Browse Source

Merge branch 'master' into staging

nixos-unstable
Vladimír Čunát 3 years ago
parent
commit
f21211ebfe
No known key found for this signature in database
GPG Key ID: E747DF1F9575A3AA
  1. 2
      lib/customisation.nix
  2. 5
      lib/systems/examples.nix
  3. 4
      lib/systems/inspect.nix
  4. 7
      lib/systems/parse.nix
  5. 3
      lib/types.nix
  6. 6
      maintainers/maintainer-list.nix
  7. 2
      nixos/doc/manual/configuration/profiles/clone-config.xml
  8. 113
      nixos/doc/manual/release-notes/rl-1909.xml
  9. 19
      nixos/modules/config/fonts/fontconfig.nix
  10. 1
      nixos/modules/config/fonts/fonts.nix
  11. 12
      nixos/modules/config/users-groups.nix
  12. 4
      nixos/modules/hardware/video/nvidia.nix
  13. 4
      nixos/modules/installer/cd-dvd/sd-image-aarch64.nix
  14. 4
      nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix
  15. 4
      nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix
  16. 8
      nixos/modules/installer/cd-dvd/sd-image.nix
  17. 4
      nixos/modules/module-list.nix
  18. 44
      nixos/modules/programs/seahorse.nix
  19. 2
      nixos/modules/programs/thefuck.nix
  20. 2
      nixos/modules/programs/xss-lock.nix
  21. 8
      nixos/modules/programs/yabar.nix
  22. 4
      nixos/modules/programs/zsh/zsh-syntax-highlighting.nix
  23. 9
      nixos/modules/rename.nix
  24. 4
      nixos/modules/security/auditd.nix
  25. 2
      nixos/modules/security/pam.nix
  26. 12
      nixos/modules/security/sudo.nix
  27. 6
      nixos/modules/services/amqp/activemq/default.nix
  28. 2
      nixos/modules/services/audio/alsa.nix
  29. 2
      nixos/modules/services/audio/ympd.nix
  30. 73
      nixos/modules/services/backup/crashplan-small-business.nix
  31. 67
      nixos/modules/services/backup/crashplan.nix
  32. 2
      nixos/modules/services/backup/postgresql-backup.nix
  33. 4
      nixos/modules/services/backup/rsnapshot.nix
  34. 2
      nixos/modules/services/computing/boinc/client.nix
  35. 10
      nixos/modules/services/databases/cassandra.nix
  36. 8
      nixos/modules/services/databases/couchdb.nix
  37. 8
      nixos/modules/services/databases/foundationdb.nix
  38. 4
      nixos/modules/services/databases/hbase.nix
  39. 4
      nixos/modules/services/databases/influxdb.nix
  40. 4
      nixos/modules/services/databases/mongodb.nix
  41. 8
      nixos/modules/services/databases/openldap.nix
  42. 4
      nixos/modules/services/databases/opentsdb.nix
  43. 70
      nixos/modules/services/databases/redis.nix
  44. 4
      nixos/modules/services/databases/riak.nix
  45. 38
      nixos/modules/services/desktops/gnome3/seahorse.nix
  46. 2
      nixos/modules/services/desktops/profile-sync-daemon.nix
  47. 16
      nixos/modules/services/games/factorio.nix
  48. 2
      nixos/modules/services/hardware/freefall.nix
  49. 4
      nixos/modules/services/hardware/fwupd.nix
  50. 2
      nixos/modules/services/hardware/sane.nix
  51. 10
      nixos/modules/services/hardware/tcsd.nix
  52. 1
      nixos/modules/services/hardware/triggerhappy.nix
  53. 6
      nixos/modules/services/logging/SystemdJournal2Gelf.nix
  54. 4
      nixos/modules/services/logging/awstats.nix
  55. 2
      nixos/modules/services/logging/logcheck.nix
  56. 4
      nixos/modules/services/logging/rsyslogd.nix
  57. 8
      nixos/modules/services/mail/exim.nix
  58. 4
      nixos/modules/services/mail/nullmailer.nix
  59. 4
      nixos/modules/services/mail/postfix.nix
  60. 12
      nixos/modules/services/mail/postgrey.nix
  61. 4
      nixos/modules/services/mail/rspamd.nix
  62. 4
      nixos/modules/services/misc/airsonic.nix
  63. 12
      nixos/modules/services/misc/apache-kafka.nix
  64. 8
      nixos/modules/services/misc/cpuminer-cryptonight.nix
  65. 2
      nixos/modules/services/misc/exhibitor.nix
  66. 2
      nixos/modules/services/misc/fstrim.nix
  67. 2
      nixos/modules/services/misc/logkeys.nix
  68. 4
      nixos/modules/services/misc/mediatomb.nix
  69. 5
      nixos/modules/services/misc/mwlib.nix
  70. 2
      nixos/modules/services/misc/paperless.nix
  71. 16
      nixos/modules/services/misc/serviio.nix
  72. 4
      nixos/modules/services/misc/subsonic.nix
  73. 10
      nixos/modules/services/misc/uhub.nix
  74. 4
      nixos/modules/services/monitoring/apcupsd.nix
  75. 10
      nixos/modules/services/monitoring/bosun.nix
  76. 2
      nixos/modules/services/monitoring/datadog-agent.nix
  77. 15
      nixos/modules/services/monitoring/dd-agent/dd-agent.nix
  78. 16
      nixos/modules/services/monitoring/graphite.nix
  79. 6
      nixos/modules/services/monitoring/heapster.nix
  80. 8
      nixos/modules/services/monitoring/kapacitor.nix
  81. 2
      nixos/modules/services/monitoring/munin.nix
  82. 12
      nixos/modules/services/monitoring/prometheus/exporters.nix
  83. 2
      nixos/modules/services/monitoring/prometheus/exporters/node.nix
  84. 2
      nixos/modules/services/monitoring/riemann-tools.nix
  85. 6
      nixos/modules/services/monitoring/scollector.nix
  86. 4
      nixos/modules/services/monitoring/ups.nix
  87. 2
      nixos/modules/services/monitoring/uptime.nix
  88. 22
      nixos/modules/services/network-filesystems/ceph.nix
  89. 4
      nixos/modules/services/network-filesystems/davfs2.nix
  90. 2
      nixos/modules/services/network-filesystems/drbd.nix
  91. 2
      nixos/modules/services/network-filesystems/glusterfs.nix
  92. 7
      nixos/modules/services/network-filesystems/ipfs.nix
  93. 2
      nixos/modules/services/network-filesystems/rsyncd.nix
  94. 6
      nixos/modules/services/network-filesystems/yandex-disk.nix
  95. 10
      nixos/modules/services/networking/aria2.nix
  96. 6
      nixos/modules/services/networking/autossh.nix
  97. 10
      nixos/modules/services/networking/charybdis.nix
  98. 4
      nixos/modules/services/networking/connman.nix
  99. 2
      nixos/modules/services/networking/gogoclient.nix
  100. 8
      nixos/modules/services/networking/hostapd.nix
  101. Some files were not shown because too many files have changed in this diff Show More

2
lib/customisation.nix

@ -47,7 +47,7 @@ rec {
/* `makeOverridable` takes a function from attribute set to attribute set and
injects `override` attibute which can be used to override arguments of
injects `override` attribute which can be used to override arguments of
the function.
nix-repl> x = {a, b}: { result = a + b; }

5
lib/systems/examples.nix

@ -236,4 +236,9 @@ rec {
useLLVM = true;
};
# Ghcjs
ghcjs = {
config = "js-unknown-ghcjs";
platform = {};
};
}

4
lib/systems/inspect.nix

@ -12,7 +12,7 @@ rec {
isx86_32 = { cpu = { family = "x86"; bits = 32; }; };
isx86_64 = { cpu = { family = "x86"; bits = 64; }; };
isPowerPC = { cpu = cpuTypes.powerpc; };
isPower = { cpu = { family = "power"; }; };
isPower = { cpu = { family = "power"; }; };
isx86 = { cpu = { family = "x86"; }; };
isAarch32 = { cpu = { family = "arm"; bits = 32; }; };
isAarch64 = { cpu = { family = "arm"; bits = 64; }; };
@ -23,6 +23,7 @@ rec {
isMsp430 = { cpu = { family = "msp430"; }; };
isAvr = { cpu = { family = "avr"; }; };
isAlpha = { cpu = { family = "alpha"; }; };
isJavaScript = { cpu = cpuTypes.js; };
is32bit = { cpu = { bits = 32; }; };
is64bit = { cpu = { bits = 64; }; };
@ -44,6 +45,7 @@ rec {
isCygwin = { kernel = kernels.windows; abi = abis.cygnus; };
isMinGW = { kernel = kernels.windows; abi = abis.gnu; };
isWasi = { kernel = kernels.wasi; };
isGhcjs = { kernel = kernels.ghcjs; };
isNone = { kernel = kernels.none; };
isAndroid = [ { abi = abis.android; } { abi = abis.androideabi; } ];

7
lib/systems/parse.nix

@ -106,11 +106,13 @@ rec {
wasm32 = { bits = 32; significantByte = littleEndian; family = "wasm"; };
wasm64 = { bits = 64; significantByte = littleEndian; family = "wasm"; };
alpha = { bits = 64; significantByte = littleEndian; family = "alpha"; };
msp430 = { bits = 16; significantByte = littleEndian; family = "msp430"; };
avr = { bits = 8; family = "avr"; };
js = { bits = 32; significantByte = littleEndian; family = "js"; };
};
# Determine where two CPUs are compatible with each other. That is,
@ -271,6 +273,7 @@ rec {
solaris = { execFormat = elf; families = { }; };
wasi = { execFormat = wasm; families = { }; };
windows = { execFormat = pe; families = { }; };
ghcjs = { execFormat = unknown; families = { }; };
} // { # aliases
# 'darwin' is the kernel for all of them. We choose macOS by default.
darwin = kernels.macos;
@ -384,6 +387,8 @@ rec {
then { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; }
else if (elem (elemAt l 2) ["eabi" "eabihf" "elf"])
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 1; abi = elemAt l 2; }
else if (elemAt l 2 == "ghcjs")
then { cpu = elemAt l 0; vendor = "unknown"; kernel = elemAt l 2; }
else throw "Target specification with 3 components is ambiguous";
"4" = { cpu = elemAt l 0; vendor = elemAt l 1; kernel = elemAt l 2; abi = elemAt l 3; };
}.${toString (length l)}

3
lib/types.nix

@ -217,7 +217,8 @@ rec {
# Deprecated; should not be used because it quietly concatenates
# strings, which is usually not what you want.
string = separatedString "";
string = warn "types.string is deprecated because it quietly concatenates strings"
(separatedString "");
attrs = mkOptionType {
name = "attrs";

6
maintainers/maintainer-list.nix

@ -5095,6 +5095,12 @@
githubId = 9568176;
name = "Piotr Halama";
};
puckipedia = {
email = "puck@puckipedia.com";
github = "puckipedia";
githubId = 488734;
name = "Puck Meerburg";
};
puffnfresh = {
email = "brian@brianmckenna.org";
github = "puffnfresh";

2
nixos/doc/manual/configuration/profiles/clone-config.xml

@ -16,6 +16,6 @@
On images where the installation media also becomes an installation target,
copying over <literal>configuration.nix</literal> should be disabled by
setting <literal>installer.cloneConfig</literal> to <literal>false</literal>.
This is already done in <literal>sd-image.nix</literal>.
For example, this is done in <literal>sd-image-aarch64.nix</literal>.
</para>
</section>

113
nixos/doc/manual/release-notes/rl-1909.xml

@ -57,6 +57,64 @@
and <option>services.xserver.desktopManager.xfce4-14</option> simultaneously or to downgrade from Xfce 4.14 after upgrading.
</para>
</listitem>
<listitem>
<para>
The GNOME 3 desktop manager module sports an interface to enable/disable core services, applications, and optional GNOME packages
like games.
<itemizedlist>
<para>This can be achieved with the following options which the desktop manager default enables, excluding <literal>games</literal>.</para>
<listitem><para><link linkend="opt-services.gnome3.core-os-services.enable"><literal>services.gnome3.core-os-services.enable</literal></link></para></listitem>
<listitem><para><link linkend="opt-services.gnome3.core-shell.enable"><literal>services.gnome3.core-shell.enable</literal></link></para></listitem>
<listitem><para><link linkend="opt-services.gnome3.core-utilities.enable"><literal>services.gnome3.core-utilities.enable</literal></link></para></listitem>
<listitem><para><link linkend="opt-services.gnome3.games.enable"><literal>services.gnome3.games.enable</literal></link></para></listitem>
</itemizedlist>
With these options we hope to give users finer grained control over their systems. Prior to this change you'd either have to manually
disable options or use <option>environment.gnome3.excludePackages</option> which only excluded the optional applications.
<option>environment.gnome3.excludePackages</option> is now unguarded, it can exclude any package installed with <option>environment.systemPackages</option>
in the GNOME 3 module.
</para>
</listitem>
<listitem>
<para>
Orthogonal to the previous changes to the GNOME 3 desktop manager module, we've updated all default services and applications
to match as close as possible to a default reference GNOME 3 experience.
</para>
<bridgehead>The following changes were enacted in <option>services.gnome3.core-utilities.enable</option></bridgehead>
<itemizedlist>
<title>Applications removed from defaults:</title>
<listitem><para><literal>accerciser</literal></para></listitem>
<listitem><para><literal>dconf-editor</literal></para></listitem>
<listitem><para><literal>evolution</literal></para></listitem>
<listitem><para><literal>gnome-documents</literal></para></listitem>
<listitem><para><literal>gnome-nettool</literal></para></listitem>
<listitem><para><literal>gnome-power-manager</literal></para></listitem>
<listitem><para><literal>gnome-todo</literal></para></listitem>
<listitem><para><literal>gnome-tweaks</literal></para></listitem>
<listitem><para><literal>gnome-usage</literal></para></listitem>
<listitem><para><literal>gucharmap</literal></para></listitem>
<listitem><para><literal>nautilus-sendto</literal></para></listitem>
<listitem><para><literal>vinagre</literal></para></listitem>
</itemizedlist>
<itemizedlist>
<title>Applications added to defaults:</title>
<listitem><para><literal>cheese</literal></para></listitem>
<listitem><para><literal>geary</literal></para></listitem>
</itemizedlist>
<bridgehead>The following changes were enacted in <option>services.gnome3.core-shell.enable</option></bridgehead>
<itemizedlist>
<title>Applications added to defaults:</title>
<listitem><para><literal>gnome-color-manager</literal></para></listitem>
<listitem><para><literal>orca</literal></para></listitem>
</itemizedlist>
<itemizedlist>
<title>Services enabled:</title>
<listitem><para><option>services.avahi.enable</option></para></listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
@ -348,6 +406,12 @@
What used to be called <literal>emacsPackagesNg</literal> is now simply called <literal>emacsPackages</literal>.
</para>
</listitem>
<listitem>
<para>
<option>services.xserver.desktopManager.xterm</option> is now disabled by default.
It was not useful except for debugging purposes and was confusingly set as default in some circumstances.
</para>
</listitem>
</itemizedlist>
</section>
@ -547,8 +611,8 @@
</para>
</listitem>
</itemizedlist>
This also configures the kernel to pass coredumps to <literal>systemd-coredump</literal>.
This also configures the kernel to pass coredumps to <literal>systemd-coredump</literal>,
and restricts the SysRq key combinations to the sync command only.
These sysctl snippets can be found in <literal>/etc/sysctl.d/50-*.conf</literal>,
and overridden via <link linkend="opt-boot.kernel.sysctl">boot.kernel.sysctl</link>
(which will place the parameters in <literal>/etc/sysctl.d/60-nixos.conf</literal>).
@ -591,6 +655,51 @@
The defaults from fontconfig are sufficient.
</para>
</listitem>
<listitem>
<para>
The <literal>crashplan</literal> package and the
<literal>crashplan</literal> service have been removed from nixpkgs due to
crashplan shutting down the service, while the <literal>crashplansb</literal>
package and <literal>crashplan-small-business</literal> service have been
removed from nixpkgs due to lack of maintainer.
</para>
<para>
The <link linkend="opt-services.redis.enable">redis module</link> was hardcoded to use the <literal>redis</literal> user,
<filename class="directory">/run/redis</filename> as runtime directory and
<filename class="directory">/var/lib/redis</filename> as state directory.
Note that the NixOS module for Redis now disables kernel support for Transparent Huge Pages (THP),
because this features causes major performance problems for Redis,
e.g. (https://redis.io/topics/latency).
</para>
</listitem>
<listitem>
<para>
Using <option>fonts.enableDefaultFonts</option> adds a default emoji font <literal>noto-fonts-emoji</literal>.
<itemizedlist>
<para>Users of the following options will have this enabled by default:</para>
<listitem>
<para><option>services.xserver.enable</option></para>
</listitem>
<listitem>
<para><option>programs.sway.enable</option></para>
</listitem>
<listitem>
<para><option>programs.way-cooler.enable</option></para>
</listitem>
<listitem>
<para><option>services.xrdp.enable</option></para>
</listitem>
</itemizedlist>
</para>
</listitem>
<listitem>
<para>
The <literal>altcoins</literal> categorization of packages has
been removed. You now access these packages at the top level,
ie. <literal>nix-shell -p dogecoin</literal> instead of
<literal>nix-shell -p altcoins.dogecoin</literal>, etc.
</para>
</listitem>
</itemizedlist>
</section>
</section>

19
nixos/modules/config/fonts/fontconfig.nix

@ -116,7 +116,7 @@ let
defaultFontsConf =
let genDefault = fonts: name:
optionalString (fonts != []) ''
<alias>
<alias binding="same">
<family>${name}</family>
<prefer>
${concatStringsSep ""
@ -139,6 +139,8 @@ let
${genDefault cfg.defaultFonts.monospace "monospace"}
${genDefault cfg.defaultFonts.emoji "emoji"}
</fontconfig>
'';
@ -344,6 +346,21 @@ in
in case multiple languages must be supported.
'';
};
emoji = mkOption {
type = types.listOf types.str;
default = ["Noto Color Emoji"];
description = ''
System-wide default emoji font(s). Multiple fonts may be listed
in case a font does not support all emoji.
Note that fontconfig matches color emoji fonts preferentially,
so if you want to use a black and white font while having
a color font installed (eg. Noto Color Emoji installed alongside
Noto Emoji), fontconfig will still choose the color font even
when it is later in the list.
'';
};
};
hinting = {

1
nixos/modules/config/fonts/fonts.nix

@ -43,6 +43,7 @@ with lib;
pkgs.xorg.fontmiscmisc
pkgs.xorg.fontcursormisc
pkgs.unifont
pkgs.noto-fonts-emoji
];
};

12
nixos/modules/config/users-groups.nix

@ -181,7 +181,7 @@ let
};
hashedPassword = mkOption {
type = with types; uniq (nullOr str);
type = with types; nullOr str;
default = null;
description = ''
Specifies the hashed password for the user.
@ -191,7 +191,7 @@ let
};
password = mkOption {
type = with types; uniq (nullOr str);
type = with types; nullOr str;
default = null;
description = ''
Specifies the (clear text) password for the user.
@ -203,7 +203,7 @@ let
};
passwordFile = mkOption {
type = with types; uniq (nullOr string);
type = with types; nullOr str;
default = null;
description = ''
The full path to a file that contains the user's password. The password
@ -215,7 +215,7 @@ let
};
initialHashedPassword = mkOption {
type = with types; uniq (nullOr str);
type = with types; nullOr str;
default = null;
description = ''
Specifies the initial hashed password for the user, i.e. the
@ -230,7 +230,7 @@ let
};
initialPassword = mkOption {
type = with types; uniq (nullOr str);
type = with types; nullOr str;
default = null;
description = ''
Specifies the initial password for the user, i.e. the
@ -304,7 +304,7 @@ let
};
members = mkOption {
type = with types; listOf string;
type = with types; listOf str;
default = [];
description = ''
The user names of the group members, added to the

4
nixos/modules/hardware/video/nvidia.nix

@ -88,7 +88,7 @@ in
};
hardware.nvidia.optimus_prime.nvidiaBusId = lib.mkOption {
type = lib.types.string;
type = lib.types.str;
default = "";
example = "PCI:1:0:0";
description = ''
@ -98,7 +98,7 @@ in
};
hardware.nvidia.optimus_prime.intelBusId = lib.mkOption {
type = lib.types.string;
type = lib.types.str;
default = "";
example = "PCI:0:2:0";
description = ''

4
nixos/modules/installer/cd-dvd/sd-image-aarch64.nix

@ -59,4 +59,8 @@ in
${extlinux-conf-builder} -t 3 -c ${config.system.build.toplevel} -d ./files/boot
'';
};
# the installation media is also the installation target,
# so we don't want to provide the installation configuration.nix.
installer.cloneConfig = false;
}

4
nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix

@ -56,4 +56,8 @@ in
${extlinux-conf-builder} -t 3 -c ${config.system.build.toplevel} -d ./files/boot
'';
};
# the installation media is also the installation target,
# so we don't want to provide the installation configuration.nix.
installer.cloneConfig = false;
}

4
nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix

@ -45,4 +45,8 @@ in
${extlinux-conf-builder} -t 3 -c ${config.system.build.toplevel} -d ./files/boot
'';
};
# the installation media is also the installation target,
# so we don't want to provide the installation configuration.nix.
installer.cloneConfig = false;
}

8
nixos/modules/installer/cd-dvd/sd-image.nix

@ -54,7 +54,7 @@ in
};
firmwarePartitionID = mkOption {
type = types.string;
type = types.str;
default = "0x2178694e";
description = ''
Volume ID for the /boot/firmware partition on the SD card. This value
@ -63,7 +63,7 @@ in
};
rootPartitionUUID = mkOption {
type = types.nullOr types.string;
type = types.nullOr types.str;
default = null;
example = "14e19a7b-0ae0-484d-9d54-43bd6fdc20c7";
description = ''
@ -194,9 +194,5 @@ in
rm -f /nix-path-registration
fi
'';
# the installation media is also the installation target,
# so we don't want to provide the installation configuration.nix.
installer.cloneConfig = false;
};
}

4
nixos/modules/module-list.nix

@ -138,6 +138,7 @@
./programs/qt5ct.nix
./programs/screen.nix
./programs/sedutil.nix
./programs/seahorse.nix
./programs/slock.nix
./programs/shadow.nix
./programs/shell.nix
@ -216,8 +217,6 @@
./services/backup/bacula.nix
./services/backup/borgbackup.nix
./services/backup/duplicati.nix
./services/backup/crashplan.nix
./services/backup/crashplan-small-business.nix
./services/backup/duplicity.nix
./services/backup/mysql-backup.nix
./services/backup/postgresql-backup.nix
@ -303,7 +302,6 @@
./services/desktops/gnome3/gnome-settings-daemon.nix
./services/desktops/gnome3/gnome-user-share.nix
./services/desktops/gnome3/rygel.nix
./services/desktops/gnome3/seahorse.nix
./services/desktops/gnome3/sushi.nix
./services/desktops/gnome3/tracker.nix
./services/desktops/gnome3/tracker-miners.nix

44
nixos/modules/programs/seahorse.nix

@ -0,0 +1,44 @@
# Seahorse.
{ config, pkgs, lib, ... }:
with lib;
{
# Added 2019-08-27
imports = [
(mkRenamedOptionModule
[ "services" "gnome3" "seahorse" "enable" ]
[ "programs" "seahorse" "enable" ])
];
###### interface
options = {
programs.seahorse = {
enable = mkEnableOption "Seahorse, a GNOME application for managing encryption keys and passwords in the GNOME Keyring";
};
};
###### implementation
config = mkIf config.programs.seahorse.enable {
environment.systemPackages = [
pkgs.gnome3.seahorse
];
services.dbus.packages = [
pkgs.gnome3.seahorse
];
};
}

2
nixos/modules/programs/thefuck.nix

@ -17,7 +17,7 @@ in
alias = mkOption {
default = "fuck";
type = types.string;
type = types.str;
description = ''
`thefuck` needs an alias to be configured.

2
nixos/modules/programs/xss-lock.nix

@ -12,7 +12,7 @@ in
lockerCommand = mkOption {
default = "${pkgs.i3lock}/bin/i3lock";
example = literalExample ''''${pkgs.i3lock-fancy}/bin/i3lock-fancy'';
type = types.string;
type = types.separatedString " ";
description = "Locker to be used with xsslock";
};

8
nixos/modules/programs/yabar.nix

@ -76,7 +76,7 @@ in
font = mkOption {
default = "sans bold 9";
example = "Droid Sans, FontAwesome Bold 9";
type = types.string;
type = types.str;
description = ''
The font that will be used to draw the status bar.
@ -95,7 +95,7 @@ in
extra = mkOption {
default = {};
type = types.attrsOf types.string;
type = types.attrsOf types.str;
description = ''
An attribute set which contains further attributes of a bar.
@ -107,7 +107,7 @@ in
type = types.attrsOf(types.submodule {
options.exec = mkOption {
example = "YABAR_DATE";
type = types.string;
type = types.str;
description = ''
The type of the indicator to be executed.
'';
@ -125,7 +125,7 @@ in
options.extra = mkOption {
default = {};
type = types.attrsOf (types.either types.string types.int);
type = types.attrsOf (types.either types.str types.int);
description = ''
An attribute set which contains further attributes of a indicator.

4
nixos/modules/programs/zsh/zsh-syntax-highlighting.nix

@ -33,7 +33,7 @@ in
patterns = mkOption {
default = {};
type = types.attrsOf types.string;
type = types.attrsOf types.str;
example = literalExample ''
{
@ -50,7 +50,7 @@ in
};
styles = mkOption {
default = {};
type = types.attrsOf types.string;
type = types.attrsOf types.str;
example = literalExample ''
{

9
nixos/modules/rename.nix

@ -256,7 +256,7 @@ with lib;
# binfmt
(mkRenamedOptionModule [ "boot" "binfmtMiscRegistrations" ] [ "boot" "binfmt" "registrations" ])
# ACME
(mkRemovedOptionModule [ "security" "acme" "directory"] "ACME Directory is now hardcoded to /var/lib/acme and its permisisons are managed by systemd. See https://github.com/NixOS/nixpkgs/issues/53852 for more info.")
(mkRemovedOptionModule [ "security" "acme" "preDelay"] "This option has been removed. If you want to make sure that something executes before certificates are provisioned, add a RequiredBy=acme-\${cert}.service to the service you want to execute before the cert renewal")
@ -285,6 +285,13 @@ with lib;
throw "services.redshift.longitude is set to null, you can remove this"
else builtins.fromJSON value))
# Redis
(mkRemovedOptionModule [ "services" "redis" "user" ] "The redis module now is hardcoded to the redis user.")
(mkRemovedOptionModule [ "services" "redis" "dbpath" ] "The redis module now uses /var/lib/redis as data directory.")
(mkRemovedOptionModule [ "services" "redis" "dbFilename" ] "The redis module now uses /var/lib/redis/dump.rdb as database dump location.")
(mkRemovedOptionModule [ "services" "redis" "appendOnlyFilename" ] "This option was never used.")
(mkRemovedOptionModule [ "services" "redis" "pidFile" ] "This option was removed.")
] ++ (forEach [ "blackboxExporter" "collectdExporter" "fritzboxExporter"
"jsonExporter" "minioExporter" "nginxExporter" "nodeExporter"
"snmpExporter" "unifiExporter" "varnishExporter" ]

4
nixos/modules/security/auditd.nix

@ -6,6 +6,10 @@ with lib;
options.security.auditd.enable = mkEnableOption "the Linux Audit daemon";
config = mkIf config.security.auditd.enable {
boot.kernelParams = [ "audit=1" ];
environment.systemPackages = [ pkgs.audit ];
systemd.services.auditd = {
description = "Linux Audit daemon";
wantedBy = [ "basic.target" ];

2
nixos/modules/security/pam.nix

@ -685,7 +685,7 @@ in
};
id = mkOption {
example = "42";
type = types.string;
type = types.str;
description = "client id";
};

12
nixos/modules/security/sudo.nix

@ -91,7 +91,7 @@ in
type = with types; listOf (submodule {
options = {
users = mkOption {
type = with types; listOf (either string int);
type = with types; listOf (either str int);
description = ''
The usernames / UIDs this rule should apply for.
'';
@ -99,7 +99,7 @@ in
};
groups = mkOption {
type = with types; listOf (either string int);
type = with types; listOf (either str int);
description = ''
The groups / GIDs this rule should apply for.
'';
@ -107,7 +107,7 @@ in
};
host = mkOption {
type = types.string;
type = types.str;
default = "ALL";
description = ''
For what host this rule should apply.
@ -115,7 +115,7 @@ in
};
runAs = mkOption {
type = with types; string;
type = with types; str;
default = "ALL:ALL";
description = ''
Under which user/group the specified command is allowed to run.
@ -130,11 +130,11 @@ in
description = ''
The commands for which the rule should apply.
'';
type = with types; listOf (either string (submodule {
type = with types; listOf (either str (submodule {
options = {
command = mkOption {
type = with types; string;
type = with types; str;
description = ''
A command being either just a path to a binary to allow any arguments,
the full command with arguments pre-set or with <code>""</code> used as the argument,

6
nixos/modules/services/amqp/activemq/default.nix

@ -40,7 +40,7 @@ in {
'';
};
configurationURI = mkOption {
type = types.string;
type = types.str;
default = "xbean:activemq.xml";
description = ''
The URI that is passed along to the BrokerFactory to
@ -51,7 +51,7 @@ in {
'';
};
baseDir = mkOption {
type = types.string;
type = types.str;
default = "/var/activemq";
description = ''
The base directory where ActiveMQ stores its persistent data and logs.
@ -81,7 +81,7 @@ in {
'';
};
extraJavaOptions = mkOption {
type = types.string;
type = types.separatedString " ";
default = "";
example = "-Xmx2G -Xms2G -XX:MaxPermSize=512M";
description = ''

2
nixos/modules/services/audio/alsa.nix

@ -64,7 +64,7 @@ in
};
volumeStep = mkOption {
type = types.string;
type = types.str;
default = "1";
example = "1%";
description = ''

2
nixos/modules/services/audio/ympd.nix

@ -23,7 +23,7 @@ in {
mpd = {
host = mkOption {
type = types.string;
type = types.str;
default = "localhost";
description = "The host where MPD is listening.";
example = "localhost";

73
nixos/modules/services/backup/crashplan-small-business.nix

@ -1,73 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.services.crashplansb;
crashplansb = pkgs.crashplansb.override { maxRam = cfg.maxRam; };
in
with lib;
{
options = {
services.crashplansb = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Starts crashplan for small business background service.
'';
};
maxRam = mkOption {
default = "1024m";
example = "2G";
type = types.str;
description = ''
Maximum amount of ram that the crashplan engine should use.
'';
};
openPorts = mkOption {
description = "Open ports in the firewall for crashplan.";
default = true;
type = types.bool;
};
ports = mkOption {
# https://support.code42.com/Administrator/6/Planning_and_installing/TCP_and_UDP_ports_used_by_the_Code42_platform
# used ports can also be checked in the desktop app console using the command connection.info
description = "which ports to open.";
default = [ 4242 4243 4244 4247 ];
type = types.listOf types.int;
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ crashplansb ];
networking.firewall.allowedTCPPorts = mkIf cfg.openPorts cfg.ports;
systemd.services.crashplansb = {
description = "CrashPlan Backup Engine";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "local-fs.target" ];
preStart = ''
install -d -m 755 ${crashplansb.vardir}
install -d -m 700 ${crashplansb.vardir}/conf
install -d -m 700 ${crashplansb.manifestdir}
install -d -m 700 ${crashplansb.vardir}/cache
install -d -m 700 ${crashplansb.vardir}/backupArchives
install -d -m 777 ${crashplansb.vardir}/log
cp -avn ${crashplansb}/conf.template/* ${crashplansb.vardir}/conf
'';
serviceConfig = {
Type = "forking";
EnvironmentFile = "${crashplansb}/bin/run.conf";
ExecStart = "${crashplansb}/bin/CrashPlanEngine start";
ExecStop = "${crashplansb}/bin/CrashPlanEngine stop";
PIDFile = "${crashplansb.vardir}/CrashPlanEngine.pid";
WorkingDirectory = crashplansb;
};
};
};
}

67
nixos/modules/services/backup/crashplan.nix

@ -1,67 +0,0 @@
{ config, pkgs, lib, ... }:
let
cfg = config.services.crashplan;
crashplan = pkgs.crashplan;
in
with lib;
{
options = {
services.crashplan = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Starts crashplan background service.
'';
};
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ crashplan ];
systemd.services.crashplan = {
description = "CrashPlan Backup Engine";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "local-fs.target" ];
preStart = ''
ensureDir() {
dir=$1
mode=$2
if ! test -e $dir; then
${pkgs.coreutils}/bin/mkdir -m $mode -p $dir
elif [ "$(${pkgs.coreutils}/bin/stat -c %a $dir)" != "$mode" ]; then
${pkgs.coreutils}/bin/chmod $mode $dir
fi
}
ensureDir ${crashplan.vardir} 755
ensureDir ${crashplan.vardir}/conf 700
ensureDir ${crashplan.manifestdir} 700
ensureDir ${crashplan.vardir}/cache 700
ensureDir ${crashplan.vardir}/backupArchives 700
ensureDir ${crashplan.vardir}/log 777
cp -avn ${crashplan}/conf.template/* ${crashplan.vardir}/conf
for x in app.asar bin install.vars lang lib libc42archive64.so libc52archive.so libjniwrap64.so libjniwrap.so libjtux64.so libjtux.so libleveldb64.so libleveldb.so libmd564.so libmd5.so share skin upgrade; do
rm -f ${crashplan.vardir}/$x;
ln -sf ${crashplan}/$x ${crashplan.vardir}/$x;
done
'';
serviceConfig = {
Type = "forking";
EnvironmentFile = "${crashplan}/bin/run.conf";
ExecStart = "${crashplan}/bin/CrashPlanEngine start";
ExecStop = "${crashplan}/bin/CrashPlanEngine stop";
PIDFile = "${crashplan.vardir}/CrashPlanEngine.pid";
WorkingDirectory = crashplan;
};
};
};
}

2
nixos/modules/services/backup/postgresql-backup.nix

@ -81,7 +81,7 @@ in {
};
pgdumpOptions = mkOption {
type = types.string;
type = types.separatedString " ";
default = "-Cbo";
description = ''
Command line options for pg_dump. This options is not used

4
nixos/modules/services/backup/rsnapshot.nix

@ -2,7 +2,7 @@
with lib;
let
let
cfg = config.services.rsnapshot;
cfgfile = pkgs.writeText "rsnapshot.conf" ''
config_version 1.2
@ -52,7 +52,7 @@ in
cronIntervals = mkOption {
default = {};
example = { hourly = "0 * * * *"; daily = "50 21 * * *"; };
type = types.attrsOf types.string;
type = types.attrsOf types.str;
description = ''
Periodicity at which intervals should be run by cron.
Note that the intervals also have to exist in configuration

2
nixos/modules/services/computing/boinc/client.nix

@ -111,7 +111,7 @@ in
systemd.services.boinc = {
description = "BOINC Client";
after = ["network.target" "local-fs.target"];
after = ["network.target"];
wantedBy = ["multi-user.target"];
script = ''
${fhsEnvExecutable} --dir ${cfg.dataDir} --redirectio ${allowRemoteGuiRpcFlag}

10
nixos/modules/services/databases/cassandra.nix

@ -259,7 +259,7 @@ in {
'';
};
incrementalRepairOptions = mkOption {
type = types.listOf types.string;
type = types.listOf types.str;
default = [];
example = [ "--partitioner-range" ];
description = ''
@ -267,7 +267,7 @@ in {
'';
};
maxHeapSize = mkOption {
type = types.nullOr types.string;
type = types.nullOr types.str;
default = null;
example = "4G";
description = ''
@ -287,7 +287,7 @@ in {
'';
};
heapNewSize = mkOption {
type = types.nullOr types.string;
type = types.nullOr types.str;
default = null;
example = "800M";
description = ''
@ -352,11 +352,11 @@ in {
type = types.listOf (types.submodule {
options = {
username = mkOption {
type = types.string;
type = types.str;
description = "Username for JMX";
};
password = mkOption {
type = types.string;
type = types.str;
description = "Password for JMX";
};
};

8
nixos/modules/services/databases/couchdb.nix

@ -56,7 +56,7 @@ in {
user = mkOption {
type = types.string;
type = types.str;
default = "couchdb";
description = ''
User account under which couchdb runs.
@ -64,7 +64,7 @@ in {
};
group = mkOption {
type = types.string;
type = types.str;
default = "couchdb";
description = ''
Group account under which couchdb runs.
@ -106,7 +106,7 @@ in {
};
bindAddress = mkOption {
type = types.string;
type = types.str;
default = "127.0.0.1";
description = ''
Defines the IP address by which CouchDB will be accessible.
@ -138,7 +138,7 @@ in {
};
configFile = mkOption {
type = types.string;
type = types.path;
description = ''
Configuration file for persisting runtime changes. File
needs to be readable and writable from couchdb user/group.

8
nixos/modules/services/databases/foundationdb.nix

@ -140,7 +140,7 @@ in
};
logSize = mkOption {
type = types.string;
type = types.str;
default = "10MiB";
description = ''
Roll over to a new log file after the current log file
@ -149,7 +149,7 @@ in
};
maxLogSize = mkOption {
type = types.string;
type = types.str;
default = "100MiB";
description = ''
Delete the oldest log file when the total size of all log
@ -171,7 +171,7 @@ in
};
memory = mkOption {
type = types.string;
type = types.str;
default = "8GiB";
description = ''
Maximum memory used by the process. The default value is
@ -193,7 +193,7 @@ in
};
storageMemory = mkOption {
type = types.string;
type = types.str;
default = "1GiB";
description = ''
Maximum memory used for data storage. The default value is