mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-11-09 16:18:34 +01:00
Merge remote-tracking branch 'origin/master' into staging-next
This commit is contained in:
K900
commit
e93c560b79
|
|
@ -295,3 +295,8 @@ b1c5cd3e794cdf89daa5e4f0086274a416a1cded
|
|||
#nixos/nextcloud: remove with lib usage
|
||||
b6088b0d8e13e8d18464d78935f0130052784658
|
||||
f7611cad5154a9096faa26d156a4079577bfae17
|
||||
|
||||
# nixf-diagnose
|
||||
90e7159c559021ac4f4cc1222000f08a91feff69 # !autorebase nix-shell --run treefmt
|
||||
c283f32d296564fd649ef3ed268c1f1f7b199c49 # !autorebase nix-shell --run treefmt
|
||||
91a8fee3aaf79348aa2dc1552a29fc1b786c5133 # !autorebase nix-shell --run treefmt
|
||||
|
|
|
|||
|
|
@ -87,6 +87,32 @@ let
|
|||
"pkgs/development/haskell-modules/configuration-hackage2nix/transitive-broken.yaml"
|
||||
];
|
||||
|
||||
programs.nixf-diagnose.enable = true;
|
||||
settings.formatter.nixf-diagnose = {
|
||||
# Ensure nixfmt cleans up after nixf-diagnose.
|
||||
priority = -1;
|
||||
options = [
|
||||
"--auto-fix"
|
||||
# Rule names can currently be looked up here:
|
||||
# https://github.com/nix-community/nixd/blob/main/libnixf/src/Basic/diagnostic.py
|
||||
# TODO: Remove the following and fix things.
|
||||
"--ignore=sema-unused-def-lambda-noarg-formal"
|
||||
"--ignore=sema-unused-def-lambda-witharg-arg"
|
||||
"--ignore=sema-unused-def-lambda-witharg-formal"
|
||||
"--ignore=sema-unused-def-let"
|
||||
# Keep this rule, because we have `lib.or`.
|
||||
"--ignore=or-identifier"
|
||||
];
|
||||
excludes = [
|
||||
# Auto-generated; violates sema-extra-with
|
||||
# Can only sensibly be removed when --auto-fix supports multiple fixes at once:
|
||||
# https://github.com/inclyc/nixf-diagnose/issues/13
|
||||
"pkgs/servers/home-assistant/component-packages.nix"
|
||||
# https://github.com/nix-community/nixd/issues/708
|
||||
"nixos/maintainers/scripts/azure-new/examples/basic/system.nix"
|
||||
];
|
||||
};
|
||||
|
||||
settings.formatter.editorconfig-checker = {
|
||||
command = "${pkgs.lib.getExe pkgs.editorconfig-checker}";
|
||||
options = [ "-disable-indent-size" ];
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ stdenvNoCC.mkDerivation (
|
|||
decl:
|
||||
let
|
||||
declStr = toString decl;
|
||||
root = toString (../..);
|
||||
root = toString ../..;
|
||||
subpath = lib.removePrefix "/" (lib.removePrefix root declStr);
|
||||
in
|
||||
if lib.hasPrefix root declStr then
|
||||
|
|
|
|||
|
|
@ -396,7 +396,7 @@ rec {
|
|||
outputs = drv.outputs or [ "out" ];
|
||||
|
||||
commonAttrs =
|
||||
drv // (listToAttrs outputsList) // ({ all = map (x: x.value) outputsList; }) // passthru;
|
||||
drv // (listToAttrs outputsList) // { all = map (x: x.value) outputsList; } // passthru;
|
||||
|
||||
outputToAttrListElement = outputName: {
|
||||
name = outputName;
|
||||
|
|
|
|||
|
|
@ -26,29 +26,29 @@ in
|
|||
{
|
||||
imports = [
|
||||
# Module A
|
||||
({
|
||||
{
|
||||
options.attrsOfModule = attrsOfModule;
|
||||
options.mergedAttrsOfModule = attrsOfModule;
|
||||
options.listOfModule = listOfModule;
|
||||
options.mergedListOfModule = listOfModule;
|
||||
})
|
||||
}
|
||||
# Module B
|
||||
({
|
||||
{
|
||||
options.mergedAttrsOfModule = attrsOfModule;
|
||||
options.mergedListOfModule = listOfModule;
|
||||
})
|
||||
}
|
||||
# Values
|
||||
# It is important that the value is defined in a separate module
|
||||
# Without valueMeta the actual value and sub-options wouldn't be accessible via:
|
||||
# options.attrsOfModule.type.getSubOptions
|
||||
({
|
||||
{
|
||||
attrsOfModule = {
|
||||
foo.bar = 42;
|
||||
};
|
||||
mergedAttrsOfModule = {
|
||||
foo.bar = 42;
|
||||
};
|
||||
})
|
||||
}
|
||||
(
|
||||
{ options, ... }:
|
||||
{
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@ let
|
|||
in
|
||||
{
|
||||
options.number = mkOption {
|
||||
type = types.submodule ({
|
||||
type = types.submodule {
|
||||
freeformType = types.attrsOf (types.either types.int types.int);
|
||||
});
|
||||
};
|
||||
default = {
|
||||
int = 42;
|
||||
}; # should not emit a warning
|
||||
|
|
|
|||
|
|
@ -4,31 +4,31 @@ let
|
|||
in
|
||||
{
|
||||
options.either = mkOption {
|
||||
type = types.submodule ({
|
||||
type = types.submodule {
|
||||
freeformType = (types.either types.int types.int);
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
options.eitherBehindNullor = mkOption {
|
||||
type = types.submodule ({
|
||||
type = types.submodule {
|
||||
freeformType = types.nullOr (types.either types.int types.int);
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
options.oneOf = mkOption {
|
||||
type = types.submodule ({
|
||||
type = types.submodule {
|
||||
freeformType = (
|
||||
types.oneOf [
|
||||
types.int
|
||||
types.int
|
||||
]
|
||||
);
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
options.number = mkOption {
|
||||
type = types.submodule ({
|
||||
type = types.submodule {
|
||||
freeformType = (types.number); # either int float
|
||||
});
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ in
|
|||
default = lib.concatStringsSep " " (
|
||||
lib.concatLists (
|
||||
lib.mapAttrsToList (k: v: if k == "_module" then [ ] else [ (lib.showOption v.loc) ]) (
|
||||
(options.fun.type.getSubOptions [ "fun" ])
|
||||
options.fun.type.getSubOptions [ "fun" ]
|
||||
)
|
||||
)
|
||||
);
|
||||
|
|
|
|||
|
|
@ -157,9 +157,7 @@ lib.runTests (
|
|||
"x86_64-genode"
|
||||
];
|
||||
testredox = mseteq redox [ "x86_64-redox" ];
|
||||
testgnu = mseteq gnu (
|
||||
linux # ++ kfreebsd ++ ...
|
||||
);
|
||||
testgnu = mseteq gnu linux; # ++ kfreebsd ++ ...
|
||||
testillumos = mseteq illumos [ "x86_64-solaris" ];
|
||||
testlinux = mseteq linux [
|
||||
"aarch64-linux"
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ let
|
|||
in
|
||||
locatedModules ++ legacyModules;
|
||||
|
||||
noUserModules = evalModulesMinimal ({
|
||||
noUserModules = evalModulesMinimal {
|
||||
inherit prefix specialArgs;
|
||||
modules =
|
||||
baseModules
|
||||
|
|
@ -113,7 +113,7 @@ let
|
|||
pkgsModule
|
||||
modulesModule
|
||||
];
|
||||
});
|
||||
};
|
||||
|
||||
# Extra arguments that are useful for constructing a similar configuration.
|
||||
modulesModule = {
|
||||
|
|
|
|||
|
|
@ -370,12 +370,13 @@ rec {
|
|||
}:
|
||||
let
|
||||
typeDir =
|
||||
({
|
||||
{
|
||||
system = "system";
|
||||
initrd = "system";
|
||||
user = "user";
|
||||
nspawn = "nspawn";
|
||||
}).${type};
|
||||
}
|
||||
.${type};
|
||||
in
|
||||
pkgs.runCommand "${type}-units"
|
||||
{
|
||||
|
|
|
|||
|
|
@ -104,9 +104,9 @@ let
|
|||
optionalString (
|
||||
config.networking.primaryIPAddress != ""
|
||||
) "${config.networking.primaryIPAddress} ${hostnames}"
|
||||
+ optionalString (config.networking.primaryIPv6Address != "") (
|
||||
"${config.networking.primaryIPv6Address} ${hostnames}"
|
||||
)
|
||||
+ optionalString (
|
||||
config.networking.primaryIPv6Address != ""
|
||||
) "${config.networking.primaryIPv6Address} ${hostnames}"
|
||||
);
|
||||
|
||||
virtualisation.qemu.options = qemuOptions;
|
||||
|
|
|
|||
|
|
@ -241,7 +241,7 @@ in
|
|||
Invalid machine specifications:
|
||||
''
|
||||
+ " "
|
||||
+ (concatStringsSep "\n " (map (m: m.hostName) (filter (badMachine) cfg.buildMachines)));
|
||||
+ (concatStringsSep "\n " (map (m: m.hostName) (filter badMachine cfg.buildMachines)));
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@
|
|||
}:
|
||||
{
|
||||
|
||||
options = with lib; {
|
||||
options = {
|
||||
environment.enableAllTerminfo = lib.mkOption {
|
||||
default = false;
|
||||
type = lib.types.bool;
|
||||
|
|
|
|||
|
|
@ -54,9 +54,9 @@ in
|
|||
etc = lib.mapAttrs' (
|
||||
desktop: terminals:
|
||||
# map desktop name such as GNOME to `xdg/gnome-xdg-terminals.list`, default to `xdg/xdg-terminals.list`
|
||||
lib.nameValuePair (
|
||||
"xdg/${if desktop == "default" then "" else "${lib.toLower desktop}-"}xdg-terminals.list"
|
||||
) { text = lib.concatLines terminals; }
|
||||
lib.nameValuePair "xdg/${
|
||||
if desktop == "default" then "" else "${lib.toLower desktop}-"
|
||||
}xdg-terminals.list" { text = lib.concatLines terminals; }
|
||||
) cfg.settings;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -333,7 +333,7 @@ in
|
|||
lib.mkIf cfg.enabled (
|
||||
lib.mkMerge [
|
||||
# Common
|
||||
({
|
||||
{
|
||||
assertions = [
|
||||
{
|
||||
assertion = !(nvidiaEnabled && cfg.datacenter.enable);
|
||||
|
|
@ -388,7 +388,7 @@ in
|
|||
extraPackages32 = [ nvidia_x11.lib32 ];
|
||||
};
|
||||
environment.systemPackages = [ nvidia_x11.bin ];
|
||||
})
|
||||
}
|
||||
|
||||
# X11
|
||||
(lib.mkIf nvidiaEnabled {
|
||||
|
|
@ -709,7 +709,7 @@ in
|
|||
"L+ /run/nvidia-docker/extras/bin/nvidia-persistenced - - - - ${nvidia_x11.persistenced}/origBin/nvidia-persistenced";
|
||||
|
||||
services = lib.mkMerge [
|
||||
({
|
||||
{
|
||||
nvidia-fabricmanager = {
|
||||
enable = true;
|
||||
description = "Start NVIDIA NVLink Management";
|
||||
|
|
@ -736,7 +736,7 @@ in
|
|||
LimitCORE = "infinity";
|
||||
};
|
||||
};
|
||||
})
|
||||
}
|
||||
(lib.mkIf cfg.nvidiaPersistenced {
|
||||
"nvidia-persistenced" = {
|
||||
description = "NVIDIA Persistence Daemon";
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@ in
|
|||
};
|
||||
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
maintainers = [ ];
|
||||
doc = ./default.md;
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -117,7 +117,7 @@ in
|
|||
++ lib.optionals (cfg.quickPhraseFiles != { }) [
|
||||
(pkgs.linkFarm "quickPhraseFiles" (
|
||||
lib.mapAttrs' (
|
||||
name: value: lib.nameValuePair ("share/fcitx5/data/quickphrase.d/${name}.mb") value
|
||||
name: value: lib.nameValuePair "share/fcitx5/data/quickphrase.d/${name}.mb" value
|
||||
) cfg.quickPhraseFiles
|
||||
))
|
||||
];
|
||||
|
|
|
|||
|
|
@ -950,7 +950,7 @@ in
|
|||
let
|
||||
cfgFiles =
|
||||
cfg:
|
||||
lib.optionals cfg.isoImage.showConfiguration ([
|
||||
lib.optionals cfg.isoImage.showConfiguration [
|
||||
{
|
||||
source = cfg.boot.kernelPackages.kernel + "/" + cfg.system.boot.loader.kernelFile;
|
||||
target = "/boot/" + cfg.boot.kernelPackages.kernel + "/" + cfg.system.boot.loader.kernelFile;
|
||||
|
|
@ -959,7 +959,7 @@ in
|
|||
source = cfg.system.build.initialRamdisk + "/" + cfg.system.boot.loader.initrdFile;
|
||||
target = "/boot/" + cfg.system.build.initialRamdisk + "/" + cfg.system.boot.loader.initrdFile;
|
||||
}
|
||||
])
|
||||
]
|
||||
++ lib.concatLists (
|
||||
lib.mapAttrsToList (_: { configuration, ... }: cfgFiles configuration) cfg.specialisation
|
||||
);
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
|
||||
{ lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
imports = [
|
||||
./netboot.nix
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@
|
|||
|
||||
{ lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
# Don't start a tty on the serial consoles.
|
||||
systemd.services."serial-getty@ttyS0".enable = lib.mkDefault false;
|
||||
|
|
|
|||
|
|
@ -212,18 +212,18 @@ in
|
|||
''
|
||||
);
|
||||
|
||||
run-builder = hostPkgs.writeShellScriptBin "run-builder" (''
|
||||
run-builder = hostPkgs.writeShellScriptBin "run-builder" ''
|
||||
set -euo pipefail
|
||||
KEYS="''${KEYS:-./keys}"
|
||||
KEYS="$(${hostPkgs.nix}/bin/nix-store --add "$KEYS")" ${lib.getExe config.system.build.vm}
|
||||
'');
|
||||
'';
|
||||
|
||||
script = hostPkgs.writeShellScriptBin "create-builder" (''
|
||||
script = hostPkgs.writeShellScriptBin "create-builder" ''
|
||||
set -euo pipefail
|
||||
export KEYS="''${KEYS:-./keys}"
|
||||
${lib.getExe add-keys}
|
||||
${lib.getExe run-builder}
|
||||
'');
|
||||
'';
|
||||
|
||||
in
|
||||
script.overrideAttrs (old: {
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@ in
|
|||
|
||||
options = {
|
||||
|
||||
programs.atop = rec {
|
||||
programs.atop = {
|
||||
|
||||
enable = lib.mkEnableOption "Atop, a tool for monitoring system resources";
|
||||
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ in
|
|||
config = lib.mkIf cfg.enable (
|
||||
lib.mkMerge [
|
||||
# Common
|
||||
({
|
||||
{
|
||||
environment.systemPackages = with pkgs.coolercontrol; [
|
||||
coolercontrol-gui
|
||||
];
|
||||
|
|
@ -46,7 +46,7 @@ in
|
|||
coolercontrold.wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
};
|
||||
})
|
||||
}
|
||||
|
||||
# Nvidia support
|
||||
(lib.mkIf cfg.nvidiaSupport {
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ in
|
|||
languagePacks = lib.mkOption {
|
||||
# Available languages can be found in https://releases.mozilla.org/pub/firefox/releases/${cfg.package.version}/linux-x86_64/xpi/
|
||||
type = lib.types.listOf (
|
||||
lib.types.enum ([
|
||||
lib.types.enum [
|
||||
"ach"
|
||||
"af"
|
||||
"an"
|
||||
|
|
@ -253,7 +253,7 @@ in
|
|||
"xh"
|
||||
"zh-CN"
|
||||
"zh-TW"
|
||||
])
|
||||
]
|
||||
);
|
||||
default = [ ];
|
||||
description = ''
|
||||
|
|
@ -285,7 +285,7 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
nativeMessagingHosts = ({
|
||||
nativeMessagingHosts = {
|
||||
packages = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [ ];
|
||||
|
|
@ -293,7 +293,7 @@ in
|
|||
Additional packages containing native messaging hosts that should be made available to Firefox extensions.
|
||||
'';
|
||||
};
|
||||
})
|
||||
}
|
||||
// (builtins.mapAttrs (k: v: lib.mkEnableOption "${v.name} support") nmhOptions);
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ let
|
|||
cfg = config.programs.fuse;
|
||||
in
|
||||
{
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
|
||||
options.programs.fuse = {
|
||||
enable = lib.mkEnableOption "fuse" // {
|
||||
|
|
|
|||
|
|
@ -78,5 +78,5 @@ in
|
|||
environment.systemPackages = lib.mkIf (!cfg.capSysNice) [ gamescope ];
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ in
|
|||
'';
|
||||
allowedPatterns =
|
||||
with lib.types;
|
||||
lib.mkOption rec {
|
||||
lib.mkOption {
|
||||
type = attrsOf Pattern;
|
||||
description = "The hook config, describing which paths to mount for which system features";
|
||||
default = { };
|
||||
|
|
|
|||
|
|
@ -382,8 +382,8 @@ in
|
|||
ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
|
||||
ExecStart =
|
||||
"${cfg.package}/bin/ssh-agent "
|
||||
+ lib.optionalString (cfg.agentTimeout != null) ("-t ${cfg.agentTimeout} ")
|
||||
+ lib.optionalString (cfg.agentPKCS11Whitelist != null) ("-P ${cfg.agentPKCS11Whitelist} ")
|
||||
+ lib.optionalString (cfg.agentTimeout != null) "-t ${cfg.agentTimeout} "
|
||||
+ lib.optionalString (cfg.agentPKCS11Whitelist != null) "-P ${cfg.agentPKCS11Whitelist} "
|
||||
+ "-a %t/ssh-agent";
|
||||
StandardOutput = "null";
|
||||
Type = "forking";
|
||||
|
|
|
|||
|
|
@ -280,22 +280,22 @@ let
|
|||
# skip `null` value
|
||||
else
|
||||
[
|
||||
(
|
||||
" ${key}${
|
||||
if value == true then
|
||||
""
|
||||
# just output key if value is `true`
|
||||
else if isInt value then
|
||||
" ${builtins.toString value}"
|
||||
else if path.check value then
|
||||
" \"${value}\""
|
||||
# enclose path in ".."
|
||||
else if singleLineStr.check value then
|
||||
" ${value}"
|
||||
else
|
||||
throw "assertion failed: cannot convert type" # should never happen
|
||||
}"
|
||||
)
|
||||
|
||||
" ${key}${
|
||||
if value == true then
|
||||
""
|
||||
# just output key if value is `true`
|
||||
else if isInt value then
|
||||
" ${builtins.toString value}"
|
||||
else if path.check value then
|
||||
" \"${value}\""
|
||||
# enclose path in ".."
|
||||
else if singleLineStr.check value then
|
||||
" ${value}"
|
||||
else
|
||||
throw "assertion failed: cannot convert type" # should never happen
|
||||
}"
|
||||
|
||||
];
|
||||
|
||||
makeDsmSysStanza =
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ let
|
|||
cfg = config.programs.labwc;
|
||||
in
|
||||
{
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
|
||||
options.programs.labwc = {
|
||||
enable = lib.mkEnableOption "labwc";
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
genFinalPackage =
|
||||
pkg: args:
|
||||
let
|
||||
expectedArgs = with lib; lib.naturalSort (lib.attrNames args);
|
||||
expectedArgs = lib.naturalSort (lib.attrNames args);
|
||||
existingArgs =
|
||||
with lib;
|
||||
naturalSort (intersectLists expectedArgs (attrNames (functionArgs pkg.override)));
|
||||
|
|
|
|||
|
|
@ -204,5 +204,5 @@ in
|
|||
]
|
||||
);
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ let
|
|||
in
|
||||
{
|
||||
options.programs.winbox = {
|
||||
enable = lib.mkEnableOption ("MikroTik Winbox");
|
||||
enable = lib.mkEnableOption "MikroTik Winbox";
|
||||
package = lib.mkPackageOption pkgs "winbox" { };
|
||||
|
||||
openFirewall = lib.mkOption {
|
||||
|
|
|
|||
|
|
@ -27,5 +27,5 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ in
|
|||
|
||||
# https://github.com/zsh-users/zsh-syntax-highlighting/blob/master/docs/highlighters.md
|
||||
type = lib.types.listOf (
|
||||
lib.types.enum ([
|
||||
lib.types.enum [
|
||||
"main"
|
||||
"brackets"
|
||||
"pattern"
|
||||
|
|
@ -45,7 +45,7 @@ in
|
|||
"regexp"
|
||||
"root"
|
||||
"line"
|
||||
])
|
||||
]
|
||||
);
|
||||
|
||||
description = ''
|
||||
|
|
|
|||
|
|
@ -203,7 +203,7 @@ let
|
|||
# Create hashes for cert data directories based on configuration
|
||||
# Flags are separated to avoid collisions
|
||||
hashData =
|
||||
with builtins;
|
||||
|
||||
''
|
||||
${lib.concatStringsSep " " data.extraLegoFlags} -
|
||||
${lib.concatStringsSep " " data.extraLegoRunFlags} -
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ in
|
|||
|
||||
etc."please.ini".source = ini.generate "please.ini" (
|
||||
cfg.settings
|
||||
// (rec {
|
||||
// rec {
|
||||
# The "root" user is allowed to do anything by default and this cannot
|
||||
# be overridden.
|
||||
root_run_as_any = {
|
||||
|
|
@ -113,7 +113,7 @@ in
|
|||
root_list_as_any = root_run_as_any // {
|
||||
type = "list";
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -294,11 +294,11 @@ in
|
|||
where = parentWrapperDir;
|
||||
what = "tmpfs";
|
||||
type = "tmpfs";
|
||||
options = lib.concatStringsSep "," ([
|
||||
options = lib.concatStringsSep "," [
|
||||
"nodev"
|
||||
"mode=755"
|
||||
"size=${config.security.wrapperDirSize}"
|
||||
]);
|
||||
];
|
||||
}
|
||||
];
|
||||
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ in
|
|||
|
||||
controls = lib.mkOption {
|
||||
type = lib.types.attrsOf (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options.name = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
|
|
@ -187,7 +187,7 @@ in
|
|||
The maximum volume in dB.
|
||||
'';
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
default = { };
|
||||
example = lib.literalExpression ''
|
||||
|
|
@ -206,7 +206,7 @@ in
|
|||
|
||||
cardAliases = lib.mkOption {
|
||||
type = lib.types.attrsOf (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options.driver = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
|
|
@ -220,7 +220,7 @@ in
|
|||
The ID of the sound card
|
||||
'';
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
default = { };
|
||||
example = lib.literalExpression ''
|
||||
|
|
|
|||
|
|
@ -81,18 +81,21 @@ in
|
|||
SupplementaryGroups = [ "audio" ];
|
||||
ExecStart =
|
||||
"${cfg.package}/bin/gmediarender "
|
||||
+ lib.optionalString (cfg.audioDevice != null) (
|
||||
"--gstout-audiodevice=${utils.escapeSystemdExecArg cfg.audioDevice} "
|
||||
)
|
||||
+ lib.optionalString (cfg.audioSink != null) (
|
||||
"--gstout-audiosink=${utils.escapeSystemdExecArg cfg.audioSink} "
|
||||
)
|
||||
+ lib.optionalString (cfg.friendlyName != null) (
|
||||
"--friendly-name=${utils.escapeSystemdExecArg cfg.friendlyName} "
|
||||
)
|
||||
+ lib.optionalString (cfg.initialVolume != 0) ("--initial-volume=${toString cfg.initialVolume} ")
|
||||
+ lib.optionalString (cfg.port != null) ("--port=${toString cfg.port} ")
|
||||
+ lib.optionalString (cfg.uuid != null) ("--uuid=${utils.escapeSystemdExecArg cfg.uuid} ");
|
||||
+ lib.optionalString (
|
||||
cfg.audioDevice != null
|
||||
) "--gstout-audiodevice=${utils.escapeSystemdExecArg cfg.audioDevice} "
|
||||
|
||||
+ lib.optionalString (
|
||||
cfg.audioSink != null
|
||||
) "--gstout-audiosink=${utils.escapeSystemdExecArg cfg.audioSink} "
|
||||
|
||||
+ lib.optionalString (
|
||||
cfg.friendlyName != null
|
||||
) "--friendly-name=${utils.escapeSystemdExecArg cfg.friendlyName} "
|
||||
|
||||
+ lib.optionalString (cfg.initialVolume != 0) "--initial-volume=${toString cfg.initialVolume} "
|
||||
+ lib.optionalString (cfg.port != null) "--port=${toString cfg.port} "
|
||||
+ lib.optionalString (cfg.uuid != null) "--uuid=${utils.escapeSystemdExecArg cfg.uuid} ";
|
||||
Restart = "always";
|
||||
RuntimeDirectory = "gmediarender";
|
||||
|
||||
|
|
|
|||
|
|
@ -206,15 +206,13 @@ let
|
|||
{
|
||||
nativeBuildInputs = [ pkgs.makeWrapper ];
|
||||
}
|
||||
(
|
||||
with lib;
|
||||
''
|
||||
makeWrapper "${original}" "$out/bin/${name}" \
|
||||
${lib.concatStringsSep " \\\n " (
|
||||
lib.mapAttrsToList (name: value: ''--set ${name} "${value}"'') set
|
||||
)}
|
||||
''
|
||||
);
|
||||
|
||||
''
|
||||
makeWrapper "${original}" "$out/bin/${name}" \
|
||||
${lib.concatStringsSep " \\\n " (
|
||||
lib.mapAttrsToList (name: value: ''--set ${name} "${value}"'') set
|
||||
)}
|
||||
'';
|
||||
|
||||
# Returns a singleton list, due to usage of lib.optional
|
||||
mkBorgWrapper =
|
||||
|
|
|
|||
|
|
@ -31,39 +31,38 @@ let
|
|||
# datasets.
|
||||
buildAllowCommand =
|
||||
permissions: dataset:
|
||||
(
|
||||
"-+${pkgs.writeShellScript "zfs-allow-${dataset}" ''
|
||||
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
|
||||
|
||||
# Run a ZFS list on the dataset to check if it exists
|
||||
if ${
|
||||
lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"list"
|
||||
dataset
|
||||
]
|
||||
} 2> /dev/null; then
|
||||
"-+${pkgs.writeShellScript "zfs-allow-${dataset}" ''
|
||||
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
|
||||
|
||||
# Run a ZFS list on the dataset to check if it exists
|
||||
if ${
|
||||
lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"list"
|
||||
dataset
|
||||
]
|
||||
} 2> /dev/null; then
|
||||
${lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"allow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
dataset
|
||||
]}
|
||||
${lib.optionalString ((builtins.dirOf dataset) != ".") ''
|
||||
else
|
||||
${lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"allow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
dataset
|
||||
# Remove the last part of the path
|
||||
(builtins.dirOf dataset)
|
||||
]}
|
||||
${lib.optionalString ((builtins.dirOf dataset) != ".") ''
|
||||
else
|
||||
${lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"allow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
# Remove the last part of the path
|
||||
(builtins.dirOf dataset)
|
||||
]}
|
||||
''}
|
||||
fi
|
||||
''}"
|
||||
);
|
||||
''}
|
||||
fi
|
||||
''}";
|
||||
|
||||
# Function to build "zfs unallow" commands for the filesystems we've
|
||||
# delegated permissions to. Here we unallow both the target but also
|
||||
|
|
@ -73,28 +72,27 @@ let
|
|||
# since the dataset should have been created at this point.
|
||||
buildUnallowCommand =
|
||||
permissions: dataset:
|
||||
(
|
||||
"-+${pkgs.writeShellScript "zfs-unallow-${dataset}" ''
|
||||
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
|
||||
${lib.escapeShellArgs [
|
||||
|
||||
"-+${pkgs.writeShellScript "zfs-unallow-${dataset}" ''
|
||||
# Here we explicitly use the booted system to guarantee the stable API needed by ZFS
|
||||
${lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"unallow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
dataset
|
||||
]}
|
||||
${lib.optionalString ((builtins.dirOf dataset) != ".") (
|
||||
lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"unallow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
dataset
|
||||
]}
|
||||
${lib.optionalString ((builtins.dirOf dataset) != ".") (
|
||||
lib.escapeShellArgs [
|
||||
"/run/booted-system/sw/bin/zfs"
|
||||
"unallow"
|
||||
cfg.user
|
||||
(lib.concatStringsSep "," permissions)
|
||||
# Remove the last part of the path
|
||||
(builtins.dirOf dataset)
|
||||
]
|
||||
)}
|
||||
''}"
|
||||
);
|
||||
# Remove the last part of the path
|
||||
(builtins.dirOf dataset)
|
||||
]
|
||||
)}
|
||||
''}";
|
||||
in
|
||||
{
|
||||
|
||||
|
|
|
|||
|
|
@ -189,13 +189,13 @@ in
|
|||
services.hadoop.yarnSiteInternal =
|
||||
with cfg.yarn.nodemanager;
|
||||
lib.mkMerge [
|
||||
({
|
||||
{
|
||||
"yarn.nodemanager.local-dirs" = lib.mkIf (localDir != null) (concatStringsSep "," localDir);
|
||||
"yarn.scheduler.maximum-allocation-vcores" = resource.maximumAllocationVCores;
|
||||
"yarn.scheduler.maximum-allocation-mb" = resource.maximumAllocationMB;
|
||||
"yarn.nodemanager.resource.cpu-vcores" = resource.cpuVCores;
|
||||
"yarn.nodemanager.resource.memory-mb" = resource.memoryMB;
|
||||
})
|
||||
}
|
||||
(lib.mkIf useCGroups (
|
||||
lib.warnIf (lib.versionOlder cfg.package.version "3.5.0")
|
||||
''
|
||||
|
|
|
|||
|
|
@ -342,14 +342,12 @@ in
|
|||
# dns addon is enabled by default
|
||||
services.kubernetes.addons.dns.enable = lib.mkDefault true;
|
||||
|
||||
services.kubernetes.apiserverAddress = lib.mkDefault (
|
||||
"https://${
|
||||
if cfg.apiserver.advertiseAddress != null then
|
||||
cfg.apiserver.advertiseAddress
|
||||
else
|
||||
"${cfg.masterAddress}:${toString cfg.apiserver.securePort}"
|
||||
}"
|
||||
);
|
||||
services.kubernetes.apiserverAddress = lib.mkDefault "https://${
|
||||
if cfg.apiserver.advertiseAddress != null then
|
||||
cfg.apiserver.advertiseAddress
|
||||
else
|
||||
"${cfg.masterAddress}:${toString cfg.apiserver.securePort}"
|
||||
}";
|
||||
}
|
||||
)
|
||||
];
|
||||
|
|
|
|||
|
|
@ -137,7 +137,7 @@ in
|
|||
"@chown"
|
||||
];
|
||||
}
|
||||
// (lib.optionalAttrs (usingDefaultDataDir) {
|
||||
// (lib.optionalAttrs usingDefaultDataDir {
|
||||
StateDirectory = "temporal";
|
||||
StateDirectoryMode = "0700";
|
||||
});
|
||||
|
|
|
|||
|
|
@ -110,6 +110,6 @@ in
|
|||
};
|
||||
|
||||
meta = {
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
maintainers = [ ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -245,7 +245,7 @@ in
|
|||
|
||||
pythonPackages = lib.mkOption {
|
||||
type = lib.types.functionTo (lib.types.listOf lib.types.package);
|
||||
default = pythonPackages: with pythonPackages; [ ];
|
||||
default = pythonPackages: [ ];
|
||||
defaultText = lib.literalExpression "pythonPackages: with pythonPackages; [ ]";
|
||||
description = "Packages to add the to the PYTHONPATH of the buildbot process.";
|
||||
example = lib.literalExpression "pythonPackages: with pythonPackages; [ requests ]";
|
||||
|
|
|
|||
|
|
@ -200,10 +200,10 @@ in
|
|||
after = [
|
||||
"network-online.target"
|
||||
]
|
||||
++ optionals (wantsDocker) [
|
||||
++ optionals wantsDocker [
|
||||
"docker.service"
|
||||
]
|
||||
++ optionals (wantsPodman) [
|
||||
++ optionals wantsPodman [
|
||||
"podman.service"
|
||||
];
|
||||
wantedBy = [
|
||||
|
|
@ -213,7 +213,7 @@ in
|
|||
optionalAttrs (instance.token != null) {
|
||||
TOKEN = "${instance.token}";
|
||||
}
|
||||
// optionalAttrs (wantsPodman) {
|
||||
// optionalAttrs wantsPodman {
|
||||
DOCKER_HOST = "unix:///run/podman/podman.sock";
|
||||
}
|
||||
// {
|
||||
|
|
@ -266,10 +266,10 @@ in
|
|||
];
|
||||
ExecStart = "${cfg.package}/bin/act_runner daemon --config ${configFile}";
|
||||
SupplementaryGroups =
|
||||
optionals (wantsDocker) [
|
||||
optionals wantsDocker [
|
||||
"docker"
|
||||
]
|
||||
++ optionals (wantsPodman) [
|
||||
++ optionals wantsPodman [
|
||||
"podman"
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ let
|
|||
in
|
||||
{
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
|
||||
imports = [
|
||||
(lib.mkRemovedOptionModule [ "services" "chromadb" "logFile" ] ''
|
||||
|
|
|
|||
|
|
@ -230,7 +230,7 @@ in
|
|||
'';
|
||||
|
||||
type = lib.types.nullOr (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options = {
|
||||
certificate = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
|
|
@ -258,7 +258,7 @@ in
|
|||
'';
|
||||
};
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
|
|
@ -274,7 +274,7 @@ in
|
|||
FoundationDB locality settings.
|
||||
'';
|
||||
|
||||
type = lib.types.submodule ({
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
machineId = lib.mkOption {
|
||||
default = null;
|
||||
|
|
@ -316,7 +316,7 @@ in
|
|||
'';
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
};
|
||||
|
||||
extraReadWritePaths = lib.mkOption {
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ let
|
|||
ldapValueType =
|
||||
let
|
||||
# Can't do types.either with multiple non-overlapping submodules, so define our own
|
||||
singleLdapValueType = lib.mkOptionType rec {
|
||||
singleLdapValueType = lib.mkOptionType {
|
||||
name = "LDAP";
|
||||
# TODO: It would be nice to define a { secret = ...; } option, using
|
||||
# systemd's LoadCredentials for secrets. That would remove the last
|
||||
|
|
@ -357,7 +357,7 @@ in
|
|||
]
|
||||
) contentsFiles)
|
||||
++ [ "${openldap}/bin/slaptest -u -F ${configDir}" ];
|
||||
ExecStart = lib.escapeShellArgs ([
|
||||
ExecStart = lib.escapeShellArgs [
|
||||
"${openldap}/libexec/slapd"
|
||||
"-d"
|
||||
"0"
|
||||
|
|
@ -365,7 +365,7 @@ in
|
|||
configDir
|
||||
"-h"
|
||||
(lib.concatStringsSep " " cfg.urlList)
|
||||
]);
|
||||
];
|
||||
Type = "notify";
|
||||
# Fixes an error where openldap attempts to notify from a thread
|
||||
# outside the main process:
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ let
|
|||
inherit flashbackEnabled nixos-background-dark nixos-background-light;
|
||||
};
|
||||
|
||||
nixos-background-info = pkgs.writeTextFile rec {
|
||||
nixos-background-info = pkgs.writeTextFile {
|
||||
name = "nixos-background-info";
|
||||
text = ''
|
||||
<?xml version="1.0"?>
|
||||
|
|
|
|||
|
|
@ -181,7 +181,7 @@ in
|
|||
|
||||
services.gnome.evolution-data-server = {
|
||||
enable = true;
|
||||
plugins = with pkgs; [
|
||||
plugins = [
|
||||
# TODO: lomiri.address-book-service
|
||||
];
|
||||
};
|
||||
|
|
|
|||
|
|
@ -6,8 +6,8 @@
|
|||
...
|
||||
}:
|
||||
{
|
||||
meta = with lib; {
|
||||
maintainers = with lib.maintainers; [ ];
|
||||
meta = {
|
||||
maintainers = [ ];
|
||||
};
|
||||
|
||||
###### interface
|
||||
|
|
|
|||
|
|
@ -136,9 +136,9 @@ let
|
|||
++ (optional (a.nice != null) "nice=${toString a.nice}")
|
||||
++ (optional (a.class != null) "sched=${prioToString a.class a.prio}")
|
||||
++ (optional (a.ioClass != null) "io=${prioToString a.ioClass a.ioPrio}")
|
||||
++ (optional ((builtins.length a.matchers) != 0) (
|
||||
++ (optional ((builtins.length a.matchers) != 0)
|
||||
"{\n${concatStringsSep "\n" (map (m: " ${indent}${m}") a.matchers)}\n${indent}}"
|
||||
))
|
||||
)
|
||||
);
|
||||
|
||||
in
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ in
|
|||
(lib.mkRemovedOptionModule [ "services" "tumbler" "package" ] "")
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
maintainers = with lib.maintainers; [ ] ++ lib.teams.pantheon.members;
|
||||
meta = {
|
||||
maintainers = [ ] ++ lib.teams.pantheon.members;
|
||||
};
|
||||
|
||||
###### interface
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
let
|
||||
cfg = config.services.athens;
|
||||
|
||||
athensConfig = lib.flip lib.recursiveUpdate cfg.extraConfig ({
|
||||
athensConfig = lib.flip lib.recursiveUpdate cfg.extraConfig {
|
||||
GoBinary = "${cfg.goBinary}/bin/go";
|
||||
GoEnv = cfg.goEnv;
|
||||
GoBinaryEnvVars = lib.mapAttrsToList (k: v: "${k}=${v}") cfg.goBinaryEnvVars;
|
||||
|
|
@ -141,7 +141,7 @@ let
|
|||
};
|
||||
};
|
||||
};
|
||||
});
|
||||
};
|
||||
|
||||
configFile = lib.pipe athensConfig [
|
||||
(lib.filterAttrsRecursive (_k: v: v != null))
|
||||
|
|
|
|||
|
|
@ -132,7 +132,7 @@ in
|
|||
|
||||
hardware.display.outputs = lib.mkOption {
|
||||
type = lib.types.attrsOf (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options = {
|
||||
edid = lib.mkOption {
|
||||
type = with lib.types; nullOr str;
|
||||
|
|
@ -161,7 +161,7 @@ in
|
|||
'';
|
||||
};
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
description = ''
|
||||
Hardware/kernel-level configuration of specific outputs.
|
||||
|
|
|
|||
|
|
@ -370,12 +370,12 @@ in
|
|||
(
|
||||
option:
|
||||
lib.mkRenamedOptionModule
|
||||
([
|
||||
[
|
||||
"services"
|
||||
"xserver"
|
||||
"libinput"
|
||||
option
|
||||
])
|
||||
]
|
||||
[
|
||||
"services"
|
||||
"libinput"
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ in
|
|||
###### implementation
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.fluentd = with pkgs; {
|
||||
systemd.services.fluentd = {
|
||||
description = "Fluentd Daemon";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ in
|
|||
"d '${cfg.stateDir}' - nobody nogroup - -"
|
||||
];
|
||||
|
||||
systemd.services.heartbeat = with pkgs; {
|
||||
systemd.services.heartbeat = {
|
||||
description = "heartbeat log shipper";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
preStart = ''
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ in
|
|||
MemoryDenyWriteExecute = true;
|
||||
PrivateUsers = true;
|
||||
|
||||
SupplementaryGroups = lib.optional (allowSystemdJournal) "systemd-journal";
|
||||
SupplementaryGroups = lib.optional allowSystemdJournal "systemd-journal";
|
||||
}
|
||||
// (optionalAttrs (!pkgs.stdenv.hostPlatform.isAarch64) {
|
||||
# FIXME: figure out why this breaks on aarch64
|
||||
|
|
|
|||
|
|
@ -165,11 +165,11 @@ in
|
|||
# Default parameters from https://github.com/knadh/listmonk/blob/master/config.toml.sample
|
||||
services.listmonk.settings."app".address = lib.mkDefault "localhost:9000";
|
||||
services.listmonk.settings."db" = lib.mkMerge [
|
||||
({
|
||||
{
|
||||
max_open = lib.mkDefault 25;
|
||||
max_idle = lib.mkDefault 25;
|
||||
max_lifetime = lib.mkDefault "300s";
|
||||
})
|
||||
}
|
||||
(lib.mkIf cfg.database.createLocally {
|
||||
host = lib.mkDefault "/run/postgresql";
|
||||
port = lib.mkDefault 5432;
|
||||
|
|
|
|||
|
|
@ -605,7 +605,7 @@ in
|
|||
];
|
||||
}
|
||||
)
|
||||
({
|
||||
{
|
||||
public-inbox-init =
|
||||
let
|
||||
PI_CONFIG = gitIni.generate "public-inbox.ini" (
|
||||
|
|
@ -674,9 +674,9 @@ in
|
|||
};
|
||||
}
|
||||
];
|
||||
})
|
||||
}
|
||||
];
|
||||
environment.systemPackages = with pkgs; [ cfg.package ];
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
};
|
||||
meta.maintainers = with lib.maintainers; [
|
||||
julm
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ in
|
|||
config = lib.mkIf cfg.enable {
|
||||
# backward compatibility: if password is set but not passwordFile, make one.
|
||||
services.roundcube.database.passwordFile = lib.mkIf (!localDB && cfg.database.password != "") (
|
||||
lib.mkDefault ("${pkgs.writeText "roundcube-password" cfg.database.password}")
|
||||
lib.mkDefault "${pkgs.writeText "roundcube-password" cfg.database.password}"
|
||||
);
|
||||
warnings =
|
||||
lib.optional (!localDB && cfg.database.password != "")
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ in
|
|||
in
|
||||
{
|
||||
path = "/var/cache/stalwart-mail";
|
||||
resource = lib.mkIf (hasHttpListener) (lib.mkDefault "file://${cfg.package.webadmin}/webadmin.zip");
|
||||
resource = lib.mkIf hasHttpListener (lib.mkDefault "file://${cfg.package.webadmin}/webadmin.zip");
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -143,10 +143,10 @@ in
|
|||
wantedBy = [ "multi-user.target" ];
|
||||
wants = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
environment = lib.mkMerge ([
|
||||
environment = lib.mkMerge [
|
||||
{ CONDUIT_CONFIG = configFile; }
|
||||
cfg.extraEnvironment
|
||||
]);
|
||||
];
|
||||
serviceConfig = {
|
||||
DynamicUser = true;
|
||||
User = "conduit";
|
||||
|
|
|
|||
|
|
@ -619,5 +619,5 @@ in
|
|||
}
|
||||
];
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -232,7 +232,7 @@ let
|
|||
profileToFiles =
|
||||
name: profile:
|
||||
with profile;
|
||||
lib.mkMerge ([
|
||||
lib.mkMerge [
|
||||
{
|
||||
"xdg/autorandr/${name}/setup".text = lib.concatStringsSep "\n" (
|
||||
lib.mapAttrsToList fingerprintToString fingerprint
|
||||
|
|
@ -244,7 +244,7 @@ let
|
|||
(lib.mapAttrs' (hookToFile "${name}/postswitch.d") hooks.postswitch)
|
||||
(lib.mapAttrs' (hookToFile "${name}/preswitch.d") hooks.preswitch)
|
||||
(lib.mapAttrs' (hookToFile "${name}/predetect.d") hooks.predetect)
|
||||
]);
|
||||
];
|
||||
fingerprintToString = name: edid: "${name} ${edid}";
|
||||
configToString =
|
||||
name: config:
|
||||
|
|
@ -373,12 +373,12 @@ in
|
|||
|
||||
environment = {
|
||||
systemPackages = [ pkgs.autorandr ];
|
||||
etc = lib.mkMerge ([
|
||||
etc = lib.mkMerge [
|
||||
(lib.mapAttrs' (hookToFile "postswitch.d") cfg.hooks.postswitch)
|
||||
(lib.mapAttrs' (hookToFile "preswitch.d") cfg.hooks.preswitch)
|
||||
(lib.mapAttrs' (hookToFile "predetect.d") cfg.hooks.predetect)
|
||||
(lib.mkMerge (lib.mapAttrsToList profileToFiles cfg.profiles))
|
||||
]);
|
||||
];
|
||||
};
|
||||
|
||||
systemd.services.autorandr = {
|
||||
|
|
|
|||
|
|
@ -138,7 +138,7 @@ in
|
|||
# creates gunicorn systemd service for each configured server
|
||||
systemd.services = lib.mapAttrs' (
|
||||
name: server:
|
||||
lib.nameValuePair ("bepasty-server-${name}-gunicorn") ({
|
||||
lib.nameValuePair "bepasty-server-${name}-gunicorn" {
|
||||
description = "Bepasty Server ${name}";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
|
@ -186,7 +186,7 @@ in
|
|||
-k gevent
|
||||
'';
|
||||
};
|
||||
})
|
||||
}
|
||||
) cfg.servers;
|
||||
|
||||
users.users.${user} = {
|
||||
|
|
|
|||
|
|
@ -7,12 +7,12 @@
|
|||
let
|
||||
cfg = config.services.cgminer;
|
||||
|
||||
convType = with builtins; v: if lib.isBool v then lib.boolToString v else toString v;
|
||||
convType = v: if lib.isBool v then lib.boolToString v else toString v;
|
||||
mergedHwConfig = lib.mapAttrsToList (
|
||||
n: v: ''"${n}": "${(lib.concatStringsSep "," (map convType v))}"''
|
||||
) (lib.foldAttrs (n: a: [ n ] ++ a) [ ] cfg.hardware);
|
||||
mergedConfig =
|
||||
with builtins;
|
||||
|
||||
lib.mapAttrsToList (
|
||||
n: v: ''"${n}": ${if lib.isBool v then convType v else ''"${convType v}"''}''
|
||||
) cfg.config;
|
||||
|
|
|
|||
|
|
@ -127,5 +127,5 @@ in
|
|||
networking.firewall = lib.mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.port ]; };
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1699,7 +1699,7 @@ in
|
|||
filteredConfig = filterAttrs (_: v: v != null) cfg.pages.settings;
|
||||
isSecret = v: isAttrs v && v ? _secret && isString v._secret;
|
||||
mkPagesKeyValue = lib.generators.toKeyValue {
|
||||
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" rec {
|
||||
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" {
|
||||
mkValueString =
|
||||
v:
|
||||
if isInt v then
|
||||
|
|
|
|||
|
|
@ -178,5 +178,5 @@ in
|
|||
networking.firewall = lib.mkIf cfg.openFirewall { allowedTCPPorts = [ cfg.port ]; };
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -130,5 +130,5 @@ in
|
|||
time.timeZone = lib.mkDefault "UTC";
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -270,9 +270,9 @@ in
|
|||
PORTUNUS_SLAPD_USER = cfg.ldap.user;
|
||||
PORTUNUS_SLAPD_SCHEMA_DIR = "${cfg.ldap.package}/etc/schema";
|
||||
}
|
||||
// (lib.optionalAttrs (cfg.seedPath != null) ({
|
||||
// (lib.optionalAttrs (cfg.seedPath != null) {
|
||||
PORTUNUS_SEED_PATH = cfg.seedPath;
|
||||
}))
|
||||
})
|
||||
// (lib.optionalAttrs cfg.ldap.tls (
|
||||
let
|
||||
acmeDirectory = config.security.acme.certs."${cfg.domain}".directory;
|
||||
|
|
|
|||
|
|
@ -20,10 +20,10 @@ let
|
|||
|
||||
cfg = config.services.redlib;
|
||||
|
||||
args = concatStringsSep " " ([
|
||||
args = concatStringsSep " " [
|
||||
"--port ${toString cfg.port}"
|
||||
"--address ${cfg.address}"
|
||||
]);
|
||||
];
|
||||
|
||||
boolToString' = b: if b then "on" else "off";
|
||||
in
|
||||
|
|
|
|||
|
|
@ -265,11 +265,11 @@ in
|
|||
}
|
||||
// (lib.mapAttrs' (
|
||||
name: subvolume:
|
||||
lib.nameValuePair "snapper/configs/${name}" ({
|
||||
lib.nameValuePair "snapper/configs/${name}" {
|
||||
text = lib.generators.toKeyValue { inherit mkKeyValue; } (
|
||||
lib.filterAttrs (k: v: v != defaultOf k) subvolume
|
||||
);
|
||||
})
|
||||
}
|
||||
) cfg.configs)
|
||||
// (lib.optionalAttrs (cfg.filters != null) { "snapper/filters/default.txt".text = cfg.filters; });
|
||||
};
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ in
|
|||
}${
|
||||
lib.optionalString (cfgS.screenName != "") " -n ${cfgS.screenName}"
|
||||
}${lib.optionalString cfgS.tls.enable " --enable-crypto"}${
|
||||
lib.optionalString (cfgS.tls.cert != null) (" --tls-cert ${cfgS.tls.cert}")
|
||||
lib.optionalString (cfgS.tls.cert != null) " --tls-cert ${cfgS.tls.cert}"
|
||||
}'';
|
||||
serviceConfig.Restart = "on-failure";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -51,10 +51,9 @@ let
|
|||
];
|
||||
};
|
||||
|
||||
carbonOpts =
|
||||
name: with config.ids; ''
|
||||
--nodaemon --syslog --prefix=${name} --pidfile /run/${name}/${name}.pid ${name}
|
||||
'';
|
||||
carbonOpts = name: ''
|
||||
--nodaemon --syslog --prefix=${name} --pidfile /run/${name}/${name}.pid ${name}
|
||||
'';
|
||||
|
||||
carbonEnv = {
|
||||
PYTHONPATH =
|
||||
|
|
@ -355,7 +354,7 @@ in
|
|||
];
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.web.enable ({
|
||||
(lib.mkIf cfg.web.enable {
|
||||
systemd.services.graphiteWeb = {
|
||||
description = "Graphite Web Interface";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
|
@ -416,7 +415,7 @@ in
|
|||
};
|
||||
|
||||
environment.systemPackages = [ pkgs.python3Packages.graphite-web ];
|
||||
}))
|
||||
})
|
||||
|
||||
(lib.mkIf cfg.seyren.enable {
|
||||
systemd.services.seyren = {
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ let
|
|||
opt = options.services.parsedmarc;
|
||||
isSecret = v: isAttrs v && v ? _secret && isString v._secret;
|
||||
ini = pkgs.formats.ini {
|
||||
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" rec {
|
||||
mkKeyValue = lib.flip lib.generators.mkKeyValueDefault "=" {
|
||||
mkValueString =
|
||||
v:
|
||||
if isInt v then
|
||||
|
|
|
|||
|
|
@ -344,7 +344,7 @@ let
|
|||
"-m comment --comment ${name}-exporter -j nixos-fw-accept"
|
||||
]);
|
||||
networking.firewall.extraInputRules = mkIf (conf.openFirewall && nftables) conf.firewallRules;
|
||||
systemd.services."prometheus-${name}-exporter" = mkMerge ([
|
||||
systemd.services."prometheus-${name}-exporter" = mkMerge [
|
||||
{
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
|
@ -381,14 +381,14 @@ let
|
|||
serviceConfig.UMask = "0077";
|
||||
}
|
||||
serviceOpts
|
||||
]);
|
||||
];
|
||||
};
|
||||
in
|
||||
{
|
||||
|
||||
options.services.prometheus.exporters = mkOption {
|
||||
type = types.submodule {
|
||||
options = (mkSubModules);
|
||||
options = mkSubModules;
|
||||
imports = [
|
||||
../../../misc/assertions.nix
|
||||
(lib.mkRenamedOptionModule [ "unifi-poller" ] [ "unpoller" ])
|
||||
|
|
|
|||
|
|
@ -49,9 +49,9 @@ in
|
|||
For more information, take a look at the official documentation
|
||||
(https://github.com/prometheus-community/json_exporter) of the json_exporter.
|
||||
'')
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -83,9 +83,9 @@ in
|
|||
(mkRemovedOptionModule [ "insecure" ] ''
|
||||
This option was replaced by 'prometheus.exporters.nginx.sslVerify'.
|
||||
'')
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -188,9 +188,9 @@ in
|
|||
into the cmdline of the exporter making the connection string effectively
|
||||
world-readable.
|
||||
'')
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -18,10 +18,10 @@ in
|
|||
{
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "interval" ] "This option has been removed.")
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
|
||||
port = 9617;
|
||||
|
|
|
|||
|
|
@ -111,9 +111,9 @@ in
|
|||
For more information, take a look at the official documentation
|
||||
(https://github.com/prometheus-community/json_exporter) of the json_exporter.
|
||||
'')
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,10 +26,10 @@ in
|
|||
(mkRemovedOptionModule [
|
||||
"fetchType"
|
||||
] "This option was removed, use the `unbound.host` option instead.")
|
||||
({
|
||||
{
|
||||
options.warnings = options.warnings;
|
||||
options.assertions = options.assertions;
|
||||
})
|
||||
}
|
||||
];
|
||||
|
||||
port = 9167;
|
||||
|
|
|
|||
|
|
@ -774,10 +774,8 @@ in
|
|||
};
|
||||
|
||||
query-frontend = paramsToOptions params.query-frontend // {
|
||||
enable = mkEnableOption (
|
||||
"the Thanos query frontend implements a service deployed in front of queriers to
|
||||
improve query parallelization and caching."
|
||||
);
|
||||
enable = mkEnableOption "the Thanos query frontend implements a service deployed in front of queriers to
|
||||
improve query parallelization and caching.";
|
||||
arguments = mkArgumentsOption "query-frontend";
|
||||
};
|
||||
|
||||
|
|
@ -800,9 +798,7 @@ in
|
|||
};
|
||||
|
||||
receive = paramsToOptions params.receive // {
|
||||
enable = mkEnableOption (
|
||||
"the Thanos receiver which accept Prometheus remote write API requests and write to local tsdb"
|
||||
);
|
||||
enable = mkEnableOption "the Thanos receiver which accept Prometheus remote write API requests and write to local tsdb";
|
||||
arguments = mkArgumentsOption "receive";
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -336,7 +336,7 @@ in
|
|||
ConfigurationDirectory = "bind";
|
||||
ReadWritePaths = [
|
||||
(lib.mapAttrsToList (
|
||||
name: config: if (lib.hasPrefix "/" config.file) then ("-${dirOf config.file}") else ""
|
||||
name: config: if (lib.hasPrefix "/" config.file) then "-${dirOf config.file}" else ""
|
||||
) cfg.zones)
|
||||
cfg.directory
|
||||
];
|
||||
|
|
|
|||
|
|
@ -170,7 +170,7 @@ in
|
|||
'';
|
||||
};
|
||||
connectTo = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.submodule (connectToSubmodule));
|
||||
type = lib.types.attrsOf (lib.types.submodule connectToSubmodule);
|
||||
default = { };
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
|
|
@ -216,7 +216,7 @@ in
|
|||
};
|
||||
|
||||
connectTo = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.submodule (connectToSubmodule));
|
||||
type = lib.types.attrsOf (lib.types.submodule connectToSubmodule);
|
||||
default = { };
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ in
|
|||
}
|
||||
'';
|
||||
type = lib.types.attrsOf (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options = {
|
||||
server = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
|
|
@ -60,7 +60,7 @@ in
|
|||
};
|
||||
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ in
|
|||
wants = [ "nss-lookup.target" ];
|
||||
before = [ "nss-lookup.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = rec {
|
||||
serviceConfig = {
|
||||
Type = "exec";
|
||||
DynamicUser = true;
|
||||
ProtectHome = "tmpfs";
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@ let
|
|||
int
|
||||
listOf
|
||||
;
|
||||
innerType = coercedTo bool (x: if x then "Yes" else "No") (coercedTo int (toString) str);
|
||||
innerType = coercedTo bool (x: if x then "Yes" else "No") (coercedTo int toString str);
|
||||
in
|
||||
attrsOf (coercedTo innerType lib.singleton (listOf innerType));
|
||||
|
||||
|
|
|
|||
|
|
@ -89,9 +89,9 @@ in
|
|||
};
|
||||
in
|
||||
{
|
||||
enable = lib.mkEnableOption (''
|
||||
enable = lib.mkEnableOption ''
|
||||
synchronise your machine's IP address with a dynamic DNS provider using inadyn
|
||||
'');
|
||||
'';
|
||||
user = lib.mkOption {
|
||||
default = "inadyn";
|
||||
type = lib.types.str;
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ in
|
|||
}
|
||||
'';
|
||||
type = lib.types.attrsOf (
|
||||
lib.types.submodule ({
|
||||
lib.types.submodule {
|
||||
options = {
|
||||
server = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
|
|
@ -85,7 +85,7 @@ in
|
|||
description = "Path to a file containing the password.";
|
||||
};
|
||||
};
|
||||
})
|
||||
}
|
||||
);
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -57,5 +57,5 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with lib.maintainers; [ ];
|
||||
meta.maintainers = [ ];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -289,7 +289,7 @@ in
|
|||
system.checks = lib.optional (cfg.nat64 != { } || cfg.siit != { }) (
|
||||
pkgs.runCommand "jool-validated"
|
||||
{
|
||||
nativeBuildInputs = with pkgs.buildPackages; [ jool-cli ];
|
||||
nativeBuildInputs = [ jool-cli ];
|
||||
preferLocalBuild = true;
|
||||
}
|
||||
(
|
||||
|
|
|
|||
|
|
@ -219,7 +219,7 @@ in
|
|||
};
|
||||
|
||||
config = mkIf (!config.networking.nftables.enable) (mkMerge [
|
||||
({ networking.firewall.extraCommands = mkBefore flushNat; })
|
||||
{ networking.firewall.extraCommands = mkBefore flushNat; }
|
||||
(mkIf config.networking.nat.enable {
|
||||
|
||||
networking.firewall = mkIf config.networking.firewall.enable {
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show more
Loading…
Reference in a new issue