diffstat (limited to 'nixos')
57 files changed, 69 insertions, 466 deletions
diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index fef6b2f86c8..be28c2c17af 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -209,13 +209,13 @@ let --stringparam collect.xref.targets only \ --stringparam targets.filename "$out/manual.db" \ --nonet \ - ${docbook5_xsl}/xml/xsl/docbook/xhtml/chunktoc.xsl \ + ${docbook_xsl_ns}/xml/xsl/docbook/xhtml/chunktoc.xsl \ ${manual-combined}/manual-combined.xml cat > "$out/olinkdb.xml" <<EOF <?xml version="1.0" encoding="utf-8"?> <!DOCTYPE targetset SYSTEM - "file://${docbook5_xsl}/xml/xsl/docbook/common/targetdatabase.dtd" [ + "file://${docbook_xsl_ns}/xml/xsl/docbook/common/targetdatabase.dtd" [ <!ENTITY manualtargets SYSTEM "file://$out/manual.db"> ]> <targetset> @@ -264,11 +264,11 @@ in rec { ${manualXsltprocOptions} \ --stringparam target.database.document "${olinkDB}/olinkdb.xml" \ --nonet --output $dst/ \ - ${docbook5_xsl}/xml/xsl/docbook/xhtml/chunktoc.xsl \ + ${docbook_xsl_ns}/xml/xsl/docbook/xhtml/chunktoc.xsl \ ${manual-combined}/manual-combined.xml mkdir -p $dst/images/callouts - cp ${docbook5_xsl}/xml/xsl/docbook/images/callouts/*.svg $dst/images/callouts/ + cp ${docbook_xsl_ns}/xml/xsl/docbook/images/callouts/*.svg $dst/images/callouts/ cp ${../../../doc/style.css} $dst/style.css cp ${../../../doc/overrides.css} $dst/overrides.css @@ -292,11 +292,11 @@ in rec { ${manualXsltprocOptions} \ --stringparam target.database.document "${olinkDB}/olinkdb.xml" \ --nonet --xinclude --output $dst/epub/ \ - ${docbook5_xsl}/xml/xsl/docbook/epub/docbook.xsl \ + ${docbook_xsl_ns}/xml/xsl/docbook/epub/docbook.xsl \ ${manual-combined}/manual-combined.xml mkdir -p $dst/epub/OEBPS/images/callouts - cp -r ${docbook5_xsl}/xml/xsl/docbook/images/callouts/*.svg $dst/epub/OEBPS/images/callouts # */ + cp -r ${docbook_xsl_ns}/xml/xsl/docbook/images/callouts/*.svg $dst/epub/OEBPS/images/callouts # */ echo "application/epub+zip" > mimetype manual="$dst/nixos-manual.epub" zip -0Xq "$manual" mimetype @@ -324,7 +324,7 @@ in rec { --param man.endnotes.are.numbered 0 \ --param man.break.after.slash 1 \ --stringparam target.database.document "${olinkDB}/olinkdb.xml" \ - ${docbook5_xsl}/xml/xsl/docbook/manpages/docbook.xsl \ + ${docbook_xsl_ns}/xml/xsl/docbook/manpages/docbook.xsl \ ${manual-combined}/man-pages-combined.xml ''; diff --git a/nixos/modules/config/fonts/fontconfig-ultimate.nix b/nixos/modules/config/fonts/fontconfig-ultimate.nix index c7654ca78c3..7549dc6c065 100644 --- a/nixos/modules/config/fonts/fontconfig-ultimate.nix +++ b/nixos/modules/config/fonts/fontconfig-ultimate.nix @@ -2,9 +2,7 @@ with lib; -let fcBool = x: if x then "<bool>true</bool>" else "<bool>false</bool>"; - - cfg = config.fonts.fontconfig.ultimate; +let cfg = config.fonts.fontconfig.ultimate; latestVersion = pkgs.fontconfig.configVersion; diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 42b00b2025d..05029628672 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -6,8 +6,6 @@ with lib; let - cfg = config.installer; - makeProg = args: pkgs.substituteAll (args // { dir = "bin"; isExecutable = true; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index cd00bc8d6bc..e5dce84d6ee 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -682,7 +682,6 @@ ./services/web-servers/lighttpd/collectd.nix ./services/web-servers/lighttpd/default.nix ./services/web-servers/lighttpd/gitweb.nix - ./services/web-servers/lighttpd/inginious.nix ./services/web-servers/meguca.nix ./services/web-servers/mighttpd2.nix ./services/web-servers/minio.nix diff --git a/nixos/modules/profiles/clone-config.nix b/nixos/modules/profiles/clone-config.nix index 5b4e68beb6a..99d4774584f 100644 --- a/nixos/modules/profiles/clone-config.nix +++ b/nixos/modules/profiles/clone-config.nix @@ -31,7 +31,6 @@ let let relocateNixOS = path: "<nixpkgs/nixos" + removePrefix nixosPath (toString path) + ">"; - relocateOthers = null; in { nixos = map relocateNixOS partitionedModuleFiles.nixos; others = []; # TODO: copy the modules to the install-device repository. diff --git a/nixos/modules/programs/nylas-mail.nix b/nixos/modules/programs/nylas-mail.nix index 9a6cf755f2a..08a6cd0a604 100644 --- a/nixos/modules/programs/nylas-mail.nix +++ b/nixos/modules/programs/nylas-mail.nix @@ -4,7 +4,6 @@ with lib; let cfg = config.services.nylas-mail; - defaultUser = "nylas-mail"; in { ###### interface options = { diff --git a/nixos/modules/programs/shell.nix b/nixos/modules/programs/shell.nix index 56fe347528b..26ef1875992 100644 --- a/nixos/modules/programs/shell.nix +++ b/nixos/modules/programs/shell.nix @@ -4,12 +4,6 @@ with lib; -let - - cfg = config.environment; - -in - { config = { diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index 36289080a82..b4184041d18 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -7,7 +7,6 @@ with lib; let cfg = config.programs.ssh; - cfgd = config.services.openssh; askPassword = cfg.askPassword; diff --git a/nixos/modules/programs/xonsh.nix b/nixos/modules/programs/xonsh.nix index 49cc4906e03..f967ca82ac8 100644 --- a/nixos/modules/programs/xonsh.nix +++ b/nixos/modules/programs/xonsh.nix @@ -6,8 +6,6 @@ with lib; let - cfge = config.environment; - cfg = config.programs.xonsh; in diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index 9e5d636241e..946da92d80e 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -209,7 +209,6 @@ in servicesLists = mapAttrsToList certToServices cfg.certs; certToServices = cert: data: let - domain = if data.domain != null then data.domain else cert; cpath = lpath + optionalString (data.activationDelay != null) ".staging"; lpath = "${cfg.directory}/${cert}"; rights = if data.allowKeysForGroup then "750" else "700"; diff --git a/nixos/modules/services/backup/bacula.nix b/nixos/modules/services/backup/bacula.nix index e2806a69539..be02ba56795 100644 --- a/nixos/modules/services/backup/bacula.nix +++ b/nixos/modules/services/backup/bacula.nix @@ -97,17 +97,6 @@ let ${dir_cfg.extraConfig} ''; - # TODO: by default use this config - bconsole_conf = pkgs.writeText "bconsole.conf" - '' - Director { - Name = ${dir_cfg.name}; - Address = "localhost"; - DirPort = ${toString dir_cfg.port}; - Password = "${dir_cfg.password}"; - } - ''; - directorOptions = {name, config, ...}: { options = { diff --git a/nixos/modules/services/backup/crashplan-small-business.nix b/nixos/modules/services/backup/crashplan-small-business.nix index 9497d8c18bb..790dafefe66 100644 --- a/nixos/modules/services/backup/crashplan-small-business.nix +++ b/nixos/modules/services/backup/crashplan-small-business.nix @@ -3,7 +3,6 @@ let cfg = config.services.crashplansb; crashplansb = pkgs.crashplansb.override { maxRam = cfg.maxRam; }; - varDir = "/var/lib/crashplan"; in with lib; diff --git a/nixos/modules/services/backup/crashplan.nix b/nixos/modules/services/backup/crashplan.nix index d0af2e416b6..c540cc6e2ae 100644 --- a/nixos/modules/services/backup/crashplan.nix +++ b/nixos/modules/services/backup/crashplan.nix @@ -3,7 +3,6 @@ let cfg = config.services.crashplan; crashplan = pkgs.crashplan; - varDir = "/var/lib/crashplan"; in with lib; diff --git a/nixos/modules/services/backup/restic.nix b/nixos/modules/services/backup/restic.nix index 2d14762e868..409c05221d0 100644 --- a/nixos/modules/services/backup/restic.nix +++ b/nixos/modules/services/backup/restic.nix @@ -127,7 +127,6 @@ with lib; mapAttrs' (name: backup: let extraOptions = concatMapStrings (arg: " -o ${arg}") backup.extraOptions; - connectTo = elemAt (splitString ":" backup.repository) 1; resticCmd = "${pkgs.restic}/bin/restic${extraOptions}"; in nameValuePair "restic-backups-${name}" ({ environment = { diff --git a/nixos/modules/services/backup/znapzend.nix b/nixos/modules/services/backup/znapzend.nix index 3d133f82d20..fc8a424190f 100644 --- a/nixos/modules/services/backup/znapzend.nix +++ b/nixos/modules/services/backup/znapzend.nix @@ -5,13 +5,6 @@ with types; let - # Converts a plan like - # { "1d" = "1h"; "1w" = "1d"; } - # into - # "1d=>1h,1w=>1d" - attrToPlan = attrs: concatStringsSep "," (builtins.attrValues ( - mapAttrs (n: v: "${n}=>${v}") attrs)); - planDescription = '' The znapzend backup plan to use for the source. </para> diff --git a/nixos/modules/services/cluster/hadoop/default.nix b/nixos/modules/services/cluster/hadoop/default.nix index 240938f0d62..f0f5a6ecbfc 100644 --- a/nixos/modules/services/cluster/hadoop/default.nix +++ b/nixos/modules/services/cluster/hadoop/default.nix @@ -1,8 +1,5 @@ { config, lib, pkgs, ...}: -let - cfg = config.services.hadoop; - hadoopConf = import ./conf.nix { hadoop = cfg; pkgs = pkgs; }; -in + with lib; { imports = [ ./yarn.nix ./hdfs.nix ]; diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index e5aba210b01..f56a529afdf 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -36,9 +36,6 @@ let })} ''; - skipAttrs = attrs: map (filterAttrs (k: v: k != "enable")) - (filter (v: !(hasAttr "enable" v) || v.enable) attrs); - infraContainer = pkgs.dockerTools.buildImage { name = "pause"; tag = "latest"; diff --git a/nixos/modules/services/hardware/thinkfan.nix b/nixos/modules/services/hardware/thinkfan.nix index 5a898631e09..d17121ca1c5 100644 --- a/nixos/modules/services/hardware/thinkfan.nix +++ b/nixos/modules/services/hardware/thinkfan.nix @@ -28,11 +28,14 @@ let # temperatures are read from the file. # # For example: - # sensor /proc/acpi/ibm/thermal (0, 0, 10) + # tp_thermal /proc/acpi/ibm/thermal (0, 0, 10) # will add a fixed value of 10 °C the 3rd value read from that file. Check out # http://www.thinkwiki.org/wiki/Thermal_Sensors to find out how much you may # want to add to certain temperatures. - + + ${cfg.fan} + ${cfg.sensors} + # Syntax: # (LEVEL, LOW, HIGH) # LEVEL is the fan level to use (0-7 with thinkpad_acpi) @@ -41,8 +44,6 @@ let # All numbers are integers. # - sensor ${cfg.sensor} (0, 10, 15, 2, 10, 5, 0, 3, 0, 3) - ${cfg.levels} ''; @@ -53,20 +54,52 @@ in { services.thinkfan = { enable = mkOption { + type = types.bool; default = false; description = '' Whether to enable thinkfan, fan controller for IBM/Lenovo ThinkPads. ''; }; - sensor = mkOption { - default = "/proc/acpi/ibm/thermal"; + sensors = mkOption { + type = types.lines; + default = '' + tp_thermal /proc/acpi/ibm/thermal (0,0,10) + ''; + description ='' + thinkfan can read temperatures from three possible sources: + + /proc/acpi/ibm/thermal + Which is provided by the thinkpad_acpi kernel + module (keyword tp_thermal) + + /sys/class/hwmon/*/temp*_input + Which may be provided by any hwmon drivers (keyword + hwmon) + + S.M.A.R.T. (since 0.9 and requires the USE_ATASMART compilation flag) + Which reads the temperature directly from the hard + disk using libatasmart (keyword atasmart) + + Multiple sensors may be added, in which case they will be + numbered in their order of appearance. + ''; + }; + + fan = mkOption { + type = types.str; + default = "tp_fan /proc/acpi/ibm/fan"; description ='' - Sensor used by thinkfan + Specifies the fan we want to use. + On anything other than a Thinkpad you'll probably + use some PWM control file in /sys/class/hwmon. + A sysfs fan would be specified like this: + pwm_fan /sys/class/hwmon/hwmon2/device/pwm1 ''; }; levels = mkOption { + type = types.lines; default = '' (0, 0, 55) (1, 48, 60) @@ -76,8 +109,12 @@ in { (7, 60, 85) (127, 80, 32767) ''; - description ='' - Sensor used by thinkfan + description = '' + (LEVEL, LOW, HIGH) + LEVEL is the fan level to use (0-7 with thinkpad_acpi). + LOW is the temperature at which to step down to the previous level. + HIGH is the temperature at which to step up to the next level. + All numbers are integers. ''; }; diff --git a/nixos/modules/services/hardware/usbmuxd.nix b/nixos/modules/services/hardware/usbmuxd.nix index 6a3f7cfd210..93ced0b9f04 100644 --- a/nixos/modules/services/hardware/usbmuxd.nix +++ b/nixos/modules/services/hardware/usbmuxd.nix @@ -65,7 +65,7 @@ in serviceConfig = { # Trigger the udev rule manually. This doesn't require replugging the # device when first enabling the option to get it to work - ExecStartPre = "${pkgs.libudev}/bin/udevadm trigger -s usb -a idVendor=${apple}"; + ExecStartPre = "${pkgs.udev}/bin/udevadm trigger -s usb -a idVendor=${apple}"; ExecStart = "${pkgs.usbmuxd}/bin/usbmuxd -U ${cfg.user} -f"; }; }; diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix index a3eb1653df5..04df97fdbbe 100644 --- a/nixos/modules/services/mail/dovecot.nix +++ b/nixos/modules/services/mail/dovecot.nix @@ -9,8 +9,6 @@ let baseDir = "/run/dovecot2"; stateDir = "/var/lib/dovecot"; - canCreateMailUserGroup = cfg.mailUser != null && cfg.mailGroup != null; - dovecotConf = concatStrings [ '' base_dir = ${baseDir} diff --git a/nixos/modules/services/misc/disnix.nix b/nixos/modules/services/misc/disnix.nix index b28995a0911..bb3ac1ecf07 100644 --- a/nixos/modules/services/misc/disnix.nix +++ b/nixos/modules/services/misc/disnix.nix @@ -7,16 +7,6 @@ let cfg = config.services.disnix; - dysnomia = pkgs.dysnomia.override (origArgs: { - enableApacheWebApplication = config.services.httpd.enable; - enableAxis2WebService = config.services.tomcat.axis2.enable; - enableEjabberdDump = config.services.ejabberd.enable; - enableMySQLDatabase = config.services.mysql.enable; - enablePostgreSQLDatabase = config.services.postgresql.enable; - enableSubversionRepository = config.services.svnserve.enable; - enableTomcatWebApplication = config.services.tomcat.enable; - enableMongoDatabase = config.services.mongodb.enable; - }); in { diff --git a/nixos/modules/services/misc/docker-registry.nix b/nixos/modules/services/misc/docker-registry.nix index 9a3966ab30a..08031d33c13 100644 --- a/nixos/modules/services/misc/docker-registry.nix +++ b/nixos/modules/services/misc/docker-registry.nix @@ -5,43 +5,6 @@ with lib; let cfg = config.services.dockerRegistry; - blobCache = if cfg.enableRedisCache - then "redis" - else "inmemory"; - - registryConfig = { - version = "0.1"; - log.fields.service = "registry"; - storage = { - cache.blobdescriptor = blobCache; - filesystem.rootdirectory = cfg.storagePath; - delete.enabled = cfg.enableDelete; - }; - http = { - addr = ":${builtins.toString cfg.port}"; - headers.X-Content-Type-Options = ["nosniff"]; - }; - health.storagedriver = { - enabled = true; - interval = "10s"; - threshold = 3; - }; - }; - - registryConfig.redis = mkIf cfg.enableRedisCache { - addr = "${cfg.redisUrl}"; - password = "${cfg.redisPassword}"; - db = 0; - dialtimeout = "10ms"; - readtimeout = "10ms"; - writetimeout = "10ms"; - pool = { - maxidle = 16; - maxactive = 64; - idletimeout = "300s"; - }; - }; - configFile = pkgs.writeText "docker-registry-config.yml" (builtins.toJSON (recursiveUpdate registryConfig cfg.extraConfig)); in { diff --git a/nixos/modules/services/misc/dysnomia.nix b/nixos/modules/services/misc/dysnomia.nix index 9e66e0811ab..ba74b18b697 100644 --- a/nixos/modules/services/misc/dysnomia.nix +++ b/nixos/modules/services/misc/dysnomia.nix @@ -62,9 +62,6 @@ let cd $out ${concatMapStrings (containerName: - let - components = cfg.components."${containerName}"; - in linkMutableComponents { inherit containerName; } ) (builtins.attrNames cfg.components)} ''; diff --git a/nixos/modules/services/misc/emby.nix b/nixos/modules/services/misc/emby.nix index b1968784af0..92a68b60251 100644 --- a/nixos/modules/services/misc/emby.nix +++ b/nixos/modules/services/misc/emby.nix @@ -4,7 +4,6 @@ with lib; let cfg = config.services.emby; - emby = pkgs.emby; in { options = { diff --git a/nixos/modules/services/misc/exhibitor.nix b/nixos/modules/services/misc/exhibitor.nix index 685e652c0ba..a90c7f402e7 100644 --- a/nixos/modules/services/misc/exhibitor.nix +++ b/nixos/modules/services/misc/exhibitor.nix @@ -4,7 +4,6 @@ with lib; let cfg = config.services.exhibitor; - exhibitor = cfg.package; exhibitorConfig = '' zookeeper-install-directory=${cfg.baseDir}/zookeeper zookeeper-data-directory=${cfg.zkDataDir} diff --git a/nixos/modules/services/misc/home-assistant.nix b/nixos/modules/services/misc/home-assistant.nix index fdcfe6bc2b8..0756e81612a 100644 --- a/nixos/modules/services/misc/home-assistant.nix +++ b/nixos/modules/services/misc/home-assistant.nix @@ -37,7 +37,7 @@ let # List of components used in config extraComponents = filter useComponent availableComponents; - package = if cfg.autoExtraComponents + package = if (cfg.autoExtraComponents && cfg.config != null) then (cfg.package.override { inherit extraComponents; }) else cfg.package; @@ -110,7 +110,9 @@ in { ''; description = '' Home Assistant package to use. - Override <literal>extraPackages</literal> in order to add additional dependencies. + Override <literal>extraPackages</literal> or <literal>extraComponents</literal> in order to add additional dependencies. + If you specify <option>config</option> and do not set <option>autoExtraComponents</option> + to <literal>false</literal>, overriding <literal>extraComponents</literal> will have no effect. ''; }; diff --git a/nixos/modules/services/misc/mediatomb.nix b/nixos/modules/services/misc/mediatomb.nix index 5c1977d28de..e8e9c0946d7 100644 --- a/nixos/modules/services/misc/mediatomb.nix +++ b/nixos/modules/services/misc/mediatomb.nix @@ -4,7 +4,6 @@ with lib; let - uid = config.ids.uids.mediatomb; gid = config.ids.gids.mediatomb; cfg = config.services.mediatomb; diff --git a/nixos/modules/services/misc/nzbget.nix b/nixos/modules/services/misc/nzbget.nix index f79a04a1d74..a472b6c7157 100644 --- a/nixos/modules/services/misc/nzbget.nix +++ b/nixos/modules/services/misc/nzbget.nix @@ -4,7 +4,7 @@ with lib; let cfg = config.services.nzbget; - nzbget = pkgs.nzbget; in { +in { options = { services.nzbget = { enable = mkEnableOption "NZBGet"; diff --git a/nixos/modules/services/misc/plex.nix b/nixos/modules/services/misc/plex.nix index 85f1d4a8556..8fe5879c276 100644 --- a/nixos/modules/services/misc/plex.nix +++ b/nixos/modules/services/misc/plex.nix @@ -4,7 +4,6 @@ with lib; let cfg = config.services.plex; - plex = pkgs.plex; in { options = { diff --git a/nixos/modules/services/misc/taskserver/default.nix b/nixos/modules/services/misc/taskserver/default.nix index ba9f52f1904..7daf12f9171 100644 --- a/nixos/modules/services/misc/taskserver/default.nix +++ b/nixos/modules/services/misc/taskserver/default.nix @@ -7,16 +7,6 @@ let taskd = "${pkgs.taskserver}/bin/taskd"; - mkVal = val: - if val == true then "true" - else if val == false then "false" - else if isList val then concatStringsSep ", " val - else toString val; - - mkConfLine = key: val: let - result = "${key} = ${mkVal val}"; - in optionalString (val != null && val != []) result; - mkManualPkiOption = desc: mkOption { type = types.nullOr types.path; default = null; diff --git a/nixos/modules/services/networking/gdomap.nix b/nixos/modules/services/networking/gdomap.nix index b3fd91d037f..3d829cb6913 100644 --- a/nixos/modules/services/networking/gdomap.nix +++ b/nixos/modules/services/networking/gdomap.nix @@ -2,9 +2,6 @@ with lib; -let - cfg = config.services.gdomap; -in { # # interface diff --git a/nixos/modules/services/networking/i2pd.nix b/nixos/modules/services/networking/i2pd.nix index 8875309143f..4f219fe56b4 100644 --- a/nixos/modules/services/networking/i2pd.nix +++ b/nixos/modules/services/networking/i2pd.nix @@ -103,7 +103,7 @@ let ${flip concatMapStrings (collect (proto: proto ? port && proto ? address && proto ? name) cfg.proto) - (proto: let portStr = toString proto.port; in '' + (proto: '' [${proto.name}] enabled = ${boolToString proto.enable} address = ${proto.address} @@ -122,7 +122,7 @@ let # DO NOT EDIT -- this file has been generated automatically. ${flip concatMapStrings (collect (tun: tun ? port && tun ? destination) cfg.outTunnels) - (tun: let portStr = toString tun.port; in '' + (tun: '' [${tun.name}] type = client destination = ${tun.destination} diff --git a/nixos/modules/services/networking/morty.nix b/nixos/modules/services/networking/morty.nix index f24562f1181..cc81e27e939 100644 --- a/nixos/modules/services/networking/morty.nix +++ b/nixos/modules/services/networking/morty.nix @@ -6,8 +6,6 @@ let cfg = config.services.morty; - configFile = cfg.configFile; - in { diff --git a/nixos/modules/services/networking/openvpn.nix b/nixos/modules/services/networking/openvpn.nix index a418839d22b..b94b4026fd9 100644 --- a/nixos/modules/services/networking/openvpn.nix +++ b/nixos/modules/services/networking/openvpn.nix @@ -131,6 +131,9 @@ in Configuration of this OpenVPN instance. See <citerefentry><refentrytitle>openvpn</refentrytitle><manvolnum>8</manvolnum></citerefentry> for details. + + To import an external config file, use the following definition: + <literal>config = "config /path/to/config.ovpn"</literal> ''; }; diff --git a/nixos/modules/services/networking/znc.nix b/nixos/modules/services/networking/znc.nix index 6f477e3b146..f817db2ad00 100644 --- a/nixos/modules/services/networking/znc.nix +++ b/nixos/modules/services/networking/znc.nix @@ -26,7 +26,6 @@ let }; # Keep znc.conf in nix store, then symlink or copy into `dataDir`, depending on `mutable`. - notNull = a: ! isNull a; mkZncConf = confOpts: '' Version = 1.6.3 ${concatMapStrings (n: "LoadModule = ${n}\n") confOpts.modules} diff --git a/nixos/modules/services/system/saslauthd.nix b/nixos/modules/services/system/saslauthd.nix index 281716cf186..c8ddca9a0db 100644 --- a/nixos/modules/services/system/saslauthd.nix +++ b/nixos/modules/services/system/saslauthd.nix @@ -4,7 +4,6 @@ with lib; let - nssModulesPath = config.system.nssModules.path; cfg = config.services.saslauthd; in diff --git a/nixos/modules/services/torrent/transmission.nix b/nixos/modules/services/torrent/transmission.nix index bf4fb76d0c0..96413d2dd56 100644 --- a/nixos/modules/services/torrent/transmission.nix +++ b/nixos/modules/services/torrent/transmission.nix @@ -13,12 +13,6 @@ let settingsDir = "${homeDir}/.config/transmission-daemon"; settingsFile = pkgs.writeText "settings.json" (builtins.toJSON fullSettings); - # Strings must be quoted, ints and bools must not (for settings.json). - toOption = x: - if isBool x then boolToString x - else if isInt x then toString x - else toString ''"${x}"''; - # for users in group "transmission" to have access to torrents fullSettings = { umask = 2; download-dir = downloadDir; incomplete-dir = incompleteDir; } // cfg.settings; diff --git a/nixos/modules/services/web-apps/frab.nix b/nixos/modules/services/web-apps/frab.nix index d411727a1a5..fb95e024817 100644 --- a/nixos/modules/services/web-apps/frab.nix +++ b/nixos/modules/services/web-apps/frab.nix @@ -6,7 +6,6 @@ let cfg = config.services.frab; package = pkgs.frab; - ruby = package.ruby; databaseConfig = builtins.toJSON { production = cfg.database; }; diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index eb8ee9b5cf4..73607c6f9a3 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -98,11 +98,6 @@ let allSubservices = mainSubservices ++ concatMap subservicesFor mainCfg.virtualHosts; - # !!! should be in lib - writeTextInDir = name: text: - pkgs.runCommand name {inherit text;} "mkdir -p $out; echo -n \"$text\" > $out/$name"; - - enableSSL = any (vhost: vhost.enableSSL) allHosts; diff --git a/nixos/modules/services/web-servers/apache-httpd/owncloud.nix b/nixos/modules/services/web-servers/apache-httpd/owncloud.nix index 82b8bf3e30d..6345a9a5693 100644 --- a/nixos/modules/services/web-servers/apache-httpd/owncloud.nix +++ b/nixos/modules/services/web-servers/apache-httpd/owncloud.nix @@ -4,17 +4,6 @@ with lib; let - httpd = serverInfo.serverConfig.package; - - version24 = !versionOlder httpd.version "2.4"; - - allGranted = if version24 then '' - Require all granted - '' else '' - Order allow,deny - Allow from all - ''; - owncloudConfig = pkgs.writeText "config.php" '' <?php diff --git a/nixos/modules/services/web-servers/apache-httpd/trac.nix b/nixos/modules/services/web-servers/apache-httpd/trac.nix index 35b9ab56087..28b411a64b6 100644 --- a/nixos/modules/services/web-servers/apache-httpd/trac.nix +++ b/nixos/modules/services/web-servers/apache-httpd/trac.nix @@ -12,8 +12,6 @@ let apacheHttpd = httpd; }; - pythonLib = p: "${p}/"; - httpd = serverInfo.serverConfig.package; versionPre24 = versionOlder httpd.version "2.4"; diff --git a/nixos/modules/services/web-servers/lighttpd/inginious.nix b/nixos/modules/services/web-servers/lighttpd/inginious.nix deleted file mode 100644 index 5ff1796e92a..00000000000 --- a/nixos/modules/services/web-servers/lighttpd/inginious.nix +++ /dev/null @@ -1,261 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; - -let - cfg = config.services.lighttpd.inginious; - inginious = pkgs.inginious; - execName = "inginious-${if cfg.useLTI then "lti" else "webapp"}"; - - inginiousConfigFile = if cfg.configFile != null then cfg.configFile else pkgs.writeText "inginious.yaml" '' - # Backend; can be: - # - "local" (run containers on the same machine) - # - "remote" (connect to distant docker daemon and auto start agents) (choose this if you use boot2docker) - # - "remote_manual" (connect to distant and manually installed agents) - backend: "${cfg.backendType}" - - ## TODO (maybe): Add an option for the "remote" backend in this NixOS module. - # List of remote docker daemon to which the backend will try - # to connect (backend: remote only) - #docker_daemons: - # - # Host of the docker daemon *from the webapp* - # remote_host: "some.remote.server" - # # Port of the distant docker daemon *from the webapp* - # remote_docker_port: "2375" - # # A mandatory port used by the backend and the agent that will be automatically started. - # # Needs to be available on the remote host, and to be open in the firewall. - # remote_agent_port: "63456" - # # Does the remote docker requires tls? Defaults to false. - # # Parameter can be set to true or path to the certificates - # #use_tls: false - # # Link to the docker daemon *from the host that runs the docker daemon*. Defaults to: - # #local_location: "unix:///var/run/docker.sock" - # # Path to the cgroups "mount" *from the host that runs the docker daemon*. Defaults to: - # #cgroups_location: "/sys/fs/cgroup" - # # Name that will be used to reference the agent - # #"agent_name": "inginious-agent" - - # List of remote agents to which the backend will try - # to connect (backend: remote_manual only) - # Example: - #agents: - # - host: "192.168.59.103" - # port: 5001 - agents: - ${lib.concatMapStrings (agent: - " - host: \"${agent.host}\"\n" + - " port: ${agent.port}\n" - ) cfg.remoteAgents} - - # Location of the task directory - tasks_directory: "${cfg.tasksDirectory}" - - # Super admins: list of user names that can do everything in the backend - superadmins: - ${lib.concatMapStrings (x: " - \"${x}\"\n") cfg.superadmins} - - # Aliases for containers - # Only containers listed here can be used by tasks - containers: - ${lib.concatStrings (lib.mapAttrsToList (name: fullname: - " ${name}: \"${fullname}\"\n" - ) cfg.containers)} - - # Use single minified javascript file (production) or multiple files (dev) ? - use_minified_js: true - - ## TODO (maybe): Add NixOS options for these parameters. - - # MongoDB options - #mongo_opt: - # host: localhost - # database: INGInious - - # Disable INGInious? - #maintenance: false - - #smtp: - # sendername: 'INGInious <no-reply@inginious.org>' - # host: 'smtp.gmail.com' - # port: 587 - # username: 'configme@gmail.com' - # password: 'secret' - # starttls: True - - ## NixOS extra config - - ${cfg.extraConfig} - ''; -in -{ - options.services.lighttpd.inginious = { - enable = mkEnableOption "INGInious, an automated code testing and grading system."; - - configFile = mkOption { - type = types.nullOr types.path; - default = null; - example = literalExample ''pkgs.writeText "configuration.yaml" "# custom config options ...";''; - description = ''The path to an INGInious configuration file.''; - }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - example = '' - # Load the dummy auth plugin. - plugins: - - plugin_module: inginious.frontend.webapp.plugins.auth.demo_auth - users: - # register the user "test" with the password "someverycomplexpassword" - test: someverycomplexpassword - ''; - description = ''Extra option in YaML format, to be appended to the config file.''; - }; - - tasksDirectory = mkOption { - type = types.path; - example = "/var/lib/INGInious/tasks"; - description = '' - Path to the tasks folder. - Defaults to the provided test tasks folder (readonly). - ''; - }; - - useLTI = mkOption { - type = types.bool; - default = false; - description = ''Whether to start the LTI frontend in place of the webapp.''; - }; - - superadmins = mkOption { - type = types.uniq (types.listOf types.str); - default = [ "admin" ]; - example = [ "john" "pepe" "emilia" ]; - description = ''List of user logins allowed to administrate the whole server.''; - }; - - containers = mkOption { - type = types.attrsOf types.str; - default = { - default = "ingi/inginious-c-default"; - }; - example = { - default = "ingi/inginious-c-default"; - sekexe = "ingi/inginious-c-sekexe"; - java = "ingi/inginious-c-java"; - oz = "ingi/inginious-c-oz"; - pythia1compat = "ingi/inginious-c-pythia1compat"; - }; - description = '' - An attrset describing the required containers - These containers will be available in INGInious using their short name (key) - and will be automatically downloaded before INGInious starts. - ''; - }; - - hostPattern = mkOption { - type = types.str; - default = "^inginious."; - example = "^inginious.mydomain.xyz$"; - description = '' - The domain that serves INGInious. - INGInious uses absolute paths which makes it difficult to relocate in its own subdir. - The default configuration will serve INGInious when the server is accessed with a hostname starting with "inginious.". - If left blank, INGInious will take the precedence over all the other lighttpd sites, which is probably not what you want. - ''; - }; - - backendType = mkOption { - type = types.enum [ "local" "remote_manual" ]; # TODO: support backend "remote" - default = "local"; - description = '' - Select how INGINious accesses to grading containers. - The default "local" option ensures that Docker is started and provisioned. - Fore more information, see http://inginious.readthedocs.io/en/latest/install_doc/config_reference.html - Not all backends are supported. Use services.inginious.configFile for full flexibility. - ''; - }; - - remoteAgents = mkOption { - type = types.listOf (types.attrsOf types.str); - default = []; - example = [ { host = "192.0.2.25"; port = "1345"; } ]; - description = ''A list of remote agents, used only when services.inginious.backendType is "remote_manual".''; - }; - }; - - config = mkIf cfg.enable ( - mkMerge [ - # For a local install, we need docker. - (mkIf (cfg.backendType == "local") { - virtualisation.docker = { - enable = true; - # We need docker to listen on port 2375. - listenOptions = ["127.0.0.1:2375" "/var/run/docker.sock"]; - storageDriver = mkDefault "overlay"; - }; - - users.users."lighttpd".extraGroups = [ "docker" ]; - - # Ensure that docker has pulled the required images. - systemd.services.inginious-prefetch = { - script = let - images = lib.unique ( - [ "centos" "ingi/inginious-agent" ] - ++ lib.mapAttrsToList (_: image: image) cfg.containers - ); - in lib.concatMapStrings (image: '' - ${pkgs.docker}/bin/docker pull ${image} - '') images; - - serviceConfig.Type = "oneshot"; - wants = [ "docker.service" ]; - after = [ "docker.service" ]; - wantedBy = [ "lighttpd.service" ]; - before = [ "lighttpd.service" ]; - }; - }) - - # Common - { - services.lighttpd.inginious.tasksDirectory = mkDefault "${inginious}/lib/python2.7/site-packages/inginious/tasks"; - # To access inginous tools (like inginious-test-task) - environment.systemPackages = [ inginious ]; - - services.mongodb.enable = true; - - services.lighttpd.enable = true; - services.lighttpd.enableModules = [ "mod_access" "mod_alias" "mod_fastcgi" "mod_redirect" "mod_rewrite" ]; - services.lighttpd.extraConfig = '' - $HTTP["host"] =~ "${cfg.hostPattern}" { - fastcgi.server = ( "/${execName}" => - (( - "socket" => "/run/lighttpd/inginious-fastcgi.socket", - "bin-path" => "${inginious}/bin/${execName} --config=${inginiousConfigFile}", - "max-procs" => 1, - "bin-environment" => ( "REAL_SCRIPT_NAME" => "" ), - "check-local" => "disable" - )) - ) - url.rewrite-once = ( - "^/.well-known/.*" => "$0", - "^/static/.*" => "$0", - "^/.*$" => "/${execName}$0", - "^/favicon.ico$" => "/static/common/favicon.ico", - ) - alias.url += ( - "/static/webapp/" => "${inginious}/lib/python2.7/site-packages/inginious/frontend/webapp/static/", - "/static/common/" => "${inginious}/lib/python2.7/site-packages/inginious/frontend/common/static/" - ) - } - ''; - - systemd.services.lighttpd.preStart = '' - mkdir -p /run/lighttpd - chown lighttpd.lighttpd /run/lighttpd - ''; - - systemd.services.lighttpd.wants = [ "mongodb.service" "docker.service" ]; - systemd.services.lighttpd.after = [ "mongodb.service" "docker.service" ]; - } - ]); -} diff --git a/nixos/modules/services/web-servers/uwsgi.nix b/nixos/modules/services/web-servers/uwsgi.nix index 3ef78ea77cb..3f858d90fa4 100644 --- a/nixos/modules/services/web-servers/uwsgi.nix +++ b/nixos/modules/services/web-servers/uwsgi.nix @@ -27,10 +27,6 @@ let else if hasPython3 then uwsgi.python3 else null; - pythonPackages = pkgs.pythonPackages.override { - inherit python; - }; - pythonEnv = python.withPackages (c.pythonPackages or (self: [])); uwsgiCfg = { diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 27b62df7097..9fb8f44b242 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -10,7 +10,6 @@ let let pkgName = drv: (builtins.parseDrvName drv.name).name; ysNames = map pkgName ys; - res = (filter (x: !(builtins.elem (pkgName x) ysNames)) xs); in filter (x: !(builtins.elem (pkgName x) ysNames)) xs; diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index b6a7081b896..71b806a0b4e 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -11,7 +11,6 @@ let udev = config.systemd.package; - kernelPackages = config.boot.kernelPackages; modulesTree = config.system.modulesTree; firmware = config.hardware.firmware; diff --git a/nixos/modules/system/boot/stage-2.nix b/nixos/modules/system/boot/stage-2.nix index 78afbd8dbc1..9fd89b6319d 100644 --- a/nixos/modules/system/boot/stage-2.nix +++ b/nixos/modules/system/boot/stage-2.nix @@ -4,9 +4,6 @@ with lib; let - kernel = config.boot.kernelPackages.kernel; - activateConfiguration = config.system.activationScripts.script; - bootStage2 = pkgs.substituteAll { src = ./stage-2-init.sh; shellDebug = "${pkgs.bashInteractive}/bin/bash"; diff --git a/nixos/modules/system/boot/systemd-nspawn.nix b/nixos/modules/system/boot/systemd-nspawn.nix index 64b3b8b584e..83fef835436 100644 --- a/nixos/modules/system/boot/systemd-nspawn.nix +++ b/nixos/modules/system/boot/systemd-nspawn.nix @@ -6,9 +6,6 @@ with import ./systemd-lib.nix { inherit config lib pkgs; }; let cfg = config.systemd.nspawn; - assertions = [ - # boot = true -> processtwo != true - ]; checkExec = checkUnitConfig "Exec" [ (assertOnlyFields [ diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 6f5b15372d7..500c2d40661 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -188,8 +188,6 @@ let "timers.target" ]; - boolToString = value: if value then "yes" else "no"; - makeJobScript = name: text: let mkScriptName = s: (replaceChars [ "\\" ] [ "-" ] (shellEscape s) ); x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${mkScriptName name}"; inherit text; }; diff --git a/nixos/modules/tasks/encrypted-devices.nix b/nixos/modules/tasks/encrypted-devices.nix index da0c9408d89..11ed5d7e4d0 100644 --- a/nixos/modules/tasks/encrypted-devices.nix +++ b/nixos/modules/tasks/encrypted-devices.nix @@ -7,7 +7,6 @@ let encDevs = filter (dev: dev.encrypted.enable) fileSystems; keyedEncDevs = filter (dev: dev.encrypted.keyFile != null) encDevs; keylessEncDevs = filter (dev: dev.encrypted.keyFile == null) encDevs; - isIn = needle: haystack: filter (p: p == needle) haystack != []; anyEncrypted = fold (j: v: v || j.encrypted.enable) false encDevs; diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix index 39f51c36367..7120856387e 100644 --- a/nixos/modules/tasks/filesystems/zfs.nix +++ b/nixos/modules/tasks/filesystems/zfs.nix @@ -9,7 +9,6 @@ with lib; let - cfgSpl = config.boot.spl; cfgZfs = config.boot.zfs; cfgSnapshots = config.services.zfs.autoSnapshot; cfgSnapFlags = cfgSnapshots.flags; diff --git a/nixos/modules/tasks/network-interfaces-scripted.nix b/nixos/modules/tasks/network-interfaces-scripted.nix index c4a2bd1f75f..f3f6a19318a 100644 --- a/nixos/modules/tasks/network-interfaces-scripted.nix +++ b/nixos/modules/tasks/network-interfaces-scripted.nix @@ -7,7 +7,6 @@ let cfg = config.networking; interfaces = attrValues cfg.interfaces; - hasVirtuals = any (i: i.virtual) interfaces; slaves = concatMap (i: i.interfaces) (attrValues cfg.bonds) ++ concatMap (i: i.interfaces) (attrValues cfg.bridges) diff --git a/nixos/modules/testing/test-instrumentation.nix b/nixos/modules/testing/test-instrumentation.nix index 7a7fcbecd64..114e0ca39fa 100644 --- a/nixos/modules/testing/test-instrumentation.nix +++ b/nixos/modules/testing/test-instrumentation.nix @@ -6,10 +6,6 @@ with lib; with import ../../lib/qemu-flags.nix { inherit pkgs; }; -let - kernel = config.boot.kernelPackages.kernel; -in - { # This option is a dummy that if used in conjunction with diff --git a/nixos/modules/virtualisation/openvswitch.nix b/nixos/modules/virtualisation/openvswitch.nix index 38b138e0632..bb8b9172f23 100644 --- a/nixos/modules/virtualisation/openvswitch.nix +++ b/nixos/modules/virtualisation/openvswitch.nix @@ -51,9 +51,6 @@ in { # Where the communication sockets live runDir = "/var/run/openvswitch"; - # Where the config database live (can't be in nix-store) - stateDir = "/var/db/openvswitch"; - # The path to the an initialized version of the database db = pkgs.stdenv.mkDerivation { name = "vswitch.db"; diff --git a/nixos/tests/cjdns.nix b/nixos/tests/cjdns.nix index 4d3b58abc6e..db89c496944 100644 --- a/nixos/tests/cjdns.nix +++ b/nixos/tests/cjdns.nix @@ -2,7 +2,6 @@ let carolKey = "2d2a338b46f8e4a8c462f0c385b481292a05f678e19a2b82755258cf0f0af7e2"; carolPubKey = "n932l3pjvmhtxxcdrqq2qpw5zc58f01vvjx01h4dtd1bb0nnu2h0.k"; carolPassword = "678287829ce4c67bc8b227e56d94422ee1b85fa11618157b2f591de6c6322b52"; - carolIp4 = "192.168.0.9"; basicConfig = { config, pkgs, ... }: @@ -44,9 +43,7 @@ import ./make-test.nix ({ pkgs, ...} : { bob = { config, lib, nodes, ... }: - let carolIp4 = lib.mkForce nodes.carol.config.networking.interfaces.eth1; in - - { imports = [ basicConfig ]; + { imports = [ basicConfig ]; networking.interfaces.eth1.ipv4.addresses = [ { address = "192.168.0.2"; prefixLength = 24; } @@ -67,10 +64,7 @@ import ./make-test.nix ({ pkgs, ...} : { # but knows neither Alice or Bob. carol = { config, lib, nodes, ... }: - let - carolIp4 = (lib.mkForce nodes.carol.config.networking.interfaces.eth1); - in - { imports = [ basicConfig ]; + { imports = [ basicConfig ]; environment.etc."cjdns.keys".text = '' CJDNS_PRIVATE_KEY=${carolKey} diff --git a/nixos/tests/containers-reloadable.nix b/nixos/tests/containers-reloadable.nix index 5fb42f2272b..15862ac64c1 100644 --- a/nixos/tests/containers-reloadable.nix +++ b/nixos/tests/containers-reloadable.nix @@ -45,7 +45,6 @@ in { }; testScript = {nodes, ...}: let - originalSystem = nodes.client.config.system.build.toplevel; c1System = nodes.client_c1.config.system.build.toplevel; c2System = nodes.client_c2.config.system.build.toplevel; in '' diff --git a/nixos/tests/installer.nix b/nixos/tests/installer.nix index 8ce9bc21ff7..96230940e87 100644 --- a/nixos/tests/installer.nix +++ b/nixos/tests/installer.nix @@ -58,9 +58,6 @@ let ''; - channelContents = [ pkgs.rlwrap ]; - - # The test script boots a NixOS VM, installs NixOS on an empty hard # disk, and then reboot from the hard disk. It's parameterized with # a test script fragment `createPartitions', which must create @@ -237,7 +234,7 @@ let libxml2.bin libxslt.bin docbook5 - docbook5_xsl + docbook_xsl_ns unionfs-fuse ntp nixos-artwork.wallpapers.gnome-dark diff --git a/nixos/tests/pam-oath-login.nix b/nixos/tests/pam-oath-login.nix index eb5966d9213..9f40ecfe865 100644 --- a/nixos/tests/pam-oath-login.nix +++ b/nixos/tests/pam-oath-login.nix @@ -12,8 +12,6 @@ let # and picking a the first 4: oathSnakeOilPassword1 = "143349"; oathSnakeOilPassword2 = "801753"; - oathSnakeOilPassword3 = "019933"; - oathSnakeOilPassword4 = "403895"; alicePassword = "foobar"; # Generated via: mkpasswd -m sha-512 and passing in "foobar" |