diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2111.section.xml | 13 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2111.section.md | 5 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/programs/udevil.nix | 3 | ||||
-rw-r--r-- | nixos/modules/programs/zsh/zsh.nix | 26 | ||||
-rw-r--r-- | nixos/modules/services/misc/clipcat.nix | 31 | ||||
-rw-r--r-- | nixos/modules/services/networking/corerad.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/unbound.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/plausible.nix | 18 | ||||
-rw-r--r-- | nixos/tests/chromium.nix | 2 |
10 files changed, 101 insertions, 11 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml index cc4ec8da958..ae9f97c139b 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml @@ -48,6 +48,13 @@ </listitem> <listitem> <para> + <link xlink:href="https://github.com/xrelkd/clipcat/">clipcat</link>, + an X11 clipboard manager written in Rust. Available at + [services.clipcat](options.html#o pt-services.clipcat.enable). + </para> + </listitem> + <listitem> + <para> <link xlink:href="https://github.com/maxmind/geoipupdate">geoipupdate</link>, a GeoIP database updater from MaxMind. Available as <link xlink:href="options.html#opt-services.geoipupdate.enable">services.geoipupdate</link>. @@ -537,6 +544,12 @@ 2020 to 2021 </para> </listitem> + <listitem> + <para> + the <literal>mingw-64</literal> package has been upgraded from + 6.0.0 to 9.0.0 + </para> + </listitem> </itemizedlist> </section> <section xml:id="sec-release-21.11-notable-changes"> diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md index 3b9631aa753..172fe9bbcad 100644 --- a/nixos/doc/manual/release-notes/rl-2111.section.md +++ b/nixos/doc/manual/release-notes/rl-2111.section.md @@ -15,6 +15,9 @@ In addition to numerous new and upgraded packages, this release has the followin - [btrbk](https://digint.ch/btrbk/index.html), a backup tool for btrfs subvolumes, taking advantage of btrfs specific capabilities to create atomic snapshots and transfer them incrementally to your backup locations. Available as [services.btrbk](options.html#opt-services.brtbk.instances). +- [clipcat](https://github.com/xrelkd/clipcat/), an X11 clipboard manager written in Rust. Available at [services.clipcat](options.html#o +pt-services.clipcat.enable). + - [geoipupdate](https://github.com/maxmind/geoipupdate), a GeoIP database updater from MaxMind. Available as [services.geoipupdate](options.html#opt-services.geoipupdate.enable). - [Kea](https://www.isc.org/kea/), ISCs 2nd generation DHCP and DDNS server suite. Available at [services.kea](options.html#opt-services.kea). @@ -135,6 +138,8 @@ In addition to numerous new and upgraded packages, this release has the followin - The `isabelle` package has been upgraded from 2020 to 2021 +- the `mingw-64` package has been upgraded from 6.0.0 to 9.0.0 + ## Other Notable Changes {#sec-release-21.11-notable-changes} - The setting [`services.openssh.logLevel`](options.html#opt-services.openssh.logLevel) `"VERBOSE"` `"INFO"`. This brings NixOS in line with upstream and other Linux distributions, and reduces log spam on servers due to bruteforcing botnets. diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 13463359a66..4d1700ed99a 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -475,6 +475,7 @@ ./services/misc/calibre-server.nix ./services/misc/cfdyndns.nix ./services/misc/clipmenu.nix + ./services/misc/clipcat.nix ./services/misc/cpuminer-cryptonight.nix ./services/misc/cgminer.nix ./services/misc/confd.nix diff --git a/nixos/modules/programs/udevil.nix b/nixos/modules/programs/udevil.nix index ba5670f9dfe..25975d88ec8 100644 --- a/nixos/modules/programs/udevil.nix +++ b/nixos/modules/programs/udevil.nix @@ -10,5 +10,8 @@ in { config = mkIf cfg.enable { security.wrappers.udevil.source = "${lib.getBin pkgs.udevil}/bin/udevil"; + + systemd.packages = [ pkgs.udevil ]; + systemd.services."devmon@".wantedBy = [ "multi-user.target" ]; }; } diff --git a/nixos/modules/programs/zsh/zsh.nix b/nixos/modules/programs/zsh/zsh.nix index 48638fda28d..6c824a692b7 100644 --- a/nixos/modules/programs/zsh/zsh.nix +++ b/nixos/modules/programs/zsh/zsh.nix @@ -53,7 +53,7 @@ in }; shellAliases = mkOption { - default = {}; + default = { }; description = '' Set of aliases for zsh shell, which overrides <option>environment.shellAliases</option>. See <option>environment.shellAliases</option> for an option format description. @@ -118,7 +118,9 @@ in setOptions = mkOption { type = types.listOf types.str; default = [ - "HIST_IGNORE_DUPS" "SHARE_HISTORY" "HIST_FCNTL_LOCK" + "HIST_IGNORE_DUPS" + "SHARE_HISTORY" + "HIST_FCNTL_LOCK" ]; example = [ "EXTENDED_HISTORY" "RM_STAR_WAIT" ]; description = '' @@ -278,15 +280,29 @@ in environment.etc.zinputrc.source = ./zinputrc; - environment.systemPackages = [ pkgs.zsh ] - ++ optional cfg.enableCompletion pkgs.nix-zsh-completions; + environment.systemPackages = + let + completions = + if lib.versionAtLeast (lib.getVersion config.nix.package) "2.4pre" + then + pkgs.nix-zsh-completions.overrideAttrs + (_: { + postInstall = '' + rm $out/share/zsh/site-functions/_nix + ''; + }) + else pkgs.nix-zsh-completions; + in + [ pkgs.zsh ] + ++ optional cfg.enableCompletion completions; environment.pathsToLink = optional cfg.enableCompletion "/share/zsh"; #users.defaultUserShell = mkDefault "/run/current-system/sw/bin/zsh"; environment.shells = - [ "/run/current-system/sw/bin/zsh" + [ + "/run/current-system/sw/bin/zsh" "${pkgs.zsh}/bin/zsh" ]; diff --git a/nixos/modules/services/misc/clipcat.nix b/nixos/modules/services/misc/clipcat.nix new file mode 100644 index 00000000000..128bb9a89d6 --- /dev/null +++ b/nixos/modules/services/misc/clipcat.nix @@ -0,0 +1,31 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.clipcat; +in { + + options.services.clipcat= { + enable = mkEnableOption "Clipcat clipboard daemon"; + + package = mkOption { + type = types.package; + default = pkgs.clipcat; + defaultText = "pkgs.clipcat"; + description = "clipcat derivation to use."; + }; + }; + + config = mkIf cfg.enable { + systemd.user.services.clipcat = { + enable = true; + description = "clipcat daemon"; + wantedBy = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig.ExecStart = "${cfg.package}/bin/clipcatd --no-daemon"; + }; + + environment.systemPackages = [ cfg.package ]; + }; +} diff --git a/nixos/modules/services/networking/corerad.nix b/nixos/modules/services/networking/corerad.nix index 4acdd1d69cc..e76ba9a2d00 100644 --- a/nixos/modules/services/networking/corerad.nix +++ b/nixos/modules/services/networking/corerad.nix @@ -37,7 +37,7 @@ in { } ''; description = '' - Configuration for CoreRAD, see <link xlink:href="https://github.com/mdlayher/corerad/blob/master/internal/config/default.toml"/> + Configuration for CoreRAD, see <link xlink:href="https://github.com/mdlayher/corerad/blob/main/internal/config/reference.toml"/> for supported values. Ignored if configFile is set. ''; }; diff --git a/nixos/modules/services/networking/unbound.nix b/nixos/modules/services/networking/unbound.nix index 09aef9a1dcf..6d7178047ea 100644 --- a/nixos/modules/services/networking/unbound.nix +++ b/nixos/modules/services/networking/unbound.nix @@ -21,7 +21,15 @@ let )) else throw (traceSeq v "services.unbound.settings: unexpected type"); - confFile = pkgs.writeText "unbound.conf" (concatStringsSep "\n" ((mapAttrsToList (toConf "") cfg.settings) ++ [""])); + confNoServer = concatStringsSep "\n" ((mapAttrsToList (toConf "") (builtins.removeAttrs cfg.settings [ "server" ])) ++ [""]); + confServer = concatStringsSep "\n" (mapAttrsToList (toConf " ") (builtins.removeAttrs cfg.settings.server [ "define-tag" ])); + + confFile = pkgs.writeText "unbound.conf" '' + server: + ${optionalString (cfg.settings.server.define-tag != "") (toOption " " "define-tag" cfg.settings.server.define-tag)} + ${confServer} + ${confNoServer} + ''; rootTrustAnchorFile = "${cfg.stateDir}/root.key"; @@ -170,6 +178,7 @@ in { # prevent race conditions on system startup when interfaces are not yet # configured ip-freebind = mkDefault true; + define-tag = mkDefault ""; }; remote-control = { control-enable = mkDefault false; diff --git a/nixos/modules/services/web-apps/plausible.nix b/nixos/modules/services/web-apps/plausible.nix index caf5ba466df..b56848b79d2 100644 --- a/nixos/modules/services/web-apps/plausible.nix +++ b/nixos/modules/services/web-apps/plausible.nix @@ -7,10 +7,15 @@ let # FIXME consider using LoadCredential as soon as it actually works. envSecrets = '' - export ADMIN_USER_PWD="$(<${cfg.adminUser.passwordFile})" - export SECRET_KEY_BASE="$(<${cfg.server.secretKeybaseFile})" + ADMIN_USER_PWD="$(<${cfg.adminUser.passwordFile})" + export ADMIN_USER_PWD # separate export to make `set -e` work + + SECRET_KEY_BASE="$(<${cfg.server.secretKeybaseFile})" + export SECRET_KEY_BASE # separate export to make `set -e` work + ${optionalString (cfg.mail.smtp.passwordFile != null) '' - export SMTP_USER_PWD="$(<${cfg.mail.smtp.passwordFile})" + SMTP_USER_PWD="$(<${cfg.mail.smtp.passwordFile})" + export SMTP_USER_PWD # separate export to make `set -e` work ''} ''; in { @@ -102,6 +107,11 @@ in { type = types.str; description = '' Public URL where plausible is available. + + Note that <literal>/path</literal> components are currently ignored: + <link xlink:href="https://github.com/plausible/analytics/issues/1182"> + https://github.com/plausible/analytics/issues/1182 + </link>. ''; }; }; @@ -228,6 +238,7 @@ in { WorkingDirectory = "/var/lib/plausible"; StateDirectory = "plausible"; ExecStartPre = "@${pkgs.writeShellScript "plausible-setup" '' + set -eu -o pipefail ${envSecrets} ${pkgs.plausible}/createdb.sh ${pkgs.plausible}/migrate.sh @@ -238,6 +249,7 @@ in { ''} ''} plausible-setup"; ExecStart = "@${pkgs.writeShellScript "plausible" '' + set -eu -o pipefail ${envSecrets} plausible start ''} plausible"; diff --git a/nixos/tests/chromium.nix b/nixos/tests/chromium.nix index d2a8f276f12..c4ad73679b7 100644 --- a/nixos/tests/chromium.nix +++ b/nixos/tests/chromium.nix @@ -81,7 +81,7 @@ mapAttrs (channel: chromiumPkg: makeTest rec { # Add optional CLI options: options = [] major_version = "${versions.major (getVersion chromiumPkg.name)}" - if major_version > "91": + if major_version > "91" and pname.startswith("google-chrome"): # To avoid a GPU crash: options += ["--use-gl=angle", "--use-angle=swiftshader"] options.append("file://${startupHTML}") |