From c0e5acb16dece02c6e8f8f3090949ae2b7b45d03 Mon Sep 17 00:00:00 2001 From: Janne Heß Date: Mon, 10 Jun 2019 09:50:04 +0200 Subject: nixos/memcached: Isolate the service memcached is (as the name suggests) an in-memory database so FS access is not required. --- nixos/modules/services/databases/memcached.nix | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/modules/services/databases/memcached.nix b/nixos/modules/services/databases/memcached.nix index 052ff1f308e..f9e403dfc0c 100644 --- a/nixos/modules/services/databases/memcached.nix +++ b/nixos/modules/services/databases/memcached.nix @@ -86,7 +86,25 @@ in in "${memcached}/bin/memcached ${networking} -m ${toString cfg.maxMemory} -c ${toString cfg.maxConnections} ${concatStringsSep " " cfg.extraOptions}"; User = cfg.user; + + # Filesystem access + ProtectSystem = "strict"; + ProtectHome = true; + PrivateTmp = true; + PrivateDevices = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectControlGroups = true; RuntimeDirectory = "memcached"; + # Caps + CapabilityBoundingSet = ""; + NoNewPrivileges = true; + # Misc. + LockPersonality = true; + RestrictRealtime = true; + PrivateMounts = true; + PrivateUsers = true; + MemoryDenyWriteExecute = true; }; }; }; -- cgit 1.4.1 From 003b42f33241229dc9094d713f4e88bff9d72d14 Mon Sep 17 00:00:00 2001 From: Tobias Happ Date: Sat, 1 Dec 2018 17:32:21 +0100 Subject: nixos/dwm-status: add module --- nixos/doc/manual/release-notes/rl-1909.xml | 7 +++ nixos/modules/module-list.nix | 1 + nixos/modules/services/misc/dwm-status.nix | 73 ++++++++++++++++++++++++++++++ 3 files changed, 81 insertions(+) create mode 100644 nixos/modules/services/misc/dwm-status.nix (limited to 'nixos/modules') diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 51a894269d9..726ac5b3aba 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -42,6 +42,13 @@ The following new services were added since the last release: + + + + ./programs/dwm-status.nix + + +
Date: Thu, 27 Jun 2019 13:52:16 -0400 Subject: datadog-agent: fix extraIntegrations The override that builds the custom python for integrations-core was overriding python, but pythonPackages was still being inherited from a call to `datadog-integrations-core {}`, causing service.datadog-agent.extraIntegrations to be ignored. --- nixos/modules/services/monitoring/datadog-agent.nix | 8 ++++---- pkgs/tools/networking/dd-agent/datadog-agent.nix | 3 +-- 2 files changed, 5 insertions(+), 6 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/monitoring/datadog-agent.nix b/nixos/modules/services/monitoring/datadog-agent.nix index ce3d53fb2c1..7f78db74677 100644 --- a/nixos/modules/services/monitoring/datadog-agent.nix +++ b/nixos/modules/services/monitoring/datadog-agent.nix @@ -42,9 +42,9 @@ let # Apply the configured extraIntegrations to the provided agent # package. See the documentation of `dd-agent/integrations-core.nix` # for detailed information on this. - datadogPkg = cfg.package.overrideAttrs(_: { - python = (pkgs.datadog-integrations-core cfg.extraIntegrations).python; - }); + datadogPkg = cfg.package.override { + pythonPackages = pkgs.datadog-integrations-core cfg.extraIntegrations; + }; in { options.services.datadog-agent = { enable = mkOption { @@ -60,7 +60,7 @@ in { defaultText = "pkgs.datadog-agent"; description = '' Which DataDog v6 agent package to use. Note that the provided - package is expected to have an overridable `python`-attribute + package is expected to have an overridable `pythonPackages`-attribute which configures the Python environment with the Datadog checks. ''; diff --git a/pkgs/tools/networking/dd-agent/datadog-agent.nix b/pkgs/tools/networking/dd-agent/datadog-agent.nix index fbf7efb6933..d2ae24c8a71 100644 --- a/pkgs/tools/networking/dd-agent/datadog-agent.nix +++ b/pkgs/tools/networking/dd-agent/datadog-agent.nix @@ -3,6 +3,7 @@ let # keep this in sync with github.com/DataDog/agent-payload dependency payloadVersion = "4.7.1"; + python = pythonPackages.python; in buildGoPackage rec { name = "datadog-agent-${version}"; @@ -26,8 +27,6 @@ in buildGoPackage rec { goDeps = ./datadog-agent-deps.nix; goPackagePath = "github.com/${owner}/${repo}"; - # Explicitly set this here to allow it to be overridden. - python = pythonPackages.python; nativeBuildInputs = [ pkgconfig makeWrapper ]; buildInputs = [ systemd ]; -- cgit 1.4.1 From 1acc701fdbcefba6ff1aea833001b6301ad8673e Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Wed, 17 Jul 2019 17:00:46 -0400 Subject: nixos/binfmt: handle wasm binaries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This adds handling for WASM binaries to binfmt’s emulatedSystems. To enable, add this to your configuration: boot.binfmt.emulatedSystems = [ "wasm32-wasi" ]; After rebuilding with nixos-rebuild switch, you can run wasm binaries directly. --- nixos/modules/system/boot/binfmt.nix | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/modules/system/boot/binfmt.nix b/nixos/modules/system/boot/binfmt.nix index d6c0f050486..eff25894577 100644 --- a/nixos/modules/system/boot/binfmt.nix +++ b/nixos/modules/system/boot/binfmt.nix @@ -115,6 +115,14 @@ let magicOrExtension = ''\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xf3\x00''; mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff''; }; + wasm32-wasi = { + magicOrExtension = ''\x00asm''; + mask = ''\xff\xff\xff\xff''; + }; + wasm64-wasi = { + magicOrExtension = ''\x00asm''; + mask = ''\xff\xff\xff\xff''; + }; x86_64-windows = { magicOrExtension = ".exe"; recognitionType = "extension"; -- cgit 1.4.1 From 857f7fb4af34d3417b8d1a0e901ba75f4cba39a0 Mon Sep 17 00:00:00 2001 From: Matthew Bauer Date: Wed, 17 Jul 2019 17:09:20 -0400 Subject: nixos/binfmt: update release notes and provide examples --- nixos/doc/manual/release-notes/rl-1909.xml | 9 +++++++++ nixos/modules/system/boot/binfmt.nix | 1 + 2 files changed, 10 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 30570a279ec..dbbf46dfa83 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -33,6 +33,15 @@ PHP 7.1 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 19.09 release. + + + The binfmt module is now easier to use. Additional systems can + be added through . + For instance, boot.binfmt.emulatedSystems = [ + "wasm32-wasi" "x86_64-windows" "aarch64-linux" ]; will + set up binfmt interpreters for each of those listed systems. + +
diff --git a/nixos/modules/system/boot/binfmt.nix b/nixos/modules/system/boot/binfmt.nix index eff25894577..a550ffd6320 100644 --- a/nixos/modules/system/boot/binfmt.nix +++ b/nixos/modules/system/boot/binfmt.nix @@ -234,6 +234,7 @@ in { emulatedSystems = mkOption { default = []; + example = [ "wasm32-wasi" "x86_64-windows" "aarch64-linux" ]; description = '' List of systems to emulate. Will also configure Nix to support your new systems. -- cgit 1.4.1 From 5e974362befc270ad8f142fb2eb760f169873e9c Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Wed, 24 Jul 2019 20:26:22 +0200 Subject: nixos/couchdb: Prevent it from chowning /var/log to couchdb:couchdb MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The default for logFile is /var/log/couchdb.log, and the tmpfile rules chown ${dirOf cfg.logFile}, which is just /var/log, to couchdb:couchdb. This was found by Edes' report on IRC, which looked like Detected unsafe path transition /var/log → /var/log/journal during canonicalization of /var/log/journal While this bug has been present since the initial couchdb module in 62438c09f7cc811f994510550614c9265b3b1d18 by @garbas, this wasn't a problem, because the initial module only created and chowned /var/log if it didn't exist yet, which can't occur because this gets created in the initial phases of NixOS startup. However with the recent move from manual preStart chown scripts to systemd.tmpfiles.rules in 062efe018d571b1daa9c37b8c99eb39ad47d7342 (#59389), this chown is suddenly running unconditionally at every system activation, therefore triggering the above error. --- nixos/modules/services/databases/couchdb.nix | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/databases/couchdb.nix b/nixos/modules/services/databases/couchdb.nix index 5ddf8ba4bfb..77e404116c8 100644 --- a/nixos/modules/services/databases/couchdb.nix +++ b/nixos/modules/services/databases/couchdb.nix @@ -160,7 +160,7 @@ in { systemd.tmpfiles.rules = [ "d '${dirOf cfg.uriFile}' - ${cfg.user} ${cfg.group} - -" - "d '${dirOf cfg.logFile}' - ${cfg.user} ${cfg.group} - -" + "f '${cfg.logFile}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.databaseDir}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.viewIndexDir}' - ${cfg.user} ${cfg.group} - -" ]; @@ -169,11 +169,9 @@ in { description = "CouchDB Server"; wantedBy = [ "multi-user.target" ]; - preStart = - '' + preStart = '' touch ${cfg.configFile} - touch -a ${cfg.logFile} - ''; + ''; environment = mkIf useVersion2 { # we are actually specifying 4 configuration files: -- cgit 1.4.1 From 5596b69771da566d97d2bfe0a2aab939537728a9 Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Fri, 26 Jul 2019 17:51:06 -0400 Subject: nixos/httpd: remove duplicate module entries from httpd.conf --- nixos/modules/services/web-servers/apache-httpd/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index ea9476a7c91..12200c879be 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -336,7 +336,7 @@ let ++ optional enablePerl { name = "perl"; path = "${mod_perl}/modules/mod_perl.so"; } ++ concatMap (svc: svc.extraModules) allSubservices ++ extraForeignModules; - in concatMapStrings load allModules + in concatMapStrings load (unique allModules) } AddHandler type-map var -- cgit 1.4.1 From 810388afd21154aa99c3bdabd7bc2fe04150ed92 Mon Sep 17 00:00:00 2001 From: Bas van Dijk Date: Wed, 7 Aug 2019 18:04:18 +0200 Subject: nixos-generate-config: enable overriding configuration.nix --- .../installer/tools/nixos-generate-config.pl | 85 +---------------- nixos/modules/installer/tools/tools.nix | 105 ++++++++++++++++++++- nixos/tests/all-tests.nix | 1 + nixos/tests/nixos-generate-config.nix | 24 +++++ 4 files changed, 130 insertions(+), 85 deletions(-) create mode 100644 nixos/tests/nixos-generate-config.nix (limited to 'nixos/modules') diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index c09def1fcea..cfdbdaabf5c 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -607,90 +607,7 @@ EOF } write_file($fn, <nixos-generate-config + saves to /etc/nixos/configuration.nix. + + This is an internal option. No backward compatibility is guaranteed. + Use at your own risk! + + Note that this string gets spliced into a Perl script. The perl + variable $bootLoaderConfig can be used to + splice in the boot loader configuration. + ''; + }; + config = { + system.nixos-generate-config.configuration = mkDefault '' + # Edit this configuration file to define what should be installed on + # your system. Help is available in the configuration.nix(5) man page + # and in the NixOS manual (accessible by running ‘nixos-help’). + + { config, pkgs, ... }: + + { + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + $bootLoaderConfig + # networking.hostName = "nixos"; # Define your hostname. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password\@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n = { + # consoleFont = "Lat2-Terminus16"; + # consoleKeyMap = "us"; + # defaultLocale = "en_US.UTF-8"; + # }; + + # Set your time zone. + # time.timeZone = "Europe/Amsterdam"; + + # List packages installed in system profile. To search, run: + # \$ nix search wget + # environment.systemPackages = with pkgs; [ + # wget vim + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + # services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = "eurosign:e"; + + # Enable touchpad support. + # services.xserver.libinput.enable = true; + + # Enable the KDE Desktop Environment. + # services.xserver.displayManager.sddm.enable = true; + # services.xserver.desktopManager.plasma5.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + # users.users.jane = { + # isNormalUser = true; + # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + # }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "${config.system.nixos.release}"; # Did you read the comment? + + } + ''; + environment.systemPackages = [ nixos-build-vms nixos-install diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index c3fa53ac544..25dd9f3f428 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -183,6 +183,7 @@ in nginx = handleTest ./nginx.nix {}; nginx-sso = handleTest ./nginx-sso.nix {}; nix-ssh-serve = handleTest ./nix-ssh-serve.nix {}; + nixos-generate-config = handleTest ./nixos-generate-config.nix {}; novacomd = handleTestOn ["x86_64-linux"] ./novacomd.nix {}; nsd = handleTest ./nsd.nix {}; nzbget = handleTest ./nzbget.nix {}; diff --git a/nixos/tests/nixos-generate-config.nix b/nixos/tests/nixos-generate-config.nix new file mode 100644 index 00000000000..15a173e024b --- /dev/null +++ b/nixos/tests/nixos-generate-config.nix @@ -0,0 +1,24 @@ +import ./make-test.nix ({ lib, ... } : { + name = "nixos-generate-config"; + meta.maintainers = with lib.maintainers; [ basvandijk ]; + machine = { + system.nixos-generate-config.configuration = '' + # OVERRIDDEN + { config, pkgs, ... }: { + imports = [ ./hardware-configuration.nix ]; + $bootLoaderConfig + } + ''; + }; + testScript = '' + startAll; + $machine->waitForUnit("multi-user.target"); + $machine->succeed("nixos-generate-config"); + + # Test if the configuration really is overridden + $machine->succeed("grep 'OVERRIDDEN' /etc/nixos/configuration.nix"); + + # Test of if the Perl variable $bootLoaderConfig is spliced correctly: + $machine->succeed("grep 'boot\\.loader\\.grub\\.enable = true;' /etc/nixos/configuration.nix"); + ''; +}) -- cgit 1.4.1 From 88bb9fa4037c7cda4cb2fb94792d17e44fd55a18 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Thu, 8 Aug 2019 23:35:52 +0200 Subject: nixos/modules: Replace all nested types.either's with types.oneOf's --- nixos/modules/services/backup/automysqlbackup.nix | 2 +- nixos/modules/services/games/minecraft-server.nix | 2 +- nixos/modules/services/mail/davmail.nix | 2 +- nixos/modules/services/mail/postfix.nix | 2 +- nixos/modules/services/mail/rspamd.nix | 2 +- nixos/modules/services/mail/rss2email.nix | 2 +- nixos/modules/services/networking/znc/default.nix | 4 ++-- nixos/modules/services/security/bitwarden_rs/default.nix | 2 +- nixos/modules/services/web-apps/limesurvey.nix | 2 +- nixos/modules/services/x11/compton.nix | 2 +- nixos/modules/system/boot/systemd-unit-options.nix | 2 +- nixos/modules/system/boot/systemd.nix | 2 +- 12 files changed, 13 insertions(+), 13 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/backup/automysqlbackup.nix b/nixos/modules/services/backup/automysqlbackup.nix index b845f370fb7..1884f3536a9 100644 --- a/nixos/modules/services/backup/automysqlbackup.nix +++ b/nixos/modules/services/backup/automysqlbackup.nix @@ -41,7 +41,7 @@ in }; config = mkOption { - type = with types; attrsOf (either (either str (either int bool)) (listOf str)); + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); default = {}; description = '' automysqlbackup configuration. Refer to diff --git a/nixos/modules/services/games/minecraft-server.nix b/nixos/modules/services/games/minecraft-server.nix index 39a68f4b553..eb9288fca58 100644 --- a/nixos/modules/services/games/minecraft-server.nix +++ b/nixos/modules/services/games/minecraft-server.nix @@ -118,7 +118,7 @@ in { }; serverProperties = mkOption { - type = with types; attrsOf (either bool (either int str)); + type = with types; attrsOf (oneOf [ bool int str ]); default = {}; example = literalExample '' { diff --git a/nixos/modules/services/mail/davmail.nix b/nixos/modules/services/mail/davmail.nix index 5b5cc294e5c..374a3dd75c1 100644 --- a/nixos/modules/services/mail/davmail.nix +++ b/nixos/modules/services/mail/davmail.nix @@ -7,7 +7,7 @@ let cfg = config.services.davmail; configType = with types; - either (either (attrsOf configType) str) (either int bool) // { + oneOf [ (attrsOf configType) str int bool ] // { description = "davmail config type (str, int, bool or attribute set thereof)"; }; diff --git a/nixos/modules/services/mail/postfix.nix b/nixos/modules/services/mail/postfix.nix index dab1b29aa4b..2b08ab1e6aa 100644 --- a/nixos/modules/services/mail/postfix.nix +++ b/nixos/modules/services/mail/postfix.nix @@ -447,7 +447,7 @@ in }; config = mkOption { - type = with types; attrsOf (either bool (either str (listOf str))); + type = with types; attrsOf (oneOf [ bool str (listOf str) ]); description = '' The main.cf configuration file as key value set. ''; diff --git a/nixos/modules/services/mail/rspamd.nix b/nixos/modules/services/mail/rspamd.nix index 5541b8b79b7..e59d5715de0 100644 --- a/nixos/modules/services/mail/rspamd.nix +++ b/nixos/modules/services/mail/rspamd.nix @@ -331,7 +331,7 @@ in }; config = mkOption { - type = with types; attrsOf (either bool (either str (listOf str))); + type = with types; attrsOf (oneOf [ bool str (listOf str) ]); description = '' Addon to postfix configuration ''; diff --git a/nixos/modules/services/mail/rss2email.nix b/nixos/modules/services/mail/rss2email.nix index a123736005a..df454abc826 100644 --- a/nixos/modules/services/mail/rss2email.nix +++ b/nixos/modules/services/mail/rss2email.nix @@ -30,7 +30,7 @@ in { }; config = mkOption { - type = with types; attrsOf (either str (either int bool)); + type = with types; attrsOf (oneOf [ str int bool ]); default = {}; description = '' The configuration to give rss2email. diff --git a/nixos/modules/services/networking/znc/default.nix b/nixos/modules/services/networking/znc/default.nix index 46bff6954cd..05f97bfa539 100644 --- a/nixos/modules/services/networking/znc/default.nix +++ b/nixos/modules/services/networking/znc/default.nix @@ -62,9 +62,9 @@ let concatStringsSep "\n" (toLines cfg.config); semanticTypes = with types; rec { - zncAtom = nullOr (either (either int bool) str); + zncAtom = nullOr (oneOf [ int bool str ]); zncAttr = attrsOf (nullOr zncConf); - zncAll = either (either zncAtom (listOf zncAtom)) zncAttr; + zncAll = oneOf [ zncAtom (listOf zncAtom) zncAttr ]; zncConf = attrsOf (zncAll // { # Since this is a recursive type and the description by default contains # the description of its subtypes, infinite recursion would occur without diff --git a/nixos/modules/services/security/bitwarden_rs/default.nix b/nixos/modules/services/security/bitwarden_rs/default.nix index bb036ee020f..80fd65891ff 100644 --- a/nixos/modules/services/security/bitwarden_rs/default.nix +++ b/nixos/modules/services/security/bitwarden_rs/default.nix @@ -36,7 +36,7 @@ in { }; config = mkOption { - type = attrsOf (nullOr (either (either bool int) str)); + type = attrsOf (nullOr (oneOf [ bool int str ])); default = {}; example = literalExample '' { diff --git a/nixos/modules/services/web-apps/limesurvey.nix b/nixos/modules/services/web-apps/limesurvey.nix index 5b2f3875aaa..84a94fc446e 100644 --- a/nixos/modules/services/web-apps/limesurvey.nix +++ b/nixos/modules/services/web-apps/limesurvey.nix @@ -14,7 +14,7 @@ let pkg = pkgs.limesurvey; - configType = with types; either (either (attrsOf configType) str) (either int bool) // { + configType = with types; oneOf [ (attrsOf configType) str int bool ] // { description = "limesurvey config type (str, int, bool or attribute set thereof)"; }; diff --git a/nixos/modules/services/x11/compton.nix b/nixos/modules/services/x11/compton.nix index c02c9bfd94e..a94a76ff0c0 100644 --- a/nixos/modules/services/x11/compton.nix +++ b/nixos/modules/services/x11/compton.nix @@ -215,7 +215,7 @@ in { }; settings = let - configTypes = with types; either bool (either int (either float str)); + configTypes = with types; oneOf [ bool int float str ]; # types.loaOf converts lists to sets loaOf = t: with types; either (listOf t) (attrsOf t); in mkOption { diff --git a/nixos/modules/system/boot/systemd-unit-options.nix b/nixos/modules/system/boot/systemd-unit-options.nix index ee4ae845a7d..c1f2c98afcd 100644 --- a/nixos/modules/system/boot/systemd-unit-options.nix +++ b/nixos/modules/system/boot/systemd-unit-options.nix @@ -226,7 +226,7 @@ in rec { environment = mkOption { default = {}; - type = with types; attrsOf (nullOr (either str (either path package))); + type = with types; attrsOf (nullOr (oneOf [ str path package ])); example = { PATH = "/foo/bar/bin"; LANG = "nl_NL.UTF-8"; }; description = "Environment variables passed to the service's processes."; }; diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index cf35504e518..0393291c0c3 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -520,7 +520,7 @@ in }; systemd.globalEnvironment = mkOption { - type = with types; attrsOf (nullOr (either str (either path package))); + type = with types; attrsOf (nullOr (oneOf [ str path package ])); default = {}; example = { TZ = "CET"; }; description = '' -- cgit 1.4.1 From db69d2dfe7c44f3d507f119b8f53b2c2bb4563e9 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Fri, 9 Aug 2019 12:26:15 -0400 Subject: nixos/evince: move to programs --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/evince.nix | 42 ++++++++++++++++++++++ nixos/modules/services/desktops/gnome3/evince.nix | 35 ------------------ .../services/x11/desktop-managers/gnome3.nix | 4 ++- 4 files changed, 46 insertions(+), 37 deletions(-) create mode 100644 nixos/modules/programs/evince.nix delete mode 100644 nixos/modules/services/desktops/gnome3/evince.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index df453aac9fe..3a6819f1b76 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -106,6 +106,7 @@ ./programs/digitalbitbox/default.nix ./programs/dmrconfig.nix ./programs/environment.nix + ./programs/evince.nix ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix @@ -280,7 +281,6 @@ ./services/desktops/pipewire.nix ./services/desktops/gnome3/at-spi2-core.nix ./services/desktops/gnome3/chrome-gnome-shell.nix - ./services/desktops/gnome3/evince.nix ./services/desktops/gnome3/evolution-data-server.nix ./services/desktops/gnome3/file-roller.nix ./services/desktops/gnome3/glib-networking.nix diff --git a/nixos/modules/programs/evince.nix b/nixos/modules/programs/evince.nix new file mode 100644 index 00000000000..473fddb09d0 --- /dev/null +++ b/nixos/modules/programs/evince.nix @@ -0,0 +1,42 @@ +# Evince. + +{ config, pkgs, lib, ... }: + +with lib; + +{ + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "evince" "enable" ] + [ "programs" "evince" "enable" ]) + ]; + + ###### interface + + options = { + + programs.evince = { + + enable = mkEnableOption + "Evince, the GNOME document viewer"; + + }; + + }; + + + ###### implementation + + config = mkIf config.programs.evince.enable { + + environment.systemPackages = [ pkgs.evince ]; + + services.dbus.packages = [ pkgs.evince ]; + + systemd.packages = [ pkgs.evince ]; + + }; + +} diff --git a/nixos/modules/services/desktops/gnome3/evince.nix b/nixos/modules/services/desktops/gnome3/evince.nix deleted file mode 100644 index 5f040a16f06..00000000000 --- a/nixos/modules/services/desktops/gnome3/evince.nix +++ /dev/null @@ -1,35 +0,0 @@ -# Evince. - -{ config, pkgs, lib, ... }: - -with lib; - -{ - - ###### interface - - options = { - - services.gnome3.evince = { - - enable = mkEnableOption - "systemd and dbus services for Evince, the GNOME document viewer"; - - }; - - }; - - - ###### implementation - - config = mkIf config.services.gnome3.evince.enable { - - environment.systemPackages = [ pkgs.evince ]; - - services.dbus.packages = [ pkgs.evince ]; - - systemd.packages = [ pkgs.evince ]; - - }; - -} diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index cd750242125..8993c895b96 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -123,7 +123,6 @@ in { services.dleyna-renderer.enable = mkDefault true; services.dleyna-server.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; - services.gnome3.evince.enable = mkDefault true; services.gnome3.evolution-data-server.enable = true; services.gnome3.file-roller.enable = mkDefault true; services.gnome3.glib-networking.enable = true; @@ -157,6 +156,9 @@ in { xdg.portal.enable = true; xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + # Enable default programs + programs.evince.enable = mkDefault true; + # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; -- cgit 1.4.1 From ff0e3aae354dbcf68d783ecf09a851401de2d2e0 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Fri, 9 Aug 2019 12:28:41 -0400 Subject: nixos/file-roller: move to programs --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/file-roller.nix | 39 ++++++++++++++++++++++ .../services/desktops/gnome3/file-roller.nix | 32 ------------------ .../services/x11/desktop-managers/gnome3.nix | 2 +- 4 files changed, 41 insertions(+), 34 deletions(-) create mode 100644 nixos/modules/programs/file-roller.nix delete mode 100644 nixos/modules/services/desktops/gnome3/file-roller.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3a6819f1b76..47d22f6c83d 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -107,6 +107,7 @@ ./programs/dmrconfig.nix ./programs/environment.nix ./programs/evince.nix + ./programs/file-roller.nix ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix @@ -282,7 +283,6 @@ ./services/desktops/gnome3/at-spi2-core.nix ./services/desktops/gnome3/chrome-gnome-shell.nix ./services/desktops/gnome3/evolution-data-server.nix - ./services/desktops/gnome3/file-roller.nix ./services/desktops/gnome3/glib-networking.nix ./services/desktops/gnome3/gnome-disks.nix ./services/desktops/gnome3/gnome-documents.nix diff --git a/nixos/modules/programs/file-roller.nix b/nixos/modules/programs/file-roller.nix new file mode 100644 index 00000000000..64f6a94e764 --- /dev/null +++ b/nixos/modules/programs/file-roller.nix @@ -0,0 +1,39 @@ +# File Roller. + +{ config, pkgs, lib, ... }: + +with lib; + +{ + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "file-roller" "enable" ] + [ "programs" "file-roller" "enable" ]) + ]; + + ###### interface + + options = { + + programs.file-roller = { + + enable = mkEnableOption "File Roller, an archive manager for GNOME"; + + }; + + }; + + + ###### implementation + + config = mkIf config.programs.file-roller.enable { + + environment.systemPackages = [ pkgs.gnome3.file-roller ]; + + services.dbus.packages = [ pkgs.gnome3.file-roller ]; + + }; + +} diff --git a/nixos/modules/services/desktops/gnome3/file-roller.nix b/nixos/modules/services/desktops/gnome3/file-roller.nix deleted file mode 100644 index 7fb558a9895..00000000000 --- a/nixos/modules/services/desktops/gnome3/file-roller.nix +++ /dev/null @@ -1,32 +0,0 @@ -# File Roller. - -{ config, pkgs, lib, ... }: - -with lib; - -{ - - ###### interface - - options = { - - services.gnome3.file-roller = { - - enable = mkEnableOption "File Roller, an archive manager for GNOME"; - - }; - - }; - - - ###### implementation - - config = mkIf config.services.gnome3.file-roller.enable { - - environment.systemPackages = [ pkgs.gnome3.file-roller ]; - - services.dbus.packages = [ pkgs.gnome3.file-roller ]; - - }; - -} diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 8993c895b96..bae4e7eb461 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -124,7 +124,6 @@ in { services.dleyna-server.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; services.gnome3.evolution-data-server.enable = true; - services.gnome3.file-roller.enable = mkDefault true; services.gnome3.glib-networking.enable = true; services.gnome3.gnome-disks.enable = mkDefault true; services.gnome3.gnome-documents.enable = mkDefault true; @@ -158,6 +157,7 @@ in { # Enable default programs programs.evince.enable = mkDefault true; + programs.file-roller.enable = mkDefault true; # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; -- cgit 1.4.1 From 6c525b1076431a8ed54505c39360610138d3634c Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Fri, 9 Aug 2019 12:33:49 -0400 Subject: nixos/gnome-disks: move to programs --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/gnome-disks.nix | 46 ++++++++++++++++++++++ .../services/desktops/gnome3/gnome-disks.nix | 39 ------------------ .../services/x11/desktop-managers/gnome3.nix | 2 +- 4 files changed, 48 insertions(+), 41 deletions(-) create mode 100644 nixos/modules/programs/gnome-disks.nix delete mode 100644 nixos/modules/services/desktops/gnome3/gnome-disks.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 47d22f6c83d..77d896316e9 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -111,6 +111,7 @@ ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix + ./programs/gnome-disks.nix ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/iftop.nix @@ -284,7 +285,6 @@ ./services/desktops/gnome3/chrome-gnome-shell.nix ./services/desktops/gnome3/evolution-data-server.nix ./services/desktops/gnome3/glib-networking.nix - ./services/desktops/gnome3/gnome-disks.nix ./services/desktops/gnome3/gnome-documents.nix ./services/desktops/gnome3/gnome-keyring.nix ./services/desktops/gnome3/gnome-online-accounts.nix diff --git a/nixos/modules/programs/gnome-disks.nix b/nixos/modules/programs/gnome-disks.nix new file mode 100644 index 00000000000..1cf839a6ddb --- /dev/null +++ b/nixos/modules/programs/gnome-disks.nix @@ -0,0 +1,46 @@ +# GNOME Disks. + +{ config, pkgs, lib, ... }: + +with lib; + +{ + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-disks" "enable" ] + [ "programs" "gnome-disks" "enable" ]) + ]; + + ###### interface + + options = { + + programs.gnome-disks = { + + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable GNOME Disks daemon, a program designed to + be a UDisks2 graphical front-end. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf config.programs.gnome-disks.enable { + + environment.systemPackages = [ pkgs.gnome3.gnome-disk-utility ]; + + services.dbus.packages = [ pkgs.gnome3.gnome-disk-utility ]; + + }; + +} diff --git a/nixos/modules/services/desktops/gnome3/gnome-disks.nix b/nixos/modules/services/desktops/gnome3/gnome-disks.nix deleted file mode 100644 index 139534cdb89..00000000000 --- a/nixos/modules/services/desktops/gnome3/gnome-disks.nix +++ /dev/null @@ -1,39 +0,0 @@ -# GNOME Disks daemon. - -{ config, pkgs, lib, ... }: - -with lib; - -{ - - ###### interface - - options = { - - services.gnome3.gnome-disks = { - - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable GNOME Disks daemon, a service designed to - be a UDisks2 graphical front-end. - ''; - }; - - }; - - }; - - - ###### implementation - - config = mkIf config.services.gnome3.gnome-disks.enable { - - environment.systemPackages = [ pkgs.gnome3.gnome-disk-utility ]; - - services.dbus.packages = [ pkgs.gnome3.gnome-disk-utility ]; - - }; - -} diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index bae4e7eb461..565ca0aac96 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -125,7 +125,6 @@ in { services.gnome3.at-spi2-core.enable = true; services.gnome3.evolution-data-server.enable = true; services.gnome3.glib-networking.enable = true; - services.gnome3.gnome-disks.enable = mkDefault true; services.gnome3.gnome-documents.enable = mkDefault true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-online-accounts.enable = mkDefault true; @@ -158,6 +157,7 @@ in { # Enable default programs programs.evince.enable = mkDefault true; programs.file-roller.enable = mkDefault true; + programs.gnome-disks.enable = mkDefault true; # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; -- cgit 1.4.1 From f12f2bb828da4ef9d8e37af189cfc588629833d7 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Fri, 9 Aug 2019 12:36:49 -0400 Subject: nixos/gnome-documents: move to programs --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/gnome-documents.nix | 50 ++++++++++++++++++++++ .../services/desktops/gnome3/gnome-documents.nix | 43 ------------------- .../services/x11/desktop-managers/gnome3.nix | 2 +- 4 files changed, 52 insertions(+), 45 deletions(-) create mode 100644 nixos/modules/programs/gnome-documents.nix delete mode 100644 nixos/modules/services/desktops/gnome3/gnome-documents.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 77d896316e9..1228ddddcff 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -112,6 +112,7 @@ ./programs/fish.nix ./programs/freetds.nix ./programs/gnome-disks.nix + ./programs/gnome-documents.nix ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/iftop.nix @@ -285,7 +286,6 @@ ./services/desktops/gnome3/chrome-gnome-shell.nix ./services/desktops/gnome3/evolution-data-server.nix ./services/desktops/gnome3/glib-networking.nix - ./services/desktops/gnome3/gnome-documents.nix ./services/desktops/gnome3/gnome-keyring.nix ./services/desktops/gnome3/gnome-online-accounts.nix ./services/desktops/gnome3/gnome-remote-desktop.nix diff --git a/nixos/modules/programs/gnome-documents.nix b/nixos/modules/programs/gnome-documents.nix new file mode 100644 index 00000000000..bfa3d409ee3 --- /dev/null +++ b/nixos/modules/programs/gnome-documents.nix @@ -0,0 +1,50 @@ +# GNOME Documents. + +{ config, pkgs, lib, ... }: + +with lib; + +{ + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-documents" "enable" ] + [ "programs" "gnome-documents" "enable" ]) + ]; + + ###### interface + + options = { + + programs.gnome-documents = { + + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable GNOME Documents, a document + manager application for GNOME. + ''; + }; + + }; + + }; + + + ###### implementation + + config = mkIf config.programs.gnome-documents.enable { + + environment.systemPackages = [ pkgs.gnome3.gnome-documents ]; + + services.dbus.packages = [ pkgs.gnome3.gnome-documents ]; + + services.gnome3.gnome-online-accounts.enable = true; + + services.gnome3.gnome-online-miners.enable = true; + + }; + +} diff --git a/nixos/modules/services/desktops/gnome3/gnome-documents.nix b/nixos/modules/services/desktops/gnome3/gnome-documents.nix deleted file mode 100644 index f6efb668424..00000000000 --- a/nixos/modules/services/desktops/gnome3/gnome-documents.nix +++ /dev/null @@ -1,43 +0,0 @@ -# GNOME Documents daemon. - -{ config, pkgs, lib, ... }: - -with lib; - -{ - - ###### interface - - options = { - - services.gnome3.gnome-documents = { - - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable GNOME Documents services, a document - manager application for GNOME. - ''; - }; - - }; - - }; - - - ###### implementation - - config = mkIf config.services.gnome3.gnome-documents.enable { - - environment.systemPackages = [ pkgs.gnome3.gnome-documents ]; - - services.dbus.packages = [ pkgs.gnome3.gnome-documents ]; - - services.gnome3.gnome-online-accounts.enable = true; - - services.gnome3.gnome-online-miners.enable = true; - - }; - -} diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 565ca0aac96..5e1e652a508 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -125,7 +125,6 @@ in { services.gnome3.at-spi2-core.enable = true; services.gnome3.evolution-data-server.enable = true; services.gnome3.glib-networking.enable = true; - services.gnome3.gnome-documents.enable = mkDefault true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-online-accounts.enable = mkDefault true; services.gnome3.gnome-remote-desktop.enable = mkDefault true; @@ -158,6 +157,7 @@ in { programs.evince.enable = mkDefault true; programs.file-roller.enable = mkDefault true; programs.gnome-disks.enable = mkDefault true; + programs.gnome-documents.enable = mkDefault true; # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; -- cgit 1.4.1 From 18d176dc20fff81e1f6ede31488804fc71b81f30 Mon Sep 17 00:00:00 2001 From: Edmund Wu Date: Fri, 9 Aug 2019 15:08:42 -0400 Subject: nixos/postgresql: fix quoted queries --- nixos/modules/services/databases/postgresql.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 7ff899970cc..10250bb5193 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -330,13 +330,13 @@ in fi '' + optionalString (cfg.ensureDatabases != []) '' ${concatMapStrings (database: '' - $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc "CREATE DATABASE ${database}" + $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"' '') cfg.ensureDatabases} '' + '' ${concatMapStrings (user: '' $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc "CREATE USER ${user.name}" ${concatStringsSep "\n" (mapAttrsToList (database: permission: '' - $PSQL -tAc "GRANT ${permission} ON ${database} TO ${user.name}" + $PSQL -tAc 'GRANT ${permission} ON ${database} TO ${user.name}' '') user.ensurePermissions)} '') cfg.ensureUsers} ''; -- cgit 1.4.1 From 33c834f2fb2c25f2351cd0ae9b8cc361e033141b Mon Sep 17 00:00:00 2001 From: Tobias Happ Date: Sat, 10 Aug 2019 10:28:12 +0200 Subject: environment.profiles: fix order of profiles This change is needed because the order of profiles correlate to the order in PATH, therefore "/etc/profiles/per-user/$USER" always appeared after the system packages directories. --- nixos/modules/config/users-groups.nix | 5 ++++- nixos/modules/programs/environment.nix | 5 ++--- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index c3f228c9bcc..25f1c67ce83 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -564,7 +564,10 @@ in { }; }) (filterAttrs (_: u: u.packages != []) cfg.users)); - environment.profiles = [ "/etc/profiles/per-user/$USER" ]; + environment.profiles = [ + "$HOME/.nix-profile" + "/etc/profiles/per-user/$USER" + ]; assertions = [ { assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique); diff --git a/nixos/modules/programs/environment.nix b/nixos/modules/programs/environment.nix index 3c6d356ef99..4d762314298 100644 --- a/nixos/modules/programs/environment.nix +++ b/nixos/modules/programs/environment.nix @@ -23,9 +23,8 @@ in XCURSOR_PATH = [ "$HOME/.icons" ]; }; - environment.profiles = - [ "$HOME/.nix-profile" - "/nix/var/nix/profiles/default" + environment.profiles = mkAfter + [ "/nix/var/nix/profiles/default" "/run/current-system/sw" ]; -- cgit 1.4.1 From be3fe4a869c731d2fd929b36edf8b12600ec8bc5 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Fri, 9 Aug 2019 12:43:00 -0400 Subject: nixos/gpaste: move to programs --- nixos/modules/module-list.nix | 2 +- nixos/modules/programs/gpaste.nix | 35 +++++++++++++++++++++++ nixos/modules/services/desktops/gnome3/gpaste.nix | 27 ----------------- 3 files changed, 36 insertions(+), 28 deletions(-) create mode 100644 nixos/modules/programs/gpaste.nix delete mode 100644 nixos/modules/services/desktops/gnome3/gpaste.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 1228ddddcff..75e513b76c6 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -113,6 +113,7 @@ ./programs/freetds.nix ./programs/gnome-disks.nix ./programs/gnome-documents.nix + ./programs/gpaste.nix ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/iftop.nix @@ -293,7 +294,6 @@ ./services/desktops/gnome3/gnome-settings-daemon.nix ./services/desktops/gnome3/gnome-terminal-server.nix ./services/desktops/gnome3/gnome-user-share.nix - ./services/desktops/gnome3/gpaste.nix ./services/desktops/gnome3/gvfs.nix ./services/desktops/gnome3/rygel.nix ./services/desktops/gnome3/seahorse.nix diff --git a/nixos/modules/programs/gpaste.nix b/nixos/modules/programs/gpaste.nix new file mode 100644 index 00000000000..33d5f58bfdd --- /dev/null +++ b/nixos/modules/programs/gpaste.nix @@ -0,0 +1,35 @@ +# GPaste. +{ config, lib, pkgs, ... }: + +with lib; + +{ + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gpaste" "enable" ] + [ "programs" "gpaste" "enable" ]) + ]; + + ###### interface + options = { + programs.gpaste = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable GPaste, a clipboard manager. + ''; + }; + }; + }; + + ###### implementation + config = mkIf config.programs.gpaste.enable { + environment.systemPackages = [ pkgs.gnome3.gpaste ]; + services.dbus.packages = [ pkgs.gnome3.gpaste ]; + services.xserver.desktopManager.gnome3.sessionPath = [ pkgs.gnome3.gpaste ]; + systemd.packages = [ pkgs.gnome3.gpaste ]; + }; +} diff --git a/nixos/modules/services/desktops/gnome3/gpaste.nix b/nixos/modules/services/desktops/gnome3/gpaste.nix deleted file mode 100644 index 5a8258775e0..00000000000 --- a/nixos/modules/services/desktops/gnome3/gpaste.nix +++ /dev/null @@ -1,27 +0,0 @@ -# GPaste daemon. -{ config, lib, pkgs, ... }: - -with lib; - -{ - ###### interface - options = { - services.gnome3.gpaste = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to enable GPaste, a clipboard manager. - ''; - }; - }; - }; - - ###### implementation - config = mkIf config.services.gnome3.gpaste.enable { - environment.systemPackages = [ pkgs.gnome3.gpaste ]; - services.dbus.packages = [ pkgs.gnome3.gpaste ]; - services.xserver.desktopManager.gnome3.sessionPath = [ pkgs.gnome3.gpaste ]; - systemd.packages = [ pkgs.gnome3.gpaste ]; - }; -} -- cgit 1.4.1 From 0722e88665c58c871161453d11c22ace85ff48d8 Mon Sep 17 00:00:00 2001 From: worldofpeace Date: Sat, 10 Aug 2019 07:10:40 -0400 Subject: nixos/gpaste: don't set sessionPath Not needed since f63d94eba34 --- nixos/modules/programs/gpaste.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/programs/gpaste.nix b/nixos/modules/programs/gpaste.nix index 33d5f58bfdd..4f6deb77e5e 100644 --- a/nixos/modules/programs/gpaste.nix +++ b/nixos/modules/programs/gpaste.nix @@ -29,7 +29,6 @@ with lib; config = mkIf config.programs.gpaste.enable { environment.systemPackages = [ pkgs.gnome3.gpaste ]; services.dbus.packages = [ pkgs.gnome3.gpaste ]; - services.xserver.desktopManager.gnome3.sessionPath = [ pkgs.gnome3.gpaste ]; systemd.packages = [ pkgs.gnome3.gpaste ]; }; } -- cgit 1.4.1 From 67d1cf4707289a41152a32e3f3816e30f52c8c06 Mon Sep 17 00:00:00 2001 From: Pierre Bourdon Date: Sat, 10 Aug 2019 19:33:17 +0200 Subject: nixos/ibus: do not default-install ibus-qt ibus-qt has not seen a release in 5 years and is only relevant for Qt 4.x, which is becoming more and more rare. Using my current laptop as a data point, ibus-qt is the only dependency left that drags in qt-4.8.7. --- nixos/doc/manual/release-notes/rl-1909.xml | 6 ++++++ nixos/modules/i18n/input-method/ibus.nix | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/doc/manual/release-notes/rl-1909.xml b/nixos/doc/manual/release-notes/rl-1909.xml index 37e9c2dbbb6..b12858cfc96 100644 --- a/nixos/doc/manual/release-notes/rl-1909.xml +++ b/nixos/doc/manual/release-notes/rl-1909.xml @@ -242,6 +242,12 @@ Only some exporters are affected by the latter, namely the exporters dovecot, node, postfix and varnish. + + + The ibus-qt package is not installed by default anymore when is set to ibus. + If IBus support in Qt 4.x applications is required, add the ibus-qt package to your manually. + + diff --git a/nixos/modules/i18n/input-method/ibus.nix b/nixos/modules/i18n/input-method/ibus.nix index f8e021f551e..8109ef76c40 100644 --- a/nixos/modules/i18n/input-method/ibus.nix +++ b/nixos/modules/i18n/input-method/ibus.nix @@ -55,7 +55,7 @@ in # Without dconf enabled it is impossible to use IBus environment.systemPackages = with pkgs; [ - ibus-qt gnome3.dconf ibusAutostart + gnome3.dconf ibusAutostart ]; environment.variables = { -- cgit 1.4.1 From ca3820dd002ac757518d22efcc7b05c59e67dc54 Mon Sep 17 00:00:00 2001 From: Silvan Mosberger Date: Sat, 10 Aug 2019 20:03:11 +0200 Subject: nixos/misc: Fix nixpkgs.config merge function Previously nested attrsets would override each other --- nixos/modules/misc/nixpkgs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index e0c192246c0..afb74581e23 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -19,7 +19,7 @@ let lhs = optCall lhs_ { inherit pkgs; }; rhs = optCall rhs_ { inherit pkgs; }; in - lhs // rhs // + recursiveUpdate lhs rhs // optionalAttrs (lhs ? packageOverrides) { packageOverrides = pkgs: optCall lhs.packageOverrides pkgs // -- cgit 1.4.1 From 98479675941bdfba735fdb8dcc0341cdfc962510 Mon Sep 17 00:00:00 2001 From: Jean Potier Date: Sun, 11 Aug 2019 13:21:26 +0300 Subject: Fix typo in assert in grafana module Current assert prevents using secretKeyFile entirely --- nixos/modules/services/monitoring/grafana.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index c2f6b585d49..bf1084eecc3 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -503,12 +503,12 @@ in { message = "Cannot set both adminPassword and adminPasswordFile"; } { - assertion = cfg.security.secretKeyFile != opt.security.secretKeyFile.default -> cfg.security.secretKeyFile == null; + assertion = cfg.security.secretKey != opt.security.secretKey.default -> cfg.security.secretKeyFile == null; message = "Cannot set both secretKey and secretKeyFile"; } { assertion = cfg.smtp.password != opt.smtp.password.default -> cfg.smtp.passwordFile == null; - message = "Cannot set both password and secretKeyFile"; + message = "Cannot set both password and passwordFile"; } ]; -- cgit 1.4.1 From 4ff9a48398f1e3ebf8e6ea315b326f66bfd6ae0e Mon Sep 17 00:00:00 2001 From: Notkea Date: Sun, 11 Aug 2019 19:09:42 +0200 Subject: nixos/postgresql-wal-receiver: add module (#63799) --- nixos/modules/module-list.nix | 1 + .../services/backup/postgresql-wal-receiver.nix | 203 +++++++++++++++++++++ nixos/tests/all-tests.nix | 1 + nixos/tests/postgresql-wal-receiver.nix | 86 +++++++++ 4 files changed, 291 insertions(+) create mode 100644 nixos/modules/services/backup/postgresql-wal-receiver.nix create mode 100644 nixos/tests/postgresql-wal-receiver.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 75e513b76c6..c775345ba4c 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -214,6 +214,7 @@ ./services/backup/duplicity.nix ./services/backup/mysql-backup.nix ./services/backup/postgresql-backup.nix + ./services/backup/postgresql-wal-receiver.nix ./services/backup/restic.nix ./services/backup/restic-rest-server.nix ./services/backup/rsnapshot.nix diff --git a/nixos/modules/services/backup/postgresql-wal-receiver.nix b/nixos/modules/services/backup/postgresql-wal-receiver.nix new file mode 100644 index 00000000000..d9a37037992 --- /dev/null +++ b/nixos/modules/services/backup/postgresql-wal-receiver.nix @@ -0,0 +1,203 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + receiverSubmodule = { + options = { + postgresqlPackage = mkOption { + type = types.package; + example = literalExample "pkgs.postgresql_11"; + description = '' + PostgreSQL package to use. + ''; + }; + + directory = mkOption { + type = types.path; + example = literalExample "/mnt/pg_wal/main/"; + description = '' + Directory to write the output to. + ''; + }; + + statusInterval = mkOption { + type = types.int; + default = 10; + description = '' + Specifies the number of seconds between status packets sent back to the server. + This allows for easier monitoring of the progress from server. + A value of zero disables the periodic status updates completely, + although an update will still be sent when requested by the server, to avoid timeout disconnect. + ''; + }; + + slot = mkOption { + type = types.str; + default = ""; + example = "some_slot_name"; + description = '' + Require pg_receivewal to use an existing replication slot (see + Section 26.2.6 of the PostgreSQL manual). + When this option is used, pg_receivewal will report a flush position to the server, + indicating when each segment has been synchronized to disk so that the server can remove that segment if it is not otherwise needed. + + When the replication client of pg_receivewal is configured on the server as a synchronous standby, + then using a replication slot will report the flush position to the server, but only when a WAL file is closed. + Therefore, that configuration will cause transactions on the primary to wait for a long time and effectively not work satisfactorily. + The option must be specified in addition to make this work correctly. + ''; + }; + + synchronous = mkOption { + type = types.bool; + default = false; + description = '' + Flush the WAL data to disk immediately after it has been received. + Also send a status packet back to the server immediately after flushing, regardless of . + + This option should be specified if the replication client of pg_receivewal is configured on the server as a synchronous standby, + to ensure that timely feedback is sent to the server. + ''; + }; + + compress = mkOption { + type = types.ints.between 0 9; + default = 0; + description = '' + Enables gzip compression of write-ahead logs, and specifies the compression level + (0 through 9, 0 being no compression and 9 being best compression). + The suffix .gz will automatically be added to all filenames. + + This option requires PostgreSQL >= 10. + ''; + }; + + connection = mkOption { + type = types.str; + example = "postgresql://user@somehost"; + description = '' + Specifies parameters used to connect to the server, as a connection string. + See Section 34.1.1 of the PostgreSQL manual for more information. + + Because pg_receivewal doesn't connect to any particular database in the cluster, + database name in the connection string will be ignored. + ''; + }; + + extraArgs = mkOption { + type = with types; listOf str; + default = [ ]; + example = literalExample '' + [ + "--no-sync" + ] + ''; + description = '' + A list of extra arguments to pass to the pg_receivewal command. + ''; + }; + + environment = mkOption { + type = with types; attrsOf str; + default = { }; + example = literalExample '' + { + PGPASSFILE = "/private/passfile"; + PGSSLMODE = "require"; + } + ''; + description = '' + Environment variables passed to the service. + Usable parameters are listed in Section 34.14 of the PostgreSQL manual. + ''; + }; + }; + }; + +in { + options = { + services.postgresqlWalReceiver = { + receivers = mkOption { + type = with types; attrsOf (submodule receiverSubmodule); + default = { }; + example = literalExample '' + { + main = { + postgresqlPackage = pkgs.postgresql_11; + directory = /mnt/pg_wal/main/; + slot = "main_wal_receiver"; + connection = "postgresql://user@somehost"; + }; + } + ''; + description = '' + PostgreSQL WAL receivers. + Stream write-ahead logs from a PostgreSQL server using pg_receivewal (formerly pg_receivexlog). + See the man page for more information. + ''; + }; + }; + }; + + config = let + receivers = config.services.postgresqlWalReceiver.receivers; + in mkIf (receivers != { }) { + users = { + users.postgres = { + uid = config.ids.uids.postgres; + group = "postgres"; + description = "PostgreSQL server user"; + }; + + groups.postgres = { + gid = config.ids.gids.postgres; + }; + }; + + assertions = concatLists (attrsets.mapAttrsToList (name: config: [ + { + assertion = config.compress > 0 -> versionAtLeast config.postgresqlPackage.version "10"; + message = "Invalid configuration for WAL receiver \"${name}\": compress requires PostgreSQL version >= 10."; + } + ]) receivers); + + systemd.tmpfiles.rules = mapAttrsToList (name: config: '' + d ${escapeShellArg config.directory} 0750 postgres postgres - - + '') receivers; + + systemd.services = with attrsets; mapAttrs' (name: config: nameValuePair "postgresql-wal-receiver-${name}" { + description = "PostgreSQL WAL receiver (${name})"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + User = "postgres"; + Group = "postgres"; + KillSignal = "SIGINT"; + Restart = "always"; + RestartSec = 30; + }; + + inherit (config) environment; + + script = let + receiverCommand = postgresqlPackage: + if (versionAtLeast postgresqlPackage.version "10") + then "${postgresqlPackage}/bin/pg_receivewal" + else "${postgresqlPackage}/bin/pg_receivexlog"; + in '' + ${receiverCommand config.postgresqlPackage} \ + --no-password \ + --directory=${escapeShellArg config.directory} \ + --status-interval=${toString config.statusInterval} \ + --dbname=${escapeShellArg config.connection} \ + ${optionalString (config.compress > 0) "--compress=${toString config.compress}"} \ + ${optionalString (config.slot != "") "--slot=${escapeShellArg config.slot}"} \ + ${optionalString config.synchronous "--synchronous"} \ + ${concatStringsSep " " config.extraArgs} + ''; + }) receivers; + }; + + meta.maintainers = with maintainers; [ pacien ]; +} diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 4a802158752..c24c8ae61a5 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -210,6 +210,7 @@ in plotinus = handleTest ./plotinus.nix {}; postgis = handleTest ./postgis.nix {}; postgresql = handleTest ./postgresql.nix {}; + postgresql-wal-receiver = handleTest ./postgresql-wal-receiver.nix {}; powerdns = handleTest ./powerdns.nix {}; predictable-interface-names = handleTest ./predictable-interface-names.nix {}; printing = handleTest ./printing.nix {}; diff --git a/nixos/tests/postgresql-wal-receiver.nix b/nixos/tests/postgresql-wal-receiver.nix new file mode 100644 index 00000000000..791b041ba95 --- /dev/null +++ b/nixos/tests/postgresql-wal-receiver.nix @@ -0,0 +1,86 @@ +{ system ? builtins.currentSystem +, config ? { } +, pkgs ? import ../.. { inherit system config; } }: + +with import ../lib/testing.nix { inherit system pkgs; }; +with pkgs.lib; + +let + postgresqlDataDir = "/var/db/postgresql/test"; + replicationUser = "wal_receiver_user"; + replicationSlot = "wal_receiver_slot"; + replicationConn = "postgresql://${replicationUser}@localhost"; + baseBackupDir = "/tmp/pg_basebackup"; + walBackupDir = "/tmp/pg_wal"; + recoveryConf = pkgs.writeText "recovery.conf" '' + restore_command = 'cp ${walBackupDir}/%f %p' + ''; + + makePostgresqlWalReceiverTest = subTestName: postgresqlPackage: makeTest { + name = "postgresql-wal-receiver-${subTestName}"; + meta.maintainers = with maintainers; [ pacien ]; + + machine = { ... }: { + services.postgresql = { + package = postgresqlPackage; + enable = true; + dataDir = postgresqlDataDir; + extraConfig = '' + wal_level = archive # alias for replica on pg >= 9.6 + max_wal_senders = 10 + max_replication_slots = 10 + ''; + authentication = '' + host replication ${replicationUser} all trust + ''; + initialScript = pkgs.writeText "init.sql" '' + create user ${replicationUser} replication; + select * from pg_create_physical_replication_slot('${replicationSlot}'); + ''; + }; + + services.postgresqlWalReceiver.receivers.main = { + inherit postgresqlPackage; + connection = replicationConn; + slot = replicationSlot; + directory = walBackupDir; + }; + }; + + testScript = '' + # make an initial base backup + $machine->waitForUnit('postgresql'); + $machine->waitForUnit('postgresql-wal-receiver-main'); + # WAL receiver healthchecks PG every 5 seconds, so let's be sure they have connected each other + # required only for 9.4 + $machine->sleep(5); + $machine->succeed('${postgresqlPackage}/bin/pg_basebackup --dbname=${replicationConn} --pgdata=${baseBackupDir}'); + + # create a dummy table with 100 records + $machine->succeed('sudo -u postgres psql --command="create table dummy as select * from generate_series(1, 100) as val;"'); + + # stop postgres and destroy data + $machine->systemctl('stop postgresql'); + $machine->systemctl('stop postgresql-wal-receiver-main'); + $machine->succeed('rm -r ${postgresqlDataDir}/{base,global,pg_*}'); + + # restore the base backup + $machine->succeed('cp -r ${baseBackupDir}/* ${postgresqlDataDir} && chown postgres:postgres -R ${postgresqlDataDir}'); + + # prepare WAL and recovery + $machine->succeed('chmod a+rX -R ${walBackupDir}'); + $machine->execute('for part in ${walBackupDir}/*.partial; do mv $part ''${part%%.*}; done'); # make use of partial segments too + $machine->succeed('cp ${recoveryConf} ${postgresqlDataDir}/recovery.conf && chmod 666 ${postgresqlDataDir}/recovery.conf'); + + # replay WAL + $machine->systemctl('start postgresql'); + $machine->waitForFile('${postgresqlDataDir}/recovery.done'); + $machine->systemctl('restart postgresql'); + $machine->waitForUnit('postgresql'); + + # check that our records have been restored + $machine->succeed('test $(sudo -u postgres psql --pset="pager=off" --tuples-only --command="select count(distinct val) from dummy;") -eq 100'); + ''; + }; + +in mapAttrs makePostgresqlWalReceiverTest (import ../../pkgs/servers/sql/postgresql pkgs) -- cgit 1.4.1 From 26f128c1af941e82573fbc3a11d2f6e5481f8aa5 Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Sun, 11 Aug 2019 08:13:41 -0400 Subject: nylas-mail-bin: drop package which is no longer supported upstream --- nixos/modules/programs/nylas-mail.nix | 36 ------ .../mailreaders/nylas-mail-bin/default.nix | 133 --------------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 - 4 files changed, 1 insertion(+), 171 deletions(-) delete mode 100644 nixos/modules/programs/nylas-mail.nix delete mode 100644 pkgs/applications/networking/mailreaders/nylas-mail-bin/default.nix (limited to 'nixos/modules') diff --git a/nixos/modules/programs/nylas-mail.nix b/nixos/modules/programs/nylas-mail.nix deleted file mode 100644 index 08a6cd0a604..00000000000 --- a/nixos/modules/programs/nylas-mail.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.nylas-mail; -in { - ###### interface - options = { - services.nylas-mail = { - - enable = mkEnableOption '' - nylas-mail - Open-source mail client built on the modern web with Electron, React, and Flux - ''; - - gnome3-keyring = mkOption { - type = types.bool; - default = true; - description = "Enable gnome3 keyring for nylas-mail."; - }; - }; - }; - - - ###### implementation - - config = mkIf cfg.enable { - - environment.systemPackages = [ pkgs.nylas-mail-bin ]; - - services.gnome3.gnome-keyring = mkIf cfg.gnome3-keyring { - enable = true; - }; - - }; -} diff --git a/pkgs/applications/networking/mailreaders/nylas-mail-bin/default.nix b/pkgs/applications/networking/mailreaders/nylas-mail-bin/default.nix deleted file mode 100644 index 5bb24c9ded7..00000000000 --- a/pkgs/applications/networking/mailreaders/nylas-mail-bin/default.nix +++ /dev/null @@ -1,133 +0,0 @@ -{ dpkg, fetchurl, lib, pkgs, stdenv -, alsaLib -, atk -, cairo -, coreutils -, cups -, dbus -, desktop-file-utils -, expat -, fontconfig -, freetype -, gcc-unwrapped -, gdk-pixbuf -, glib -, gnome2 -, libgnome-keyring -, libnotify -, makeWrapper -, nodejs -, nspr -, nss -, pango -, python2 -, udev -, wget -, xorg -}: - -stdenv.mkDerivation rec { - name = "${pkgname}-${version}"; - pkgname = "nylas-mail-bin"; - version = "2.0.32"; - subVersion = "fec7941"; - - src = - if stdenv.hostPlatform.system == "x86_64-linux" then - fetchurl { - url = "https://edgehill.s3.amazonaws.com/${version}-${subVersion}/linux-deb/x64/NylasMail.deb"; - sha256 = "40060aa1dc3b5187b8ed4a07b9de3427e3c5a291df98c2c82395647fa2aa4ada"; - } - else - throw "NylasMail is not supported on ${stdenv.hostPlatform.system}"; - - propagatedBuildInputs = [ - alsaLib - atk - cairo - coreutils - cups - dbus - desktop-file-utils - expat - fontconfig - freetype - gcc-unwrapped - gdk-pixbuf - glib - gnome2.GConf - gnome2.gtk - libgnome-keyring - libnotify - nodejs - nspr - nss - pango - python2 - udev - wget - xorg.libX11 - xorg.libXScrnSaver - xorg.libXcomposite - xorg.libXcursor - xorg.libXdamage - xorg.libXext - xorg.libXfixes - xorg.libXi - xorg.libXrandr - xorg.libXrender - xorg.libXtst - xorg.libxkbfile - ]; - - - nativeBuildInputs = [ makeWrapper ]; - - buildCommand = '' - mkdir -p $out - - ${dpkg}/bin/dpkg-deb -x $src unpacked - mv unpacked/usr/* $out/ - - # Fix path in desktop file - substituteInPlace $out/share/applications/nylas-mail.desktop \ - --replace /usr/bin/nylas-mail $out/bin/nylas-mail - - # Patch librariess - noderp=$(patchelf --print-rpath $out/share/nylas-mail/libnode.so) - patchelf --set-rpath $noderp:$out/lib:${stdenv.cc.cc.lib}/lib:${xorg.libxkbfile.out}/lib:${lib.makeLibraryPath propagatedBuildInputs } \ - $out/share/nylas-mail/libnode.so - - ffrp=$(patchelf --print-rpath $out/share/nylas-mail/libffmpeg.so) - patchelf --set-rpath $ffrp:$out/lib:${stdenv.cc.cc.lib}/lib:${lib.makeLibraryPath propagatedBuildInputs } \ - $out/share/nylas-mail/libffmpeg.so - - # Patch binaries - binrp=$(patchelf --print-rpath $out/share/nylas-mail/nylas) - patchelf --interpreter $(cat "$NIX_CC"/nix-support/dynamic-linker) \ - --set-rpath $binrp:$out/lib:${stdenv.cc.cc.lib}/lib:${lib.makeLibraryPath propagatedBuildInputs } \ - $out/share/nylas-mail/nylas - - wrapProgram $out/share/nylas-mail/nylas --set LD_LIBRARY_PATH "${xorg.libxkbfile}/lib:${pkgs.gnome3.libgnome-keyring}/lib"; - - # Fix path to bash so apm can install plugins. - substituteInPlace $out/share/nylas-mail/resources/apm/bin/apm \ - --replace /bin/bash ${stdenv.shell} - - wrapProgram $out/share/nylas-mail/resources/apm/bin/apm \ - --set PATH "${coreutils}/bin" - patchelf --interpreter $(cat "$NIX_CC"/nix-support/dynamic-linker) \ - --set-rpath ${gcc-unwrapped.lib}/lib $out/share/nylas-mail/resources/apm/bin/node - ''; - - meta = with stdenv.lib; { - description = "Open-source mail client built on the modern web with Electron, React, and Flux"; - longDescription = '' - Nylas Mail is an open-source mail client built on the modern web with Electron, React, and Flux. It is designed to be extensible, so it's easy to create new experiences and workflows around email. Nylas Mail can be enabled with it's requirements by enabling 'services.nylas-mail.enable=true'. Alternatively, make sure to have services.gnome3.gnome-keyring.enable = true; in your configuration.nix before running nylas-mail. If you happen to miss this step, you should remove ~/.nylas-mail and "~/.config/Nylas Mail" for a blank setup". - ''; - license = licenses.gpl3; - maintainers = with maintainers; [ johnramsden ]; - homepage = https://nylas.com; - platforms = [ "x86_64-linux" ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 0fc785f51c4..11e049dc5c3 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -231,6 +231,7 @@ mapAliases ({ nmap_graphical = nmap-graphical; # added 2017-01-19 nologin = shadow; # added 2018-04-25 nxproxy = nx-libs; # added 2019-02-15 + nylas-mail-bin = throw "deprecated in 2019-09-11: abandoned by upstream"; opencascade_oce = opencascade; # added 2018-04-25 opencl-icd = ocl-icd; # added 2017-01-20 openexr_ctl = ctl; # added 2018-04-25 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f1d31a4ebbb..a1ef1097564 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -20746,8 +20746,6 @@ in thinkingRock = callPackage ../applications/misc/thinking-rock { }; - nylas-mail-bin = callPackage ../applications/networking/mailreaders/nylas-mail-bin { }; - thonny = callPackage ../applications/editors/thonny { }; thunderbird = callPackage ../applications/networking/mailreaders/thunderbird { -- cgit 1.4.1 From 543f219b30c9bde1a9a7e258a18cd3205f1ee013 Mon Sep 17 00:00:00 2001 From: WilliButz Date: Sun, 11 Aug 2019 13:33:42 +0200 Subject: nixos/prometheus: replace 'alertmanagerURL' options for prometheus2 Prometheus2 does no longer support the command-line flag to specify an alertmanager. Instead it now supports both service discovery and configuration of alertmanagers in the alerting config section. Simply mapping the previous option to an entry in the new alertmanagers section is not enough to allow for complete configurations of an alertmanager. Therefore the option alertmanagerURL is no longer used and instead a full alertmanager configuration is expected. --- .../services/monitoring/prometheus/default.nix | 26 ++++++++++++++-------- 1 file changed, 17 insertions(+), 9 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/monitoring/prometheus/default.nix b/nixos/modules/services/monitoring/prometheus/default.nix index d8384e0d35b..647d67533b8 100644 --- a/nixos/modules/services/monitoring/prometheus/default.nix +++ b/nixos/modules/services/monitoring/prometheus/default.nix @@ -79,12 +79,8 @@ let (pkgs.writeText "prometheus.rules" (concatStringsSep "\n" cfg2.rules)) ]); scrape_configs = filterValidPrometheus cfg2.scrapeConfigs; - alerting = optionalAttrs (cfg2.alertmanagerURL != []) { - alertmanagers = [{ - static_configs = [{ - targets = cfg2.alertmanagerURL; - }]; - }]; + alerting = { + inherit (cfg2) alertmanagers; }; }; @@ -738,11 +734,23 @@ in { ''; }; - alertmanagerURL = mkOption { - type = types.listOf types.str; + alertmanagers = mkOption { + type = types.listOf types.attrs; + example = literalExample '' + [ { + scheme = "https"; + path_prefix = "/alertmanager"; + static_configs = [ { + targets = [ + "prometheus.domain.tld" + ]; + } ]; + } ] + ''; default = []; description = '' - List of Alertmanager URLs to send notifications to. + A list of alertmanagers to send alerts to. + See the official documentation for more information. ''; }; -- cgit 1.4.1 From a8847c870aa0b5acdbc7593616858bfd1b825fbf Mon Sep 17 00:00:00 2001 From: WilliButz Date: Sun, 11 Aug 2019 13:39:27 +0200 Subject: nixos/rename: add prometheus2 change --- nixos/modules/rename.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'nixos/modules') diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 4ae64222274..c44332237fc 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -51,6 +51,10 @@ with lib; (mkRemovedOptionModule [ "services" "misc" "nzbget" "openFirewall" ] "The port used by nzbget is managed through the web interface so you should adjust your firewall rules accordingly.") (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "user" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a user setting.") (mkRemovedOptionModule [ "services" "prometheus" "alertmanager" "group" ] "The alertmanager service is now using systemd's DynamicUser mechanism which obviates a group setting.") + (mkRemovedOptionModule [ "services" "prometheus2" "alertmanagerURL" ] '' + Due to incompatibility, the alertmanagerURL option has been removed, + please use 'services.prometheus2.alertmanagers' instead. + '') (mkRenamedOptionModule [ "services" "tor" "relay" "portSpec" ] [ "services" "tor" "relay" "port" ]) (mkRenamedOptionModule [ "services" "vmwareGuest" ] [ "virtualisation" "vmware" "guest" ]) (mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ]) -- cgit 1.4.1 From c28ded36ef50cb80796c6bd946754abfb47ffa28 Mon Sep 17 00:00:00 2001 From: WilliButz Date: Sun, 11 Aug 2019 12:06:29 +0200 Subject: nixos/prometheus-blackbox-exporter: add config check --- .../services/monitoring/prometheus/exporters/blackbox.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix b/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix index f69b389760f..ca4366121e1 100644 --- a/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix +++ b/nixos/modules/services/monitoring/prometheus/exporters/blackbox.nix @@ -4,6 +4,13 @@ with lib; let cfg = config.services.prometheus.exporters.blackbox; + + checkConfig = file: pkgs.runCommand "checked-blackbox-exporter.conf" { + preferLocalBuild = true; + buildInputs = [ pkgs.buildPackages.prometheus-blackbox-exporter ]; } '' + ln -s ${file} $out + blackbox_exporter --config.check --config.file $out + ''; in { port = 9115; @@ -21,7 +28,7 @@ in ExecStart = '' ${pkgs.prometheus-blackbox-exporter}/bin/blackbox_exporter \ --web.listen-address ${cfg.listenAddress}:${toString cfg.port} \ - --config.file ${cfg.configFile} \ + --config.file ${checkConfig cfg.configFile} \ ${concatStringsSep " \\\n " cfg.extraFlags} ''; ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID"; -- cgit 1.4.1 From c4de0bf49289bc6b1448420dea39d7a5b0f3c374 Mon Sep 17 00:00:00 2001 From: Edmund Wu Date: Tue, 16 Jul 2019 16:21:55 -0400 Subject: timezone.nix -> locale.nix Also includes geolocation information abstracted from redshift.nix --- nixos/modules/config/locale.nix | 94 +++++++++++++++++++++++++++++++++ nixos/modules/config/timezone.nix | 59 --------------------- nixos/modules/module-list.nix | 2 +- nixos/modules/rename.nix | 14 +++++ nixos/modules/services/x11/redshift.nix | 58 +++----------------- 5 files changed, 117 insertions(+), 110 deletions(-) create mode 100644 nixos/modules/config/locale.nix delete mode 100644 nixos/modules/config/timezone.nix (limited to 'nixos/modules') diff --git a/nixos/modules/config/locale.nix b/nixos/modules/config/locale.nix new file mode 100644 index 00000000000..6f056588187 --- /dev/null +++ b/nixos/modules/config/locale.nix @@ -0,0 +1,94 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + tzdir = "${pkgs.tzdata}/share/zoneinfo"; + nospace = str: filter (c: c == " ") (stringToCharacters str) == []; + timezone = types.nullOr (types.addCheck types.str nospace) + // { description = "null or string without spaces"; }; + + lcfg = config.location; + +in + +{ + options = { + + time = { + + timeZone = mkOption { + default = null; + type = timezone; + example = "America/New_York"; + description = '' + The time zone used when displaying times and dates. See + for a comprehensive list of possible values for this setting. + + If null, the timezone will default to UTC and can be set imperatively + using timedatectl. + ''; + }; + + hardwareClockInLocalTime = mkOption { + default = false; + type = types.bool; + description = "If set, keep the hardware clock in local time instead of UTC."; + }; + + }; + + location = { + + latitude = mkOption { + type = types.float; + description = '' + Your current latitude, between + -90.0 and 90.0. Must be provided + along with longitude. + ''; + }; + + longitude = mkOption { + type = types.float; + description = '' + Your current longitude, between + between -180.0 and 180.0. Must be + provided along with latitude. + ''; + }; + + provider = mkOption { + type = types.enum [ "manual" "geoclue2" ]; + default = "manual"; + description = '' + The location provider to use for determining your location. If set to + manual you must also provide latitude/longitude. + ''; + }; + + }; + }; + + config = { + + environment.sessionVariables.TZDIR = "/etc/zoneinfo"; + + services.geoclue2.enable = mkIf (lcfg.provider == "geoclue2") true; + + # This way services are restarted when tzdata changes. + systemd.globalEnvironment.TZDIR = tzdir; + + systemd.services.systemd-timedated.environment = lib.optionalAttrs (config.time.timeZone != null) { NIXOS_STATIC_TIMEZONE = "1"; }; + + environment.etc = { + zoneinfo.source = tzdir; + } // lib.optionalAttrs (config.time.timeZone != null) { + localtime.source = "/etc/zoneinfo/${config.time.timeZone}"; + localtime.mode = "direct-symlink"; + }; + }; + +} diff --git a/nixos/modules/config/timezone.nix b/nixos/modules/config/timezone.nix deleted file mode 100644 index b15948f6e2e..00000000000 --- a/nixos/modules/config/timezone.nix +++ /dev/null @@ -1,59 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - - tzdir = "${pkgs.tzdata}/share/zoneinfo"; - nospace = str: filter (c: c == " ") (stringToCharacters str) == []; - timezone = types.nullOr (types.addCheck types.str nospace) - // { description = "null or string without spaces"; }; - -in - -{ - options = { - - time = { - - timeZone = mkOption { - default = null; - type = timezone; - example = "America/New_York"; - description = '' - The time zone used when displaying times and dates. See - for a comprehensive list of possible values for this setting. - - If null, the timezone will default to UTC and can be set imperatively - using timedatectl. - ''; - }; - - hardwareClockInLocalTime = mkOption { - default = false; - type = types.bool; - description = "If set, keep the hardware clock in local time instead of UTC."; - }; - - }; - }; - - config = { - - environment.sessionVariables.TZDIR = "/etc/zoneinfo"; - - # This way services are restarted when tzdata changes. - systemd.globalEnvironment.TZDIR = tzdir; - - systemd.services.systemd-timedated.environment = lib.optionalAttrs (config.time.timeZone != null) { NIXOS_STATIC_TIMEZONE = "1"; }; - - environment.etc = { - zoneinfo.source = tzdir; - } // lib.optionalAttrs (config.time.timeZone != null) { - localtime.source = "/etc/zoneinfo/${config.time.timeZone}"; - localtime.mode = "direct-symlink"; - }; - }; - -} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 8c6bc47df25..8eb2ebafb7d 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -20,6 +20,7 @@ ./config/iproute2.nix ./config/krb5/default.nix ./config/ldap.nix + ./config/locale.nix ./config/malloc.nix ./config/networking.nix ./config/no-x-libs.nix @@ -33,7 +34,6 @@ ./config/system-environment.nix ./config/system-path.nix ./config/terminfo.nix - ./config/timezone.nix ./config/unix-odbc-drivers.nix ./config/users-groups.nix ./config/vpnc.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 4ae64222274..6228c95ae91 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -257,6 +257,20 @@ with lib; (mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ]) (mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ]) + # Redshift + (mkChangedOptionModule [ "services" "redshift" "latitude" ] [ "location" "latitude" ] + (config: + let value = getAttrFromPath [ "services" "redshift" "latitude" ] config; + in if value == null then + throw "services.redshift.latitude is set to null, you can remove this" + else builtins.fromJSON value)) + (mkChangedOptionModule [ "services" "redshift" "longitude" ] [ "location" "longitude" ] + (config: + let value = getAttrFromPath [ "services" "redshift" "longitude" ] config; + in if value == null then + throw "services.redshift.longitude is set to null, you can remove this" + else builtins.fromJSON value)) + ] ++ (flip map [ "blackboxExporter" "collectdExporter" "fritzboxExporter" "jsonExporter" "minioExporter" "nginxExporter" "nodeExporter" "snmpExporter" "unifiExporter" "varnishExporter" ] diff --git a/nixos/modules/services/x11/redshift.nix b/nixos/modules/services/x11/redshift.nix index 4345a334808..55f8f75021b 100644 --- a/nixos/modules/services/x11/redshift.nix +++ b/nixos/modules/services/x11/redshift.nix @@ -5,6 +5,7 @@ with lib; let cfg = config.services.redshift; + lcfg = config.location; in { @@ -18,35 +19,6 @@ in { ''; }; - latitude = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Your current latitude, between - -90.0 and 90.0. Must be provided - along with longitude. - ''; - }; - - longitude = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - Your current longitude, between - between -180.0 and 180.0. Must be - provided along with latitude. - ''; - }; - - provider = mkOption { - type = types.enum [ "manual" "geoclue2" ]; - default = "manual"; - description = '' - The location provider to use for determining your location. If set to - manual you must also provide latitude/longitude. - ''; - }; - temperature = { day = mkOption { type = types.int; @@ -106,33 +78,19 @@ in { }; config = mkIf cfg.enable { - assertions = [ - { - assertion = - if cfg.provider == "manual" - then (cfg.latitude != null && cfg.longitude != null) - else (cfg.latitude == null && cfg.longitude == null); - message = "Latitude and longitude must be provided together, and with provider set to null."; - } - ]; - # needed so that .desktop files are installed, which geoclue cares about environment.systemPackages = [ cfg.package ]; - services.geoclue2 = mkIf (cfg.provider == "geoclue2") { - enable = true; - appConfig."redshift" = { - isAllowed = true; - isSystem = true; - }; + services.geoclue2.appConfig."redshift" = { + isAllowed = true; + isSystem = true; }; - systemd.user.services.redshift = + systemd.user.services.redshift = let - providerString = - if cfg.provider == "manual" - then "${cfg.latitude}:${cfg.longitude}" - else cfg.provider; + providerString = if lcfg.provider == "manual" + then "${toString lcfg.latitude}:${toString lcfg.longitude}" + else lcfg.provider; in { description = "Redshift colour temperature adjuster"; -- cgit 1.4.1 From 7c8ea897be91758787dea1c3280974c7cdf7df9b Mon Sep 17 00:00:00 2001 From: Edmund Wu Date: Thu, 4 Jul 2019 12:34:49 -0400 Subject: clight: include module --- nixos/modules/module-list.nix | 1 + nixos/modules/services/x11/clight.nix | 115 ++++++++++++++++++++++++++++++++++ 2 files changed, 116 insertions(+) create mode 100644 nixos/modules/services/x11/clight.nix (limited to 'nixos/modules') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 8eb2ebafb7d..8b6264341a4 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -816,6 +816,7 @@ ./services/web-servers/varnish/default.nix ./services/web-servers/zope2.nix ./services/x11/extra-layouts.nix + ./services/x11/clight.nix ./services/x11/colord.nix ./services/x11/compton.nix ./services/x11/unclutter.nix diff --git a/nixos/modules/services/x11/clight.nix b/nixos/modules/services/x11/clight.nix new file mode 100644 index 00000000000..6ec395bb05e --- /dev/null +++ b/nixos/modules/services/x11/clight.nix @@ -0,0 +1,115 @@ +{ config, pkgs, lib, ... }: + +with lib; + +let + cfg = config.services.clight; + + toConf = v: + if builtins.isFloat v then toString v + else if isInt v then toString v + else if isBool v then boolToString v + else if isString v then ''"${escape [''"''] v}"'' + else if isList v then "[ " + concatMapStringsSep ", " toConf v + " ]" + else abort "clight.toConf: unexpected type (v = ${v})"; + + clightConf = pkgs.writeText "clight.conf" + (concatStringsSep "\n" (mapAttrsToList + (name: value: "${toString name} = ${toConf value};") + (filterAttrs + (_: value: value != null) + cfg.settings))); +in { + options.services.clight = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to enable clight or not. + ''; + }; + + temperature = { + day = mkOption { + type = types.int; + default = 5500; + description = '' + Colour temperature to use during the day, between + 1000 and 25000 K. + ''; + }; + night = mkOption { + type = types.int; + default = 3700; + description = '' + Colour temperature to use at night, between + 1000 and 25000 K. + ''; + }; + }; + + settings = let + validConfigTypes = with types; either int (either str (either bool float)); + in mkOption { + type = with types; attrsOf (nullOr (either validConfigTypes (listOf validConfigTypes))); + default = {}; + example = { captures = 20; gamma_long_transition = true; ac_capture_timeouts = [ 120 300 60 ]; }; + description = '' + Additional configuration to extend clight.conf. See + for a + sample configuration file. + ''; + }; + }; + + config = mkIf cfg.enable { + boot.kernelModules = [ "i2c_dev" ]; + environment.systemPackages = with pkgs; [ clight clightd ]; + services.dbus.packages = with pkgs; [ clight clightd ]; + services.upower.enable = true; + + services.clight.settings = { + gamma_temp = with cfg.temperature; mkDefault [ day night ]; + } // (optionalAttrs (config.location.provider == "manual") { + latitude = mkDefault config.location.latitude; + longitude = mkDefault config.location.longitude; + }); + + services.geoclue2.appConfig."clightc" = { + isAllowed = true; + isSystem = true; + }; + + systemd.services.clightd = { + requires = [ "polkit.service" ]; + wantedBy = [ "multi-user.target" ]; + + description = "Bus service to manage various screen related properties (gamma, dpms, backlight)"; + serviceConfig = { + Type = "dbus"; + BusName = "org.clightd.clightd"; + Restart = "on-failure"; + RestartSec = 5; + ExecStart = '' + ${pkgs.clightd}/bin/clightd + ''; + }; + }; + + systemd.user.services.clight = { + after = [ "upower.service" "clightd.service" ]; + wants = [ "upower.service" "clightd.service" ]; + partOf = [ "graphical-session.target" ]; + wantedBy = [ "graphical-session.target" ]; + + description = "C daemon to adjust screen brightness to match ambient brightness, as computed capturing frames from webcam"; + serviceConfig = { + Restart = "on-failure"; + RestartSec = 5; + ExecStart = '' + ${pkgs.clight}/bin/clight --conf-file ${clightConf} + ''; + }; + }; + }; +} -- cgit 1.4.1 From 2ee14c34ed1912ee31f1d4cc117b0ab25a3b20b1 Mon Sep 17 00:00:00 2001 From: Jeff Slight Date: Mon, 12 Aug 2019 12:50:02 -0700 Subject: nixos/gitlab: properly clear out initializers --- nixos/modules/services/misc/gitlab.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 2f3f76d79ff..087630f2177 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -502,7 +502,7 @@ in { "d ${cfg.statePath} 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/builds 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/config 0750 ${cfg.user} ${cfg.group} -" - "d ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" + "D ${cfg.statePath}/config/initializers 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/db 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/log 0750 ${cfg.user} ${cfg.group} -" "d ${cfg.statePath}/repositories 2770 ${cfg.user} ${cfg.group} -" -- cgit 1.4.1 From 011fa89b92489f6126f38edb9b9a6dc921bf8aac Mon Sep 17 00:00:00 2001 From: Aaron Janse Date: Tue, 13 Aug 2019 15:49:09 -0700 Subject: nixos/modules/misc/crashdump: remove idle=poll (fix #66464) Previously, "idle=poll" would severely overheat some CPUs --- nixos/modules/misc/crashdump.nix | 1 - 1 file changed, 1 deletion(-) (limited to 'nixos/modules') diff --git a/nixos/modules/misc/crashdump.nix b/nixos/modules/misc/crashdump.nix index 6e0b49fa9af..3c47e79d051 100644 --- a/nixos/modules/misc/crashdump.nix +++ b/nixos/modules/misc/crashdump.nix @@ -58,7 +58,6 @@ in "crashkernel=${crashdump.reservedMemory}" "nmi_watchdog=panic" "softlockup_panic=1" - "idle=poll" ]; kernelPatches = [ { name = "crashdump-config"; -- cgit 1.4.1 From 02dfc07a045c628dfa718f075e7dbdf092b523f6 Mon Sep 17 00:00:00 2001 From: "Tristan Helmich (omniIT)" Date: Wed, 14 Aug 2019 09:22:02 +0000 Subject: nixos/oxidized: Use symlinks for config files The old `cp` suffers from a permission issue on the 2nd start of the service. The files were copied from the read-only nix store. On the 2nd start of the service the `cp` failed. The new version force creates a symlink which does not suffer from this. --- nixos/modules/services/admin/oxidized.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos/modules') diff --git a/nixos/modules/services/admin/oxidized.nix b/nixos/modules/services/admin/oxidized.nix index 687cdfb5ba5..39112c3970d 100644 --- a/nixos/modules/services/admin/oxidized.nix +++ b/nixos/modules/services/admin/oxidized.nix @@ -97,8 +97,8 @@ in preStart = '' mkdir -p ${cfg.dataDir}/.config/oxidized - cp -v ${cfg.routerDB} ${cfg.dataDir}/.config/oxidized/router.db - cp -v ${cfg.configFile} ${cfg.dataDir}/.config/oxidized/config + ln -f -s ${cfg.routerDB} ${cfg.dataDir}/.config/oxidized/router.db + ln -f -s ${cfg.configFile} ${cfg.dataDir}/.config/oxidized/config ''; serviceConfig = { -- cgit 1.4.1