Merge master into staging-next
This commit is contained in:
commit
22c53603c5
15
lib/meta.nix
15
lib/meta.nix
@ -133,12 +133,17 @@ rec {
|
||||
mapDerivationAttrset = f: set: lib.mapAttrs (name: pkg: if lib.isDerivation pkg then (f pkg) else pkg) set;
|
||||
|
||||
/**
|
||||
Set the nix-env priority of the package.
|
||||
The default priority of packages in Nix. See `defaultPriority` in [`src/nix/profile.cc`](https://github.com/NixOS/nix/blob/master/src/nix/profile.cc#L47).
|
||||
*/
|
||||
defaultPriority = 5;
|
||||
|
||||
/**
|
||||
Set the nix-env priority of the package. Note that higher values are lower priority, and vice versa.
|
||||
|
||||
# Inputs
|
||||
|
||||
`priority`
|
||||
: 1\. Function argument
|
||||
: 1\. The priority to set.
|
||||
|
||||
`drv`
|
||||
: 2\. Function argument
|
||||
@ -159,8 +164,7 @@ rec {
|
||||
lowPrio = setPrio 10;
|
||||
|
||||
/**
|
||||
Apply lowPrio to an attrset with derivations
|
||||
|
||||
Apply lowPrio to an attrset with derivations.
|
||||
|
||||
# Inputs
|
||||
|
||||
@ -184,8 +188,7 @@ rec {
|
||||
hiPrio = setPrio (-10);
|
||||
|
||||
/**
|
||||
Apply hiPrio to an attrset with derivations
|
||||
|
||||
Apply hiPrio to an attrset with derivations.
|
||||
|
||||
# Inputs
|
||||
|
||||
|
@ -5630,12 +5630,6 @@
|
||||
githubId = 6689924;
|
||||
name = "David Terry";
|
||||
};
|
||||
dxwil = {
|
||||
email = "dovydas@kersys.lt";
|
||||
github = "dxwil";
|
||||
githubId = 90563298;
|
||||
name = "Dovydas Kersys";
|
||||
};
|
||||
dylan-gonzalez = {
|
||||
email = "dylcg10@gmail.com";
|
||||
github = "dylan-gonzalez";
|
||||
@ -18242,6 +18236,13 @@
|
||||
githubId = 766350;
|
||||
name = "Richard Zetterberg";
|
||||
};
|
||||
s0me1newithhand7s = {
|
||||
name = "hand7s";
|
||||
email = "s0me1newithhand7s@gmail.com";
|
||||
matrix = "@s0me1newithhand7s:matrix.org";
|
||||
github = "s0me1newithhand7s";
|
||||
githubId = 117505144;
|
||||
};
|
||||
s1341 = {
|
||||
email = "s1341@shmarya.net";
|
||||
matrix = "@s1341:matrix.org";
|
||||
|
@ -1,10 +1,8 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
options = {
|
||||
appstream.enable = mkOption {
|
||||
type = types.bool;
|
||||
appstream.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -13,7 +11,7 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.appstream.enable {
|
||||
config = lib.mkIf config.appstream.enable {
|
||||
environment.pathsToLink = [
|
||||
# per component metadata
|
||||
"/share/metainfo"
|
||||
|
@ -1,27 +1,23 @@
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.console;
|
||||
|
||||
makeColor = i: concatMapStringsSep "," (x: "0x" + substring (2*i) 2 x);
|
||||
makeColor = i: lib.concatMapStringsSep "," (x: "0x" + lib.substring (2*i) 2 x);
|
||||
|
||||
isUnicode = hasSuffix "UTF-8" (toUpper config.i18n.defaultLocale);
|
||||
isUnicode = lib.hasSuffix "UTF-8" (lib.toUpper config.i18n.defaultLocale);
|
||||
|
||||
optimizedKeymap = pkgs.runCommand "keymap" {
|
||||
nativeBuildInputs = [ pkgs.buildPackages.kbd ];
|
||||
LOADKEYS_KEYMAP_PATH = "${consoleEnv pkgs.kbd}/share/keymaps/**";
|
||||
preferLocalBuild = true;
|
||||
} ''
|
||||
loadkeys -b ${optionalString isUnicode "-u"} "${cfg.keyMap}" > $out
|
||||
loadkeys -b ${lib.optionalString isUnicode "-u"} "${cfg.keyMap}" > $out
|
||||
'';
|
||||
|
||||
# Sadly, systemd-vconsole-setup doesn't support binary keymaps.
|
||||
vconsoleConf = pkgs.writeText "vconsole.conf" ''
|
||||
KEYMAP=${cfg.keyMap}
|
||||
${optionalString (cfg.font != null) "FONT=${cfg.font}"}
|
||||
${lib.optionalString (cfg.font != null) "FONT=${cfg.font}"}
|
||||
'';
|
||||
|
||||
consoleEnv = kbd: pkgs.buildEnv {
|
||||
@ -40,12 +36,12 @@ in
|
||||
###### interface
|
||||
|
||||
options.console = {
|
||||
enable = mkEnableOption "virtual console" // {
|
||||
enable = lib.mkEnableOption "virtual console" // {
|
||||
default = true;
|
||||
};
|
||||
|
||||
font = mkOption {
|
||||
type = with types; nullOr (either str path);
|
||||
font = lib.mkOption {
|
||||
type = with lib.types; nullOr (either str path);
|
||||
default = null;
|
||||
example = "LatArCyrHeb-16";
|
||||
description = ''
|
||||
@ -61,8 +57,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
keyMap = mkOption {
|
||||
type = with types; either str path;
|
||||
keyMap = lib.mkOption {
|
||||
type = with lib.types; either str path;
|
||||
default = "us";
|
||||
example = "fr";
|
||||
description = ''
|
||||
@ -70,8 +66,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
colors = mkOption {
|
||||
type = with types; listOf (strMatching "[[:xdigit:]]{6}");
|
||||
colors = lib.mkOption {
|
||||
type = with lib.types; listOf (strMatching "[[:xdigit:]]{6}");
|
||||
default = [ ];
|
||||
example = [
|
||||
"002b36" "dc322f" "859900" "b58900"
|
||||
@ -88,8 +84,8 @@ in
|
||||
|
||||
};
|
||||
|
||||
packages = mkOption {
|
||||
type = types.listOf types.package;
|
||||
packages = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [ ];
|
||||
description = ''
|
||||
List of additional packages that provide console fonts, keymaps and
|
||||
@ -97,8 +93,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
useXkbConfig = mkOption {
|
||||
type = types.bool;
|
||||
useXkbConfig = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If set, configure the virtual console keymap from the xserver
|
||||
@ -106,9 +102,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
earlySetup = mkOption {
|
||||
earlySetup = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Enable setting virtual console options as early as possible (in initrd).
|
||||
'';
|
||||
@ -119,12 +115,12 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkMerge [
|
||||
config = lib.mkMerge [
|
||||
{ console.keyMap = with config.services.xserver;
|
||||
mkIf cfg.useXkbConfig
|
||||
lib.mkIf cfg.useXkbConfig
|
||||
(pkgs.runCommand "xkb-console-keymap" { preferLocalBuild = true; } ''
|
||||
'${pkgs.buildPackages.ckbcomp}/bin/ckbcomp' \
|
||||
${optionalString (config.environment.sessionVariables ? XKB_CONFIG_ROOT)
|
||||
${lib.optionalString (config.environment.sessionVariables ? XKB_CONFIG_ROOT)
|
||||
"-I${config.environment.sessionVariables.XKB_CONFIG_ROOT}"
|
||||
} \
|
||||
-model '${xkb.model}' -layout '${xkb.layout}' \
|
||||
@ -132,7 +128,7 @@ in
|
||||
'');
|
||||
}
|
||||
|
||||
(mkIf (!cfg.enable) {
|
||||
(lib.mkIf (!cfg.enable) {
|
||||
systemd.services = {
|
||||
"serial-getty@ttyS0".enable = false;
|
||||
"serial-getty@hvc0".enable = false;
|
||||
@ -142,7 +138,7 @@ in
|
||||
};
|
||||
})
|
||||
|
||||
(mkIf cfg.enable (mkMerge [
|
||||
(lib.mkIf cfg.enable (lib.mkMerge [
|
||||
{ environment.systemPackages = [ pkgs.kbd ];
|
||||
|
||||
# Let systemd-vconsole-setup.service do the work of setting up the
|
||||
@ -151,12 +147,12 @@ in
|
||||
# Provide kbd with additional packages.
|
||||
environment.etc.kbd.source = "${consoleEnv pkgs.kbd}/share";
|
||||
|
||||
boot.initrd.preLVMCommands = mkIf (!config.boot.initrd.systemd.enable) (mkBefore ''
|
||||
boot.initrd.preLVMCommands = lib.mkIf (!config.boot.initrd.systemd.enable) (lib.mkBefore ''
|
||||
kbd_mode ${if isUnicode then "-u" else "-a"} -C /dev/console
|
||||
printf "\033%%${if isUnicode then "G" else "@"}" >> /dev/console
|
||||
loadkmap < ${optimizedKeymap}
|
||||
|
||||
${optionalString (cfg.earlySetup && cfg.font != null) ''
|
||||
${lib.optionalString (cfg.earlySetup && cfg.font != null) ''
|
||||
setfont -C /dev/console $extraUtils/share/consolefonts/font.psf
|
||||
''}
|
||||
'');
|
||||
@ -176,9 +172,9 @@ in
|
||||
"${config.boot.initrd.systemd.package.kbd}/bin/setfont"
|
||||
"${config.boot.initrd.systemd.package.kbd}/bin/loadkeys"
|
||||
"${config.boot.initrd.systemd.package.kbd.gzip}/bin/gzip" # Fonts and keyboard layouts are compressed
|
||||
] ++ optionals (cfg.font != null && hasPrefix builtins.storeDir cfg.font) [
|
||||
] ++ lib.optionals (cfg.font != null && lib.hasPrefix builtins.storeDir cfg.font) [
|
||||
"${cfg.font}"
|
||||
] ++ optionals (hasPrefix builtins.storeDir cfg.keyMap) [
|
||||
] ++ lib.optionals (lib.hasPrefix builtins.storeDir cfg.keyMap) [
|
||||
"${cfg.keyMap}"
|
||||
];
|
||||
|
||||
@ -195,7 +191,7 @@ in
|
||||
};
|
||||
}
|
||||
|
||||
(mkIf (cfg.colors != []) {
|
||||
(lib.mkIf (cfg.colors != []) {
|
||||
boot.kernelParams = [
|
||||
"vt.default_red=${makeColor 0 cfg.colors}"
|
||||
"vt.default_grn=${makeColor 1 cfg.colors}"
|
||||
@ -203,10 +199,10 @@ in
|
||||
];
|
||||
})
|
||||
|
||||
(mkIf (cfg.earlySetup && cfg.font != null && !config.boot.initrd.systemd.enable) {
|
||||
(lib.mkIf (cfg.earlySetup && cfg.font != null && !config.boot.initrd.systemd.enable) {
|
||||
boot.initrd.extraUtilsCommands = ''
|
||||
mkdir -p $out/share/consolefonts
|
||||
${if substring 0 1 cfg.font == "/" then ''
|
||||
${if lib.substring 0 1 cfg.font == "/" then ''
|
||||
font="${cfg.font}"
|
||||
'' else ''
|
||||
font="$(echo ${consoleEnv pkgs.kbd}/share/consolefonts/${cfg.font}.*)"
|
||||
@ -222,14 +218,14 @@ in
|
||||
];
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "i18n" "consoleFont" ] [ "console" "font" ])
|
||||
(mkRenamedOptionModule [ "i18n" "consoleKeyMap" ] [ "console" "keyMap" ])
|
||||
(mkRenamedOptionModule [ "i18n" "consoleColors" ] [ "console" "colors" ])
|
||||
(mkRenamedOptionModule [ "i18n" "consolePackages" ] [ "console" "packages" ])
|
||||
(mkRenamedOptionModule [ "i18n" "consoleUseXkbConfig" ] [ "console" "useXkbConfig" ])
|
||||
(mkRenamedOptionModule [ "boot" "earlyVconsoleSetup" ] [ "console" "earlySetup" ])
|
||||
(mkRenamedOptionModule [ "boot" "extraTTYs" ] [ "console" "extraTTYs" ])
|
||||
(mkRemovedOptionModule [ "console" "extraTTYs" ] ''
|
||||
(lib.mkRenamedOptionModule [ "i18n" "consoleFont" ] [ "console" "font" ])
|
||||
(lib.mkRenamedOptionModule [ "i18n" "consoleKeyMap" ] [ "console" "keyMap" ])
|
||||
(lib.mkRenamedOptionModule [ "i18n" "consoleColors" ] [ "console" "colors" ])
|
||||
(lib.mkRenamedOptionModule [ "i18n" "consolePackages" ] [ "console" "packages" ])
|
||||
(lib.mkRenamedOptionModule [ "i18n" "consoleUseXkbConfig" ] [ "console" "useXkbConfig" ])
|
||||
(lib.mkRenamedOptionModule [ "boot" "earlyVconsoleSetup" ] [ "console" "earlySetup" ])
|
||||
(lib.mkRenamedOptionModule [ "boot" "extraTTYs" ] [ "console" "extraTTYs" ])
|
||||
(lib.mkRemovedOptionModule [ "console" "extraTTYs" ] ''
|
||||
Since NixOS switched to systemd (circa 2012), TTYs have been spawned on
|
||||
demand, so there is no need to configure them manually.
|
||||
'')
|
||||
|
@ -1,13 +1,10 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
options = {
|
||||
|
||||
environment.enableDebugInfo = mkOption {
|
||||
type = types.bool;
|
||||
environment.enableDebugInfo = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Some NixOS packages provide debug symbols. However, these are
|
||||
@ -29,7 +26,7 @@ with lib;
|
||||
};
|
||||
|
||||
|
||||
config = mkIf config.environment.enableDebugInfo {
|
||||
config = lib.mkIf config.environment.enableDebugInfo {
|
||||
|
||||
# FIXME: currently disabled because /lib is already in
|
||||
# environment.pathsToLink, and we can't have both.
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.fonts.fontDir;
|
||||
@ -12,7 +9,7 @@ let
|
||||
find ${toString config.fonts.packages} -regex "$font_regexp" \
|
||||
-exec ln -sf -t "$out/share/X11/fonts" '{}' \;
|
||||
cd "$out/share/X11/fonts"
|
||||
${optionalString cfg.decompressFonts ''
|
||||
${lib.optionalString cfg.decompressFonts ''
|
||||
${pkgs.gzip}/bin/gunzip -f *.gz
|
||||
''}
|
||||
${pkgs.xorg.mkfontscale}/bin/mkfontscale
|
||||
@ -27,8 +24,8 @@ in
|
||||
options = {
|
||||
fonts.fontDir = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to create a directory with links to all fonts in
|
||||
@ -36,10 +33,10 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
decompressFonts = mkOption {
|
||||
type = types.bool;
|
||||
decompressFonts = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = config.programs.xwayland.enable;
|
||||
defaultText = literalExpression "config.programs.xwayland.enable";
|
||||
defaultText = lib.literalExpression "config.programs.xwayland.enable";
|
||||
description = ''
|
||||
Whether to decompress fonts in
|
||||
{file}`/run/current-system/sw/share/X11/fonts`.
|
||||
@ -49,7 +46,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ x11Fonts ];
|
||||
environment.pathsToLink = [ "/share/X11/fonts" ];
|
||||
@ -61,7 +58,7 @@ in
|
||||
};
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "fonts" "enableFontDir" ] [ "fonts" "fontDir" "enable" ])
|
||||
(lib.mkRenamedOptionModule [ "fonts" "enableFontDir" ] [ "fonts" "fontDir" "enable" ])
|
||||
];
|
||||
|
||||
}
|
||||
|
@ -1,11 +1,8 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
options = {
|
||||
fonts.enableGhostscriptFonts = mkOption {
|
||||
type = types.bool;
|
||||
fonts.enableGhostscriptFonts = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to add the fonts provided by Ghostscript (such as
|
||||
@ -17,7 +14,7 @@ with lib;
|
||||
|
||||
};
|
||||
|
||||
config = mkIf config.fonts.enableGhostscriptFonts {
|
||||
config = lib.mkIf config.fonts.enableGhostscriptFonts {
|
||||
fonts.packages = [ pkgs.ghostscript.fonts ];
|
||||
};
|
||||
}
|
||||
|
@ -1,19 +1,17 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
options = {
|
||||
gtk.iconCache.enable = mkOption {
|
||||
type = types.bool;
|
||||
gtk.iconCache.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = config.services.xserver.enable;
|
||||
defaultText = literalExpression "config.services.xserver.enable";
|
||||
defaultText = lib.literalExpression "config.services.xserver.enable";
|
||||
description = ''
|
||||
Whether to build icon theme caches for GTK applications.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.gtk.iconCache.enable {
|
||||
config = lib.mkIf config.gtk.iconCache.enable {
|
||||
|
||||
# (Re)build icon theme caches
|
||||
# ---------------------------
|
||||
|
@ -1,15 +1,12 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.networking.iproute2;
|
||||
in
|
||||
{
|
||||
options.networking.iproute2 = {
|
||||
enable = mkEnableOption "copying IP route configuration files";
|
||||
rttablesExtraConfig = mkOption {
|
||||
type = types.lines;
|
||||
enable = lib.mkEnableOption "copying IP route configuration files";
|
||||
rttablesExtraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Verbatim lines to add to /etc/iproute2/rt_tables
|
||||
@ -17,7 +14,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.etc."iproute2/rt_tables.d/nixos.conf" = {
|
||||
mode = "0644";
|
||||
text = cfg.rttablesExtraConfig;
|
||||
|
@ -1,12 +1,9 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
tzdir = "${pkgs.tzdata}/share/zoneinfo";
|
||||
nospace = str: filter (c: c == " ") (stringToCharacters str) == [];
|
||||
timezone = types.nullOr (types.addCheck types.str nospace)
|
||||
nospace = str: lib.filter (c: c == " ") (lib.stringToCharacters str) == [];
|
||||
timezone = lib.types.nullOr (lib.types.addCheck lib.types.str nospace)
|
||||
// { description = "null or string without spaces"; };
|
||||
|
||||
lcfg = config.location;
|
||||
@ -18,7 +15,7 @@ in
|
||||
|
||||
time = {
|
||||
|
||||
timeZone = mkOption {
|
||||
timeZone = lib.mkOption {
|
||||
default = null;
|
||||
type = timezone;
|
||||
example = "America/New_York";
|
||||
@ -31,9 +28,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
hardwareClockInLocalTime = mkOption {
|
||||
hardwareClockInLocalTime = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = "If set, keep the hardware clock in local time instead of UTC.";
|
||||
};
|
||||
|
||||
@ -41,8 +38,8 @@ in
|
||||
|
||||
location = {
|
||||
|
||||
latitude = mkOption {
|
||||
type = types.float;
|
||||
latitude = lib.mkOption {
|
||||
type = lib.types.float;
|
||||
description = ''
|
||||
Your current latitude, between
|
||||
`-90.0` and `90.0`. Must be provided
|
||||
@ -50,8 +47,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
longitude = mkOption {
|
||||
type = types.float;
|
||||
longitude = lib.mkOption {
|
||||
type = lib.types.float;
|
||||
description = ''
|
||||
Your current longitude, between
|
||||
between `-180.0` and `180.0`. Must be
|
||||
@ -59,8 +56,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
provider = mkOption {
|
||||
type = types.enum [ "manual" "geoclue2" ];
|
||||
provider = lib.mkOption {
|
||||
type = lib.types.enum [ "manual" "geoclue2" ];
|
||||
default = "manual";
|
||||
description = ''
|
||||
The location provider to use for determining your location. If set to
|
||||
@ -75,7 +72,7 @@ in
|
||||
|
||||
environment.sessionVariables.TZDIR = "/etc/zoneinfo";
|
||||
|
||||
services.geoclue2.enable = mkIf (lcfg.provider == "geoclue2") true;
|
||||
services.geoclue2.enable = lib.mkIf (lcfg.provider == "geoclue2") true;
|
||||
|
||||
# This way services are restarted when tzdata changes.
|
||||
systemd.globalEnvironment.TZDIR = tzdir;
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.environment.memoryAllocator;
|
||||
|
||||
@ -85,12 +83,12 @@ in
|
||||
|
||||
{
|
||||
meta = {
|
||||
maintainers = [ maintainers.joachifm ];
|
||||
maintainers = [ lib.maintainers.joachifm ];
|
||||
};
|
||||
|
||||
options = {
|
||||
environment.memoryAllocator.provider = mkOption {
|
||||
type = types.enum ([ "libc" ] ++ attrNames providers);
|
||||
environment.memoryAllocator.provider = lib.mkOption {
|
||||
type = lib.types.enum ([ "libc" ] ++ lib.attrNames providers);
|
||||
default = "libc";
|
||||
description = ''
|
||||
The system-wide memory allocator.
|
||||
@ -98,8 +96,8 @@ in
|
||||
Briefly, the system-wide memory allocator providers are:
|
||||
|
||||
- `libc`: the standard allocator provided by libc
|
||||
${concatStringsSep "\n" (mapAttrsToList
|
||||
(name: value: "- `${name}`: ${replaceStrings [ "\n" ] [ " " ] value.description}")
|
||||
${lib.concatStringsSep "\n" (lib.mapAttrsToList
|
||||
(name: value: "- `${name}`: ${lib.replaceStrings [ "\n" ] [ " " ] value.description}")
|
||||
providers)}
|
||||
|
||||
::: {.warning}
|
||||
@ -111,7 +109,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.provider != "libc") {
|
||||
config = lib.mkIf (cfg.provider != "libc") {
|
||||
environment.etc."ld-nix.so.preload".text = ''
|
||||
${providerLibPath}
|
||||
'';
|
||||
|
@ -1,47 +1,44 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.users.mysql;
|
||||
in
|
||||
{
|
||||
meta.maintainers = [ maintainers.netali ];
|
||||
meta.maintainers = [ lib.maintainers.netali ];
|
||||
|
||||
options = {
|
||||
users.mysql = {
|
||||
enable = mkEnableOption "authentication against a MySQL/MariaDB database";
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
enable = lib.mkEnableOption "authentication against a MySQL/MariaDB database";
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "localhost";
|
||||
description = "The hostname of the MySQL/MariaDB server";
|
||||
};
|
||||
database = mkOption {
|
||||
type = types.str;
|
||||
database = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "auth";
|
||||
description = "The name of the database containing the users";
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "nss-user";
|
||||
description = "The username to use when connecting to the database";
|
||||
};
|
||||
passwordFile = mkOption {
|
||||
type = types.path;
|
||||
passwordFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
example = "/run/secrets/mysql-auth-db-passwd";
|
||||
description = "The path to the file containing the password for the user";
|
||||
};
|
||||
pam = mkOption {
|
||||
pam = lib.mkOption {
|
||||
description = "Settings for `pam_mysql`";
|
||||
type = types.submodule {
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
table = mkOption {
|
||||
type = types.str;
|
||||
table = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "users";
|
||||
description = "The name of table that maps unique login names to the passwords.";
|
||||
};
|
||||
updateTable = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
updateTable = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "users_updates";
|
||||
description = ''
|
||||
@ -49,18 +46,18 @@ in
|
||||
of the `table` option will be used instead.
|
||||
'';
|
||||
};
|
||||
userColumn = mkOption {
|
||||
type = types.str;
|
||||
userColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "username";
|
||||
description = "The name of the column that contains a unix login name.";
|
||||
};
|
||||
passwordColumn = mkOption {
|
||||
type = types.str;
|
||||
passwordColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "password";
|
||||
description = "The name of the column that contains a (encrypted) password string.";
|
||||
};
|
||||
statusColumn = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
statusColumn = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "status";
|
||||
description = ''
|
||||
@ -79,9 +76,9 @@ in
|
||||
This ends up requiring that the user enter a new password.
|
||||
'';
|
||||
};
|
||||
passwordCrypt = mkOption {
|
||||
passwordCrypt = lib.mkOption {
|
||||
example = "2";
|
||||
type = types.enum [
|
||||
type = lib.types.enum [
|
||||
"0" "plain"
|
||||
"1" "Y"
|
||||
"2" "mysql"
|
||||
@ -121,28 +118,28 @@ in
|
||||
Use sha256 hashed passwords.
|
||||
'';
|
||||
};
|
||||
cryptDefault = mkOption {
|
||||
type = types.nullOr (types.enum [ "md5" "sha256" "sha512" "blowfish" ]);
|
||||
cryptDefault = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "md5" "sha256" "sha512" "blowfish" ]);
|
||||
default = null;
|
||||
example = "blowfish";
|
||||
description = "The default encryption method to use for `passwordCrypt = 1`.";
|
||||
};
|
||||
where = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
where = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "host.name='web' AND user.active=1";
|
||||
description = "Additional criteria for the query.";
|
||||
};
|
||||
verbose = mkOption {
|
||||
type = types.bool;
|
||||
verbose = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, produces logs with detailed messages that describes what
|
||||
`pam_mysql` is doing. May be useful for debugging.
|
||||
'';
|
||||
};
|
||||
disconnectEveryOperation = mkOption {
|
||||
type = types.bool;
|
||||
disconnectEveryOperation = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
By default, `pam_mysql` keeps the connection to the MySQL
|
||||
@ -152,34 +149,34 @@ in
|
||||
'';
|
||||
};
|
||||
logging = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Enables logging of authentication attempts in the MySQL database.";
|
||||
};
|
||||
table = mkOption {
|
||||
type = types.str;
|
||||
table = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "logs";
|
||||
description = "The name of the table to which logs are written.";
|
||||
};
|
||||
msgColumn = mkOption {
|
||||
type = types.str;
|
||||
msgColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "msg";
|
||||
description = ''
|
||||
The name of the column in the log table to which the description
|
||||
of the performed operation is stored.
|
||||
'';
|
||||
};
|
||||
userColumn = mkOption {
|
||||
type = types.str;
|
||||
userColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "user";
|
||||
description = ''
|
||||
The name of the column in the log table to which the name of the
|
||||
user being authenticated is stored.
|
||||
'';
|
||||
};
|
||||
pidColumn = mkOption {
|
||||
type = types.str;
|
||||
pidColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "pid";
|
||||
description = ''
|
||||
The name of the column in the log table to which the pid of the
|
||||
@ -187,16 +184,16 @@ in
|
||||
service is stored.
|
||||
'';
|
||||
};
|
||||
hostColumn = mkOption {
|
||||
type = types.str;
|
||||
hostColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "host";
|
||||
description = ''
|
||||
The name of the column in the log table to which the name of the user
|
||||
being authenticated is stored.
|
||||
'';
|
||||
};
|
||||
rHostColumn = mkOption {
|
||||
type = types.str;
|
||||
rHostColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "rhost";
|
||||
description = ''
|
||||
The name of the column in the log table to which the name of the remote
|
||||
@ -204,8 +201,8 @@ in
|
||||
set by the PAM-aware application with `pam_set_item(PAM_RHOST)`.
|
||||
'';
|
||||
};
|
||||
timeColumn = mkOption {
|
||||
type = types.str;
|
||||
timeColumn = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "timestamp";
|
||||
description = ''
|
||||
The name of the column in the log table to which the timestamp of the
|
||||
@ -216,19 +213,19 @@ in
|
||||
};
|
||||
};
|
||||
};
|
||||
nss = mkOption {
|
||||
nss = lib.mkOption {
|
||||
description = ''
|
||||
Settings for `libnss-mysql`.
|
||||
|
||||
All examples are from the [minimal example](https://github.com/saknopper/libnss-mysql/tree/master/sample/minimal)
|
||||
of `libnss-mysql`, but they are modified with NixOS paths for bash.
|
||||
'';
|
||||
type = types.submodule {
|
||||
type = lib.types.submodule {
|
||||
options = {
|
||||
getpwnam = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getpwnam = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \
|
||||
FROM users \
|
||||
WHERE username='%1$s' \
|
||||
@ -239,10 +236,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getpwuid = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getpwuid = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' \
|
||||
FROM users \
|
||||
WHERE uid='%1$u' \
|
||||
@ -253,10 +250,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getspnam = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getspnam = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username,password,'1','0','99999','0','0','-1','0' \
|
||||
FROM users \
|
||||
WHERE username='%1$s' \
|
||||
@ -267,10 +264,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getpwent = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getpwent = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username,'x',uid,'5000','MySQL User', CONCAT('/home/',username),'/run/sw/current-system/bin/bash' FROM users
|
||||
'';
|
||||
description = ''
|
||||
@ -278,10 +275,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getspent = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getspent = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username,password,'1','0','99999','0','0','-1','0' FROM users
|
||||
'';
|
||||
description = ''
|
||||
@ -289,10 +286,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getgrnam = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getgrnam = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT name,password,gid FROM groups WHERE name='%1$s' LIMIT 1
|
||||
'';
|
||||
description = ''
|
||||
@ -300,10 +297,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getgrgid = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getgrgid = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT name,password,gid FROM groups WHERE gid='%1$u' LIMIT 1
|
||||
'';
|
||||
description = ''
|
||||
@ -311,10 +308,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
getgrent = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
getgrent = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT name,password,gid FROM groups
|
||||
'';
|
||||
description = ''
|
||||
@ -322,10 +319,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
memsbygid = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
memsbygid = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT username FROM grouplist WHERE gid='%1$u'
|
||||
'';
|
||||
description = ''
|
||||
@ -333,10 +330,10 @@ in
|
||||
syscall.
|
||||
'';
|
||||
};
|
||||
gidsbymem = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
gidsbymem = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
SELECT gid FROM grouplist WHERE username='%1$s'
|
||||
'';
|
||||
description = ''
|
||||
@ -350,7 +347,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
system.nssModules = [ pkgs.libnss-mysql ];
|
||||
system.nssDatabases.shadow = [ "mysql" ];
|
||||
system.nssDatabases.group = [ "mysql" ];
|
||||
@ -371,15 +368,15 @@ in
|
||||
users.password_crypt=${cfg.pam.passwordCrypt}
|
||||
users.disconnect_every_operation=${if cfg.pam.disconnectEveryOperation then "1" else "0"}
|
||||
verbose=${if cfg.pam.verbose then "1" else "0"}
|
||||
'' + optionalString (cfg.pam.cryptDefault != null) ''
|
||||
'' + lib.optionalString (cfg.pam.cryptDefault != null) ''
|
||||
users.use_${cfg.pam.cryptDefault}=1
|
||||
'' + optionalString (cfg.pam.where != null) ''
|
||||
'' + lib.optionalString (cfg.pam.where != null) ''
|
||||
users.where_clause=${cfg.pam.where}
|
||||
'' + optionalString (cfg.pam.statusColumn != null) ''
|
||||
'' + lib.optionalString (cfg.pam.statusColumn != null) ''
|
||||
users.status_column=${cfg.pam.statusColumn}
|
||||
'' + optionalString (cfg.pam.updateTable != null) ''
|
||||
'' + lib.optionalString (cfg.pam.updateTable != null) ''
|
||||
users.update_table=${cfg.pam.updateTable}
|
||||
'' + optionalString cfg.pam.logging.enable ''
|
||||
'' + lib.optionalString cfg.pam.logging.enable ''
|
||||
log.enabled=true
|
||||
log.table=${cfg.pam.logging.table}
|
||||
log.message_column=${cfg.pam.logging.msgColumn}
|
||||
@ -395,25 +392,25 @@ in
|
||||
mode = "0600";
|
||||
user = config.services.nscd.user;
|
||||
group = config.services.nscd.group;
|
||||
text = optionalString (cfg.nss.getpwnam != null) ''
|
||||
text = lib.optionalString (cfg.nss.getpwnam != null) ''
|
||||
getpwnam ${cfg.nss.getpwnam}
|
||||
'' + optionalString (cfg.nss.getpwuid != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getpwuid != null) ''
|
||||
getpwuid ${cfg.nss.getpwuid}
|
||||
'' + optionalString (cfg.nss.getspnam != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getspnam != null) ''
|
||||
getspnam ${cfg.nss.getspnam}
|
||||
'' + optionalString (cfg.nss.getpwent != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getpwent != null) ''
|
||||
getpwent ${cfg.nss.getpwent}
|
||||
'' + optionalString (cfg.nss.getspent != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getspent != null) ''
|
||||
getspent ${cfg.nss.getspent}
|
||||
'' + optionalString (cfg.nss.getgrnam != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getgrnam != null) ''
|
||||
getgrnam ${cfg.nss.getgrnam}
|
||||
'' + optionalString (cfg.nss.getgrgid != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getgrgid != null) ''
|
||||
getgrgid ${cfg.nss.getgrgid}
|
||||
'' + optionalString (cfg.nss.getgrent != null) ''
|
||||
'' + lib.optionalString (cfg.nss.getgrent != null) ''
|
||||
getgrent ${cfg.nss.getgrent}
|
||||
'' + optionalString (cfg.nss.memsbygid != null) ''
|
||||
'' + lib.optionalString (cfg.nss.memsbygid != null) ''
|
||||
memsbygid ${cfg.nss.memsbygid}
|
||||
'' + optionalString (cfg.nss.gidsbymem != null) ''
|
||||
'' + lib.optionalString (cfg.nss.gidsbymem != null) ''
|
||||
gidsbymem ${cfg.nss.gidsbymem}
|
||||
'' + ''
|
||||
host ${cfg.host}
|
||||
|
@ -1,28 +1,24 @@
|
||||
# /etc files related to networking, such as /etc/services.
|
||||
|
||||
{ config, lib, options, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.networking;
|
||||
opt = options.networking;
|
||||
|
||||
localhostMultiple = any (elem "localhost") (attrValues (removeAttrs cfg.hosts [ "127.0.0.1" "::1" ]));
|
||||
localhostMultiple = lib.any (lib.elem "localhost") (lib.attrValues (removeAttrs cfg.hosts [ "127.0.0.1" "::1" ]));
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "networking" "hostConf" ] "Use environment.etc.\"host.conf\" instead.")
|
||||
(lib.mkRemovedOptionModule [ "networking" "hostConf" ] "Use environment.etc.\"host.conf\" instead.")
|
||||
];
|
||||
|
||||
options = {
|
||||
|
||||
networking.hosts = lib.mkOption {
|
||||
type = types.attrsOf (types.listOf types.str);
|
||||
example = literalExpression ''
|
||||
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
"127.0.0.1" = [ "foo.bar.baz" ];
|
||||
"192.168.0.2" = [ "fileserver.local" "nameserver.local" ];
|
||||
@ -34,16 +30,16 @@ in
|
||||
};
|
||||
|
||||
networking.hostFiles = lib.mkOption {
|
||||
type = types.listOf types.path;
|
||||
defaultText = literalMD "Hosts from {option}`networking.hosts` and {option}`networking.extraHosts`";
|
||||
example = literalExpression ''[ "''${pkgs.my-blocklist-package}/share/my-blocklist/hosts" ]'';
|
||||
type = lib.types.listOf lib.types.path;
|
||||
defaultText = lib.literalMD "Hosts from {option}`networking.hosts` and {option}`networking.extraHosts`";
|
||||
example = lib.literalExpression ''[ "''${pkgs.my-blocklist-package}/share/my-blocklist/hosts" ]'';
|
||||
description = ''
|
||||
Files that should be concatenated together to form {file}`/etc/hosts`.
|
||||
'';
|
||||
};
|
||||
|
||||
networking.extraHosts = lib.mkOption {
|
||||
type = types.lines;
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
example = "192.168.0.1 lanlocalhost";
|
||||
description = ''
|
||||
@ -52,14 +48,14 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
networking.timeServers = mkOption {
|
||||
networking.timeServers = lib.mkOption {
|
||||
default = [
|
||||
"0.nixos.pool.ntp.org"
|
||||
"1.nixos.pool.ntp.org"
|
||||
"2.nixos.pool.ntp.org"
|
||||
"3.nixos.pool.ntp.org"
|
||||
];
|
||||
type = types.listOf types.str;
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
The set of NTP servers from which to synchronise.
|
||||
'';
|
||||
@ -68,7 +64,7 @@ in
|
||||
networking.proxy = {
|
||||
|
||||
default = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
This option specifies the default value for httpProxy, httpsProxy, ftpProxy and rsyncProxy.
|
||||
@ -77,9 +73,9 @@ in
|
||||
};
|
||||
|
||||
httpProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = cfg.proxy.default;
|
||||
defaultText = literalExpression "config.${opt.proxy.default}";
|
||||
defaultText = lib.literalExpression "config.${opt.proxy.default}";
|
||||
description = ''
|
||||
This option specifies the http_proxy environment variable.
|
||||
'';
|
||||
@ -87,9 +83,9 @@ in
|
||||
};
|
||||
|
||||
httpsProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = cfg.proxy.default;
|
||||
defaultText = literalExpression "config.${opt.proxy.default}";
|
||||
defaultText = lib.literalExpression "config.${opt.proxy.default}";
|
||||
description = ''
|
||||
This option specifies the https_proxy environment variable.
|
||||
'';
|
||||
@ -97,9 +93,9 @@ in
|
||||
};
|
||||
|
||||
ftpProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = cfg.proxy.default;
|
||||
defaultText = literalExpression "config.${opt.proxy.default}";
|
||||
defaultText = lib.literalExpression "config.${opt.proxy.default}";
|
||||
description = ''
|
||||
This option specifies the ftp_proxy environment variable.
|
||||
'';
|
||||
@ -107,9 +103,9 @@ in
|
||||
};
|
||||
|
||||
rsyncProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = cfg.proxy.default;
|
||||
defaultText = literalExpression "config.${opt.proxy.default}";
|
||||
defaultText = lib.literalExpression "config.${opt.proxy.default}";
|
||||
description = ''
|
||||
This option specifies the rsync_proxy environment variable.
|
||||
'';
|
||||
@ -117,9 +113,9 @@ in
|
||||
};
|
||||
|
||||
allProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = cfg.proxy.default;
|
||||
defaultText = literalExpression "config.${opt.proxy.default}";
|
||||
defaultText = lib.literalExpression "config.${opt.proxy.default}";
|
||||
description = ''
|
||||
This option specifies the all_proxy environment variable.
|
||||
'';
|
||||
@ -127,7 +123,7 @@ in
|
||||
};
|
||||
|
||||
noProxy = lib.mkOption {
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
This option specifies the no_proxy environment variable.
|
||||
@ -138,7 +134,7 @@ in
|
||||
};
|
||||
|
||||
envVars = lib.mkOption {
|
||||
type = types.attrs;
|
||||
type = lib.types.attrs;
|
||||
internal = true;
|
||||
default = {};
|
||||
description = ''
|
||||
@ -163,11 +159,11 @@ in
|
||||
# hostname and FQDN correctly:
|
||||
networking.hosts = let
|
||||
hostnames = # Note: The FQDN (canonical hostname) has to come first:
|
||||
optional (cfg.hostName != "" && cfg.domain != null) "${cfg.hostName}.${cfg.domain}"
|
||||
++ optional (cfg.hostName != "") cfg.hostName; # Then the hostname (without the domain)
|
||||
lib.optional (cfg.hostName != "" && cfg.domain != null) "${cfg.hostName}.${cfg.domain}"
|
||||
++ lib.optional (cfg.hostName != "") cfg.hostName; # Then the hostname (without the domain)
|
||||
in {
|
||||
"127.0.0.2" = hostnames;
|
||||
} // optionalAttrs cfg.enableIPv6 {
|
||||
} // lib.optionalAttrs cfg.enableIPv6 {
|
||||
"::1" = hostnames;
|
||||
};
|
||||
|
||||
@ -178,15 +174,15 @@ in
|
||||
# FQDN so that e.g. "hostname -f" works correctly.
|
||||
localhostHosts = pkgs.writeText "localhost-hosts" ''
|
||||
127.0.0.1 localhost
|
||||
${optionalString cfg.enableIPv6 "::1 localhost"}
|
||||
${lib.optionalString cfg.enableIPv6 "::1 localhost"}
|
||||
'';
|
||||
stringHosts =
|
||||
let
|
||||
oneToString = set: ip: ip + " " + concatStringsSep " " set.${ip} + "\n";
|
||||
allToString = set: concatMapStrings (oneToString set) (attrNames set);
|
||||
in pkgs.writeText "string-hosts" (allToString (filterAttrs (_: v: v != []) cfg.hosts));
|
||||
oneToString = set: ip: ip + " " + lib.concatStringsSep " " set.${ip} + "\n";
|
||||
allToString = set: lib.concatMapStrings (oneToString set) (lib.attrNames set);
|
||||
in pkgs.writeText "string-hosts" (allToString (lib.filterAttrs (_: v: v != []) cfg.hosts));
|
||||
extraHosts = pkgs.writeText "extra-hosts" cfg.extraHosts;
|
||||
in mkBefore [ localhostHosts stringHosts extraHosts ];
|
||||
in lib.mkBefore [ localhostHosts stringHosts extraHosts ];
|
||||
|
||||
environment.etc =
|
||||
{ # /etc/services: TCP/UDP port assignments.
|
||||
@ -199,33 +195,33 @@ in
|
||||
hosts.source = pkgs.concatText "hosts" cfg.hostFiles;
|
||||
|
||||
# /etc/netgroup: Network-wide groups.
|
||||
netgroup.text = mkDefault "";
|
||||
netgroup.text = lib.mkDefault "";
|
||||
|
||||
# /etc/host.conf: resolver configuration file
|
||||
"host.conf".text = ''
|
||||
multi on
|
||||
'';
|
||||
|
||||
} // optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") {
|
||||
} // lib.optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") {
|
||||
# /etc/rpc: RPC program numbers.
|
||||
rpc.source = pkgs.stdenv.cc.libc.out + "/etc/rpc";
|
||||
};
|
||||
|
||||
networking.proxy.envVars =
|
||||
optionalAttrs (cfg.proxy.default != null) {
|
||||
lib.optionalAttrs (cfg.proxy.default != null) {
|
||||
# other options already fallback to proxy.default
|
||||
no_proxy = "127.0.0.1,localhost";
|
||||
} // optionalAttrs (cfg.proxy.httpProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.httpProxy != null) {
|
||||
http_proxy = cfg.proxy.httpProxy;
|
||||
} // optionalAttrs (cfg.proxy.httpsProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.httpsProxy != null) {
|
||||
https_proxy = cfg.proxy.httpsProxy;
|
||||
} // optionalAttrs (cfg.proxy.rsyncProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.rsyncProxy != null) {
|
||||
rsync_proxy = cfg.proxy.rsyncProxy;
|
||||
} // optionalAttrs (cfg.proxy.ftpProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.ftpProxy != null) {
|
||||
ftp_proxy = cfg.proxy.ftpProxy;
|
||||
} // optionalAttrs (cfg.proxy.allProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.allProxy != null) {
|
||||
all_proxy = cfg.proxy.allProxy;
|
||||
} // optionalAttrs (cfg.proxy.noProxy != null) {
|
||||
} // lib.optionalAttrs (cfg.proxy.noProxy != null) {
|
||||
no_proxy = cfg.proxy.noProxy;
|
||||
};
|
||||
|
||||
|
@ -1,14 +1,10 @@
|
||||
# This module gets rid of all dependencies on X11 client libraries
|
||||
# (including fontconfig).
|
||||
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
options = {
|
||||
environment.noXlibs = mkOption {
|
||||
type = types.bool;
|
||||
environment.noXlibs = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Switch off the options in the default configuration that
|
||||
@ -20,13 +16,13 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.environment.noXlibs {
|
||||
config = lib.mkIf config.environment.noXlibs {
|
||||
programs.ssh.setXAuthLocation = false;
|
||||
security.pam.services.su.forwardXAuth = lib.mkForce false;
|
||||
|
||||
fonts.fontconfig.enable = false;
|
||||
|
||||
nixpkgs.overlays = singleton (const (super: {
|
||||
nixpkgs.overlays = lib.singleton (lib.const (super: {
|
||||
beam = super.beam_nox;
|
||||
cairo = super.cairo.override { x11Support = false; };
|
||||
dbus = super.dbus.override { x11Support = false; };
|
||||
@ -81,7 +77,7 @@ with lib;
|
||||
];
|
||||
qemu = super.qemu.override { gtkSupport = false; spiceSupport = false; sdlSupport = false; };
|
||||
qrencode = super.qrencode.overrideAttrs (_: { doCheck = false; });
|
||||
qt5 = super.qt5.overrideScope (const (super': {
|
||||
qt5 = super.qt5.overrideScope (lib.const (super': {
|
||||
qtbase = super'.qtbase.override { withGtk3 = false; withQttranslation = false; };
|
||||
}));
|
||||
stoken = super.stoken.override { withGTK3 = false; };
|
||||
|
@ -1,16 +1,12 @@
|
||||
# Configuration for the Name Service Switch (/etc/nsswitch.conf).
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
options = {
|
||||
|
||||
# NSS modules. Hacky!
|
||||
# Only works with nscd!
|
||||
system.nssModules = mkOption {
|
||||
type = types.listOf types.path;
|
||||
system.nssModules = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.path;
|
||||
internal = true;
|
||||
default = [ ];
|
||||
description = ''
|
||||
@ -21,13 +17,13 @@ with lib;
|
||||
apply = list:
|
||||
{
|
||||
inherit list;
|
||||
path = makeLibraryPath list;
|
||||
path = lib.makeLibraryPath list;
|
||||
};
|
||||
};
|
||||
|
||||
system.nssDatabases = {
|
||||
passwd = mkOption {
|
||||
type = types.listOf types.str;
|
||||
passwd = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of passwd entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -38,8 +34,8 @@ with lib;
|
||||
default = [ ];
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.listOf types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of group entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -50,8 +46,8 @@ with lib;
|
||||
default = [ ];
|
||||
};
|
||||
|
||||
shadow = mkOption {
|
||||
type = types.listOf types.str;
|
||||
shadow = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of shadow entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -62,8 +58,8 @@ with lib;
|
||||
default = [ ];
|
||||
};
|
||||
|
||||
sudoers = mkOption {
|
||||
type = types.listOf types.str;
|
||||
sudoers = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of sudoers entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -74,8 +70,8 @@ with lib;
|
||||
default = [ ];
|
||||
};
|
||||
|
||||
hosts = mkOption {
|
||||
type = types.listOf types.str;
|
||||
hosts = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of hosts entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -86,8 +82,8 @@ with lib;
|
||||
default = [ ];
|
||||
};
|
||||
|
||||
services = mkOption {
|
||||
type = types.listOf types.str;
|
||||
services = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of services entries to configure in {file}`/etc/nsswitch.conf`.
|
||||
|
||||
@ -101,7 +97,7 @@ with lib;
|
||||
};
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "system" "nssHosts" ] [ "system" "nssDatabases" "hosts" ])
|
||||
(lib.mkRenamedOptionModule [ "system" "nssHosts" ] [ "system" "nssDatabases" "hosts" ])
|
||||
];
|
||||
|
||||
config = {
|
||||
@ -121,30 +117,30 @@ with lib;
|
||||
# Name Service Switch configuration file. Required by the C
|
||||
# library.
|
||||
environment.etc."nsswitch.conf".text = ''
|
||||
passwd: ${concatStringsSep " " config.system.nssDatabases.passwd}
|
||||
group: ${concatStringsSep " " config.system.nssDatabases.group}
|
||||
shadow: ${concatStringsSep " " config.system.nssDatabases.shadow}
|
||||
sudoers: ${concatStringsSep " " config.system.nssDatabases.sudoers}
|
||||
passwd: ${lib.concatStringsSep " " config.system.nssDatabases.passwd}
|
||||
group: ${lib.concatStringsSep " " config.system.nssDatabases.group}
|
||||
shadow: ${lib.concatStringsSep " " config.system.nssDatabases.shadow}
|
||||
sudoers: ${lib.concatStringsSep " " config.system.nssDatabases.sudoers}
|
||||
|
||||
hosts: ${concatStringsSep " " config.system.nssDatabases.hosts}
|
||||
hosts: ${lib.concatStringsSep " " config.system.nssDatabases.hosts}
|
||||
networks: files
|
||||
|
||||
ethers: files
|
||||
services: ${concatStringsSep " " config.system.nssDatabases.services}
|
||||
services: ${lib.concatStringsSep " " config.system.nssDatabases.services}
|
||||
protocols: files
|
||||
rpc: files
|
||||
'';
|
||||
|
||||
system.nssDatabases = {
|
||||
passwd = mkBefore [ "files" ];
|
||||
group = mkBefore [ "files" ];
|
||||
shadow = mkBefore [ "files" ];
|
||||
sudoers = mkBefore [ "files" ];
|
||||
hosts = mkMerge [
|
||||
(mkOrder 998 [ "files" ])
|
||||
(mkOrder 1499 [ "dns" ])
|
||||
passwd = lib.mkBefore [ "files" ];
|
||||
group = lib.mkBefore [ "files" ];
|
||||
shadow = lib.mkBefore [ "files" ];
|
||||
sudoers = lib.mkBefore [ "files" ];
|
||||
hosts = lib.mkMerge [
|
||||
(lib.mkOrder 998 [ "files" ])
|
||||
(lib.mkOrder 1499 [ "dns" ])
|
||||
];
|
||||
services = mkBefore [ "files" ];
|
||||
services = lib.mkBefore [ "files" ];
|
||||
};
|
||||
};
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.powerManagement;
|
||||
@ -16,8 +13,8 @@ in
|
||||
|
||||
powerManagement = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable power management. This includes support
|
||||
@ -25,16 +22,16 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
resumeCommands = mkOption {
|
||||
type = types.lines;
|
||||
resumeCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = "Commands executed after the system resumes from suspend-to-RAM.";
|
||||
};
|
||||
|
||||
powerUpCommands = mkOption {
|
||||
type = types.lines;
|
||||
powerUpCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
|
||||
'';
|
||||
description = ''
|
||||
@ -44,10 +41,10 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
powerDownCommands = mkOption {
|
||||
type = types.lines;
|
||||
powerDownCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
|
||||
'';
|
||||
description = ''
|
||||
@ -64,7 +61,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
systemd.targets.post-resume = {
|
||||
description = "Post-Resume Actions";
|
||||
|
@ -1,17 +1,13 @@
|
||||
# /etc files related to networking, such as /etc/services.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.networking.resolvconf;
|
||||
|
||||
resolvconfOptions = cfg.extraOptions
|
||||
++ optional cfg.dnsSingleRequest "single-request"
|
||||
++ optional cfg.dnsExtensionMechanism "edns0"
|
||||
++ optional cfg.useLocalResolver "trust-ad";
|
||||
++ lib.optional cfg.dnsSingleRequest "single-request"
|
||||
++ lib.optional cfg.dnsExtensionMechanism "edns0"
|
||||
++ lib.optional cfg.useLocalResolver "trust-ad";
|
||||
|
||||
configText =
|
||||
''
|
||||
@ -19,46 +15,46 @@ let
|
||||
# a collision with an apparently unrelated environment
|
||||
# variable with the same name exported by dhcpcd.
|
||||
interface_order='lo lo[0-9]*'
|
||||
'' + optionalString config.services.nscd.enable ''
|
||||
'' + lib.optionalString config.services.nscd.enable ''
|
||||
# Invalidate the nscd cache whenever resolv.conf is
|
||||
# regenerated.
|
||||
libc_restart='/run/current-system/systemd/bin/systemctl try-restart --no-block nscd.service 2> /dev/null'
|
||||
'' + optionalString (length resolvconfOptions > 0) ''
|
||||
'' + lib.optionalString (lib.length resolvconfOptions > 0) ''
|
||||
# Options as described in resolv.conf(5)
|
||||
resolv_conf_options='${concatStringsSep " " resolvconfOptions}'
|
||||
'' + optionalString cfg.useLocalResolver ''
|
||||
resolv_conf_options='${lib.concatStringsSep " " resolvconfOptions}'
|
||||
'' + lib.optionalString cfg.useLocalResolver ''
|
||||
# This hosts runs a full-blown DNS resolver.
|
||||
name_servers='127.0.0.1${optionalString config.networking.enableIPv6 " ::1"}'
|
||||
name_servers='127.0.0.1${lib.optionalString config.networking.enableIPv6 " ::1"}'
|
||||
'' + cfg.extraConfig;
|
||||
|
||||
in
|
||||
|
||||
{
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "networking" "dnsSingleRequest" ] [ "networking" "resolvconf" "dnsSingleRequest" ])
|
||||
(mkRenamedOptionModule [ "networking" "dnsExtensionMechanism" ] [ "networking" "resolvconf" "dnsExtensionMechanism" ])
|
||||
(mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ])
|
||||
(mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ])
|
||||
(mkRemovedOptionModule [ "networking" "resolvconf" "useHostResolvConf" ] "This option was never used for anything anyways")
|
||||
(lib.mkRenamedOptionModule [ "networking" "dnsSingleRequest" ] [ "networking" "resolvconf" "dnsSingleRequest" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "dnsExtensionMechanism" ] [ "networking" "resolvconf" "dnsExtensionMechanism" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ])
|
||||
(lib.mkRemovedOptionModule [ "networking" "resolvconf" "useHostResolvConf" ] "This option was never used for lib.anything lib.anyways")
|
||||
];
|
||||
|
||||
options = {
|
||||
|
||||
networking.resolvconf = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = !(config.environment.etc ? "resolv.conf");
|
||||
defaultText = literalExpression ''!(config.environment.etc ? "resolv.conf")'';
|
||||
defaultText = lib.literalExpression ''!(config.environment.etc ? "resolv.conf")'';
|
||||
description = ''
|
||||
Whether DNS configuration is managed by resolvconf.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.openresolv;
|
||||
defaultText = literalExpression "pkgs.openresolv";
|
||||
defaultText = lib.literalExpression "pkgs.openresolv";
|
||||
description = ''
|
||||
The package that provides the system-wide resolvconf command. Defaults to `openresolv`
|
||||
if this module is enabled. Otherwise, can be used by other modules (for example {option}`services.resolved`) to
|
||||
@ -69,7 +65,7 @@ in
|
||||
};
|
||||
|
||||
dnsSingleRequest = lib.mkOption {
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA)
|
||||
@ -81,8 +77,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
dnsExtensionMechanism = mkOption {
|
||||
type = types.bool;
|
||||
dnsExtensionMechanism = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Enable the `edns0` option in {file}`resolv.conf`. With
|
||||
@ -92,8 +88,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
example = "libc=NO";
|
||||
description = ''
|
||||
@ -101,8 +97,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraOptions = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
example = [ "ndots:1" "rotate" ];
|
||||
description = ''
|
||||
@ -110,8 +106,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
useLocalResolver = mkOption {
|
||||
type = types.bool;
|
||||
useLocalResolver = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Use local DNS server for resolving.
|
||||
@ -122,7 +118,7 @@ in
|
||||
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
config = lib.mkMerge [
|
||||
{
|
||||
environment.etc."resolvconf.conf".text =
|
||||
if !cfg.enable then
|
||||
@ -135,7 +131,7 @@ in
|
||||
else configText;
|
||||
}
|
||||
|
||||
(mkIf cfg.enable {
|
||||
(lib.mkIf cfg.enable {
|
||||
networking.resolvconf.package = pkgs.openresolv;
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
@ -1,9 +1,6 @@
|
||||
# This module defines a system-wide environment that will be
|
||||
# initialised by pam_env (that is, not only in shells).
|
||||
{ config, lib, options, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.environment;
|
||||
@ -14,7 +11,7 @@ in
|
||||
|
||||
options = {
|
||||
|
||||
environment.sessionVariables = mkOption {
|
||||
environment.sessionVariables = lib.mkOption {
|
||||
default = {};
|
||||
description = ''
|
||||
A set of environment variables used in the global environment.
|
||||
@ -35,8 +32,8 @@ in
|
||||
inherit (options.environment.variables) type apply;
|
||||
};
|
||||
|
||||
environment.profileRelativeSessionVariables = mkOption {
|
||||
type = types.attrsOf (types.listOf types.str);
|
||||
environment.profileRelativeSessionVariables = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
|
||||
example = { PATH = [ "/bin" ]; MANPATH = [ "/man" "/share/man" ]; };
|
||||
description = ''
|
||||
Attribute set of environment variable used in the global
|
||||
@ -63,8 +60,8 @@ in
|
||||
config = {
|
||||
environment.etc."pam/environment".text = let
|
||||
suffixedVariables =
|
||||
flip mapAttrs cfg.profileRelativeSessionVariables (envVar: suffixes:
|
||||
flip concatMap cfg.profiles (profile:
|
||||
lib.flip lib.mapAttrs cfg.profileRelativeSessionVariables (envVar: suffixes:
|
||||
lib.flip lib.concatMap cfg.profiles (profile:
|
||||
map (suffix: "${profile}${suffix}") suffixes
|
||||
)
|
||||
);
|
||||
@ -72,15 +69,15 @@ in
|
||||
# We're trying to use the same syntax for PAM variables and env variables.
|
||||
# That means we need to map the env variables that people might use to their
|
||||
# equivalent PAM variable.
|
||||
replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"];
|
||||
replaceEnvVars = lib.replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"];
|
||||
|
||||
pamVariable = n: v:
|
||||
''${n} DEFAULT="${concatStringsSep ":" (map replaceEnvVars (toList v))}"'';
|
||||
''${n} DEFAULT="${lib.concatStringsSep ":" (map replaceEnvVars (lib.toList v))}"'';
|
||||
|
||||
pamVariables =
|
||||
concatStringsSep "\n"
|
||||
(mapAttrsToList pamVariable
|
||||
(zipAttrsWith (n: concatLists)
|
||||
lib.concatStringsSep "\n"
|
||||
(lib.mapAttrsToList pamVariable
|
||||
(lib.zipAttrsWith (n: lib.concatLists)
|
||||
[
|
||||
# Make sure security wrappers are prioritized without polluting
|
||||
# shell environments with an extra entry. Sessions which depend on
|
||||
@ -89,7 +86,7 @@ in
|
||||
# environment from a shell.
|
||||
{ PATH = [ config.security.wrapperDir ]; }
|
||||
|
||||
(mapAttrs (n: toList) cfg.sessionVariables)
|
||||
(lib.mapAttrs (n: lib.toList) cfg.sessionVariables)
|
||||
suffixedVariables
|
||||
]));
|
||||
in ''
|
||||
|
@ -1,13 +1,9 @@
|
||||
# This module defines the packages that appear in
|
||||
# /run/current-system/sw.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
requiredPackages = map (pkg: setPrio ((pkg.meta.priority or 5) + 3) pkg)
|
||||
requiredPackages = map (pkg: lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
|
||||
[ pkgs.acl
|
||||
pkgs.attr
|
||||
pkgs.bashInteractive # bash with ncurses support
|
||||
@ -48,9 +44,9 @@ let
|
||||
];
|
||||
defaultPackages =
|
||||
map
|
||||
(n: let pkg = pkgs.${n}; in setPrio ((pkg.meta.priority or 5) + 3) pkg)
|
||||
(n: let pkg = pkgs.${n};in lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
|
||||
defaultPackageNames;
|
||||
defaultPackagesText = "[ ${concatMapStringsSep " " (n: "pkgs.${n}") defaultPackageNames } ]";
|
||||
defaultPackagesText = "[ ${lib.concatMapStringsSep " " (n: "pkgs.${n}") defaultPackageNames } ]";
|
||||
|
||||
in
|
||||
|
||||
@ -59,10 +55,10 @@ in
|
||||
|
||||
environment = {
|
||||
|
||||
systemPackages = mkOption {
|
||||
type = types.listOf types.package;
|
||||
systemPackages = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [];
|
||||
example = literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
|
||||
example = lib.literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
|
||||
description = ''
|
||||
The set of packages that appear in
|
||||
/run/current-system/sw. These packages are
|
||||
@ -74,10 +70,10 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
defaultPackages = mkOption {
|
||||
type = types.listOf types.package;
|
||||
defaultPackages = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = defaultPackages;
|
||||
defaultText = literalMD ''
|
||||
defaultText = lib.literalMD ''
|
||||
these packages, with their `meta.priority` numerically increased
|
||||
(thus lowering their installation priority):
|
||||
|
||||
@ -97,8 +93,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
pathsToLink = mkOption {
|
||||
type = types.listOf types.str;
|
||||
pathsToLink = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
# Note: We need `/lib' to be among `pathsToLink' for NSS modules
|
||||
# to work.
|
||||
default = [];
|
||||
@ -106,8 +102,8 @@ in
|
||||
description = "List of directories to be symlinked in {file}`/run/current-system/sw`.";
|
||||
};
|
||||
|
||||
extraOutputsToInstall = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraOutputsToInstall = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [ "dev" "info" ];
|
||||
description = ''
|
||||
@ -119,8 +115,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
extraSetup = mkOption {
|
||||
type = types.lines;
|
||||
extraSetup = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = "Shell fragments to be run after the system environment has been created. This should only be used for things that need to modify the internals of the environment, e.g. generating MIME caches. The environment being built can be accessed at $out.";
|
||||
};
|
||||
@ -129,7 +125,7 @@ in
|
||||
|
||||
system = {
|
||||
|
||||
path = mkOption {
|
||||
path = lib.mkOption {
|
||||
internal = true;
|
||||
description = ''
|
||||
The packages you want in the boot environment.
|
||||
|
@ -1,23 +1,20 @@
|
||||
# This module manages the terminfo database
|
||||
# and its integration in the system.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
options = with lib; {
|
||||
environment.enableAllTerminfo = mkOption {
|
||||
environment.enableAllTerminfo = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Whether to install all terminfo outputs
|
||||
'';
|
||||
};
|
||||
|
||||
security.sudo.keepTerminfo = mkOption {
|
||||
security.sudo.keepTerminfo = lib.mkOption {
|
||||
default = true;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Whether to preserve the `TERMINFO` and `TERMINFO_DIRS`
|
||||
environment variables, for `root` and the `wheel` group.
|
||||
@ -28,10 +25,10 @@ with lib;
|
||||
config = {
|
||||
|
||||
# can be generated with:
|
||||
# attrNames (filterAttrs
|
||||
# (_: drv: (builtins.tryEval (isDerivation drv && drv ? terminfo)).value)
|
||||
# lib.attrNames (lib.filterAttrs
|
||||
# (_: drv: (builtins.tryEval (lib.isDerivation drv && drv ? terminfo)).value)
|
||||
# pkgs)
|
||||
environment.systemPackages = mkIf config.environment.enableAllTerminfo (map (x: x.terminfo) (with pkgs.pkgsBuildBuild; [
|
||||
environment.systemPackages = lib.mkIf config.environment.enableAllTerminfo (map (x: x.terminfo) (with pkgs.pkgsBuildBuild; [
|
||||
alacritty
|
||||
contour
|
||||
foot
|
||||
@ -65,7 +62,7 @@ with lib;
|
||||
export TERM=$TERM
|
||||
'';
|
||||
|
||||
security.sudo.extraConfig = mkIf config.security.sudo.keepTerminfo ''
|
||||
security.sudo.extraConfig = lib.mkIf config.security.sudo.keepTerminfo ''
|
||||
|
||||
# Keep terminfo database for root and %wheel.
|
||||
Defaults:root,%wheel env_keep+=TERMINFO_DIRS
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
# unixODBC drivers (this solution is not perfect.. Because the user has to
|
||||
# ask the admin to add a driver.. but it's simple and works
|
||||
|
||||
@ -16,10 +13,10 @@ in {
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
environment.unixODBCDrivers = mkOption {
|
||||
type = types.listOf types.package;
|
||||
environment.unixODBCDrivers = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [];
|
||||
example = literalExpression "with pkgs.unixODBCDrivers; [ sqlite psql ]";
|
||||
example = lib.literalExpression "with pkgs.unixODBCDrivers; [ sqlite psql ]";
|
||||
description = ''
|
||||
Specifies Unix ODBC drivers to be registered in
|
||||
{file}`/etc/odbcinst.ini`. You may also want to
|
||||
@ -31,8 +28,8 @@ in {
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf (config.environment.unixODBCDrivers != []) {
|
||||
environment.etc."odbcinst.ini".text = concatMapStringsSep "\n" iniDescription config.environment.unixODBCDrivers;
|
||||
config = lib.mkIf (config.environment.unixODBCDrivers != []) {
|
||||
environment.etc."odbcinst.ini".text = lib.concatMapStringsSep "\n" iniDescription config.environment.unixODBCDrivers;
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
vteInitSnippet = ''
|
||||
@ -15,14 +12,14 @@ in
|
||||
{
|
||||
|
||||
meta = {
|
||||
maintainers = teams.gnome.members;
|
||||
maintainers = lib.teams.gnome.members;
|
||||
};
|
||||
|
||||
options = {
|
||||
|
||||
programs.bash.vteIntegration = mkOption {
|
||||
programs.bash.vteIntegration = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Whether to enable Bash integration for VTE terminals.
|
||||
This allows it to preserve the current directory of the shell
|
||||
@ -30,9 +27,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
programs.zsh.vteIntegration = mkOption {
|
||||
programs.zsh.vteIntegration = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Whether to enable Zsh integration for VTE terminals.
|
||||
This allows it to preserve the current directory of the shell
|
||||
@ -42,12 +39,12 @@ in
|
||||
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf config.programs.bash.vteIntegration {
|
||||
programs.bash.interactiveShellInit = mkBefore vteInitSnippet;
|
||||
config = lib.mkMerge [
|
||||
(lib.mkIf config.programs.bash.vteIntegration {
|
||||
programs.bash.interactiveShellInit = lib.mkBefore vteInitSnippet;
|
||||
})
|
||||
|
||||
(mkIf config.programs.zsh.vteIntegration {
|
||||
(lib.mkIf config.programs.zsh.vteIntegration {
|
||||
programs.zsh.interactiveShellInit = vteInitSnippet;
|
||||
})
|
||||
];
|
||||
|
@ -1,14 +1,12 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.freedesktop.members;
|
||||
maintainers = lib.teams.freedesktop.members;
|
||||
};
|
||||
|
||||
options = {
|
||||
xdg.autostart.enable = mkOption {
|
||||
type = types.bool;
|
||||
xdg.autostart.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -17,7 +15,7 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.xdg.autostart.enable {
|
||||
config = lib.mkIf config.xdg.autostart.enable {
|
||||
environment.pathsToLink = [
|
||||
"/etc/xdg/autostart"
|
||||
];
|
||||
|
@ -1,14 +1,12 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.freedesktop.members;
|
||||
maintainers = lib.teams.freedesktop.members;
|
||||
};
|
||||
|
||||
options = {
|
||||
xdg.icons.enable = mkOption {
|
||||
type = types.bool;
|
||||
xdg.icons.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -17,7 +15,7 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.xdg.icons.enable {
|
||||
config = lib.mkIf config.xdg.icons.enable {
|
||||
environment.pathsToLink = [
|
||||
"/share/icons"
|
||||
"/share/pixmaps"
|
||||
|
@ -1,14 +1,12 @@
|
||||
{ config, lib, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.freedesktop.members;
|
||||
maintainers = lib.teams.freedesktop.members;
|
||||
};
|
||||
|
||||
options = {
|
||||
xdg.menus.enable = mkOption {
|
||||
type = types.bool;
|
||||
xdg.menus.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -17,7 +15,7 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.xdg.menus.enable {
|
||||
config = lib.mkIf config.xdg.menus.enable {
|
||||
environment.pathsToLink = [
|
||||
"/share/applications"
|
||||
"/share/desktop-directories"
|
||||
|
@ -1,22 +1,19 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.xdg.mime;
|
||||
associationOptions = with types; attrsOf (
|
||||
coercedTo (either (listOf str) str) (x: concatStringsSep ";" (toList x)) str
|
||||
associationOptions = with lib.types; attrsOf (
|
||||
coercedTo (either (listOf str) str) (x: lib.concatStringsSep ";" (lib.toList x)) str
|
||||
);
|
||||
in
|
||||
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.freedesktop.members ++ (with maintainers; [ figsoda ]);
|
||||
maintainers = lib.teams.freedesktop.members ++ (with lib.maintainers; [ figsoda ]);
|
||||
};
|
||||
|
||||
options = {
|
||||
xdg.mime.enable = mkOption {
|
||||
type = types.bool;
|
||||
xdg.mime.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -25,7 +22,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.mime.addedAssociations = mkOption {
|
||||
xdg.mime.addedAssociations = lib.mkOption {
|
||||
type = associationOptions;
|
||||
default = {};
|
||||
example = {
|
||||
@ -39,7 +36,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.mime.defaultApplications = mkOption {
|
||||
xdg.mime.defaultApplications = lib.mkOption {
|
||||
type = associationOptions;
|
||||
default = {};
|
||||
example = {
|
||||
@ -53,7 +50,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
xdg.mime.removedAssociations = mkOption {
|
||||
xdg.mime.removedAssociations = lib.mkOption {
|
||||
type = associationOptions;
|
||||
default = {};
|
||||
example = {
|
||||
@ -68,13 +65,13 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.etc."xdg/mimeapps.list" = mkIf (
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.etc."xdg/mimeapps.list" = lib.mkIf (
|
||||
cfg.addedAssociations != {}
|
||||
|| cfg.defaultApplications != {}
|
||||
|| cfg.removedAssociations != {}
|
||||
) {
|
||||
text = generators.toINI { } {
|
||||
text = lib.generators.toINI { } {
|
||||
"Added Associations" = cfg.addedAssociations;
|
||||
"Default Applications" = cfg.defaultApplications;
|
||||
"Removed Associations" = cfg.removedAssociations;
|
||||
|
@ -1,18 +1,15 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.xdg.portal.lxqt;
|
||||
|
||||
in
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.lxqt.members;
|
||||
maintainers = lib.teams.lxqt.members;
|
||||
};
|
||||
|
||||
options.xdg.portal.lxqt = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
the desktop portal for the LXQt desktop environment.
|
||||
|
||||
This will add the `lxqt.xdg-desktop-portal-lxqt`
|
||||
@ -20,10 +17,10 @@ in
|
||||
{option}`xdg.portal.extraPortals` option
|
||||
'';
|
||||
|
||||
styles = mkOption {
|
||||
type = types.listOf types.package;
|
||||
styles = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [];
|
||||
example = literalExpression ''[
|
||||
example = lib.literalExpression ''[
|
||||
pkgs.libsForQt5.qtstyleplugin-kvantum
|
||||
pkgs.breeze-qt5
|
||||
pkgs.qtcurve
|
||||
@ -36,7 +33,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
xdg.portal = {
|
||||
enable = true;
|
||||
extraPortals = [
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.xdg.portal.wlr;
|
||||
package = pkgs.xdg-desktop-portal-wlr;
|
||||
@ -10,11 +7,11 @@ let
|
||||
in
|
||||
{
|
||||
meta = {
|
||||
maintainers = with maintainers; [ minijackson ];
|
||||
maintainers = with lib.maintainers; [ minijackson ];
|
||||
};
|
||||
|
||||
options.xdg.portal.wlr = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
desktop portal for wlroots-based desktops.
|
||||
|
||||
This will add the `xdg-desktop-portal-wlr` package into
|
||||
@ -22,7 +19,7 @@ in
|
||||
configuration file
|
||||
'';
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
description = ''
|
||||
Configuration for `xdg-desktop-portal-wlr`.
|
||||
|
||||
@ -30,14 +27,14 @@ in
|
||||
values.
|
||||
'';
|
||||
|
||||
type = types.submodule {
|
||||
type = lib.types.submodule {
|
||||
freeformType = settingsFormat.type;
|
||||
};
|
||||
|
||||
default = { };
|
||||
|
||||
# Example taken from the manpage
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
screencast = {
|
||||
output_name = "HDMI-A-1";
|
||||
@ -52,7 +49,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
xdg.portal = {
|
||||
enable = true;
|
||||
extraPortals = [ package ];
|
||||
|
@ -1,14 +1,12 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
{
|
||||
meta = {
|
||||
maintainers = teams.freedesktop.members;
|
||||
maintainers = lib.teams.freedesktop.members;
|
||||
};
|
||||
|
||||
options = {
|
||||
xdg.sounds.enable = mkOption {
|
||||
type = types.bool;
|
||||
xdg.sounds.enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to install files to support the
|
||||
@ -17,7 +15,7 @@ with lib;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.xdg.sounds.enable {
|
||||
config = lib.mkIf config.xdg.sounds.enable {
|
||||
environment.systemPackages = [
|
||||
pkgs.sound-theme-freedesktop
|
||||
];
|
||||
|
@ -1,15 +1,13 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.hardware.acpilight;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
hardware.acpilight = {
|
||||
enable = mkOption {
|
||||
enable = lib.mkOption {
|
||||
default = false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Enable acpilight.
|
||||
This will allow brightness control via xbacklight from users in the video group
|
||||
@ -18,7 +16,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = with pkgs; [ acpilight ];
|
||||
services.udev.packages = with pkgs; [ acpilight ];
|
||||
};
|
||||
|
@ -1,33 +1,30 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware;
|
||||
in {
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "networking" "enableRT73Firmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(mkRenamedOptionModule [ "networking" "enableIntel3945ABGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(mkRenamedOptionModule [ "networking" "enableIntel2100BGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(mkRenamedOptionModule [ "networking" "enableRalinkFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(mkRenamedOptionModule [ "networking" "enableRTL8192cFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "enableRT73Firmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "enableIntel3945ABGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "enableIntel2100BGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "enableRalinkFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
(lib.mkRenamedOptionModule [ "networking" "enableRTL8192cFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
|
||||
];
|
||||
|
||||
###### interface
|
||||
|
||||
options = {
|
||||
|
||||
hardware.enableAllFirmware = mkEnableOption "all firmware regardless of license";
|
||||
hardware.enableAllFirmware = lib.mkEnableOption "all firmware regardless of license";
|
||||
|
||||
hardware.enableRedistributableFirmware = mkEnableOption "firmware with a license allowing redistribution" // {
|
||||
hardware.enableRedistributableFirmware = lib.mkEnableOption "firmware with a license allowing redistribution" // {
|
||||
default = config.hardware.enableAllFirmware;
|
||||
defaultText = lib.literalExpression "config.hardware.enableAllFirmware";
|
||||
};
|
||||
|
||||
hardware.wirelessRegulatoryDatabase = mkEnableOption "loading the wireless regulatory database at boot" // {
|
||||
hardware.wirelessRegulatoryDatabase = lib.mkEnableOption "loading the wireless regulatory database at boot" // {
|
||||
default = cfg.enableRedistributableFirmware || cfg.enableAllFirmware;
|
||||
defaultText = literalMD "Enabled if proprietary firmware is allowed via {option}`enableRedistributableFirmware` or {option}`enableAllFirmware`.";
|
||||
defaultText = lib.literalMD "Enabled if proprietary firmware is allowed via {option}`enableRedistributableFirmware` or {option}`enableAllFirmware`.";
|
||||
};
|
||||
|
||||
};
|
||||
@ -35,8 +32,8 @@ in {
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf (cfg.enableAllFirmware || cfg.enableRedistributableFirmware) {
|
||||
config = lib.mkMerge [
|
||||
(lib.mkIf (cfg.enableAllFirmware || cfg.enableRedistributableFirmware) {
|
||||
hardware.firmware = with pkgs; [
|
||||
linux-firmware
|
||||
intel2200BGFirmware
|
||||
@ -47,9 +44,9 @@ in {
|
||||
alsa-firmware
|
||||
sof-firmware
|
||||
libreelec-dvb-firmware
|
||||
] ++ optional pkgs.stdenv.hostPlatform.isAarch raspberrypiWirelessFirmware;
|
||||
] ++ lib.optional pkgs.stdenv.hostPlatform.isAarch raspberrypiWirelessFirmware;
|
||||
})
|
||||
(mkIf cfg.enableAllFirmware {
|
||||
(lib.mkIf cfg.enableAllFirmware {
|
||||
assertions = [{
|
||||
assertion = !cfg.enableAllFirmware || pkgs.config.allowUnfree;
|
||||
message = ''
|
||||
@ -63,12 +60,12 @@ in {
|
||||
b43Firmware_5_1_138
|
||||
b43Firmware_6_30_163_46
|
||||
xow_dongle-firmware
|
||||
] ++ optionals pkgs.stdenv.hostPlatform.isx86 [
|
||||
] ++ lib.optionals pkgs.stdenv.hostPlatform.isx86 [
|
||||
facetimehd-calibration
|
||||
facetimehd-firmware
|
||||
];
|
||||
})
|
||||
(mkIf cfg.wirelessRegulatoryDatabase {
|
||||
(lib.mkIf cfg.wirelessRegulatoryDatabase {
|
||||
hardware.firmware = [ pkgs.wireless-regdb ];
|
||||
})
|
||||
];
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware.bladeRF;
|
||||
|
||||
@ -9,8 +6,8 @@ in
|
||||
|
||||
{
|
||||
options.hardware.bladeRF = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Enables udev rules for BladeRF devices. By default grants access
|
||||
@ -21,7 +18,7 @@ in
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.udev.packages = [ pkgs.libbladeRF ];
|
||||
users.groups.bladerf = {};
|
||||
};
|
||||
|
@ -1,20 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.hardware.brillo;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
hardware.brillo = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
brillo in userspace.
|
||||
This will allow brightness control from users in the video group
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.udev.packages = [ pkgs.brillo ];
|
||||
environment.systemPackages = [ pkgs.brillo ];
|
||||
};
|
||||
|
@ -1,22 +1,19 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware.ckb-next;
|
||||
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "hardware" "ckb" "enable" ] [ "hardware" "ckb-next" "enable" ])
|
||||
(mkRenamedOptionModule [ "hardware" "ckb" "package" ] [ "hardware" "ckb-next" "package" ])
|
||||
(lib.mkRenamedOptionModule [ "hardware" "ckb" "enable" ] [ "hardware" "ckb-next" "enable" ])
|
||||
(lib.mkRenamedOptionModule [ "hardware" "ckb" "package" ] [ "hardware" "ckb-next" "package" ])
|
||||
];
|
||||
|
||||
options.hardware.ckb-next = {
|
||||
enable = mkEnableOption "the Corsair keyboard/mouse driver";
|
||||
enable = lib.mkEnableOption "the Corsair keyboard/mouse driver";
|
||||
|
||||
gid = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
gid = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
example = 100;
|
||||
description = ''
|
||||
@ -24,17 +21,17 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "ckb-next" { };
|
||||
package = lib.mkPackageOption pkgs "ckb-next" { };
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
systemd.services.ckb-next = {
|
||||
description = "Corsair Keyboards and Mice Daemon";
|
||||
wantedBy = ["multi-user.target"];
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/ckb-next-daemon ${optionalString (cfg.gid != null) "--gid=${builtins.toString cfg.gid}"}";
|
||||
ExecStart = "${cfg.package}/bin/ckb-next-daemon ${lib.optionalString (cfg.gid != null) "--gid=${builtins.toString cfg.gid}"}";
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
@ -1,27 +1,24 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.programs.corectrl;
|
||||
in
|
||||
{
|
||||
options.programs.corectrl = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
CoreCtrl, a tool to overclock amd graphics cards and processors.
|
||||
Add your user to the corectrl group to run corectrl without needing to enter your password
|
||||
'';
|
||||
|
||||
package = mkPackageOption pkgs "corectrl" {
|
||||
package = lib.mkPackageOption pkgs "corectrl" {
|
||||
extraDescription = "Useful for overriding the configuration options used for the package.";
|
||||
};
|
||||
|
||||
gpuOverclock = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
GPU overclocking
|
||||
'';
|
||||
ppfeaturemask = mkOption {
|
||||
type = types.str;
|
||||
ppfeaturemask = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "0xfffd7fff";
|
||||
example = "0xffffffff";
|
||||
description = ''
|
||||
@ -34,7 +31,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable (lib.mkMerge [
|
||||
config = lib.mkIf cfg.enable (lib.mkMerge [
|
||||
{
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
|
@ -1,21 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware.deviceTree;
|
||||
|
||||
overlayType = types.submodule {
|
||||
overlayType = lib.types.submodule {
|
||||
options = {
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
name = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Name of this overlay
|
||||
'';
|
||||
};
|
||||
|
||||
filter = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
filter = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "*rpi*.dtb";
|
||||
description = ''
|
||||
@ -23,18 +20,18 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
dtsFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
dtsFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''
|
||||
Path to .dts overlay file, overlay is applied to
|
||||
each .dtb file matching "compatible" of the overlay.
|
||||
'';
|
||||
default = null;
|
||||
example = literalExpression "./dts/overlays.dts";
|
||||
example = lib.literalExpression "./dts/overlays.dts";
|
||||
};
|
||||
|
||||
dtsText = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
dtsText = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Literal DTS contents, overlay is applied to
|
||||
@ -55,8 +52,8 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
dtboFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
dtboFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Path to .dtbo compiled overlay file.
|
||||
@ -79,9 +76,9 @@ let
|
||||
|
||||
# Fill in `dtboFile` for each overlay if not set already.
|
||||
# Existence of one of these is guarded by assertion below
|
||||
withDTBOs = xs: flip map xs (o: o // { dtboFile =
|
||||
withDTBOs = xs: lib.flip map xs (o: o // { dtboFile =
|
||||
let
|
||||
includePaths = ["${getDev cfg.kernelPackage}/lib/modules/${cfg.kernelPackage.modDirVersion}/source/scripts/dtc/include-prefixes"] ++ cfg.dtboBuildExtraIncludePaths;
|
||||
includePaths = ["${lib.getDev cfg.kernelPackage}/lib/modules/${cfg.kernelPackage.modDirVersion}/source/scripts/dtc/include-prefixes"] ++ cfg.dtboBuildExtraIncludePaths;
|
||||
extraPreprocessorFlags = cfg.dtboBuildExtraPreprocessorFlags;
|
||||
in
|
||||
if o.dtboFile == null then
|
||||
@ -97,67 +94,67 @@ let
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "hardware" "deviceTree" "base" ] "Use hardware.deviceTree.kernelPackage instead")
|
||||
(lib.mkRemovedOptionModule [ "hardware" "deviceTree" "base" ] "Use hardware.deviceTree.kernelPackage instead")
|
||||
];
|
||||
|
||||
options = {
|
||||
hardware.deviceTree = {
|
||||
enable = mkOption {
|
||||
enable = lib.mkOption {
|
||||
default = pkgs.stdenv.hostPlatform.linux-kernel.DTB or false;
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Build device tree files. These are used to describe the
|
||||
non-discoverable hardware of a system.
|
||||
'';
|
||||
};
|
||||
|
||||
kernelPackage = mkOption {
|
||||
kernelPackage = lib.mkOption {
|
||||
default = config.boot.kernelPackages.kernel;
|
||||
defaultText = literalExpression "config.boot.kernelPackages.kernel";
|
||||
example = literalExpression "pkgs.linux_latest";
|
||||
type = types.path;
|
||||
defaultText = lib.literalExpression "config.boot.kernelPackages.kernel";
|
||||
example = lib.literalExpression "pkgs.linux_latest";
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
Kernel package where device tree include directory is from. Also used as default source of dtb package to apply overlays to
|
||||
'';
|
||||
};
|
||||
|
||||
dtboBuildExtraPreprocessorFlags = mkOption {
|
||||
dtboBuildExtraPreprocessorFlags = lib.mkOption {
|
||||
default = [];
|
||||
example = literalExpression "[ \"-DMY_DTB_DEFINE\" ]";
|
||||
type = types.listOf types.str;
|
||||
example = lib.literalExpression "[ \"-DMY_DTB_DEFINE\" ]";
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
Additional flags to pass to the preprocessor during dtbo compilations
|
||||
'';
|
||||
};
|
||||
|
||||
dtboBuildExtraIncludePaths = mkOption {
|
||||
dtboBuildExtraIncludePaths = lib.mkOption {
|
||||
default = [];
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
[
|
||||
./my_custom_include_dir_1
|
||||
./custom_include_dir_2
|
||||
]
|
||||
'';
|
||||
type = types.listOf types.path;
|
||||
type = lib.types.listOf lib.types.path;
|
||||
description = ''
|
||||
Additional include paths that will be passed to the preprocessor when creating the final .dts to compile into .dtbo
|
||||
'';
|
||||
};
|
||||
|
||||
dtbSource = mkOption {
|
||||
dtbSource = lib.mkOption {
|
||||
default = "${cfg.kernelPackage}/dtbs";
|
||||
defaultText = literalExpression "\${cfg.kernelPackage}/dtbs";
|
||||
type = types.path;
|
||||
defaultText = lib.literalExpression "\${cfg.kernelPackage}/dtbs";
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
Path to dtb directory that overlays and other processing will be applied to. Uses
|
||||
device trees bundled with the Linux kernel by default.
|
||||
'';
|
||||
};
|
||||
|
||||
name = mkOption {
|
||||
name = lib.mkOption {
|
||||
default = null;
|
||||
example = "some-dtb.dtb";
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
The name of an explicit dtb to be loaded, relative to the dtb base.
|
||||
Useful in extlinux scenarios if the bootloader doesn't pick the
|
||||
@ -165,8 +162,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
filter = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
filter = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "*rpi*.dtb";
|
||||
description = ''
|
||||
@ -174,9 +171,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
overlays = mkOption {
|
||||
overlays = lib.mkOption {
|
||||
default = [];
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
[
|
||||
{ name = "pps"; dtsFile = ./dts/pps.dts; }
|
||||
{ name = "spi";
|
||||
@ -185,7 +182,7 @@ in
|
||||
{ name = "precompiled"; dtboFile = ./dtbos/example.dtbo; }
|
||||
]
|
||||
'';
|
||||
type = types.listOf (types.coercedTo types.path (path: {
|
||||
type = lib.types.listOf (lib.types.coercedTo lib.types.path (path: {
|
||||
name = baseNameOf path;
|
||||
filter = null;
|
||||
dtboFile = path;
|
||||
@ -195,9 +192,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkOption {
|
||||
package = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.path;
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
internal = true;
|
||||
description = ''
|
||||
A path containing the result of applying `overlays` to `kernelPackage`.
|
||||
@ -206,7 +203,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) {
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
|
||||
assertions = let
|
||||
invalidOverlay = o: (o.dtsFile == null) && (o.dtsText == null) && (o.dtboFile == null);
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.hardware.flipperzero;
|
||||
@ -9,9 +6,9 @@ let
|
||||
in
|
||||
|
||||
{
|
||||
options.hardware.flipperzero.enable = mkEnableOption "udev rules and software for Flipper Zero devices";
|
||||
options.hardware.flipperzero.enable = lib.mkEnableOption "udev rules and software for Flipper Zero devices";
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.qFlipper ];
|
||||
services.udev.packages = [ pkgs.qFlipper ];
|
||||
};
|
||||
|
@ -1,16 +1,13 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware.gkraken;
|
||||
in
|
||||
{
|
||||
options.hardware.gkraken = {
|
||||
enable = mkEnableOption "gkraken's udev rules for NZXT AIO liquid coolers";
|
||||
enable = lib.mkEnableOption "gkraken's udev rules for NZXT AIO liquid coolers";
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.udev.packages = with pkgs; [
|
||||
gkraken
|
||||
];
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
# gnupg's manual describes how to setup ccid udev rules:
|
||||
# https://www.gnupg.org/howtos/card-howto/en/ch02s03.html
|
||||
@ -28,10 +26,10 @@ let
|
||||
cfg = config.hardware.gpgSmartcards;
|
||||
in {
|
||||
options.hardware.gpgSmartcards = {
|
||||
enable = mkEnableOption "udev rules for gnupg smart cards";
|
||||
enable = lib.mkEnableOption "udev rules for gnupg smart cards";
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.udev.packages = [ scdaemonUdevRulesPkg ];
|
||||
};
|
||||
}
|
||||
|
@ -1,21 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.hardware.i2c;
|
||||
in
|
||||
|
||||
{
|
||||
options.hardware.i2c = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
i2c devices support. By default access is granted to users in the "i2c"
|
||||
group (will be created if non-existent) and any user with a seat, meaning
|
||||
logged on the computer locally
|
||||
'';
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "i2c";
|
||||
description = ''
|
||||
Grant access to i2c devices (/dev/i2c-*) to users in this group.
|
||||
@ -23,11 +20,11 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
boot.kernelModules = [ "i2c-dev" ];
|
||||
|
||||
users.groups = mkIf (cfg.group == "i2c") {
|
||||
users.groups = lib.mkIf (cfg.group == "i2c") {
|
||||
i2c = { };
|
||||
};
|
||||
|
||||
@ -42,6 +39,6 @@ in
|
||||
|
||||
};
|
||||
|
||||
meta.maintainers = [ maintainers.rnhmjoj ];
|
||||
meta.maintainers = [ lib.maintainers.rnhmjoj ];
|
||||
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.hardware.infiniband;
|
||||
@ -31,9 +28,9 @@ in
|
||||
|
||||
{
|
||||
options.hardware.infiniband = {
|
||||
enable = mkEnableOption "Infiniband support";
|
||||
guids = mkOption {
|
||||
type = with types; listOf str;
|
||||
enable = lib.mkEnableOption "Infiniband support";
|
||||
guids = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [];
|
||||
example = [ "0xe8ebd30000eee2e1" ];
|
||||
description = ''
|
||||
@ -42,7 +39,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
boot.initrd.kernelModules = [
|
||||
"mlx5_core" "mlx5_ib" "ib_cm"
|
||||
"rdma_cm" "rdma_ucm" "rpcrdma"
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.security.polkit;
|
||||
@ -12,14 +9,14 @@ in
|
||||
|
||||
options = {
|
||||
|
||||
security.polkit.enable = mkEnableOption "polkit";
|
||||
security.polkit.enable = lib.mkEnableOption "polkit";
|
||||
|
||||
security.polkit.package = mkPackageOption pkgs "polkit" { };
|
||||
security.polkit.package = lib.mkPackageOption pkgs "polkit" { };
|
||||
|
||||
security.polkit.debug = mkEnableOption "debug logs from polkit. This is required in order to see log messages from rule definitions";
|
||||
security.polkit.debug = lib.mkEnableOption "debug logs from polkit. This is required in order to see log messages from rule definitions";
|
||||
|
||||
security.polkit.extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
security.polkit.extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
example =
|
||||
''
|
||||
@ -41,8 +38,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
security.polkit.adminIdentities = mkOption {
|
||||
type = types.listOf types.str;
|
||||
security.polkit.adminIdentities = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ "unix-group:wheel" ];
|
||||
example = [ "unix-user:alice" "unix-group:admin" ];
|
||||
description =
|
||||
@ -57,7 +54,7 @@ in
|
||||
};
|
||||
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ cfg.package.bin cfg.package.out ];
|
||||
|
||||
@ -65,7 +62,7 @@ in
|
||||
|
||||
systemd.services.polkit.serviceConfig.ExecStart = [
|
||||
""
|
||||
"${cfg.package.out}/lib/polkit-1/polkitd ${optionalString (!cfg.debug) "--no-debug"}"
|
||||
"${cfg.package.out}/lib/polkit-1/polkitd ${lib.optionalString (!cfg.debug) "--no-debug"}"
|
||||
];
|
||||
|
||||
systemd.services.polkit.restartTriggers = [ config.system.path ];
|
||||
@ -78,7 +75,7 @@ in
|
||||
environment.etc."polkit-1/rules.d/10-nixos.rules".text =
|
||||
''
|
||||
polkit.addAdminRule(function(action, subject) {
|
||||
return [${concatStringsSep ", " (map (i: "\"${i}\"") cfg.adminIdentities)}];
|
||||
return [${lib.concatStringsSep ", " (map (i: "\"${i}\"") cfg.adminIdentities)}];
|
||||
});
|
||||
|
||||
${cfg.extraConfig}
|
||||
|
@ -1,21 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.security.sudo-rs;
|
||||
|
||||
toUserString = user: if (isInt user) then "#${toString user}" else "${user}";
|
||||
toGroupString = group: if (isInt group) then "%#${toString group}" else "%${group}";
|
||||
toUserString = user: if (lib.isInt user) then "#${toString user}" else "${user}";
|
||||
toGroupString = group: if (lib.isInt group) then "%#${toString group}" else "%${group}";
|
||||
|
||||
toCommandOptionsString = options:
|
||||
"${concatStringsSep ":" options}${optionalString (length options != 0) ":"} ";
|
||||
"${lib.concatStringsSep ":" options}${lib.optionalString (lib.length options != 0) ":"} ";
|
||||
|
||||
toCommandsString = commands:
|
||||
concatStringsSep ", " (
|
||||
lib.concatStringsSep ", " (
|
||||
map (command:
|
||||
if (isString command) then
|
||||
if (lib.isString command) then
|
||||
command
|
||||
else
|
||||
"${toCommandOptionsString command.options}${command.command}"
|
||||
@ -30,8 +27,8 @@ in
|
||||
|
||||
options.security.sudo-rs = {
|
||||
|
||||
defaultOptions = mkOption {
|
||||
type = with types; listOf str;
|
||||
defaultOptions = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [];
|
||||
description = ''
|
||||
Options used for the default rules, granting `root` and the
|
||||
@ -39,15 +36,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
a memory-safe implementation of the {command}`sudo` command,
|
||||
which allows non-root users to execute commands as root
|
||||
'';
|
||||
|
||||
package = mkPackageOption pkgs "sudo-rs" { };
|
||||
package = lib.mkPackageOption pkgs "sudo-rs" { };
|
||||
|
||||
wheelNeedsPassword = mkOption {
|
||||
type = types.bool;
|
||||
wheelNeedsPassword = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether users of the `wheel` group must
|
||||
@ -55,8 +52,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
execWheelOnly = mkOption {
|
||||
type = types.bool;
|
||||
execWheelOnly = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Only allow members of the `wheel` group to execute sudo by
|
||||
@ -66,8 +63,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.lines;
|
||||
configFile = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
# Note: if syntax errors are detected in this file, the NixOS
|
||||
# configuration will fail to build.
|
||||
description = ''
|
||||
@ -76,15 +73,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
extraRules = mkOption {
|
||||
extraRules = lib.mkOption {
|
||||
description = ''
|
||||
Define specific rules to be in the {file}`sudoers` file.
|
||||
More specific rules should come after more general ones in order to
|
||||
yield the expected behavior. You can use mkBefore/mkAfter to ensure
|
||||
yield the expected behavior. You can use `lib.mkBefore`/`lib.mkAfter` to ensure
|
||||
this is the case when configuration options are merged.
|
||||
'';
|
||||
default = [];
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
[
|
||||
# Allow execution of any command by all users in group sudo,
|
||||
# requiring a password.
|
||||
@ -103,34 +100,34 @@ in
|
||||
{ command = '''/home/baz/cmd2.sh ""'''; options = [ "SETENV" ]; } ]; }
|
||||
]
|
||||
'';
|
||||
type = with types; listOf (submodule {
|
||||
type = with lib.types; listOf (submodule {
|
||||
options = {
|
||||
users = mkOption {
|
||||
type = with types; listOf (either str int);
|
||||
users = lib.mkOption {
|
||||
type = with lib.types; listOf (either str int);
|
||||
description = ''
|
||||
The usernames / UIDs this rule should apply for.
|
||||
'';
|
||||
default = [];
|
||||
};
|
||||
|
||||
groups = mkOption {
|
||||
type = with types; listOf (either str int);
|
||||
groups = lib.mkOption {
|
||||
type = with lib.types; listOf (either str int);
|
||||
description = ''
|
||||
The groups / GIDs this rule should apply for.
|
||||
'';
|
||||
default = [];
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "ALL";
|
||||
description = ''
|
||||
For what host this rule should apply.
|
||||
'';
|
||||
};
|
||||
|
||||
runAs = mkOption {
|
||||
type = with types; str;
|
||||
runAs = lib.mkOption {
|
||||
type = with lib.types; str;
|
||||
default = "ALL:ALL";
|
||||
description = ''
|
||||
Under which user/group the specified command is allowed to run.
|
||||
@ -141,15 +138,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
commands = mkOption {
|
||||
commands = lib.mkOption {
|
||||
description = ''
|
||||
The commands for which the rule should apply.
|
||||
'';
|
||||
type = with types; listOf (either str (submodule {
|
||||
type = with lib.types; listOf (either str (submodule {
|
||||
|
||||
options = {
|
||||
command = mkOption {
|
||||
type = with types; str;
|
||||
command = lib.mkOption {
|
||||
type = with lib.types; str;
|
||||
description = ''
|
||||
A command being either just a path to a binary to allow any arguments,
|
||||
the full command with arguments pre-set or with `""` used as the argument,
|
||||
@ -157,8 +154,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
options = mkOption {
|
||||
type = with types; listOf (enum [ "NOPASSWD" "PASSWD" "NOEXEC" "EXEC" "SETENV" "NOSETENV" "LOG_INPUT" "NOLOG_INPUT" "LOG_OUTPUT" "NOLOG_OUTPUT" ]);
|
||||
options = lib.mkOption {
|
||||
type = with lib.types; listOf (enum [ "NOPASSWD" "PASSWD" "NOEXEC" "EXEC" "SETENV" "NOSETENV" "LOG_INPUT" "NOLOG_INPUT" "LOG_OUTPUT" "NOLOG_OUTPUT" ]);
|
||||
description = ''
|
||||
Options for running the command. Refer to the [sudo manual](https://www.sudo.ws/man/1.7.10/sudoers.man.html).
|
||||
'';
|
||||
@ -172,8 +169,8 @@ in
|
||||
});
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration text appended to {file}`sudoers`.
|
||||
@ -184,12 +181,12 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
assertions = [ {
|
||||
assertion = ! config.security.sudo.enable;
|
||||
message = "`security.sudo` and `security.sudo-rs` cannot both be enabled";
|
||||
}];
|
||||
security.sudo.enable = mkDefault false;
|
||||
security.sudo.enable = lib.mkDefault false;
|
||||
|
||||
security.sudo-rs.extraRules =
|
||||
let
|
||||
@ -200,35 +197,35 @@ in
|
||||
options = opts ++ cfg.defaultOptions;
|
||||
} ];
|
||||
} ];
|
||||
in mkMerge [
|
||||
# This is ordered before users' `mkBefore` rules,
|
||||
in lib.mkMerge [
|
||||
# This is ordered before users' `lib.mkBefore` rules,
|
||||
# so as not to introduce unexpected changes.
|
||||
(mkOrder 400 (defaultRule { users = [ "root" ]; }))
|
||||
(lib.mkOrder 400 (defaultRule { users = [ "root" ]; }))
|
||||
|
||||
# This is ordered to show before (most) other rules, but
|
||||
# late-enough for a user to `mkBefore` it.
|
||||
(mkOrder 600 (defaultRule {
|
||||
# late-enough for a user to `lib.mkBefore` it.
|
||||
(lib.mkOrder 600 (defaultRule {
|
||||
groups = [ "wheel" ];
|
||||
opts = (optional (!cfg.wheelNeedsPassword) "NOPASSWD");
|
||||
opts = (lib.optional (!cfg.wheelNeedsPassword) "NOPASSWD");
|
||||
}))
|
||||
];
|
||||
|
||||
security.sudo-rs.configFile = concatStringsSep "\n" (filter (s: s != "") [
|
||||
security.sudo-rs.configFile = lib.concatStringsSep "\n" (lib.filter (s: s != "") [
|
||||
''
|
||||
# Don't edit this file. Set the NixOS options ‘security.sudo-rs.configFile’
|
||||
# or ‘security.sudo-rs.extraRules’ instead.
|
||||
''
|
||||
(pipe cfg.extraRules [
|
||||
(filter (rule: length rule.commands != 0))
|
||||
(lib.pipe cfg.extraRules [
|
||||
(lib.filter (rule: lib.length rule.commands != 0))
|
||||
(map (rule: [
|
||||
(map (user: "${toUserString user} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.users)
|
||||
(map (group: "${toGroupString group} ${rule.host}=(${rule.runAs}) ${toCommandsString rule.commands}") rule.groups)
|
||||
]))
|
||||
flatten
|
||||
(concatStringsSep "\n")
|
||||
lib.flatten
|
||||
(lib.concatStringsSep "\n")
|
||||
])
|
||||
"\n"
|
||||
(optionalString (cfg.extraConfig != "") ''
|
||||
(lib.optionalString (cfg.extraConfig != "") ''
|
||||
# extraConfig
|
||||
${cfg.extraConfig}
|
||||
'')
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.salt.master;
|
||||
@ -20,16 +17,16 @@ in
|
||||
{
|
||||
options = {
|
||||
services.salt.master = {
|
||||
enable = mkEnableOption "Salt configuration management system master service";
|
||||
configuration = mkOption {
|
||||
type = types.attrs;
|
||||
enable = lib.mkEnableOption "Salt configuration management system master service";
|
||||
configuration = lib.mkOption {
|
||||
type = lib.types.attrs;
|
||||
default = {};
|
||||
description = "Salt master configuration as Nix attribute set.";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment = {
|
||||
# Set this up in /etc/salt/master so `salt`, `salt-key`, etc. work.
|
||||
# The alternatives are
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.rabbitmq;
|
||||
|
||||
@ -16,7 +13,7 @@ in
|
||||
{
|
||||
|
||||
imports = [
|
||||
(mkRemovedOptionModule [ "services" "rabbitmq" "cookie" ] ''
|
||||
(lib.mkRemovedOptionModule [ "services" "rabbitmq" "cookie" ] ''
|
||||
This option wrote the Erlang cookie to the store, while it should be kept secret.
|
||||
Please remove it from your NixOS configuration and deploy a cookie securely instead.
|
||||
The renamed `unsafeCookie` must ONLY be used in isolated non-production environments such as NixOS VM tests.
|
||||
@ -26,8 +23,8 @@ in
|
||||
###### interface
|
||||
options = {
|
||||
services.rabbitmq = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the RabbitMQ server, an Advanced Message
|
||||
@ -35,9 +32,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "rabbitmq-server" { };
|
||||
package = lib.mkPackageOption pkgs "rabbitmq-server" { };
|
||||
|
||||
listenAddress = mkOption {
|
||||
listenAddress = lib.mkOption {
|
||||
default = "127.0.0.1";
|
||||
example = "";
|
||||
description = ''
|
||||
@ -52,28 +49,28 @@ in
|
||||
configItems."listeners.tcp.1" and it's left for backwards
|
||||
compatibility with previous version of this module.
|
||||
'';
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
port = lib.mkOption {
|
||||
default = 5672;
|
||||
description = ''
|
||||
Port on which RabbitMQ will listen for AMQP connections.
|
||||
'';
|
||||
type = types.port;
|
||||
type = lib.types.port;
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/rabbitmq";
|
||||
description = ''
|
||||
Data directory for rabbitmq.
|
||||
'';
|
||||
};
|
||||
|
||||
unsafeCookie = mkOption {
|
||||
unsafeCookie = lib.mkOption {
|
||||
default = "";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Erlang cookie is a string of arbitrary length which must
|
||||
be the same for several nodes to be allowed to communicate.
|
||||
@ -86,10 +83,10 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
configItems = mkOption {
|
||||
configItems = lib.mkOption {
|
||||
default = { };
|
||||
type = types.attrsOf types.str;
|
||||
example = literalExpression ''
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
"auth_backends.1.authn" = "rabbit_auth_backend_ldap";
|
||||
"auth_backends.1.authz" = "rabbit_auth_backend_internal";
|
||||
@ -112,9 +109,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
config = lib.mkOption {
|
||||
default = "";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Verbatim advanced configuration file contents using the Erlang syntax.
|
||||
This is also known as the `advanced.config` file or the old config format.
|
||||
@ -130,23 +127,23 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
plugins = lib.mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf types.str;
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = "The names of plugins to enable";
|
||||
};
|
||||
|
||||
pluginDirs = mkOption {
|
||||
pluginDirs = lib.mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf types.path;
|
||||
type = lib.types.listOf lib.types.path;
|
||||
description = "The list of directories containing external plugins";
|
||||
};
|
||||
|
||||
managementPlugin = {
|
||||
enable = mkEnableOption "the management plugin";
|
||||
port = mkOption {
|
||||
enable = lib.mkEnableOption "the management plugin";
|
||||
port = lib.mkOption {
|
||||
default = 15672;
|
||||
type = types.port;
|
||||
type = lib.types.port;
|
||||
description = ''
|
||||
On which port to run the management plugin
|
||||
'';
|
||||
@ -157,7 +154,7 @@ in
|
||||
|
||||
|
||||
###### implementation
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# This is needed so we will have 'rabbitmqctl' in our PATH
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
@ -175,13 +172,13 @@ in
|
||||
users.groups.rabbitmq.gid = config.ids.gids.rabbitmq;
|
||||
|
||||
services.rabbitmq.configItems = {
|
||||
"listeners.tcp.1" = mkDefault "${cfg.listenAddress}:${toString cfg.port}";
|
||||
} // optionalAttrs cfg.managementPlugin.enable {
|
||||
"listeners.tcp.1" = lib.mkDefault "${cfg.listenAddress}:${toString cfg.port}";
|
||||
} // lib.optionalAttrs cfg.managementPlugin.enable {
|
||||
"management.tcp.port" = toString cfg.managementPlugin.port;
|
||||
"management.tcp.ip" = cfg.listenAddress;
|
||||
};
|
||||
|
||||
services.rabbitmq.plugins = optional cfg.managementPlugin.enable "rabbitmq_management";
|
||||
services.rabbitmq.plugins = lib.optional cfg.managementPlugin.enable "rabbitmq_management";
|
||||
|
||||
systemd.services.rabbitmq = {
|
||||
description = "RabbitMQ Server";
|
||||
@ -200,11 +197,11 @@ in
|
||||
RABBITMQ_LOGS = "-";
|
||||
SYS_PREFIX = "";
|
||||
RABBITMQ_CONFIG_FILE = config_file;
|
||||
RABBITMQ_PLUGINS_DIR = concatStringsSep ":" cfg.pluginDirs;
|
||||
RABBITMQ_PLUGINS_DIR = lib.concatStringsSep ":" cfg.pluginDirs;
|
||||
RABBITMQ_ENABLED_PLUGINS_FILE = pkgs.writeText "enabled_plugins" ''
|
||||
[ ${concatStringsSep "," cfg.plugins} ].
|
||||
[ ${lib.concatStringsSep "," cfg.plugins} ].
|
||||
'';
|
||||
} // optionalAttrs (cfg.config != "") { RABBITMQ_ADVANCED_CONFIG_FILE = advanced_config_file; };
|
||||
} // lib.optionalAttrs (cfg.config != "") { RABBITMQ_ADVANCED_CONFIG_FILE = advanced_config_file; };
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/sbin/rabbitmq-server";
|
||||
@ -223,7 +220,7 @@ in
|
||||
};
|
||||
|
||||
preStart = ''
|
||||
${optionalString (cfg.unsafeCookie != "") ''
|
||||
${lib.optionalString (cfg.unsafeCookie != "") ''
|
||||
install -m 600 <(echo -n ${cfg.unsafeCookie}) ${cfg.dataDir}/.erlang.cookie
|
||||
''}
|
||||
'';
|
||||
|
@ -1,8 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
with types;
|
||||
|
||||
let
|
||||
|
||||
planDescription = ''
|
||||
@ -29,46 +25,46 @@ let
|
||||
planExample = "1h=>10min,1d=>1h,1w=>1d,1m=>1w,1y=>1m";
|
||||
|
||||
# A type for a string of the form number{b|k|M|G}
|
||||
mbufferSizeType = str // {
|
||||
check = x: str.check x && builtins.isList (builtins.match "^[0-9]+[bkMG]$" x);
|
||||
mbufferSizeType = lib.types.str // {
|
||||
check = x: lib.types.str.check x && builtins.isList (builtins.match "^[0-9]+[bkMG]$" x);
|
||||
description = "string of the form number{b|k|M|G}";
|
||||
};
|
||||
|
||||
enabledFeatures = concatLists (mapAttrsToList (name: enabled: optional enabled name) cfg.features);
|
||||
enabledFeatures = lib.concatLists (lib.mapAttrsToList (name: enabled: lib.optional enabled name) cfg.features);
|
||||
|
||||
# Type for a string that must contain certain other strings (the list parameter).
|
||||
# Note that these would need regex escaping.
|
||||
stringContainingStrings = list: let
|
||||
matching = s: map (str: builtins.match ".*${str}.*" s) list;
|
||||
in str // {
|
||||
check = x: str.check x && all isList (matching x);
|
||||
description = "string containing all of the characters ${concatStringsSep ", " list}";
|
||||
in lib.types.str // {
|
||||
check = x: lib.types.str.check x && lib.all lib.isList (matching x);
|
||||
description = "string containing all of the characters ${lib.concatStringsSep ", " list}";
|
||||
};
|
||||
|
||||
timestampType = stringContainingStrings [ "%Y" "%m" "%d" "%H" "%M" "%S" ];
|
||||
|
||||
destType = srcConfig: submodule ({ name, ... }: {
|
||||
destType = srcConfig: lib.types.submodule ({ name, ... }: {
|
||||
options = {
|
||||
|
||||
label = mkOption {
|
||||
type = str;
|
||||
label = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Label for this destination. Defaults to the attribute name.";
|
||||
};
|
||||
|
||||
plan = mkOption {
|
||||
type = str;
|
||||
plan = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = planDescription;
|
||||
example = planExample;
|
||||
};
|
||||
|
||||
dataset = mkOption {
|
||||
type = str;
|
||||
dataset = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Dataset name to send snapshots to.";
|
||||
example = "tank/main";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = nullOr str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Host to use for the destination dataset. Can be prefixed with
|
||||
`user@` to specify the ssh user.
|
||||
@ -77,8 +73,8 @@ let
|
||||
example = "john@example.com";
|
||||
};
|
||||
|
||||
presend = mkOption {
|
||||
type = nullOr str;
|
||||
presend = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Command to run before sending the snapshot to the destination.
|
||||
Intended to run a remote script via {command}`ssh` on the
|
||||
@ -89,8 +85,8 @@ let
|
||||
example = "ssh root@bserv zpool import -Nf tank";
|
||||
};
|
||||
|
||||
postsend = mkOption {
|
||||
type = nullOr str;
|
||||
postsend = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Command to run after sending the snapshot to the destination.
|
||||
Intended to run a remote script via {command}`ssh` on the
|
||||
@ -103,37 +99,37 @@ let
|
||||
};
|
||||
|
||||
config = {
|
||||
label = mkDefault name;
|
||||
plan = mkDefault srcConfig.plan;
|
||||
label = lib.mkDefault name;
|
||||
plan = lib.mkDefault srcConfig.plan;
|
||||
};
|
||||
});
|
||||
|
||||
|
||||
|
||||
srcType = submodule ({ name, config, ... }: {
|
||||
srcType = lib.types.submodule ({ name, config, ... }: {
|
||||
options = {
|
||||
|
||||
enable = mkOption {
|
||||
type = bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Whether to enable this source.";
|
||||
default = true;
|
||||
};
|
||||
|
||||
recursive = mkOption {
|
||||
type = bool;
|
||||
recursive = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Whether to do recursive snapshots.";
|
||||
default = false;
|
||||
};
|
||||
|
||||
mbuffer = {
|
||||
enable = mkOption {
|
||||
type = bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Whether to use {command}`mbuffer`.";
|
||||
default = false;
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = nullOr ints.u16;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.ints.u16;
|
||||
description = ''
|
||||
Port to use for {command}`mbuffer`.
|
||||
|
||||
@ -147,7 +143,7 @@ let
|
||||
default = null;
|
||||
};
|
||||
|
||||
size = mkOption {
|
||||
size = lib.mkOption {
|
||||
type = mbufferSizeType;
|
||||
description = ''
|
||||
The size for {command}`mbuffer`.
|
||||
@ -158,32 +154,32 @@ let
|
||||
};
|
||||
};
|
||||
|
||||
presnap = mkOption {
|
||||
type = nullOr str;
|
||||
presnap = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Command to run before snapshots are taken on the source dataset,
|
||||
e.g. for database locking/flushing. See also
|
||||
{option}`postsnap`.
|
||||
'';
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
'''''${pkgs.mariadb}/bin/mysql -e "set autocommit=0;flush tables with read lock;\\! ''${pkgs.coreutils}/bin/sleep 600" & ''${pkgs.coreutils}/bin/echo $! > /tmp/mariadblock.pid ; sleep 10'''
|
||||
'';
|
||||
};
|
||||
|
||||
postsnap = mkOption {
|
||||
type = nullOr str;
|
||||
postsnap = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Command to run after snapshots are taken on the source dataset,
|
||||
e.g. for database unlocking. See also {option}`presnap`.
|
||||
'';
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
"''${pkgs.coreutils}/bin/kill `''${pkgs.coreutils}/bin/cat /tmp/mariadblock.pid`;''${pkgs.coreutils}/bin/rm /tmp/mariadblock.pid"
|
||||
'';
|
||||
};
|
||||
|
||||
timestampFormat = mkOption {
|
||||
timestampFormat = lib.mkOption {
|
||||
type = timestampType;
|
||||
description = ''
|
||||
The timestamp format to use for constructing snapshot names.
|
||||
@ -197,8 +193,8 @@ let
|
||||
example = "znapzend-%m.%d.%Y-%H%M%SZ";
|
||||
};
|
||||
|
||||
sendDelay = mkOption {
|
||||
type = int;
|
||||
sendDelay = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = ''
|
||||
Specify delay (in seconds) before sending snaps to the destination.
|
||||
May be useful if you want to control sending time.
|
||||
@ -207,23 +203,23 @@ let
|
||||
example = 60;
|
||||
};
|
||||
|
||||
plan = mkOption {
|
||||
type = str;
|
||||
plan = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = planDescription;
|
||||
example = planExample;
|
||||
};
|
||||
|
||||
dataset = mkOption {
|
||||
type = str;
|
||||
dataset = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "The dataset to use for this source.";
|
||||
example = "tank/home";
|
||||
};
|
||||
|
||||
destinations = mkOption {
|
||||
type = attrsOf (destType config);
|
||||
destinations = lib.mkOption {
|
||||
type = lib.types.attrsOf (destType config);
|
||||
description = "Additional destinations.";
|
||||
default = {};
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
local = {
|
||||
dataset = "btank/backup";
|
||||
@ -240,7 +236,7 @@ let
|
||||
};
|
||||
|
||||
config = {
|
||||
dataset = mkDefault name;
|
||||
dataset = lib.mkDefault name;
|
||||
};
|
||||
|
||||
});
|
||||
@ -251,18 +247,18 @@ let
|
||||
|
||||
onOff = b: if b then "on" else "off";
|
||||
nullOff = b: if b == null then "off" else toString b;
|
||||
stripSlashes = replaceStrings [ "/" ] [ "." ];
|
||||
stripSlashes = lib.replaceStrings [ "/" ] [ "." ];
|
||||
|
||||
attrsToFile = config: concatStringsSep "\n" (builtins.attrValues (
|
||||
mapAttrs (n: v: "${n}=${v}") config));
|
||||
attrsToFile = config: lib.concatStringsSep "\n" (builtins.attrValues (
|
||||
lib.mapAttrs (n: v: "${n}=${v}") config));
|
||||
|
||||
mkDestAttrs = dst: with dst;
|
||||
mapAttrs' (n: v: nameValuePair "dst_${label}${n}" v) ({
|
||||
"" = optionalString (host != null) "${host}:" + dataset;
|
||||
lib.mapAttrs' (n: v: lib.nameValuePair "dst_${label}${n}" v) ({
|
||||
"" = lib.optionalString (host != null) "${host}:" + dataset;
|
||||
_plan = plan;
|
||||
} // optionalAttrs (presend != null) {
|
||||
} // lib.optionalAttrs (presend != null) {
|
||||
_precmd = presend;
|
||||
} // optionalAttrs (postsend != null) {
|
||||
} // lib.optionalAttrs (postsend != null) {
|
||||
_pstcmd = postsend;
|
||||
});
|
||||
|
||||
@ -270,7 +266,7 @@ let
|
||||
enabled = onOff enable;
|
||||
# mbuffer is not referenced by its full path to accommodate non-NixOS systems or differing mbuffer versions between source and target
|
||||
mbuffer = with mbuffer; if enable then "mbuffer"
|
||||
+ optionalString (port != null) ":${toString port}" else "off";
|
||||
+ lib.optionalString (port != null) ":${toString port}" else "off";
|
||||
mbuffer_size = mbuffer.size;
|
||||
post_znap_cmd = nullOff postsnap;
|
||||
pre_znap_cmd = nullOff presnap;
|
||||
@ -279,11 +275,11 @@ let
|
||||
src_plan = plan;
|
||||
tsformat = timestampFormat;
|
||||
zend_delay = toString sendDelay;
|
||||
} // foldr (a: b: a // b) {} (
|
||||
} // lib.foldr (a: b: a // b) {} (
|
||||
map mkDestAttrs (builtins.attrValues destinations)
|
||||
);
|
||||
|
||||
files = mapAttrs' (n: srcCfg: let
|
||||
files = lib.mapAttrs' (n: srcCfg: let
|
||||
fileText = attrsToFile (mkSrcAttrs srcCfg);
|
||||
in {
|
||||
name = srcCfg.dataset;
|
||||
@ -294,20 +290,20 @@ in
|
||||
{
|
||||
options = {
|
||||
services.znapzend = {
|
||||
enable = mkEnableOption "ZnapZend ZFS backup daemon";
|
||||
enable = lib.mkEnableOption "ZnapZend ZFS backup daemon";
|
||||
|
||||
logLevel = mkOption {
|
||||
logLevel = lib.mkOption {
|
||||
default = "debug";
|
||||
example = "warning";
|
||||
type = enum ["debug" "info" "warning" "err" "alert"];
|
||||
type = lib.types.enum ["debug" "info" "warning" "err" "alert"];
|
||||
description = ''
|
||||
The log level when logging to file. Any of debug, info, warning, err,
|
||||
alert. Default in daemonized form is debug.
|
||||
'';
|
||||
};
|
||||
|
||||
logTo = mkOption {
|
||||
type = str;
|
||||
logTo = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "syslog::daemon";
|
||||
example = "/var/log/znapzend.log";
|
||||
description = ''
|
||||
@ -315,31 +311,31 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
mailErrorSummaryTo = mkOption {
|
||||
type = singleLineStr;
|
||||
mailErrorSummaryTo = lib.mkOption {
|
||||
type = lib.types.singleLineStr;
|
||||
default = "";
|
||||
description = ''
|
||||
Email address to send a summary to if "send task(s) failed".
|
||||
'';
|
||||
};
|
||||
|
||||
noDestroy = mkOption {
|
||||
type = bool;
|
||||
noDestroy = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Does all changes to the filesystem except destroy.";
|
||||
};
|
||||
|
||||
autoCreation = mkOption {
|
||||
type = bool;
|
||||
autoCreation = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Automatically create the destination dataset if it does not exist.";
|
||||
};
|
||||
|
||||
zetup = mkOption {
|
||||
type = attrsOf srcType;
|
||||
zetup = lib.mkOption {
|
||||
type = lib.types.attrsOf srcType;
|
||||
description = "Znapzend configuration.";
|
||||
default = {};
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
"tank/home" = {
|
||||
# Make snapshots of tank/home every hour, keep those for 1 day,
|
||||
@ -356,8 +352,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
pure = mkOption {
|
||||
type = bool;
|
||||
pure = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Do not persist any stateful znapzend setups. If this option is
|
||||
enabled, your previously set znapzend setups will be cleared and only
|
||||
@ -366,17 +362,17 @@ in
|
||||
default = false;
|
||||
};
|
||||
|
||||
features.oracleMode = mkEnableOption ''
|
||||
features.oracleMode = lib.mkEnableOption ''
|
||||
destroying snapshots one by one instead of using one long argument list.
|
||||
If source and destination are out of sync for a long time, you may have
|
||||
so many snapshots to destroy that the argument gets is too long and the
|
||||
command fails
|
||||
'';
|
||||
features.recvu = mkEnableOption ''
|
||||
features.recvu = lib.mkEnableOption ''
|
||||
recvu feature which uses `-u` on the receiving end to keep the destination
|
||||
filesystem unmounted
|
||||
'';
|
||||
features.compressed = mkEnableOption ''
|
||||
features.compressed = lib.mkEnableOption ''
|
||||
compressed feature which adds the options `-Lce` to
|
||||
the {command}`zfs send` command. When this is enabled, make
|
||||
sure that both the sending and receiving pool have the same relevant
|
||||
@ -387,7 +383,7 @@ in
|
||||
and {manpage}`zfs(8)`
|
||||
for more info
|
||||
'';
|
||||
features.sendRaw = mkEnableOption ''
|
||||
features.sendRaw = lib.mkEnableOption ''
|
||||
sendRaw feature which adds the options `-w` to the
|
||||
{command}`zfs send` command. For encrypted source datasets this
|
||||
instructs zfs not to decrypt before sending which results in a remote
|
||||
@ -396,7 +392,7 @@ in
|
||||
option must be used consistently, raw incrementals cannot be based on
|
||||
non-raw snapshots and vice versa
|
||||
'';
|
||||
features.skipIntermediates = mkEnableOption ''
|
||||
features.skipIntermediates = lib.mkEnableOption ''
|
||||
the skipIntermediates feature to send a single increment
|
||||
between latest common snapshot and the newly made one. It may skip
|
||||
several source snaps if the destination was offline for some time, and
|
||||
@ -404,14 +400,14 @@ in
|
||||
destinations, the new snapshot is sent as soon as it is created on the
|
||||
source, so there are no automatic increments to skip
|
||||
'';
|
||||
features.lowmemRecurse = mkEnableOption ''
|
||||
features.lowmemRecurse = lib.mkEnableOption ''
|
||||
use lowmemRecurse on systems where you have too many datasets, so a
|
||||
recursive listing of attributes to find backup plans exhausts the
|
||||
memory available to {command}`znapzend`: instead, go the slower
|
||||
way to first list all impacted dataset names, and then query their
|
||||
configs one by one
|
||||
'';
|
||||
features.zfsGetType = mkEnableOption ''
|
||||
features.zfsGetType = lib.mkEnableOption ''
|
||||
using zfsGetType if your {command}`zfs get` supports a
|
||||
`-t` argument for filtering by dataset type at all AND
|
||||
lists properties for snapshots by default when recursing, so that there
|
||||
@ -425,7 +421,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.znapzend ];
|
||||
|
||||
systemd.services = {
|
||||
@ -436,12 +432,12 @@ in
|
||||
|
||||
path = with pkgs; [ zfs mbuffer openssh ];
|
||||
|
||||
preStart = optionalString cfg.pure ''
|
||||
preStart = lib.optionalString cfg.pure ''
|
||||
echo Resetting znapzend zetups
|
||||
${pkgs.znapzend}/bin/znapzendzetup list \
|
||||
| grep -oP '(?<=\*\*\* backup plan: ).*(?= \*\*\*)' \
|
||||
| xargs -I{} ${pkgs.znapzend}/bin/znapzendzetup delete "{}"
|
||||
'' + concatStringsSep "\n" (mapAttrsToList (dataset: config: ''
|
||||
'' + lib.concatStringsSep "\n" (lib.mapAttrsToList (dataset: config: ''
|
||||
echo Importing znapzend zetup ${config} for dataset ${dataset}
|
||||
${pkgs.znapzend}/bin/znapzendzetup import --write ${dataset} ${config} &
|
||||
'') files) + ''
|
||||
@ -458,15 +454,15 @@ in
|
||||
# Needs to have write access to ZFS
|
||||
User = "root";
|
||||
ExecStart = let
|
||||
args = concatStringsSep " " [
|
||||
args = lib.concatStringsSep " " [
|
||||
"--logto=${cfg.logTo}"
|
||||
"--loglevel=${cfg.logLevel}"
|
||||
(optionalString cfg.noDestroy "--nodestroy")
|
||||
(optionalString cfg.autoCreation "--autoCreation")
|
||||
(optionalString (cfg.mailErrorSummaryTo != "")
|
||||
(lib.optionalString cfg.noDestroy "--nodestroy")
|
||||
(lib.optionalString cfg.autoCreation "--autoCreation")
|
||||
(lib.optionalString (cfg.mailErrorSummaryTo != "")
|
||||
"--mailErrorSummaryTo=${cfg.mailErrorSummaryTo}")
|
||||
(optionalString (enabledFeatures != [])
|
||||
"--features=${concatStringsSep "," enabledFeatures}")
|
||||
(lib.optionalString (enabledFeatures != [])
|
||||
"--features=${lib.concatStringsSep "," enabledFeatures}")
|
||||
]; in "${pkgs.znapzend}/bin/znapzend ${args}";
|
||||
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
|
||||
Restart = "on-failure";
|
||||
@ -475,5 +471,5 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ SlothOfAnarchy ];
|
||||
meta.maintainers = with lib.maintainers; [ SlothOfAnarchy ];
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
top = config.services.kubernetes;
|
||||
cfg = top.flannel;
|
||||
@ -12,28 +9,28 @@ in
|
||||
{
|
||||
###### interface
|
||||
options.services.kubernetes.flannel = {
|
||||
enable = mkEnableOption "flannel networking";
|
||||
enable = lib.mkEnableOption "flannel networking";
|
||||
|
||||
openFirewallPorts = mkOption {
|
||||
openFirewallPorts = lib.mkOption {
|
||||
description = ''
|
||||
Whether to open the Flannel UDP ports in the firewall on all interfaces.'';
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.flannel = {
|
||||
|
||||
enable = mkDefault true;
|
||||
network = mkDefault top.clusterCidr;
|
||||
enable = lib.mkDefault true;
|
||||
network = lib.mkDefault top.clusterCidr;
|
||||
inherit storageBackend;
|
||||
nodeName = config.services.kubernetes.kubelet.hostname;
|
||||
};
|
||||
|
||||
services.kubernetes.kubelet = {
|
||||
cni.config = mkDefault [{
|
||||
cni.config = lib.mkDefault [{
|
||||
name = "mynet";
|
||||
type = "flannel";
|
||||
cniVersion = "0.3.1";
|
||||
@ -45,7 +42,7 @@ in
|
||||
};
|
||||
|
||||
networking = {
|
||||
firewall.allowedUDPPorts = mkIf cfg.openFirewallPorts [
|
||||
firewall.allowedUDPPorts = lib.mkIf cfg.openFirewallPorts [
|
||||
8285 # flannel udp
|
||||
8472 # flannel vxlan
|
||||
];
|
||||
@ -61,7 +58,7 @@ in
|
||||
};
|
||||
|
||||
# give flannel some kubernetes rbac permissions if applicable
|
||||
services.kubernetes.addonManager.bootstrapAddons = mkIf ((storageBackend == "kubernetes") && (elem "RBAC" top.apiserver.authorizationMode)) {
|
||||
services.kubernetes.addonManager.bootstrapAddons = lib.mkIf ((storageBackend == "kubernetes") && (lib.elem "RBAC" top.apiserver.authorizationMode)) {
|
||||
|
||||
flannel-cr = {
|
||||
apiVersion = "rbac.authorization.k8s.io/v1";
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.hydra;
|
||||
@ -20,8 +17,8 @@ let
|
||||
{ NIX_REMOTE = "daemon";
|
||||
SSL_CERT_FILE = "/etc/ssl/certs/ca-certificates.crt"; # Remove in 16.03
|
||||
PGPASSFILE = "${baseDir}/pgpass";
|
||||
NIX_REMOTE_SYSTEMS = concatStringsSep ":" cfg.buildMachinesFiles;
|
||||
} // optionalAttrs (cfg.smtpHost != null) {
|
||||
NIX_REMOTE_SYSTEMS = lib.concatStringsSep ":" cfg.buildMachinesFiles;
|
||||
} // lib.optionalAttrs (cfg.smtpHost != null) {
|
||||
EMAIL_SENDER_TRANSPORT = "SMTP";
|
||||
EMAIL_SENDER_TRANSPORT_host = cfg.smtpHost;
|
||||
} // hydraEnv // cfg.extraEnv;
|
||||
@ -31,7 +28,7 @@ let
|
||||
XDG_CACHE_HOME = "${baseDir}/www/.cache";
|
||||
COLUMNS = "80";
|
||||
PGPASSFILE = "${baseDir}/pgpass-www"; # grrr
|
||||
} // (optionalAttrs cfg.debugServer { DBIC_TRACE = "1"; });
|
||||
} // (lib.optionalAttrs cfg.debugServer { DBIC_TRACE = "1"; });
|
||||
|
||||
localDB = "dbi:Pg:dbname=hydra;user=hydra;";
|
||||
|
||||
@ -39,7 +36,7 @@ let
|
||||
|
||||
hydra-package =
|
||||
let
|
||||
makeWrapperArgs = concatStringsSep " " (mapAttrsToList (key: value: "--set-default \"${key}\" \"${value}\"") hydraEnv);
|
||||
makeWrapperArgs = lib.concatStringsSep " " (lib.mapAttrsToList (key: value: "--set-default \"${key}\" \"${value}\"") hydraEnv);
|
||||
in pkgs.buildEnv rec {
|
||||
name = "hydra-env";
|
||||
nativeBuildInputs = [ pkgs.makeWrapper ];
|
||||
@ -51,7 +48,7 @@ let
|
||||
fi
|
||||
mkdir -p "$out/bin"
|
||||
|
||||
for path in ${concatStringsSep " " paths}; do
|
||||
for path in ${lib.concatStringsSep " " paths}; do
|
||||
if [ -d "$path/bin" ]; then
|
||||
cd "$path/bin"
|
||||
for prg in *; do
|
||||
@ -75,16 +72,16 @@ in
|
||||
|
||||
services.hydra = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to run Hydra services.
|
||||
'';
|
||||
};
|
||||
|
||||
dbi = mkOption {
|
||||
type = types.str;
|
||||
dbi = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = localDB;
|
||||
example = "dbi:Pg:dbname=hydra;host=postgres.example.org;user=foo;";
|
||||
description = ''
|
||||
@ -97,17 +94,17 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "hydra" { };
|
||||
package = lib.mkPackageOption pkgs "hydra" { };
|
||||
|
||||
hydraURL = mkOption {
|
||||
type = types.str;
|
||||
hydraURL = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
The base URL for the Hydra webserver instance. Used for links in emails.
|
||||
'';
|
||||
};
|
||||
|
||||
listenHost = mkOption {
|
||||
type = types.str;
|
||||
listenHost = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "*";
|
||||
example = "localhost";
|
||||
description = ''
|
||||
@ -116,39 +113,39 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 3000;
|
||||
description = ''
|
||||
TCP port the web server should listen to.
|
||||
'';
|
||||
};
|
||||
|
||||
minimumDiskFree = mkOption {
|
||||
type = types.int;
|
||||
minimumDiskFree = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 0;
|
||||
description = ''
|
||||
Threshold of minimum disk space (GiB) to determine if the queue runner should run or not.
|
||||
'';
|
||||
};
|
||||
|
||||
minimumDiskFreeEvaluator = mkOption {
|
||||
type = types.int;
|
||||
minimumDiskFreeEvaluator = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 0;
|
||||
description = ''
|
||||
Threshold of minimum disk space (GiB) to determine if the evaluator should run or not.
|
||||
'';
|
||||
};
|
||||
|
||||
notificationSender = mkOption {
|
||||
type = types.str;
|
||||
notificationSender = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Sender email address used for email notifications.
|
||||
'';
|
||||
};
|
||||
|
||||
smtpHost = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
smtpHost = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
example = "localhost";
|
||||
description = ''
|
||||
@ -156,73 +153,73 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
tracker = mkOption {
|
||||
type = types.str;
|
||||
tracker = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Piece of HTML that is included on all pages.
|
||||
'';
|
||||
};
|
||||
|
||||
logo = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
logo = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Path to a file containing the logo of your Hydra instance.
|
||||
'';
|
||||
};
|
||||
|
||||
debugServer = mkOption {
|
||||
type = types.bool;
|
||||
debugServer = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Whether to run the server in debug mode.";
|
||||
};
|
||||
|
||||
maxServers = mkOption {
|
||||
type = types.int;
|
||||
maxServers = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 25;
|
||||
description = "Maximum number of starman workers to spawn.";
|
||||
};
|
||||
|
||||
minSpareServers = mkOption {
|
||||
type = types.int;
|
||||
minSpareServers = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 4;
|
||||
description = "Minimum number of spare starman workers to keep.";
|
||||
};
|
||||
|
||||
maxSpareServers = mkOption {
|
||||
type = types.int;
|
||||
maxSpareServers = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 5;
|
||||
description = "Maximum number of spare starman workers to keep.";
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
description = "Extra lines for the Hydra configuration.";
|
||||
};
|
||||
|
||||
extraEnv = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
extraEnv = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
default = {};
|
||||
description = "Extra environment variables for Hydra.";
|
||||
};
|
||||
|
||||
gcRootsDir = mkOption {
|
||||
type = types.path;
|
||||
gcRootsDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/nix/var/nix/gcroots/hydra";
|
||||
description = "Directory that holds Hydra garbage collector roots.";
|
||||
};
|
||||
|
||||
buildMachinesFiles = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = optional (config.nix.buildMachines != []) "/etc/nix/machines";
|
||||
defaultText = literalExpression ''optional (config.nix.buildMachines != []) "/etc/nix/machines"'';
|
||||
buildMachinesFiles = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.path;
|
||||
default = lib.optional (config.nix.buildMachines != []) "/etc/nix/machines";
|
||||
defaultText = lib.literalExpression ''lib.optional (config.nix.buildMachines != []) "/etc/nix/machines"'';
|
||||
example = [ "/etc/nix/machines" "/var/lib/hydra/provisioner/machines" ];
|
||||
description = "List of files containing build machines.";
|
||||
};
|
||||
|
||||
useSubstitutes = mkOption {
|
||||
type = types.bool;
|
||||
useSubstitutes = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to use binary caches for downloading store paths. Note that
|
||||
@ -241,7 +238,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
assertions = [
|
||||
{
|
||||
assertion = cfg.maxServers != 0 && cfg.maxSpareServers != 0 && cfg.minSpareServers != 0;
|
||||
@ -287,7 +284,7 @@ in
|
||||
base_uri = ${cfg.hydraURL}
|
||||
notification_sender = ${cfg.notificationSender}
|
||||
max_servers = ${toString cfg.maxServers}
|
||||
${optionalString (cfg.logo != null) ''
|
||||
${lib.optionalString (cfg.logo != null) ''
|
||||
hydra_logo = ${cfg.logo}
|
||||
''}
|
||||
gc_roots_dir = ${cfg.gcRootsDir}
|
||||
@ -298,14 +295,14 @@ in
|
||||
|
||||
environment.variables = hydraEnv;
|
||||
|
||||
nix.settings = mkMerge [
|
||||
nix.settings = lib.mkMerge [
|
||||
{
|
||||
keep-outputs = true;
|
||||
keep-derivations = true;
|
||||
trusted-users = [ "hydra-queue-runner" ];
|
||||
}
|
||||
|
||||
(mkIf (versionOlder (getVersion config.nix.package.out) "2.4pre")
|
||||
(lib.mkIf (lib.versionOlder (lib.getVersion config.nix.package.out) "2.4pre")
|
||||
{
|
||||
# The default (`true') slows Nix down a lot since the build farm
|
||||
# has so many GC roots.
|
||||
@ -316,8 +313,8 @@ in
|
||||
|
||||
systemd.services.hydra-init =
|
||||
{ wantedBy = [ "multi-user.target" ];
|
||||
requires = optional haveLocalDB "postgresql.service";
|
||||
after = optional haveLocalDB "postgresql.service";
|
||||
requires = lib.optional haveLocalDB "postgresql.service";
|
||||
after = lib.optional haveLocalDB "postgresql.service";
|
||||
environment = env // {
|
||||
HYDRA_DBI = "${env.HYDRA_DBI};application_name=hydra-init";
|
||||
};
|
||||
@ -340,7 +337,7 @@ in
|
||||
${baseDir}/build-logs \
|
||||
${baseDir}/runcommand-logs
|
||||
|
||||
${optionalString haveLocalDB ''
|
||||
${lib.optionalString haveLocalDB ''
|
||||
if ! [ -e ${baseDir}/.db-created ]; then
|
||||
runuser -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createuser hydra
|
||||
runuser -u ${config.services.postgresql.superUser} ${config.services.postgresql.package}/bin/createdb -- -O hydra hydra
|
||||
@ -388,7 +385,7 @@ in
|
||||
{ ExecStart =
|
||||
"@${hydra-package}/bin/hydra-server hydra-server -f -h '${cfg.listenHost}' "
|
||||
+ "-p ${toString cfg.port} --min_spare_servers ${toString cfg.minSpareServers} --max_spare_servers ${toString cfg.maxSpareServers} "
|
||||
+ "--max_servers ${toString cfg.maxServers} --max_requests 100 ${optionalString cfg.debugServer "-d"}";
|
||||
+ "--max_servers ${toString cfg.maxServers} --max_requests 100 ${lib.optionalString cfg.debugServer "-d"}";
|
||||
User = "hydra-www";
|
||||
PermissionsStartOnly = true;
|
||||
Restart = "always";
|
||||
@ -514,9 +511,9 @@ in
|
||||
startAt = "Sun 01:45";
|
||||
};
|
||||
|
||||
services.postgresql.enable = mkIf haveLocalDB true;
|
||||
services.postgresql.enable = lib.mkIf haveLocalDB true;
|
||||
|
||||
services.postgresql.identMap = optionalString haveLocalDB
|
||||
services.postgresql.identMap = lib.optionalString haveLocalDB
|
||||
''
|
||||
hydra-users hydra hydra
|
||||
hydra-users hydra-queue-runner hydra
|
||||
@ -526,7 +523,7 @@ in
|
||||
hydra-users postgres postgres
|
||||
'';
|
||||
|
||||
services.postgresql.authentication = optionalString haveLocalDB
|
||||
services.postgresql.authentication = lib.optionalString haveLocalDB
|
||||
''
|
||||
local hydra all ident map=hydra-users
|
||||
'';
|
||||
|
@ -1,38 +1,37 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.jenkins;
|
||||
jenkinsUrl = "http://${cfg.listenAddress}:${toString cfg.port}${cfg.prefix}";
|
||||
in {
|
||||
options = {
|
||||
services.jenkins = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the jenkins continuous integration server.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
user = lib.mkOption {
|
||||
default = "jenkins";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
User the jenkins server should execute under.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
group = lib.mkOption {
|
||||
default = "jenkins";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
If the default user "jenkins" is configured then this is the primary
|
||||
group of that user.
|
||||
'';
|
||||
};
|
||||
|
||||
extraGroups = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraGroups = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [ "wheel" "dialout" ];
|
||||
description = ''
|
||||
@ -40,38 +39,38 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
home = mkOption {
|
||||
home = lib.mkOption {
|
||||
default = "/var/lib/jenkins";
|
||||
type = types.path;
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
The path to use as JENKINS_HOME. If the default user "jenkins" is configured then
|
||||
this is the home of the "jenkins" user.
|
||||
'';
|
||||
};
|
||||
|
||||
listenAddress = mkOption {
|
||||
listenAddress = lib.mkOption {
|
||||
default = "0.0.0.0";
|
||||
example = "localhost";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Specifies the bind address on which the jenkins HTTP interface listens.
|
||||
The default is the wildcard address.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
port = lib.mkOption {
|
||||
default = 8080;
|
||||
type = types.port;
|
||||
type = lib.types.port;
|
||||
description = ''
|
||||
Specifies port number on which the jenkins HTTP interface listens.
|
||||
The default is 8080.
|
||||
'';
|
||||
};
|
||||
|
||||
prefix = mkOption {
|
||||
prefix = lib.mkOption {
|
||||
default = "";
|
||||
example = "/jenkins";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Specifies a urlPrefix to use with jenkins.
|
||||
If the example /jenkins is given, the jenkins server will be
|
||||
@ -79,20 +78,20 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "jenkins" { };
|
||||
package = lib.mkPackageOption pkgs "jenkins" { };
|
||||
|
||||
packages = mkOption {
|
||||
packages = lib.mkOption {
|
||||
default = [ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ];
|
||||
defaultText = literalExpression "[ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]";
|
||||
type = types.listOf types.package;
|
||||
defaultText = lib.literalExpression "[ pkgs.stdenv pkgs.git pkgs.jdk17 config.programs.ssh.package pkgs.nix ]";
|
||||
type = lib.types.listOf lib.types.package;
|
||||
description = ''
|
||||
Packages to add to PATH for the jenkins process.
|
||||
'';
|
||||
};
|
||||
|
||||
environment = mkOption {
|
||||
environment = lib.mkOption {
|
||||
default = { };
|
||||
type = with types; attrsOf str;
|
||||
type = with lib.types; attrsOf str;
|
||||
description = ''
|
||||
Additional environment variables to be passed to the jenkins process.
|
||||
As a base environment, jenkins receives NIX_PATH from
|
||||
@ -104,9 +103,9 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
plugins = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr (types.attrsOf types.package);
|
||||
type = lib.types.nullOr (lib.types.attrsOf lib.types.package);
|
||||
description = ''
|
||||
A set of plugins to activate. Note that this will completely
|
||||
remove and replace any previously installed plugins. If you
|
||||
@ -115,13 +114,13 @@ in {
|
||||
`null`. You can generate this set with a
|
||||
tool such as `jenkinsPlugins2nix`.
|
||||
'';
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
import path/to/jenkinsPlugins2nix-generated-plugins.nix { inherit (pkgs) fetchurl stdenv; }
|
||||
'';
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraOptions = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [ "--debug=9" ];
|
||||
description = ''
|
||||
@ -129,8 +128,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
extraJavaOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraJavaOptions = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
example = [ "-Xmx80m" ];
|
||||
description = ''
|
||||
@ -138,8 +137,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
withCLI = mkOption {
|
||||
type = types.bool;
|
||||
withCLI = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to make the CLI available.
|
||||
@ -152,25 +151,25 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment = {
|
||||
# server references the dejavu fonts
|
||||
systemPackages = [
|
||||
pkgs.dejavu_fonts
|
||||
] ++ optional cfg.withCLI cfg.package;
|
||||
] ++ lib.optional cfg.withCLI cfg.package;
|
||||
|
||||
variables = {}
|
||||
// optionalAttrs cfg.withCLI {
|
||||
// lib.optionalAttrs cfg.withCLI {
|
||||
# Make it more convenient to use the `jenkins-cli`.
|
||||
JENKINS_URL = jenkinsUrl;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = optionalAttrs (cfg.group == "jenkins") {
|
||||
users.groups = lib.optionalAttrs (cfg.group == "jenkins") {
|
||||
jenkins.gid = config.ids.gids.jenkins;
|
||||
};
|
||||
|
||||
users.users = optionalAttrs (cfg.user == "jenkins") {
|
||||
users.users = lib.optionalAttrs (cfg.user == "jenkins") {
|
||||
jenkins = {
|
||||
description = "jenkins user";
|
||||
createHome = true;
|
||||
@ -205,14 +204,14 @@ in {
|
||||
|
||||
preStart =
|
||||
let replacePlugins =
|
||||
optionalString (cfg.plugins != null) (
|
||||
let pluginCmds = lib.attrsets.mapAttrsToList
|
||||
lib.optionalString (cfg.plugins != null) (
|
||||
let pluginCmds = lib.attrsets.lib.mapAttrsToList
|
||||
(n: v: "cp ${v} ${cfg.home}/plugins/${n}.jpi")
|
||||
cfg.plugins;
|
||||
in ''
|
||||
rm -r ${cfg.home}/plugins || true
|
||||
mkdir -p ${cfg.home}/plugins
|
||||
${lib.strings.concatStringsSep "\n" pluginCmds}
|
||||
${lib.strings.lib.concatStringsSep "\n" pluginCmds}
|
||||
'');
|
||||
in ''
|
||||
rm -rf ${cfg.home}/war
|
||||
@ -221,11 +220,11 @@ in {
|
||||
|
||||
# For reference: https://wiki.jenkins.io/display/JENKINS/JenkinsLinuxStartupScript
|
||||
script = ''
|
||||
${pkgs.jdk17}/bin/java ${concatStringsSep " " cfg.extraJavaOptions} -jar ${cfg.package}/webapps/jenkins.war --httpListenAddress=${cfg.listenAddress} \
|
||||
${pkgs.jdk17}/bin/java ${lib.concatStringsSep " " cfg.extraJavaOptions} -jar ${cfg.package}/webapps/jenkins.war --httpListenAddress=${cfg.listenAddress} \
|
||||
--httpPort=${toString cfg.port} \
|
||||
--prefix=${cfg.prefix} \
|
||||
-Djava.awt.headless=true \
|
||||
${concatStringsSep " " cfg.extraOptions}
|
||||
${lib.concatStringsSep " " cfg.extraOptions}
|
||||
'';
|
||||
|
||||
postStart = ''
|
||||
@ -236,7 +235,7 @@ in {
|
||||
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
StateDirectory = mkIf (hasPrefix "/var/lib/jenkins" cfg.home) "jenkins";
|
||||
StateDirectory = lib.mkIf (lib.hasPrefix "/var/lib/jenkins" cfg.home) "jenkins";
|
||||
# For (possible) socket use
|
||||
RuntimeDirectory = "jenkins";
|
||||
};
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
jenkinsCfg = config.services.jenkins;
|
||||
cfg = config.services.jenkins.jobBuilder;
|
||||
@ -9,7 +6,7 @@ let
|
||||
in {
|
||||
options = {
|
||||
services.jenkins.jobBuilder = {
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
the Jenkins Job Builder (JJB) service. It
|
||||
allows defining jobs for Jenkins in a declarative manner.
|
||||
|
||||
@ -24,17 +21,17 @@ in {
|
||||
<https://jenkins-job-builder.readthedocs.io/>
|
||||
'';
|
||||
|
||||
accessUser = mkOption {
|
||||
accessUser = lib.mkOption {
|
||||
default = "admin";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
User id in Jenkins used to reload config.
|
||||
'';
|
||||
};
|
||||
|
||||
accessToken = mkOption {
|
||||
accessToken = lib.mkOption {
|
||||
default = "";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
User token in Jenkins used to reload config.
|
||||
WARNING: This token will be world readable in the Nix store. To keep
|
||||
@ -42,10 +39,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
accessTokenFile = mkOption {
|
||||
accessTokenFile = lib.mkOption {
|
||||
default = "${config.services.jenkins.home}/secrets/initialAdminPassword";
|
||||
defaultText = literalExpression ''"''${config.services.jenkins.home}/secrets/initialAdminPassword"'';
|
||||
type = types.str;
|
||||
defaultText = lib.literalExpression ''"''${config.services.jenkins.home}/secrets/initialAdminPassword"'';
|
||||
type = lib.types.str;
|
||||
example = "/run/keys/jenkins-job-builder-access-token";
|
||||
description = ''
|
||||
File containing the API token for the {option}`accessUser`
|
||||
@ -53,9 +50,9 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
yamlJobs = mkOption {
|
||||
yamlJobs = lib.mkOption {
|
||||
default = "";
|
||||
type = types.lines;
|
||||
type = lib.types.lines;
|
||||
example = ''
|
||||
- job:
|
||||
name: jenkins-job-test-1
|
||||
@ -67,10 +64,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
jsonJobs = mkOption {
|
||||
jsonJobs = lib.mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf types.str;
|
||||
example = literalExpression ''
|
||||
type = lib.types.listOf lib.types.str;
|
||||
example = lib.literalExpression ''
|
||||
[
|
||||
'''
|
||||
[ { "job":
|
||||
@ -87,10 +84,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
nixJobs = mkOption {
|
||||
nixJobs = lib.mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf types.attrs;
|
||||
example = literalExpression ''
|
||||
type = lib.types.listOf lib.types.attrs;
|
||||
example = lib.literalExpression ''
|
||||
[ { job =
|
||||
{ name = "jenkins-job-test-3";
|
||||
builders = [
|
||||
@ -110,7 +107,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (jenkinsCfg.enable && cfg.enable) {
|
||||
config = lib.mkIf (jenkinsCfg.enable && cfg.enable) {
|
||||
assertions = [
|
||||
{ assertion =
|
||||
if cfg.accessUser != ""
|
||||
@ -213,7 +210,7 @@ in {
|
||||
|
||||
# Create / update jobs
|
||||
mkdir -p ${jobBuilderOutputDir}
|
||||
for inputFile in ${yamlJobsFile} ${concatStringsSep " " jsonJobsFiles}; do
|
||||
for inputFile in ${yamlJobsFile} ${lib.concatStringsSep " " jsonJobsFiles}; do
|
||||
HOME="${jenkinsCfg.home}" "${pkgs.jenkins-job-builder}/bin/jenkins-jobs" --ignore-cache test --config-xml -o "${jobBuilderOutputDir}" "$inputFile"
|
||||
done
|
||||
|
||||
@ -237,7 +234,7 @@ in {
|
||||
jobdir="${jenkinsCfg.home}/$jenkinsjobname"
|
||||
rm -rf "$jobdir"
|
||||
done
|
||||
'' + (optionalString (cfg.accessUser != "") reloadScript);
|
||||
'' + (lib.optionalString (cfg.accessUser != "") reloadScript);
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = jenkinsCfg.user;
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, options, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.couchdb;
|
||||
opt = options.services.couchdb;
|
||||
@ -11,7 +8,7 @@ let
|
||||
database_dir = ${cfg.databaseDir}
|
||||
uri_file = ${cfg.uriFile}
|
||||
view_index_dir = ${cfg.viewIndexDir}
|
||||
'' + (optionalString (cfg.adminPass != null) ''
|
||||
'' + (lib.optionalString (cfg.adminPass != null) ''
|
||||
[admins]
|
||||
${cfg.adminUser} = ${cfg.adminPass}
|
||||
'' + ''
|
||||
@ -34,12 +31,12 @@ in {
|
||||
|
||||
services.couchdb = {
|
||||
|
||||
enable = mkEnableOption "CouchDB Server";
|
||||
enable = lib.mkEnableOption "CouchDB Server";
|
||||
|
||||
package = mkPackageOption pkgs "couchdb3" { };
|
||||
package = lib.mkPackageOption pkgs "couchdb3" { };
|
||||
|
||||
adminUser = mkOption {
|
||||
type = types.str;
|
||||
adminUser = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "admin";
|
||||
description = ''
|
||||
Couchdb (i.e. fauxton) account with permission for all dbs and
|
||||
@ -47,8 +44,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
adminPass = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
adminPass = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Couchdb (i.e. fauxton) account with permission for all dbs and
|
||||
@ -56,16 +53,16 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "couchdb";
|
||||
description = ''
|
||||
User account under which couchdb runs.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "couchdb";
|
||||
description = ''
|
||||
Group account under which couchdb runs.
|
||||
@ -74,8 +71,8 @@ in {
|
||||
|
||||
# couchdb options: https://docs.couchdb.org/en/latest/config/index.html
|
||||
|
||||
databaseDir = mkOption {
|
||||
type = types.path;
|
||||
databaseDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/couchdb";
|
||||
description = ''
|
||||
Specifies location of CouchDB database files (*.couch named). This
|
||||
@ -84,8 +81,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
uriFile = mkOption {
|
||||
type = types.path;
|
||||
uriFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/run/couchdb/couchdb.uri";
|
||||
description = ''
|
||||
This file contains the full URI that can be used to access this
|
||||
@ -96,8 +93,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
viewIndexDir = mkOption {
|
||||
type = types.path;
|
||||
viewIndexDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/couchdb";
|
||||
description = ''
|
||||
Specifies location of CouchDB view index files. This location should
|
||||
@ -106,49 +103,49 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
bindAddress = mkOption {
|
||||
type = types.str;
|
||||
bindAddress = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "127.0.0.1";
|
||||
description = ''
|
||||
Defines the IP address by which CouchDB will be accessible.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 5984;
|
||||
description = ''
|
||||
Defined the port number to listen.
|
||||
'';
|
||||
};
|
||||
|
||||
logFile = mkOption {
|
||||
type = types.path;
|
||||
logFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/log/couchdb.log";
|
||||
description = ''
|
||||
Specifies the location of file for logging output.
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra configuration. Overrides any other configuration.
|
||||
'';
|
||||
};
|
||||
|
||||
argsFile = mkOption {
|
||||
type = types.path;
|
||||
argsFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "${cfg.package}/etc/vm.args";
|
||||
defaultText = literalExpression ''"config.${opt.package}/etc/vm.args"'';
|
||||
defaultText = lib.literalExpression ''"config.${opt.package}/etc/vm.args"'';
|
||||
description = ''
|
||||
vm.args configuration. Overrides Couchdb's Erlang VM parameters file.
|
||||
'';
|
||||
};
|
||||
|
||||
configFile = mkOption {
|
||||
type = types.path;
|
||||
configFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
description = ''
|
||||
Configuration file for persisting runtime changes. File
|
||||
needs to be readable and writable from couchdb user/group.
|
||||
@ -161,11 +158,11 @@ in {
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.couchdb.enable {
|
||||
config = lib.mkIf config.services.couchdb.enable {
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
services.couchdb.configFile = mkDefault "/var/lib/couchdb/local.ini";
|
||||
services.couchdb.configFile = lib.mkDefault "/var/lib/couchdb/local.ini";
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${dirOf cfg.uriFile}' - ${cfg.user} ${cfg.group} - -"
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.dgraph;
|
||||
settingsFormat = pkgs.formats.json {};
|
||||
@ -53,11 +50,11 @@ in
|
||||
{
|
||||
options = {
|
||||
services.dgraph = {
|
||||
enable = mkEnableOption "Dgraph native GraphQL database with a graph backend";
|
||||
enable = lib.mkEnableOption "Dgraph native GraphQL database with a graph backend";
|
||||
|
||||
package = lib.mkPackageOption pkgs "dgraph" { };
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
type = settingsFormat.type;
|
||||
default = {};
|
||||
description = ''
|
||||
@ -66,15 +63,15 @@ in
|
||||
};
|
||||
|
||||
alpha = {
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "localhost";
|
||||
description = ''
|
||||
The host which dgraph alpha will be run on.
|
||||
'';
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 7080;
|
||||
description = ''
|
||||
The port which to run dgraph alpha on.
|
||||
@ -84,15 +81,15 @@ in
|
||||
};
|
||||
|
||||
zero = {
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "localhost";
|
||||
description = ''
|
||||
The host which dgraph zero will be run on.
|
||||
'';
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 5080;
|
||||
description = ''
|
||||
The port which to run dgraph zero on.
|
||||
@ -103,9 +100,9 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
services.dgraph.settings = {
|
||||
badger.compression = mkDefault "zstd:3";
|
||||
badger.compression = lib.mkDefault "zstd:3";
|
||||
};
|
||||
|
||||
systemd.services.dgraph-zero = {
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.dragonflydb;
|
||||
dragonflydb = pkgs.dragonflydb;
|
||||
@ -25,22 +22,22 @@ in
|
||||
|
||||
options = {
|
||||
services.dragonflydb = {
|
||||
enable = mkEnableOption "DragonflyDB";
|
||||
enable = lib.mkEnableOption "DragonflyDB";
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "dragonfly";
|
||||
description = "The user to run DragonflyDB as";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 6379;
|
||||
description = "The TCP port to accept connections.";
|
||||
};
|
||||
|
||||
bind = mkOption {
|
||||
type = with types; nullOr str;
|
||||
bind = lib.mkOption {
|
||||
type = with lib.types; nullOr str;
|
||||
default = "127.0.0.1";
|
||||
description = ''
|
||||
The IP interface to bind to.
|
||||
@ -48,15 +45,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
requirePass = mkOption {
|
||||
type = with types; nullOr str;
|
||||
requirePass = lib.mkOption {
|
||||
type = with lib.types; nullOr str;
|
||||
default = null;
|
||||
description = "Password for database";
|
||||
example = "letmein!";
|
||||
};
|
||||
|
||||
maxMemory = mkOption {
|
||||
type = with types; nullOr ints.unsigned;
|
||||
maxMemory = lib.mkOption {
|
||||
type = with lib.types; nullOr ints.unsigned;
|
||||
default = null;
|
||||
description = ''
|
||||
The maximum amount of memory to use for storage (in bytes).
|
||||
@ -64,8 +61,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
memcachePort = mkOption {
|
||||
type = with types; nullOr port;
|
||||
memcachePort = lib.mkOption {
|
||||
type = with lib.types; nullOr port;
|
||||
default = null;
|
||||
description = ''
|
||||
To enable memcached compatible API on this port.
|
||||
@ -73,8 +70,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
keysOutputLimit = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
keysOutputLimit = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 8192;
|
||||
description = ''
|
||||
Maximum number of returned keys in keys command.
|
||||
@ -83,14 +80,14 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
dbNum = mkOption {
|
||||
type = with types; nullOr ints.unsigned;
|
||||
dbNum = lib.mkOption {
|
||||
type = with lib.types; nullOr ints.unsigned;
|
||||
default = null;
|
||||
description = "Maximum number of supported databases for `select`";
|
||||
};
|
||||
|
||||
cacheMode = mkOption {
|
||||
type = with types; nullOr bool;
|
||||
cacheMode = lib.mkOption {
|
||||
type = with lib.types; nullOr bool;
|
||||
default = null;
|
||||
description = ''
|
||||
Once this mode is on, Dragonfly will evict items least likely to be stumbled
|
||||
@ -102,14 +99,14 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.dragonflydb.enable {
|
||||
config = lib.mkIf config.services.dragonflydb.enable {
|
||||
|
||||
users.users = optionalAttrs (cfg.user == "dragonfly") {
|
||||
users.users = lib.optionalAttrs (cfg.user == "dragonfly") {
|
||||
dragonfly.description = "DragonflyDB server user";
|
||||
dragonfly.isSystemUser = true;
|
||||
dragonfly.group = "dragonfly";
|
||||
};
|
||||
users.groups = optionalAttrs (cfg.user == "dragonfly") { dragonfly = { }; };
|
||||
users.groups = lib.optionalAttrs (cfg.user == "dragonfly") { dragonfly = { }; };
|
||||
|
||||
environment.systemPackages = [ dragonflydb ];
|
||||
|
||||
@ -120,7 +117,7 @@ in
|
||||
after = [ "network.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${dragonflydb}/bin/dragonfly --alsologtostderr ${builtins.concatStringsSep " " (attrsets.mapAttrsToList (n: v: "--${n} ${strings.escapeShellArg v}") settings)}";
|
||||
ExecStart = "${dragonflydb}/bin/dragonfly --alsologtostderr ${lib.concatStringsSep " " (lib.mapAttrsToList (n: v: "--${n} ${lib.escapeShellArg v}") settings)}";
|
||||
|
||||
User = cfg.user;
|
||||
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.ferretdb;
|
||||
in
|
||||
@ -11,11 +8,11 @@ in
|
||||
|
||||
options = {
|
||||
services.ferretdb = {
|
||||
enable = mkEnableOption "FerretDB, an Open Source MongoDB alternative";
|
||||
enable = lib.mkEnableOption "FerretDB, an Open Source MongoDB alternative";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
example = literalExpression "pkgs.ferretdb";
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
example = lib.literalExpression "pkgs.ferretdb";
|
||||
default = pkgs.ferretdb;
|
||||
defaultText = "pkgs.ferretdb";
|
||||
description = "FerretDB package to use.";
|
||||
@ -37,7 +34,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable
|
||||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
|
||||
services.ferretdb.settings = {
|
||||
@ -76,4 +73,3 @@ in
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -18,9 +18,6 @@
|
||||
# however there are no strong reasons to prefer this or the other one AFAIK
|
||||
# Eg superserver is said to be most efficiently using resources according to
|
||||
# https://www.firebirdsql.org/manual/qsg25-classic-or-super.html
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.firebird;
|
||||
@ -40,34 +37,34 @@ in
|
||||
|
||||
services.firebird = {
|
||||
|
||||
enable = mkEnableOption "the Firebird super server";
|
||||
enable = lib.mkEnableOption "the Firebird super server";
|
||||
|
||||
package = mkPackageOption pkgs "firebird" {
|
||||
package = lib.mkPackageOption pkgs "firebird" {
|
||||
example = "firebird_3";
|
||||
extraDescription = ''
|
||||
For SuperServer use override: `pkgs.firebird_3.override { superServer = true; };`
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
port = lib.mkOption {
|
||||
default = 3050;
|
||||
type = types.port;
|
||||
type = lib.types.port;
|
||||
description = ''
|
||||
Port Firebird uses.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
user = lib.mkOption {
|
||||
default = "firebird";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
User account under which firebird runs.
|
||||
'';
|
||||
};
|
||||
|
||||
baseDir = mkOption {
|
||||
baseDir = lib.mkOption {
|
||||
default = "/var/lib/firebird";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Location containing data/ and system/ directories.
|
||||
data/ stores the databases, system/ stores the password database security2.fdb.
|
||||
@ -81,7 +78,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.firebird.enable {
|
||||
config = lib.mkIf config.services.firebird.enable {
|
||||
|
||||
environment.systemPackages = [cfg.package];
|
||||
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.foundationdb;
|
||||
pkg = cfg.package;
|
||||
@ -10,10 +7,10 @@ let
|
||||
initialIpAddr = if (cfg.publicAddress != "auto") then cfg.publicAddress else "127.0.0.1";
|
||||
|
||||
fdbServers = n:
|
||||
concatStringsSep "\n" (map (x: "[fdbserver.${toString (x+cfg.listenPortStart)}]") (range 0 (n - 1)));
|
||||
lib.concatStringsSep "\n" (map (x: "[fdbserver.${toString (x+cfg.listenPortStart)}]") (lib.range 0 (n - 1)));
|
||||
|
||||
backupAgents = n:
|
||||
concatStringsSep "\n" (map (x: "[backup_agent.${toString x}]") (range 1 n));
|
||||
lib.concatStringsSep "\n" (map (x: "[backup_agent.${toString x}]") (lib.range 1 n));
|
||||
|
||||
configFile = pkgs.writeText "foundationdb.conf" ''
|
||||
[general]
|
||||
@ -32,25 +29,25 @@ let
|
||||
logdir = ${cfg.logDir}
|
||||
logsize = ${cfg.logSize}
|
||||
maxlogssize = ${cfg.maxLogSize}
|
||||
${optionalString (cfg.class != null) "class = ${cfg.class}"}
|
||||
${lib.optionalString (cfg.class != null) "class = ${cfg.class}"}
|
||||
memory = ${cfg.memory}
|
||||
storage_memory = ${cfg.storageMemory}
|
||||
|
||||
${optionalString (lib.versionAtLeast cfg.package.version "6.1") ''
|
||||
${lib.optionalString (lib.versionAtLeast cfg.package.version "6.1") ''
|
||||
trace_format = ${cfg.traceFormat}
|
||||
''}
|
||||
|
||||
${optionalString (cfg.tls != null) ''
|
||||
${lib.optionalString (cfg.tls != null) ''
|
||||
tls_plugin = ${pkg}/libexec/plugins/FDBLibTLS.so
|
||||
tls_certificate_file = ${cfg.tls.certificate}
|
||||
tls_key_file = ${cfg.tls.key}
|
||||
tls_verify_peers = ${cfg.tls.allowedPeers}
|
||||
''}
|
||||
|
||||
${optionalString (cfg.locality.machineId != null) "locality_machineid=${cfg.locality.machineId}"}
|
||||
${optionalString (cfg.locality.zoneId != null) "locality_zoneid=${cfg.locality.zoneId}"}
|
||||
${optionalString (cfg.locality.datacenterId != null) "locality_dcid=${cfg.locality.datacenterId}"}
|
||||
${optionalString (cfg.locality.dataHall != null) "locality_data_hall=${cfg.locality.dataHall}"}
|
||||
${lib.optionalString (cfg.locality.machineId != null) "locality_machineid=${cfg.locality.machineId}"}
|
||||
${lib.optionalString (cfg.locality.zoneId != null) "locality_zoneid=${cfg.locality.zoneId}"}
|
||||
${lib.optionalString (cfg.locality.datacenterId != null) "locality_dcid=${cfg.locality.datacenterId}"}
|
||||
${lib.optionalString (cfg.locality.dataHall != null) "locality_data_hall=${cfg.locality.dataHall}"}
|
||||
|
||||
${fdbServers cfg.serverProcesses}
|
||||
|
||||
@ -62,30 +59,30 @@ in
|
||||
{
|
||||
options.services.foundationdb = {
|
||||
|
||||
enable = mkEnableOption "FoundationDB Server";
|
||||
enable = lib.mkEnableOption "FoundationDB Server";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
package = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
description = ''
|
||||
The FoundationDB package to use for this server. This must be specified by the user
|
||||
in order to ensure migrations and upgrades are controlled appropriately.
|
||||
'';
|
||||
};
|
||||
|
||||
publicAddress = mkOption {
|
||||
type = types.str;
|
||||
publicAddress = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "auto";
|
||||
description = "Publicly visible IP address of the process. Port is determined by process ID";
|
||||
};
|
||||
|
||||
listenAddress = mkOption {
|
||||
type = types.str;
|
||||
listenAddress = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "public";
|
||||
description = "Publicly visible IP address of the process. Port is determined by process ID";
|
||||
};
|
||||
|
||||
listenPortStart = mkOption {
|
||||
type = types.int;
|
||||
listenPortStart = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 4500;
|
||||
description = ''
|
||||
Starting port number for database listening sockets. Every FDB process binds to a
|
||||
@ -94,8 +91,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Open the firewall ports corresponding to FoundationDB processes and coordinators
|
||||
@ -103,44 +100,44 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/foundationdb";
|
||||
description = "Data directory. All cluster data will be put under here.";
|
||||
};
|
||||
|
||||
logDir = mkOption {
|
||||
type = types.path;
|
||||
logDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/log/foundationdb";
|
||||
description = "Log directory.";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "foundationdb";
|
||||
description = "User account under which FoundationDB runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "foundationdb";
|
||||
description = "Group account under which FoundationDB runs.";
|
||||
};
|
||||
|
||||
class = mkOption {
|
||||
type = types.nullOr (types.enum [ "storage" "transaction" "stateless" ]);
|
||||
class = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "storage" "transaction" "stateless" ]);
|
||||
default = null;
|
||||
description = "Process class";
|
||||
};
|
||||
|
||||
restartDelay = mkOption {
|
||||
type = types.int;
|
||||
restartDelay = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 10;
|
||||
description = "Number of seconds to wait before restarting servers.";
|
||||
};
|
||||
|
||||
logSize = mkOption {
|
||||
type = types.str;
|
||||
logSize = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "10MiB";
|
||||
description = ''
|
||||
Roll over to a new log file after the current log file
|
||||
@ -148,8 +145,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
maxLogSize = mkOption {
|
||||
type = types.str;
|
||||
maxLogSize = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "100MiB";
|
||||
description = ''
|
||||
Delete the oldest log file when the total size of all log
|
||||
@ -158,20 +155,20 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
serverProcesses = mkOption {
|
||||
type = types.int;
|
||||
serverProcesses = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 1;
|
||||
description = "Number of fdbserver processes to run.";
|
||||
};
|
||||
|
||||
backupProcesses = mkOption {
|
||||
type = types.int;
|
||||
backupProcesses = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 1;
|
||||
description = "Number of backup_agent processes to run for snapshots.";
|
||||
};
|
||||
|
||||
memory = mkOption {
|
||||
type = types.str;
|
||||
memory = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "8GiB";
|
||||
description = ''
|
||||
Maximum memory used by the process. The default value is
|
||||
@ -192,8 +189,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
storageMemory = mkOption {
|
||||
type = types.str;
|
||||
storageMemory = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "1GiB";
|
||||
description = ''
|
||||
Maximum memory used for data storage. The default value is
|
||||
@ -208,29 +205,29 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
tls = mkOption {
|
||||
tls = lib.mkOption {
|
||||
default = null;
|
||||
description = ''
|
||||
FoundationDB Transport Security Layer (TLS) settings.
|
||||
'';
|
||||
|
||||
type = types.nullOr (types.submodule ({
|
||||
type = lib.types.nullOr (lib.types.submodule ({
|
||||
options = {
|
||||
certificate = mkOption {
|
||||
type = types.str;
|
||||
certificate = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Path to the TLS certificate file. This certificate will
|
||||
be offered to, and may be verified by, clients.
|
||||
'';
|
||||
};
|
||||
|
||||
key = mkOption {
|
||||
type = types.str;
|
||||
key = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Private key file for the certificate.";
|
||||
};
|
||||
|
||||
allowedPeers = mkOption {
|
||||
type = types.str;
|
||||
allowedPeers = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "Check.Valid=1,Check.Unexpired=1";
|
||||
description = ''
|
||||
"Peer verification string". This may be used to adjust which TLS
|
||||
@ -245,7 +242,7 @@ in
|
||||
}));
|
||||
};
|
||||
|
||||
locality = mkOption {
|
||||
locality = lib.mkOption {
|
||||
default = {
|
||||
machineId = null;
|
||||
zoneId = null;
|
||||
@ -257,11 +254,11 @@ in
|
||||
FoundationDB locality settings.
|
||||
'';
|
||||
|
||||
type = types.submodule ({
|
||||
type = lib.types.submodule ({
|
||||
options = {
|
||||
machineId = mkOption {
|
||||
machineId = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Machine identifier key. All processes on a machine should share a
|
||||
unique id. By default, processes on a machine determine a unique id to share.
|
||||
@ -269,9 +266,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
zoneId = mkOption {
|
||||
zoneId = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Zone identifier key. Processes that share a zone id are
|
||||
considered non-unique for the purposes of data replication.
|
||||
@ -279,9 +276,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
datacenterId = mkOption {
|
||||
datacenterId = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Data center identifier key. All processes physically located in a
|
||||
data center should share the id. If you are depending on data
|
||||
@ -289,9 +286,9 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
dataHall = mkOption {
|
||||
dataHall = lib.mkOption {
|
||||
default = null;
|
||||
type = types.nullOr types.str;
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Data hall identifier key. All processes physically located in a
|
||||
data hall should share the id. If you are depending on data
|
||||
@ -302,9 +299,9 @@ in
|
||||
});
|
||||
};
|
||||
|
||||
extraReadWritePaths = mkOption {
|
||||
extraReadWritePaths = lib.mkOption {
|
||||
default = [ ];
|
||||
type = types.listOf types.path;
|
||||
type = lib.types.listOf lib.types.path;
|
||||
description = ''
|
||||
An extra set of filesystem paths that FoundationDB can read to
|
||||
and write from. By default, FoundationDB runs under a heavily
|
||||
@ -316,20 +313,20 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
pidfile = mkOption {
|
||||
type = types.path;
|
||||
pidfile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/run/foundationdb.pid";
|
||||
description = "Path to pidfile for fdbmonitor.";
|
||||
};
|
||||
|
||||
traceFormat = mkOption {
|
||||
type = types.enum [ "xml" "json" ];
|
||||
traceFormat = lib.mkOption {
|
||||
type = lib.types.enum [ "xml" "json" ];
|
||||
default = "xml";
|
||||
description = "Trace logging format.";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
assertions = [
|
||||
{ assertion = lib.versionOlder cfg.package.version "6.1" -> cfg.traceFormat == "xml";
|
||||
message = ''
|
||||
@ -341,7 +338,7 @@ in
|
||||
|
||||
environment.systemPackages = [ pkg ];
|
||||
|
||||
users.users = optionalAttrs (cfg.user == "foundationdb") {
|
||||
users.users = lib.optionalAttrs (cfg.user == "foundationdb") {
|
||||
foundationdb = {
|
||||
description = "FoundationDB User";
|
||||
uid = config.ids.uids.foundationdb;
|
||||
@ -349,11 +346,11 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = optionalAttrs (cfg.group == "foundationdb") {
|
||||
users.groups = lib.optionalAttrs (cfg.group == "foundationdb") {
|
||||
foundationdb.gid = config.ids.gids.foundationdb;
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPortRanges = mkIf cfg.openFirewall
|
||||
networking.firewall.allowedTCPPortRanges = lib.mkIf cfg.openFirewall
|
||||
[ { from = cfg.listenPortStart;
|
||||
to = (cfg.listenPortStart + cfg.serverProcesses) - 1;
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, options, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.hbase-standalone;
|
||||
opt = options.services.hbase-standalone;
|
||||
@ -33,7 +30,7 @@ let
|
||||
in {
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "services" "hbase" ] [ "services" "hbase-standalone" ])
|
||||
(lib.mkRenamedOptionModule [ "services" "hbase" ] [ "services" "hbase-standalone" ])
|
||||
];
|
||||
|
||||
###### interface
|
||||
@ -41,31 +38,31 @@ in {
|
||||
options = {
|
||||
services.hbase-standalone = {
|
||||
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
HBase master in standalone mode with embedded regionserver and zookeper.
|
||||
Do not use this configuration for production nor for evaluating HBase performance
|
||||
'';
|
||||
|
||||
package = mkPackageOption pkgs "hbase" { };
|
||||
package = lib.mkPackageOption pkgs "hbase" { };
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "hbase";
|
||||
description = ''
|
||||
User account under which HBase runs.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "hbase";
|
||||
description = ''
|
||||
Group account under which HBase runs.
|
||||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/hbase";
|
||||
description = ''
|
||||
Specifies location of HBase database files. This location should be
|
||||
@ -74,21 +71,21 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
logDir = mkOption {
|
||||
type = types.path;
|
||||
logDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/log/hbase";
|
||||
description = ''
|
||||
Specifies the location of HBase log files.
|
||||
'';
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
type = with lib.types; attrsOf (oneOf [ str int bool ]);
|
||||
default = {
|
||||
"hbase.rootdir" = "file://${cfg.dataDir}/hbase";
|
||||
"hbase.zookeeper.property.dataDir" = "${cfg.dataDir}/zookeeper";
|
||||
};
|
||||
defaultText = literalExpression ''
|
||||
defaultText = lib.literalExpression ''
|
||||
{
|
||||
"hbase.rootdir" = "file://''${config.${opt.dataDir}}/hbase";
|
||||
"hbase.zookeeper.property.dataDir" = "''${config.${opt.dataDir}}/zookeeper";
|
||||
@ -104,7 +101,7 @@ in {
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' - ${cfg.user} ${cfg.group} - -"
|
||||
|
@ -1,11 +1,8 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.influxdb;
|
||||
|
||||
configOptions = recursiveUpdate {
|
||||
configOptions = lib.recursiveUpdate {
|
||||
meta = {
|
||||
bind-address = ":8088";
|
||||
commit-timeout = "50ms";
|
||||
@ -110,36 +107,36 @@ in
|
||||
|
||||
services.influxdb = {
|
||||
|
||||
enable = mkOption {
|
||||
enable = lib.mkOption {
|
||||
default = false;
|
||||
description = "Whether to enable the influxdb server";
|
||||
type = types.bool;
|
||||
type = lib.types.bool;
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "influxdb" { };
|
||||
package = lib.mkPackageOption pkgs "influxdb" { };
|
||||
|
||||
user = mkOption {
|
||||
user = lib.mkOption {
|
||||
default = "influxdb";
|
||||
description = "User account under which influxdb runs";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
group = lib.mkOption {
|
||||
default = "influxdb";
|
||||
description = "Group under which influxdb runs";
|
||||
type = types.str;
|
||||
type = lib.types.str;
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
dataDir = lib.mkOption {
|
||||
default = "/var/db/influxdb";
|
||||
description = "Data directory for influxd data files.";
|
||||
type = types.path;
|
||||
type = lib.types.path;
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
extraConfig = lib.mkOption {
|
||||
default = {};
|
||||
description = "Extra configuration options for influxdb";
|
||||
type = types.attrs;
|
||||
type = lib.types.attrs;
|
||||
};
|
||||
};
|
||||
};
|
||||
@ -147,7 +144,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.influxdb.enable {
|
||||
config = lib.mkIf config.services.influxdb.enable {
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 0770 ${cfg.user} ${cfg.group} - -"
|
||||
@ -166,16 +163,16 @@ in
|
||||
postStart =
|
||||
let
|
||||
scheme = if configOptions.http.https-enabled then "-k https" else "http";
|
||||
bindAddr = (ba: if hasPrefix ":" ba then "127.0.0.1${ba}" else "${ba}")(toString configOptions.http.bind-address);
|
||||
bindAddr = (ba: if lib.hasPrefix ":" ba then "127.0.0.1${ba}" else "${ba}")(toString configOptions.http.bind-address);
|
||||
in
|
||||
mkBefore ''
|
||||
lib.mkBefore ''
|
||||
until ${pkgs.curl.bin}/bin/curl -s -o /dev/null ${scheme}://${bindAddr}/ping; do
|
||||
sleep 1;
|
||||
done
|
||||
'';
|
||||
};
|
||||
|
||||
users.users = optionalAttrs (cfg.user == "influxdb") {
|
||||
users.users = lib.optionalAttrs (cfg.user == "influxdb") {
|
||||
influxdb = {
|
||||
uid = config.ids.uids.influxdb;
|
||||
group = "influxdb";
|
||||
@ -183,7 +180,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = optionalAttrs (cfg.group == "influxdb") {
|
||||
users.groups = lib.optionalAttrs (cfg.group == "influxdb") {
|
||||
influxdb.gid = config.ids.gids.influxdb;
|
||||
};
|
||||
};
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.openldap;
|
||||
openldap = cfg.package;
|
||||
@ -23,22 +21,22 @@ let
|
||||
merge = lib.mergeEqualOption;
|
||||
};
|
||||
# We don't coerce to lists of single values, as some values must be unique
|
||||
in types.either singleLdapValueType (types.listOf singleLdapValueType);
|
||||
in lib.types.either singleLdapValueType (lib.types.listOf singleLdapValueType);
|
||||
|
||||
ldapAttrsType =
|
||||
let
|
||||
options = {
|
||||
attrs = mkOption {
|
||||
type = types.attrsOf ldapValueType;
|
||||
attrs = lib.mkOption {
|
||||
type = lib.types.attrsOf ldapValueType;
|
||||
default = {};
|
||||
description = "Attributes of the parent entry.";
|
||||
};
|
||||
children = mkOption {
|
||||
children = lib.mkOption {
|
||||
# Hide the child attributes, to avoid infinite recursion in e.g. documentation
|
||||
# Actual Nix evaluation is lazy, so this is not an issue there
|
||||
type = let
|
||||
hiddenOptions = lib.mapAttrs (name: attr: attr // { visible = false; }) options;
|
||||
in types.attrsOf (types.submodule { options = hiddenOptions; });
|
||||
in lib.types.attrsOf (lib.types.submodule { options = hiddenOptions; });
|
||||
default = {};
|
||||
description = "Child entries of the current entry, with recursively the same structure.";
|
||||
example = lib.literalExpression ''
|
||||
@ -56,15 +54,15 @@ let
|
||||
}
|
||||
'';
|
||||
};
|
||||
includes = mkOption {
|
||||
type = types.listOf types.path;
|
||||
includes = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.path;
|
||||
default = [];
|
||||
description = ''
|
||||
LDIF files to include after the parent's attributes but before its children.
|
||||
'';
|
||||
};
|
||||
};
|
||||
in types.submodule { inherit options; };
|
||||
in lib.types.submodule { inherit options; };
|
||||
|
||||
valueToLdif = attr: values: let
|
||||
listValues = if lib.isList values then values else lib.singleton values;
|
||||
@ -85,13 +83,13 @@ let
|
||||
in {
|
||||
options = {
|
||||
services.openldap = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Whether to enable the ldap server.";
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "openldap" {
|
||||
package = lib.mkPackageOption pkgs "openldap" {
|
||||
extraDescription = ''
|
||||
This can be used to, for example, set an OpenLDAP package
|
||||
with custom overrides to enable modules or other
|
||||
@ -99,26 +97,26 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "openldap";
|
||||
description = "User account under which slapd runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "openldap";
|
||||
description = "Group account under which slapd runs.";
|
||||
};
|
||||
|
||||
urlList = mkOption {
|
||||
type = types.listOf types.str;
|
||||
urlList = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ "ldap:///" ];
|
||||
description = "URL list slapd should listen on.";
|
||||
example = [ "ldaps:///" ];
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
type = ldapAttrsType;
|
||||
description = "Configuration for OpenLDAP, in OLC format";
|
||||
example = lib.literalExpression ''
|
||||
@ -165,8 +163,8 @@ in {
|
||||
};
|
||||
|
||||
# This option overrides settings
|
||||
configDir = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
configDir = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Use this config directory instead of generating one from the
|
||||
@ -175,8 +173,8 @@ in {
|
||||
example = "/var/lib/openldap/slapd.d";
|
||||
};
|
||||
|
||||
mutableConfig = mkOption {
|
||||
type = types.bool;
|
||||
mutableConfig = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to allow writable on-line configuration. If
|
||||
@ -186,8 +184,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
declarativeContents = mkOption {
|
||||
type = with types; attrsOf lines;
|
||||
declarativeContents = lib.mkOption {
|
||||
type = with lib.types; attrsOf lines;
|
||||
default = {};
|
||||
description = ''
|
||||
Declarative contents for the LDAP database, in LDIF format by suffix.
|
||||
@ -225,8 +223,8 @@ in {
|
||||
meta.maintainers = with lib.maintainers; [ kwohlfahrt ];
|
||||
|
||||
config = let
|
||||
dbSettings = mapAttrs' (name: { attrs, ... }: nameValuePair attrs.olcSuffix attrs)
|
||||
(filterAttrs (name: { attrs, ... }: (hasPrefix "olcDatabase=" name) && attrs ? olcSuffix) cfg.settings.children);
|
||||
dbSettings = lib.mapAttrs' (name: { attrs, ... }: lib.nameValuePair attrs.olcSuffix attrs)
|
||||
(lib.filterAttrs (name: { attrs, ... }: (lib.hasPrefix "olcDatabase=" name) && attrs ? olcSuffix) cfg.settings.children);
|
||||
settingsFile = pkgs.writeText "config.ldif" (lib.concatStringsSep "\n" (attrsToLdif "cn=config" cfg.settings));
|
||||
writeConfig = pkgs.writeShellScript "openldap-config" ''
|
||||
set -euo pipefail
|
||||
@ -241,32 +239,32 @@ in {
|
||||
chmod -R ${if cfg.mutableConfig then "u+rw" else "u+r-w"} ${configDir}
|
||||
'';
|
||||
|
||||
contentsFiles = mapAttrs (dn: ldif: pkgs.writeText "${dn}.ldif" ldif) cfg.declarativeContents;
|
||||
contentsFiles = lib.mapAttrs (dn: ldif: pkgs.writeText "${dn}.ldif" ldif) cfg.declarativeContents;
|
||||
writeContents = pkgs.writeShellScript "openldap-load" ''
|
||||
set -euo pipefail
|
||||
|
||||
rm -rf $2/*
|
||||
${openldap}/bin/slapadd -F ${configDir} -b $1 -l $3
|
||||
'';
|
||||
in mkIf cfg.enable {
|
||||
in lib.mkIf cfg.enable {
|
||||
assertions = [{
|
||||
assertion = (cfg.declarativeContents != {}) -> cfg.configDir == null;
|
||||
message = ''
|
||||
Declarative DB contents (${attrNames cfg.declarativeContents}) are not
|
||||
Declarative DB contents (${lib.attrNames cfg.declarativeContents}) are not
|
||||
supported with user-managed configuration.
|
||||
'';
|
||||
}] ++ (map (dn: {
|
||||
assertion = (getAttr dn dbSettings) ? "olcDbDirectory";
|
||||
assertion = (lib.getAttr dn dbSettings) ? "olcDbDirectory";
|
||||
# olcDbDirectory is necessary to prepopulate database using `slapadd`.
|
||||
message = ''
|
||||
Declarative DB ${dn} does not exist in `services.openldap.settings`, or does not have
|
||||
`olcDbDirectory` configured.
|
||||
'';
|
||||
}) (attrNames cfg.declarativeContents)) ++ (mapAttrsToList (dn: { olcDbDirectory ? null, ... }: {
|
||||
}) (lib.attrNames cfg.declarativeContents)) ++ (lib.mapAttrsToList (dn: { olcDbDirectory ? null, ... }: {
|
||||
# For forward compatibility with `DynamicUser`, and to avoid accidentally clobbering
|
||||
# directories with `declarativeContents`.
|
||||
assertion = (olcDbDirectory != null) ->
|
||||
((hasPrefix "/var/lib/openldap/" olcDbDirectory) && (olcDbDirectory != "/var/lib/openldap/"));
|
||||
((lib.hasPrefix "/var/lib/openldap/" olcDbDirectory) && (olcDbDirectory != "/var/lib/openldap/"));
|
||||
message = ''
|
||||
Database ${dn} has `olcDbDirectory` (${olcDbDirectory}) that is not a subdirectory of
|
||||
`/var/lib/openldap/`.
|
||||
@ -303,8 +301,8 @@ in {
|
||||
"!${pkgs.coreutils}/bin/mkdir -p ${configDir}"
|
||||
"+${pkgs.coreutils}/bin/chown $USER ${configDir}"
|
||||
] ++ (lib.optional (cfg.configDir == null) writeConfig)
|
||||
++ (mapAttrsToList (dn: content: lib.escapeShellArgs [
|
||||
writeContents dn (getAttr dn dbSettings).olcDbDirectory content
|
||||
++ (lib.mapAttrsToList (dn: content: lib.escapeShellArgs [
|
||||
writeContents dn (lib.getAttr dn dbSettings).olcDbDirectory content
|
||||
]) contentsFiles)
|
||||
++ [ "${openldap}/bin/slaptest -u -F ${configDir}" ];
|
||||
ExecStart = lib.escapeShellArgs ([
|
||||
@ -317,7 +315,7 @@ in {
|
||||
NotifyAccess = "all";
|
||||
RuntimeDirectory = "openldap";
|
||||
StateDirectory = ["openldap"]
|
||||
++ (map ({olcDbDirectory, ... }: removePrefix "/var/lib/" olcDbDirectory) (attrValues dbSettings));
|
||||
++ (map ({olcDbDirectory, ... }: lib.removePrefix "/var/lib/" olcDbDirectory) (lib.attrValues dbSettings));
|
||||
StateDirectoryMode = "700";
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.opentsdb;
|
||||
|
||||
@ -15,36 +12,36 @@ in {
|
||||
|
||||
services.opentsdb = {
|
||||
|
||||
enable = mkEnableOption "OpenTSDB";
|
||||
enable = lib.mkEnableOption "OpenTSDB";
|
||||
|
||||
package = mkPackageOption pkgs "opentsdb" { };
|
||||
package = lib.mkPackageOption pkgs "opentsdb" { };
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "opentsdb";
|
||||
description = ''
|
||||
User account under which OpenTSDB runs.
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "opentsdb";
|
||||
description = ''
|
||||
Group account under which OpenTSDB runs.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 4242;
|
||||
description = ''
|
||||
Which port OpenTSDB listens on.
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
type = types.lines;
|
||||
config = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = ''
|
||||
tsd.core.auto_create_metrics = true
|
||||
tsd.http.request.enable_chunked = true
|
||||
@ -60,7 +57,7 @@ in {
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.opentsdb.enable {
|
||||
config = lib.mkIf config.services.opentsdb.enable {
|
||||
|
||||
systemd.services.opentsdb = {
|
||||
description = "OpenTSDB Server";
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ lib, pkgs, config, ... } :
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.pgmanage;
|
||||
|
||||
@ -16,7 +13,7 @@ let
|
||||
|
||||
super_only = ${builtins.toJSON cfg.superOnly}
|
||||
|
||||
${optionalString (cfg.loginGroup != null) "login_group = ${cfg.loginGroup}"}
|
||||
${lib.optionalString (cfg.loginGroup != null) "login_group = ${cfg.loginGroup}"}
|
||||
|
||||
login_timeout = ${toString cfg.loginTimeout}
|
||||
|
||||
@ -24,7 +21,7 @@ let
|
||||
|
||||
sql_root = ${cfg.sqlRoot}
|
||||
|
||||
${optionalString (cfg.tls != null) ''
|
||||
${lib.optionalString (cfg.tls != null) ''
|
||||
tls_cert = ${cfg.tls.cert}
|
||||
tls_key = ${cfg.tls.key}
|
||||
''}
|
||||
@ -35,8 +32,8 @@ let
|
||||
|
||||
pgmanageConnectionsFile = pkgs.writeTextFile {
|
||||
name = "pgmanage-connections.conf";
|
||||
text = concatStringsSep "\n"
|
||||
(mapAttrsToList (name : conn : "${name}: ${conn}") cfg.connections);
|
||||
text = lib.concatStringsSep "\n"
|
||||
(lib.mapAttrsToList (name : conn : "${name}: ${conn}") cfg.connections);
|
||||
};
|
||||
|
||||
pgmanage = "pgmanage";
|
||||
@ -44,12 +41,12 @@ let
|
||||
in {
|
||||
|
||||
options.services.pgmanage = {
|
||||
enable = mkEnableOption "PostgreSQL Administration for the web";
|
||||
enable = lib.mkEnableOption "PostgreSQL Administration for the web";
|
||||
|
||||
package = mkPackageOption pkgs "pgmanage" { };
|
||||
package = lib.mkPackageOption pkgs "pgmanage" { };
|
||||
|
||||
connections = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
connections = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
default = {};
|
||||
example = {
|
||||
nuc-server = "hostaddr=192.168.0.100 port=5432 dbname=postgres";
|
||||
@ -68,8 +65,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
allowCustomConnections = mkOption {
|
||||
type = types.bool;
|
||||
allowCustomConnections = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
This tells pgmanage whether or not to allow anyone to use a custom
|
||||
@ -77,16 +74,16 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 8080;
|
||||
description = ''
|
||||
This tells pgmanage what port to listen on for browser requests.
|
||||
'';
|
||||
};
|
||||
|
||||
localOnly = mkOption {
|
||||
type = types.bool;
|
||||
localOnly = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
This tells pgmanage whether or not to set the listening socket to local
|
||||
@ -94,8 +91,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
superOnly = mkOption {
|
||||
type = types.bool;
|
||||
superOnly = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
This tells pgmanage whether or not to only allow super users to
|
||||
@ -106,8 +103,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
loginGroup = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
loginGroup = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
This tells pgmanage to only allow users in a certain PostgreSQL group to
|
||||
@ -116,8 +113,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
loginTimeout = mkOption {
|
||||
type = types.int;
|
||||
loginTimeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 3600;
|
||||
description = ''
|
||||
Number of seconds of inactivity before user is automatically logged
|
||||
@ -125,8 +122,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
sqlRoot = mkOption {
|
||||
type = types.str;
|
||||
sqlRoot = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/var/lib/pgmanage";
|
||||
description = ''
|
||||
This tells pgmanage where to put the SQL file history. All tabs are saved
|
||||
@ -135,15 +132,15 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
tls = mkOption {
|
||||
type = types.nullOr (types.submodule {
|
||||
tls = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.submodule {
|
||||
options = {
|
||||
cert = mkOption {
|
||||
type = types.str;
|
||||
cert = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "TLS certificate";
|
||||
};
|
||||
key = mkOption {
|
||||
type = types.str;
|
||||
key = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "TLS key";
|
||||
};
|
||||
};
|
||||
@ -162,8 +159,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.enum ["error" "warn" "notice" "info"];
|
||||
logLevel = lib.mkOption {
|
||||
type = lib.types.enum ["error" "warn" "notice" "info"];
|
||||
default = "error";
|
||||
description = ''
|
||||
Verbosity of logs
|
||||
@ -171,7 +168,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.pgmanage = {
|
||||
description = "pgmanage - PostgreSQL Administration for the web";
|
||||
wants = [ "postgresql.service" ];
|
||||
@ -181,7 +178,7 @@ in {
|
||||
User = pgmanage;
|
||||
Group = pgmanage;
|
||||
ExecStart = "${cfg.package}/sbin/pgmanage -c ${confFile}" +
|
||||
optionalString cfg.localOnly " --local-only=true";
|
||||
lib.optionalString cfg.localOnly " --local-only=true";
|
||||
};
|
||||
};
|
||||
users = {
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.rethinkdb;
|
||||
rethinkdb = cfg.package;
|
||||
@ -15,41 +12,41 @@ in
|
||||
|
||||
services.rethinkdb = {
|
||||
|
||||
enable = mkEnableOption "RethinkDB server";
|
||||
enable = lib.mkEnableOption "RethinkDB server";
|
||||
|
||||
#package = mkOption {
|
||||
#package = lib.mkOption {
|
||||
# default = pkgs.rethinkdb;
|
||||
# description = "Which RethinkDB derivation to use.";
|
||||
#};
|
||||
|
||||
user = mkOption {
|
||||
user = lib.mkOption {
|
||||
default = "rethinkdb";
|
||||
description = "User account under which RethinkDB runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
group = lib.mkOption {
|
||||
default = "rethinkdb";
|
||||
description = "Group which rethinkdb user belongs to.";
|
||||
};
|
||||
|
||||
dbpath = mkOption {
|
||||
dbpath = lib.mkOption {
|
||||
default = "/var/db/rethinkdb";
|
||||
description = "Location where RethinkDB stores its data, 1 data directory per instance.";
|
||||
};
|
||||
|
||||
pidpath = mkOption {
|
||||
pidpath = lib.mkOption {
|
||||
default = "/run/rethinkdb";
|
||||
description = "Location where each instance's pid file is located.";
|
||||
};
|
||||
|
||||
#cfgpath = mkOption {
|
||||
#cfgpath = lib.mkOption {
|
||||
# default = "/etc/rethinkdb/instances.d";
|
||||
# description = "Location where RethinkDB stores it config files, 1 config file per instance.";
|
||||
#};
|
||||
|
||||
# TODO: currently not used by our implementation.
|
||||
#instances = mkOption {
|
||||
# type = types.attrsOf types.str;
|
||||
#instances = lib.mkOption {
|
||||
# type = lib.types.attrsOf lib.types.str;
|
||||
# default = {};
|
||||
# description = "List of named RethinkDB instances in our cluster.";
|
||||
#};
|
||||
@ -59,7 +56,7 @@ in
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkIf config.services.rethinkdb.enable {
|
||||
config = lib.mkIf config.services.rethinkdb.enable {
|
||||
|
||||
environment.systemPackages = [ rethinkdb ];
|
||||
|
||||
@ -93,13 +90,13 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
users.users.rethinkdb = mkIf (cfg.user == "rethinkdb")
|
||||
users.users.rethinkdb = lib.mkIf (cfg.user == "rethinkdb")
|
||||
{ name = "rethinkdb";
|
||||
description = "RethinkDB server user";
|
||||
isSystemUser = true;
|
||||
};
|
||||
|
||||
users.groups = optionalAttrs (cfg.group == "rethinkdb") (singleton
|
||||
users.groups = lib.optionalAttrs (cfg.group == "rethinkdb") (lib.singleton
|
||||
{ name = "rethinkdb";
|
||||
});
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
|
||||
cfg = config.services.surrealdb;
|
||||
@ -8,12 +6,12 @@ in {
|
||||
|
||||
options = {
|
||||
services.surrealdb = {
|
||||
enable = mkEnableOption "SurrealDB, a scalable, distributed, collaborative, document-graph database, for the realtime web";
|
||||
enable = lib.mkEnableOption "SurrealDB, a scalable, distributed, collaborative, document-graph database, for the realtime web";
|
||||
|
||||
package = mkPackageOption pkgs "surrealdb" { };
|
||||
package = lib.mkPackageOption pkgs "surrealdb" { };
|
||||
|
||||
dbPath = mkOption {
|
||||
type = types.str;
|
||||
dbPath = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
The path that surrealdb will write data to. Use null for in-memory.
|
||||
Can be one of "memory", "file://:path", "tikv://:addr".
|
||||
@ -22,8 +20,8 @@ in {
|
||||
example = "memory";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
The host that surrealdb will connect to.
|
||||
'';
|
||||
@ -31,8 +29,8 @@ in {
|
||||
example = "127.0.0.1";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
description = ''
|
||||
The port that surrealdb will connect to.
|
||||
'';
|
||||
@ -40,8 +38,8 @@ in {
|
||||
example = 8000;
|
||||
};
|
||||
|
||||
extraFlags = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraFlags = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
example = [ "--allow-all" "--auth" "--user root" "--pass root" ];
|
||||
description = ''
|
||||
@ -52,7 +50,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# Used to connect to the running service
|
||||
environment.systemPackages = [ cfg.package ] ;
|
||||
@ -63,7 +61,7 @@ in {
|
||||
after = [ "network.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${cfg.package}/bin/surreal start --bind ${cfg.host}:${toString cfg.port} ${escapeShellArgs cfg.extraFlags} -- ${cfg.dbPath}";
|
||||
ExecStart = "${cfg.package}/bin/surreal start --bind ${cfg.host}:${toString cfg.port} ${lib.escapeShellArgs cfg.extraFlags} -- ${cfg.dbPath}";
|
||||
DynamicUser = true;
|
||||
Restart = "on-failure";
|
||||
StateDirectory = "surrealdb";
|
||||
|
@ -1,20 +1,17 @@
|
||||
# blueman service
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.blueman;
|
||||
in {
|
||||
###### interface
|
||||
options = {
|
||||
services.blueman = {
|
||||
enable = mkEnableOption "blueman, a bluetooth manager";
|
||||
enable = lib.mkEnableOption "blueman, a bluetooth manager";
|
||||
};
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.blueman ];
|
||||
|
||||
|
@ -1,13 +1,10 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.cpupower-gui;
|
||||
in {
|
||||
options = {
|
||||
services.cpupower-gui = {
|
||||
enable = mkOption {
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
example = true;
|
||||
@ -20,7 +17,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.cpupower-gui ];
|
||||
services.dbus.packages = [ pkgs.cpupower-gui ];
|
||||
systemd.user = {
|
||||
|
@ -1,11 +1,8 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
meta = {
|
||||
maintainers = teams.deepin.members;
|
||||
maintainers = lib.teams.deepin.members;
|
||||
};
|
||||
|
||||
###### interface
|
||||
@ -14,7 +11,7 @@ with lib;
|
||||
|
||||
services.deepin.app-services = {
|
||||
|
||||
enable = mkEnableOption "service collection of DDE applications, including dconfig-center";
|
||||
enable = lib.mkEnableOption "service collection of DDE applications, including dconfig-center";
|
||||
|
||||
};
|
||||
|
||||
@ -23,7 +20,7 @@ with lib;
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.deepin.app-services.enable {
|
||||
config = lib.mkIf config.services.deepin.app-services.enable {
|
||||
|
||||
users.groups.dde-dconfig-daemon = { };
|
||||
users.users.dde-dconfig-daemon = {
|
||||
|
@ -1,11 +1,8 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
meta = {
|
||||
maintainers = teams.deepin.members;
|
||||
maintainers = lib.teams.deepin.members;
|
||||
};
|
||||
|
||||
###### interface
|
||||
@ -14,7 +11,7 @@ with lib;
|
||||
|
||||
services.deepin.dde-api = {
|
||||
|
||||
enable = mkEnableOption ''
|
||||
enable = lib.mkEnableOption ''
|
||||
the DDE API, which provides some dbus interfaces that is used for screen zone detecting,
|
||||
thumbnail generating, and sound playing in Deepin Desktop Environment
|
||||
'';
|
||||
@ -26,7 +23,7 @@ with lib;
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.deepin.dde-api.enable {
|
||||
config = lib.mkIf config.services.deepin.dde-api.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.deepin.dde-api ];
|
||||
|
||||
|
@ -1,14 +1,11 @@
|
||||
# dleyna-renderer service.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
###### interface
|
||||
options = {
|
||||
services.dleyna-renderer = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable dleyna-renderer service, a DBus service
|
||||
@ -20,7 +17,7 @@ with lib;
|
||||
|
||||
|
||||
###### implementation
|
||||
config = mkIf config.services.dleyna-renderer.enable {
|
||||
config = lib.mkIf config.services.dleyna-renderer.enable {
|
||||
environment.systemPackages = [ pkgs.dleyna-renderer ];
|
||||
|
||||
services.dbus.packages = [ pkgs.dleyna-renderer ];
|
||||
|
@ -1,14 +1,11 @@
|
||||
# dleyna-server service.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
###### interface
|
||||
options = {
|
||||
services.dleyna-server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable dleyna-server service, a DBus service
|
||||
@ -20,7 +17,7 @@ with lib;
|
||||
|
||||
|
||||
###### implementation
|
||||
config = mkIf config.services.dleyna-server.enable {
|
||||
config = lib.mkIf config.services.dleyna-server.enable {
|
||||
environment.systemPackages = [ pkgs.dleyna-server ];
|
||||
|
||||
services.dbus.packages = [ pkgs.dleyna-server ];
|
||||
|
@ -1,8 +1,5 @@
|
||||
# flatpak service.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.flatpak;
|
||||
in {
|
||||
@ -14,15 +11,15 @@ in {
|
||||
###### interface
|
||||
options = {
|
||||
services.flatpak = {
|
||||
enable = mkEnableOption "flatpak";
|
||||
enable = lib.mkEnableOption "flatpak";
|
||||
|
||||
package = mkPackageOption pkgs "flatpak" { };
|
||||
package = lib.mkPackageOption pkgs "flatpak" { };
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
assertions = [
|
||||
{ assertion = (config.xdg.portal.enable == true);
|
||||
|
@ -1,15 +1,11 @@
|
||||
# Accounts-SSO gSignOn daemon
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
package = pkgs.gsignond.override { plugins = config.services.gsignond.plugins; };
|
||||
in
|
||||
{
|
||||
|
||||
meta.maintainers = teams.pantheon.members;
|
||||
meta.maintainers = lib.teams.pantheon.members;
|
||||
|
||||
###### interface
|
||||
|
||||
@ -17,8 +13,8 @@ in
|
||||
|
||||
services.gsignond = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable gSignOn daemon, a DBus service
|
||||
@ -26,8 +22,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
type = types.listOf types.package;
|
||||
plugins = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [];
|
||||
description = ''
|
||||
What plugins to use with the gSignOn daemon.
|
||||
@ -37,7 +33,7 @@ in
|
||||
};
|
||||
|
||||
###### implementation
|
||||
config = mkIf config.services.gsignond.enable {
|
||||
config = lib.mkIf config.services.gsignond.enable {
|
||||
environment.etc."gsignond.conf".source = "${package}/etc/gsignond.conf";
|
||||
services.dbus.packages = [ package ];
|
||||
};
|
||||
|
@ -1,19 +1,16 @@
|
||||
# neard service.
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
###### interface
|
||||
options = {
|
||||
services.neard = {
|
||||
enable = mkEnableOption "neard, an NFC daemon";
|
||||
enable = lib.mkEnableOption "neard, an NFC daemon";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
###### implementation
|
||||
config = mkIf config.services.neard.enable {
|
||||
config = lib.mkIf config.services.neard.enable {
|
||||
environment.systemPackages = [ pkgs.neard ];
|
||||
|
||||
services.dbus.packages = [ pkgs.neard ];
|
||||
|
@ -1,19 +1,16 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.psd;
|
||||
in {
|
||||
options.services.psd = with types; {
|
||||
enable = mkOption {
|
||||
options.services.psd = with lib.types; {
|
||||
enable = lib.mkOption {
|
||||
type = bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable the Profile Sync daemon.
|
||||
'';
|
||||
};
|
||||
resyncTimer = mkOption {
|
||||
resyncTimer = lib.mkOption {
|
||||
type = str;
|
||||
default = "1h";
|
||||
example = "1h 30min";
|
||||
@ -27,7 +24,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd = {
|
||||
user = {
|
||||
services = {
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
###### interface
|
||||
@ -10,7 +7,7 @@ with lib;
|
||||
|
||||
services.system-config-printer = {
|
||||
|
||||
enable = mkEnableOption "system-config-printer, a service for CUPS administration used by printing interfaces";
|
||||
enable = lib.mkEnableOption "system-config-printer, a service for CUPS administration used by printing interfaces";
|
||||
|
||||
};
|
||||
|
||||
@ -19,7 +16,7 @@ with lib;
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.system-config-printer.enable {
|
||||
config = lib.mkIf config.services.system-config-printer.enable {
|
||||
|
||||
services.dbus.packages = [
|
||||
pkgs.system-config-printer
|
||||
|
@ -1,13 +1,9 @@
|
||||
# Telepathy daemon.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
|
||||
meta = {
|
||||
maintainers = teams.gnome.members;
|
||||
maintainers = lib.teams.gnome.members;
|
||||
};
|
||||
|
||||
###### interface
|
||||
@ -16,8 +12,8 @@ with lib;
|
||||
|
||||
services.telepathy = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable Telepathy service, a communications framework
|
||||
@ -32,7 +28,7 @@ with lib;
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf config.services.telepathy.enable {
|
||||
config = lib.mkIf config.services.telepathy.enable {
|
||||
|
||||
environment.systemPackages = [ pkgs.telepathy-mission-control ];
|
||||
|
||||
|
@ -1,9 +1,5 @@
|
||||
# Tumbler
|
||||
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.tumbler;
|
||||
@ -13,13 +9,13 @@ in
|
||||
{
|
||||
|
||||
imports = [
|
||||
(mkRemovedOptionModule
|
||||
(lib.mkRemovedOptionModule
|
||||
[ "services" "tumbler" "package" ]
|
||||
"")
|
||||
];
|
||||
|
||||
meta = with lib; {
|
||||
maintainers = with maintainers; [ ] ++ teams.pantheon.members;
|
||||
maintainers = with lib.maintainers; [ ] ++ lib.teams.pantheon.members;
|
||||
};
|
||||
|
||||
###### interface
|
||||
@ -28,7 +24,7 @@ in
|
||||
|
||||
services.tumbler = {
|
||||
|
||||
enable = mkEnableOption "Tumbler, A D-Bus thumbnailer service";
|
||||
enable = lib.mkEnableOption "Tumbler, A D-Bus thumbnailer service";
|
||||
|
||||
};
|
||||
|
||||
@ -37,7 +33,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
environment.systemPackages = with pkgs.xfce; [
|
||||
tumbler
|
||||
|
@ -1,11 +1,8 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.athens;
|
||||
|
||||
athensConfig = flip recursiveUpdate cfg.extraConfig (
|
||||
athensConfig = lib.flip lib.recursiveUpdate cfg.extraConfig (
|
||||
{
|
||||
GoBinary = "${cfg.goBinary}/bin/go";
|
||||
GoEnv = cfg.goEnv;
|
||||
@ -157,20 +154,20 @@ in
|
||||
};
|
||||
|
||||
options.services.athens = {
|
||||
enable = mkEnableOption "Go module datastore and proxy";
|
||||
enable = lib.mkEnableOption "Go module datastore and proxy";
|
||||
|
||||
package = mkOption {
|
||||
package = lib.mkOption {
|
||||
default = pkgs.athens;
|
||||
defaultText = literalExpression "pkgs.athens";
|
||||
defaultText = lib.literalExpression "pkgs.athens";
|
||||
example = "pkgs.athens";
|
||||
description = "Which athens derivation to use";
|
||||
type = types.package;
|
||||
type = lib.types.package;
|
||||
};
|
||||
|
||||
goBinary = mkOption {
|
||||
type = types.package;
|
||||
goBinary = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.go;
|
||||
defaultText = literalExpression "pkgs.go";
|
||||
defaultText = lib.literalExpression "pkgs.go";
|
||||
example = "pkgs.go_1_21";
|
||||
description = ''
|
||||
The Go package used by Athens at runtime.
|
||||
@ -181,15 +178,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
goEnv = mkOption {
|
||||
type = types.enum [ "development" "production" ];
|
||||
goEnv = lib.mkOption {
|
||||
type = lib.types.enum [ "development" "production" ];
|
||||
description = "Specifies the type of environment to run. One of 'development' or 'production'.";
|
||||
default = "development";
|
||||
example = "production";
|
||||
};
|
||||
|
||||
goBinaryEnvVars = mkOption {
|
||||
type = types.attrs;
|
||||
goBinaryEnvVars = lib.mkOption {
|
||||
type = lib.types.attrs;
|
||||
description = "Environment variables to pass to the Go binary.";
|
||||
example = ''
|
||||
{ "GOPROXY" = "direct", "GODEBUG" = "true" }
|
||||
@ -197,15 +194,15 @@ in
|
||||
default = { };
|
||||
};
|
||||
|
||||
goGetWorkers = mkOption {
|
||||
type = types.int;
|
||||
goGetWorkers = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Number of workers concurrently downloading modules.";
|
||||
default = 10;
|
||||
example = 32;
|
||||
};
|
||||
|
||||
goGetDir = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
goGetDir = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''
|
||||
Temporary directory that Athens will use to
|
||||
fetch modules from VCS prior to persisting
|
||||
@ -218,14 +215,14 @@ in
|
||||
example = "/tmp/athens";
|
||||
};
|
||||
|
||||
protocolWorkers = mkOption {
|
||||
type = types.int;
|
||||
protocolWorkers = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Number of workers concurrently serving protocol paths.";
|
||||
default = 30;
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.nullOr (types.enum [ "panic" "fatal" "error" "warning" "info" "debug" "trace" ]);
|
||||
logLevel = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "panic" "fatal" "error" "warning" "info" "debug" "trace" ]);
|
||||
description = ''
|
||||
Log level for Athens.
|
||||
Supports all logrus log levels (https://github.com/Sirupsen/logrus#level-logging)".
|
||||
@ -234,8 +231,8 @@ in
|
||||
example = "debug";
|
||||
};
|
||||
|
||||
cloudRuntime = mkOption {
|
||||
type = types.enum [ "GCP" "none" ];
|
||||
cloudRuntime = lib.mkOption {
|
||||
type = lib.types.enum [ "GCP" "none" ];
|
||||
description = ''
|
||||
Specifies the Cloud Provider on which the Proxy/registry is running.
|
||||
'';
|
||||
@ -243,24 +240,24 @@ in
|
||||
example = "GCP";
|
||||
};
|
||||
|
||||
enablePprof = mkOption {
|
||||
type = types.bool;
|
||||
enablePprof = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Enable pprof endpoints.";
|
||||
default = false;
|
||||
};
|
||||
|
||||
pprofPort = mkOption {
|
||||
type = types.port;
|
||||
pprofPort = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
description = "Port number for pprof endpoints.";
|
||||
default = 3301;
|
||||
example = 443;
|
||||
};
|
||||
|
||||
filterFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
filterFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''Filename for the include exclude filter.'';
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
pkgs.writeText "filterFile" '''
|
||||
- github.com/azure
|
||||
+ github.com/azure/azure-sdk-for-go
|
||||
@ -269,42 +266,42 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
robotsFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
robotsFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''Provides /robots.txt for net crawlers.'';
|
||||
default = null;
|
||||
example = literalExpression ''pkgs.writeText "robots.txt" "# my custom robots.txt ..."'';
|
||||
example = lib.literalExpression ''pkgs.writeText "robots.txt" "# my custom robots.txt ..."'';
|
||||
};
|
||||
|
||||
timeout = mkOption {
|
||||
type = types.int;
|
||||
timeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Timeout for external network calls in seconds.";
|
||||
default = 300;
|
||||
example = 3;
|
||||
};
|
||||
|
||||
storageType = mkOption {
|
||||
type = types.enum [ "memory" "disk" "mongo" "gcp" "minio" "s3" "azureblob" "external" ];
|
||||
storageType = lib.mkOption {
|
||||
type = lib.types.enum [ "memory" "disk" "mongo" "gcp" "minio" "s3" "azureblob" "external" ];
|
||||
description = "Specifies the type of storage backend to use.";
|
||||
default = "disk";
|
||||
};
|
||||
|
||||
tlsCertFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
tlsCertFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = "Path to the TLS certificate file.";
|
||||
default = null;
|
||||
example = "/etc/ssl/certs/athens.crt";
|
||||
};
|
||||
|
||||
tlsKeyFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
tlsKeyFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = "Path to the TLS key file.";
|
||||
default = null;
|
||||
example = "/etc/ssl/certs/athens.key";
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 3000;
|
||||
description = ''
|
||||
Port number Athens listens on.
|
||||
@ -312,8 +309,8 @@ in
|
||||
example = 443;
|
||||
};
|
||||
|
||||
unixSocket = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
unixSocket = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''
|
||||
Path to the unix socket file.
|
||||
If set, Athens will listen on the unix socket instead of TCP socket.
|
||||
@ -322,8 +319,8 @@ in
|
||||
example = "/run/athens.sock";
|
||||
};
|
||||
|
||||
globalEndpoint = mkOption {
|
||||
type = types.str;
|
||||
globalEndpoint = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Endpoint for a package registry in case of a proxy cache miss.
|
||||
'';
|
||||
@ -331,8 +328,8 @@ in
|
||||
example = "http://upstream-athens.example.com:3000";
|
||||
};
|
||||
|
||||
basicAuthUser = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
basicAuthUser = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Username for basic auth.
|
||||
'';
|
||||
@ -340,8 +337,8 @@ in
|
||||
example = "user";
|
||||
};
|
||||
|
||||
basicAuthPass = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
basicAuthPass = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Password for basic auth. Warning: this is stored in plain text in the config file.
|
||||
'';
|
||||
@ -349,16 +346,16 @@ in
|
||||
example = "swordfish";
|
||||
};
|
||||
|
||||
forceSSL = mkOption {
|
||||
type = types.bool;
|
||||
forceSSL = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = ''
|
||||
Force SSL redirects for incoming requests.
|
||||
'';
|
||||
default = false;
|
||||
};
|
||||
|
||||
validatorHook = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
validatorHook = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Endpoint to validate modules against.
|
||||
|
||||
@ -368,8 +365,8 @@ in
|
||||
example = "https://validation.example.com";
|
||||
};
|
||||
|
||||
pathPrefix = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
pathPrefix = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Sets basepath for all routes.
|
||||
'';
|
||||
@ -377,8 +374,8 @@ in
|
||||
example = "/athens";
|
||||
};
|
||||
|
||||
netrcPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
netrcPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''
|
||||
Path to the .netrc file.
|
||||
'';
|
||||
@ -386,8 +383,8 @@ in
|
||||
example = "/home/user/.netrc";
|
||||
};
|
||||
|
||||
githubToken = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
githubToken = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
Creates .netrc file with the given token to be used for GitHub.
|
||||
Warning: this is stored in plain text in the config file.
|
||||
@ -396,8 +393,8 @@ in
|
||||
example = "ghp_1234567890";
|
||||
};
|
||||
|
||||
hgrcPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
hgrcPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = ''
|
||||
Path to the .hgrc file.
|
||||
'';
|
||||
@ -405,16 +402,16 @@ in
|
||||
example = "/home/user/.hgrc";
|
||||
};
|
||||
|
||||
traceExporter = mkOption {
|
||||
type = types.nullOr (types.enum [ "jaeger" "datadog" ]);
|
||||
traceExporter = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "jaeger" "datadog" ]);
|
||||
description = ''
|
||||
Trace exporter to use.
|
||||
'';
|
||||
default = null;
|
||||
};
|
||||
|
||||
traceExporterURL = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
traceExporterURL = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = ''
|
||||
URL endpoint that traces will be sent to.
|
||||
'';
|
||||
@ -422,14 +419,14 @@ in
|
||||
example = "http://localhost:14268";
|
||||
};
|
||||
|
||||
statsExporter = mkOption {
|
||||
type = types.nullOr (types.enum [ "prometheus" ]);
|
||||
statsExporter = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "prometheus" ]);
|
||||
description = "Stats exporter to use.";
|
||||
default = null;
|
||||
};
|
||||
|
||||
sumDBs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
sumDBs = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of fully qualified URLs that Athens will proxy
|
||||
that the go command can use a checksum verifier.
|
||||
@ -437,8 +434,8 @@ in
|
||||
default = [ "https://sum.golang.org" ];
|
||||
};
|
||||
|
||||
noSumPatterns = mkOption {
|
||||
type = types.listOf types.str;
|
||||
noSumPatterns = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = ''
|
||||
List of patterns that Athens sum db proxy will return a 403 for.
|
||||
'';
|
||||
@ -446,8 +443,8 @@ in
|
||||
example = [ "github.com/mycompany/*" ];
|
||||
};
|
||||
|
||||
downloadMode = mkOption {
|
||||
type = types.oneOf [ (types.enum [ "sync" "async" "redirect" "async_redirect" "none" ]) (types.strMatching "^file:.*$|^custom:.*$") ];
|
||||
downloadMode = lib.mkOption {
|
||||
type = lib.types.oneOf [ (lib.types.enum [ "sync" "async" "redirect" "async_redirect" "none" ]) (lib.types.strMatching "^file:.*$|^custom:.*$") ];
|
||||
description = ''
|
||||
Defines how Athens behaves when a module@version
|
||||
is not found in storage. There are 7 options:
|
||||
@ -470,8 +467,8 @@ in
|
||||
default = "async_redirect";
|
||||
};
|
||||
|
||||
networkMode = mkOption {
|
||||
type = types.enum [ "strict" "offline" "fallback" ];
|
||||
networkMode = lib.mkOption {
|
||||
type = lib.types.enum [ "strict" "offline" "fallback" ];
|
||||
description = ''
|
||||
Configures how Athens will return the results
|
||||
of the /list endpoint as it can be assembled from both its own
|
||||
@ -490,30 +487,30 @@ in
|
||||
default = "strict";
|
||||
};
|
||||
|
||||
downloadURL = mkOption {
|
||||
type = types.str;
|
||||
downloadURL = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "URL used if DownloadMode is set to redirect.";
|
||||
default = "https://proxy.golang.org";
|
||||
};
|
||||
|
||||
singleFlightType = mkOption {
|
||||
type = types.enum [ "memory" "etcd" "redis" "redis-sentinel" "gcp" "azureblob" ];
|
||||
singleFlightType = lib.mkOption {
|
||||
type = lib.types.enum [ "memory" "etcd" "redis" "redis-sentinel" "gcp" "azureblob" ];
|
||||
description = ''
|
||||
Determines what mechanism Athens uses to manage concurrency flowing into the Athens backend.
|
||||
'';
|
||||
default = "memory";
|
||||
};
|
||||
|
||||
indexType = mkOption {
|
||||
type = types.enum [ "none" "memory" "mysql" "postgres" ];
|
||||
indexType = lib.mkOption {
|
||||
type = lib.types.enum [ "none" "memory" "mysql" "postgres" ];
|
||||
description = ''
|
||||
Type of index backend Athens will use.
|
||||
'';
|
||||
default = "none";
|
||||
};
|
||||
|
||||
shutdownTimeout = mkOption {
|
||||
type = types.int;
|
||||
shutdownTimeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = ''
|
||||
Number of seconds to wait for the server to shutdown gracefully.
|
||||
'';
|
||||
@ -523,42 +520,42 @@ in
|
||||
|
||||
singleFlight = {
|
||||
etcd = {
|
||||
endpoints = mkOption {
|
||||
type = types.listOf types.str;
|
||||
endpoints = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = "URLs that determine all distributed etcd servers.";
|
||||
default = [ ];
|
||||
example = [ "localhost:2379" ];
|
||||
};
|
||||
};
|
||||
redis = {
|
||||
endpoint = mkOption {
|
||||
type = types.str;
|
||||
endpoint = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "URL of the redis server.";
|
||||
default = "";
|
||||
example = "localhost:6379";
|
||||
};
|
||||
password = mkOption {
|
||||
type = types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Password for the redis server. Warning: this is stored in plain text in the config file.";
|
||||
default = "";
|
||||
example = "swordfish";
|
||||
};
|
||||
|
||||
lockConfig = {
|
||||
ttl = mkOption {
|
||||
type = types.int;
|
||||
ttl = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "TTL for the lock in seconds.";
|
||||
default = 900;
|
||||
example = 1;
|
||||
};
|
||||
timeout = mkOption {
|
||||
type = types.int;
|
||||
timeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Timeout for the lock in seconds.";
|
||||
default = 15;
|
||||
example = 1;
|
||||
};
|
||||
maxRetries = mkOption {
|
||||
type = types.int;
|
||||
maxRetries = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Maximum number of retries for the lock.";
|
||||
default = 10;
|
||||
example = 1;
|
||||
@ -567,40 +564,40 @@ in
|
||||
};
|
||||
|
||||
redisSentinel = {
|
||||
endpoints = mkOption {
|
||||
type = types.listOf types.str;
|
||||
endpoints = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
description = "URLs that determine all distributed redis servers.";
|
||||
default = [ ];
|
||||
example = [ "localhost:26379" ];
|
||||
};
|
||||
masterName = mkOption {
|
||||
type = types.str;
|
||||
masterName = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Name of the sentinel master server.";
|
||||
default = "";
|
||||
example = "redis-1";
|
||||
};
|
||||
sentinelPassword = mkOption {
|
||||
type = types.str;
|
||||
sentinelPassword = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Password for the sentinel server. Warning: this is stored in plain text in the config file.";
|
||||
default = "";
|
||||
example = "swordfish";
|
||||
};
|
||||
|
||||
lockConfig = {
|
||||
ttl = mkOption {
|
||||
type = types.int;
|
||||
ttl = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "TTL for the lock in seconds.";
|
||||
default = 900;
|
||||
example = 1;
|
||||
};
|
||||
timeout = mkOption {
|
||||
type = types.int;
|
||||
timeout = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Timeout for the lock in seconds.";
|
||||
default = 15;
|
||||
example = 1;
|
||||
};
|
||||
maxRetries = mkOption {
|
||||
type = types.int;
|
||||
maxRetries = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Maximum number of retries for the lock.";
|
||||
default = 10;
|
||||
example = 1;
|
||||
@ -611,8 +608,8 @@ in
|
||||
|
||||
storage = {
|
||||
cdn = {
|
||||
endpoint = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
endpoint = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "hostname of the CDN server.";
|
||||
example = "cdn.example.com";
|
||||
default = null;
|
||||
@ -620,65 +617,65 @@ in
|
||||
};
|
||||
|
||||
disk = {
|
||||
rootPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
rootPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = "Athens disk root folder.";
|
||||
default = "/var/lib/athens";
|
||||
};
|
||||
};
|
||||
|
||||
gcp = {
|
||||
projectID = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
projectID = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "GCP project ID.";
|
||||
example = "my-project";
|
||||
default = null;
|
||||
};
|
||||
bucket = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
bucket = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "GCP backend storage bucket.";
|
||||
example = "my-bucket";
|
||||
default = null;
|
||||
};
|
||||
jsonKey = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
jsonKey = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Base64 encoded GCP service account key. Warning: this is stored in plain text in the config file.";
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
|
||||
minio = {
|
||||
endpoint = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
endpoint = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Endpoint of the minio storage backend.";
|
||||
example = "minio.example.com:9001";
|
||||
default = null;
|
||||
};
|
||||
key = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
key = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Access key id for the minio storage backend.";
|
||||
example = "minio";
|
||||
default = null;
|
||||
};
|
||||
secret = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
secret = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Secret key for the minio storage backend. Warning: this is stored in plain text in the config file.";
|
||||
example = "minio123";
|
||||
default = null;
|
||||
};
|
||||
enableSSL = mkOption {
|
||||
type = types.bool;
|
||||
enableSSL = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Enable SSL for the minio storage backend.";
|
||||
default = false;
|
||||
};
|
||||
bucket = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
bucket = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Bucket name for the minio storage backend.";
|
||||
example = "gomods";
|
||||
default = null;
|
||||
};
|
||||
region = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
region = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Region for the minio storage backend.";
|
||||
example = "us-east-1";
|
||||
default = null;
|
||||
@ -686,108 +683,108 @@ in
|
||||
};
|
||||
|
||||
mongo = {
|
||||
url = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
url = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "URL of the mongo database.";
|
||||
example = "mongodb://localhost:27017";
|
||||
default = null;
|
||||
};
|
||||
defaultDBName = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
defaultDBName = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Name of the mongo database.";
|
||||
example = "athens";
|
||||
default = null;
|
||||
};
|
||||
certPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
certPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
description = "Path to the certificate file for the mongo database.";
|
||||
example = "/etc/ssl/mongo.pem";
|
||||
default = null;
|
||||
};
|
||||
insecure = mkOption {
|
||||
type = types.bool;
|
||||
insecure = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Allow insecure connections to the mongo database.";
|
||||
default = false;
|
||||
};
|
||||
};
|
||||
|
||||
s3 = {
|
||||
region = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
region = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Region of the S3 storage backend.";
|
||||
example = "eu-west-3";
|
||||
default = null;
|
||||
};
|
||||
key = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
key = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Access key id for the S3 storage backend.";
|
||||
example = "minio";
|
||||
default = null;
|
||||
};
|
||||
secret = mkOption {
|
||||
type = types.str;
|
||||
secret = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Secret key for the S3 storage backend. Warning: this is stored in plain text in the config file.";
|
||||
default = "";
|
||||
};
|
||||
token = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
token = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Token for the S3 storage backend. Warning: this is stored in plain text in the config file.";
|
||||
default = null;
|
||||
};
|
||||
bucket = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
bucket = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Bucket name for the S3 storage backend.";
|
||||
example = "gomods";
|
||||
default = null;
|
||||
};
|
||||
forcePathStyle = mkOption {
|
||||
type = types.bool;
|
||||
forcePathStyle = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Force path style for the S3 storage backend.";
|
||||
default = false;
|
||||
};
|
||||
useDefaultConfiguration = mkOption {
|
||||
type = types.bool;
|
||||
useDefaultConfiguration = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
description = "Use default configuration for the S3 storage backend.";
|
||||
default = false;
|
||||
};
|
||||
credentialsEndpoint = mkOption {
|
||||
type = types.str;
|
||||
credentialsEndpoint = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Credentials endpoint for the S3 storage backend.";
|
||||
default = "";
|
||||
};
|
||||
awsContainerCredentialsRelativeURI = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
awsContainerCredentialsRelativeURI = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Container relative url (used by fargate).";
|
||||
default = null;
|
||||
};
|
||||
endpoint = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
endpoint = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Endpoint for the S3 storage backend.";
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
|
||||
azureblob = {
|
||||
accountName = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
accountName = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Account name for the Azure Blob storage backend.";
|
||||
default = null;
|
||||
};
|
||||
accountKey = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
accountKey = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Account key for the Azure Blob storage backend. Warning: this is stored in plain text in the config file.";
|
||||
default = null;
|
||||
};
|
||||
containerName = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
containerName = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Container name for the Azure Blob storage backend.";
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
|
||||
external = {
|
||||
url = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
url = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "URL of the backend storage layer.";
|
||||
example = "https://athens.example.com";
|
||||
default = null;
|
||||
@ -797,44 +794,44 @@ in
|
||||
|
||||
index = {
|
||||
mysql = {
|
||||
protocol = mkOption {
|
||||
type = types.str;
|
||||
protocol = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Protocol for the MySQL database.";
|
||||
default = "tcp";
|
||||
};
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Host for the MySQL database.";
|
||||
default = "localhost";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Port for the MySQL database.";
|
||||
default = 3306;
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "User for the MySQL database.";
|
||||
default = "root";
|
||||
};
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Password for the MySQL database. Warning: this is stored in plain text in the config file.";
|
||||
default = null;
|
||||
};
|
||||
database = mkOption {
|
||||
type = types.str;
|
||||
database = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Database name for the MySQL database.";
|
||||
default = "athens";
|
||||
};
|
||||
params = {
|
||||
parseTime = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
parseTime = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Parse time for the MySQL database.";
|
||||
default = "true";
|
||||
};
|
||||
timeout = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
timeout = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Timeout for the MySQL database.";
|
||||
default = "30s";
|
||||
};
|
||||
@ -842,39 +839,39 @@ in
|
||||
};
|
||||
|
||||
postgres = {
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Host for the Postgres database.";
|
||||
default = "localhost";
|
||||
};
|
||||
port = mkOption {
|
||||
type = types.int;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
description = "Port for the Postgres database.";
|
||||
default = 5432;
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "User for the Postgres database.";
|
||||
default = "postgres";
|
||||
};
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Password for the Postgres database. Warning: this is stored in plain text in the config file.";
|
||||
default = null;
|
||||
};
|
||||
database = mkOption {
|
||||
type = types.str;
|
||||
database = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Database name for the Postgres database.";
|
||||
default = "athens";
|
||||
};
|
||||
params = {
|
||||
connect_timeout = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
connect_timeout = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "Connect timeout for the Postgres database.";
|
||||
default = "30s";
|
||||
};
|
||||
sslmode = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
sslmode = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
description = "SSL mode for the Postgres database.";
|
||||
default = "disable";
|
||||
};
|
||||
@ -882,8 +879,8 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.attrs;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.attrs;
|
||||
description = ''
|
||||
Extra configuration options for the athens config file.
|
||||
'';
|
||||
@ -891,7 +888,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.athens = {
|
||||
description = "Athens Go module proxy";
|
||||
documentation = [ "https://docs.gomods.io" ];
|
||||
@ -918,8 +915,8 @@ in
|
||||
ProtectHome = "read-only";
|
||||
ProtectSystem = "full";
|
||||
|
||||
ReadWritePaths = mkIf (cfg.storage.disk.rootPath != null && (! hasPrefix "/var/lib/" cfg.storage.disk.rootPath)) [ cfg.storage.disk.rootPath ];
|
||||
StateDirectory = mkIf (hasPrefix "/var/lib/" cfg.storage.disk.rootPath) [ (removePrefix "/var/lib/" cfg.storage.disk.rootPath) ];
|
||||
ReadWritePaths = lib.mkIf (cfg.storage.disk.rootPath != null && (! lib.hasPrefix "/var/lib/" cfg.storage.disk.rootPath)) [ cfg.storage.disk.rootPath ];
|
||||
StateDirectory = lib.mkIf (lib.hasPrefix "/var/lib/" cfg.storage.disk.rootPath) [ (lib.removePrefix "/var/lib/" cfg.storage.disk.rootPath) ];
|
||||
|
||||
CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
|
||||
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
|
||||
@ -928,8 +925,8 @@ in
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
allowedTCPPorts = optionals (cfg.unixSocket == null) [ cfg.port ]
|
||||
++ optionals cfg.enablePprof [ cfg.pprofPort ];
|
||||
allowedTCPPorts = lib.optionals (cfg.unixSocket == null) [ cfg.port ]
|
||||
++ lib.optionals cfg.enablePprof [ cfg.pprofPort ];
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -1,17 +1,14 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.distccd;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.distccd = {
|
||||
enable = mkEnableOption "distccd, a distributed C/C++ compiler";
|
||||
enable = lib.mkEnableOption "distccd, a distributed C/C++ compiler";
|
||||
|
||||
allowedClients = mkOption {
|
||||
type = types.listOf types.str;
|
||||
allowedClients = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ "127.0.0.1" ];
|
||||
example = [ "127.0.0.1" "192.168.0.0/24" "10.0.0.0/24" ];
|
||||
description = ''
|
||||
@ -23,16 +20,16 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
jobTimeout = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
jobTimeout = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
Maximum duration, in seconds, of a single compilation request.
|
||||
'';
|
||||
};
|
||||
|
||||
logLevel = mkOption {
|
||||
type = types.nullOr (types.enum [ "critical" "error" "warning" "notice" "info" "debug" ]);
|
||||
logLevel = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.enum [ "critical" "error" "warning" "notice" "info" "debug" ]);
|
||||
default = "warning";
|
||||
description = ''
|
||||
Set the minimum severity of error that will be included in the log
|
||||
@ -41,35 +38,35 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
maxJobs = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
maxJobs = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
Maximum number of tasks distccd should execute at any time.
|
||||
Maximum number of tasks distccd should execute at lib.any time.
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
nice = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
nice = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
Niceness of the compilation tasks.
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Opens the specified TCP port for distcc.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "distcc" { };
|
||||
package = lib.mkPackageOption pkgs "distcc" { };
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 3632;
|
||||
description = ''
|
||||
The TCP port which distccd will listen on.
|
||||
@ -77,9 +74,9 @@ in
|
||||
};
|
||||
|
||||
stats = {
|
||||
enable = mkEnableOption "statistics reporting via HTTP server";
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
enable = lib.mkEnableOption "statistics reporting via HTTP server";
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 3633;
|
||||
description = ''
|
||||
The TCP port which the distccd statistics HTTP server will listen
|
||||
@ -88,8 +85,8 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
zeroconf = mkOption {
|
||||
type = types.bool;
|
||||
zeroconf = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to register via mDNS/DNS-SD
|
||||
@ -98,10 +95,10 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
config = lib.mkIf cfg.enable {
|
||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ cfg.port ]
|
||||
++ optionals cfg.stats.enable [ cfg.stats.port ];
|
||||
++ lib.optionals cfg.stats.enable [ cfg.stats.port ];
|
||||
};
|
||||
|
||||
systemd.services.distccd = {
|
||||
@ -124,14 +121,14 @@ in
|
||||
--daemon \
|
||||
--enable-tcp-insecure \
|
||||
--port ${toString cfg.port} \
|
||||
${optionalString (cfg.jobTimeout != null) "--job-lifetime ${toString cfg.jobTimeout}"} \
|
||||
${optionalString (cfg.logLevel != null) "--log-level ${cfg.logLevel}"} \
|
||||
${optionalString (cfg.maxJobs != null) "--jobs ${toString cfg.maxJobs}"} \
|
||||
${optionalString (cfg.nice != null) "--nice ${toString cfg.nice}"} \
|
||||
${optionalString cfg.stats.enable "--stats"} \
|
||||
${optionalString cfg.stats.enable "--stats-port ${toString cfg.stats.port}"} \
|
||||
${optionalString cfg.zeroconf "--zeroconf"} \
|
||||
${concatMapStrings (c: "--allow ${c} ") cfg.allowedClients}
|
||||
${lib.optionalString (cfg.jobTimeout != null) "--job-lifetime ${toString cfg.jobTimeout}"} \
|
||||
${lib.optionalString (cfg.logLevel != null) "--log-level ${cfg.logLevel}"} \
|
||||
${lib.optionalString (cfg.maxJobs != null) "--jobs ${toString cfg.maxJobs}"} \
|
||||
${lib.optionalString (cfg.nice != null) "--nice ${toString cfg.nice}"} \
|
||||
${lib.optionalString cfg.stats.enable "--stats"} \
|
||||
${lib.optionalString cfg.stats.enable "--stats-port ${toString cfg.stats.port}"} \
|
||||
${lib.optionalString cfg.zeroconf "--zeroconf"} \
|
||||
${lib.concatMapStrings (c: "--allow ${c} ") cfg.allowedClients}
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.hoogle;
|
||||
@ -14,21 +11,21 @@ let
|
||||
in {
|
||||
|
||||
options.services.hoogle = {
|
||||
enable = mkEnableOption "Haskell documentation server";
|
||||
enable = lib.mkEnableOption "Haskell documentation server";
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 8080;
|
||||
description = ''
|
||||
Port number Hoogle will be listening to.
|
||||
'';
|
||||
};
|
||||
|
||||
packages = mkOption {
|
||||
type = types.functionTo (types.listOf types.package);
|
||||
packages = lib.mkOption {
|
||||
type = lib.types.functionTo (lib.types.listOf lib.types.package);
|
||||
default = hp: [];
|
||||
defaultText = literalExpression "hp: []";
|
||||
example = literalExpression "hp: with hp; [ text lens ]";
|
||||
defaultText = lib.literalExpression "hp: []";
|
||||
example = lib.literalExpression "hp: with hp; [ text lens ]";
|
||||
description = ''
|
||||
The Haskell packages to generate documentation for.
|
||||
|
||||
@ -38,27 +35,27 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
haskellPackages = mkOption {
|
||||
haskellPackages = lib.mkOption {
|
||||
description = "Which haskell package set to use.";
|
||||
type = types.attrs;
|
||||
type = lib.types.attrs;
|
||||
default = pkgs.haskellPackages;
|
||||
defaultText = literalExpression "pkgs.haskellPackages";
|
||||
defaultText = lib.literalExpression "pkgs.haskellPackages";
|
||||
};
|
||||
|
||||
home = mkOption {
|
||||
type = types.str;
|
||||
home = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Url for hoogle logo";
|
||||
default = "https://hoogle.haskell.org";
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = "Set the host to bind on.";
|
||||
default = "127.0.0.1";
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraOptions = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
example = [ "--no-security-headers" ];
|
||||
description = ''
|
||||
@ -68,7 +65,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.hoogle = {
|
||||
description = "Haskell documentation server";
|
||||
|
||||
@ -78,7 +75,7 @@ in {
|
||||
Restart = "always";
|
||||
ExecStart = ''
|
||||
${hoogleEnv}/bin/hoogle server --local --port ${toString cfg.port} --home ${cfg.home} --host ${cfg.host} \
|
||||
${concatStringsSep " " cfg.extraOptions}
|
||||
${lib.concatStringsSep " " cfg.extraOptions}
|
||||
'';
|
||||
|
||||
DynamicUser = true;
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.jupyter;
|
||||
@ -21,13 +18,13 @@ let
|
||||
'';
|
||||
|
||||
in {
|
||||
meta.maintainers = with maintainers; [ aborsu ];
|
||||
meta.maintainers = with lib.maintainers; [ aborsu ];
|
||||
|
||||
options.services.jupyter = {
|
||||
enable = mkEnableOption "Jupyter development server";
|
||||
enable = lib.mkEnableOption "Jupyter development server";
|
||||
|
||||
ip = mkOption {
|
||||
type = types.str;
|
||||
ip = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "localhost";
|
||||
description = ''
|
||||
IP address Jupyter will be listening on.
|
||||
@ -37,10 +34,10 @@ in {
|
||||
# NOTE: We don't use top-level jupyter because we don't
|
||||
# want to pass in JUPYTER_PATH but use .environment instead,
|
||||
# saving a rebuild.
|
||||
package = mkPackageOption pkgs [ "python3" "pkgs" "notebook" ] { };
|
||||
package = lib.mkPackageOption pkgs [ "python3" "pkgs" "notebook" ] { };
|
||||
|
||||
command = mkOption {
|
||||
type = types.str;
|
||||
command = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "jupyter-notebook";
|
||||
example = "jupyter-lab";
|
||||
description = ''
|
||||
@ -49,24 +46,24 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 8888;
|
||||
description = ''
|
||||
Port number Jupyter will be listening on.
|
||||
'';
|
||||
};
|
||||
|
||||
notebookDir = mkOption {
|
||||
type = types.str;
|
||||
notebookDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "~/";
|
||||
description = ''
|
||||
Root directory for notebooks.
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "jupyter";
|
||||
description = ''
|
||||
Name of the user used to run the jupyter service.
|
||||
@ -76,8 +73,8 @@ in {
|
||||
example = "aborsu";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "jupyter";
|
||||
description = ''
|
||||
Name of the group used to run the jupyter service.
|
||||
@ -86,8 +83,8 @@ in {
|
||||
example = "users";
|
||||
};
|
||||
|
||||
password = mkOption {
|
||||
type = types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
description = ''
|
||||
Password to use with notebook.
|
||||
Can be generated using:
|
||||
@ -102,21 +99,21 @@ in {
|
||||
example = "'sha1:1b961dc713fb:88483270a63e57d18d43cf337e629539de1436ba'";
|
||||
};
|
||||
|
||||
notebookConfig = mkOption {
|
||||
type = types.lines;
|
||||
notebookConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Raw jupyter config.
|
||||
'';
|
||||
};
|
||||
|
||||
kernels = mkOption {
|
||||
type = types.nullOr (types.attrsOf(types.submodule (import ./kernel-options.nix {
|
||||
kernels = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.attrsOf(lib.types.submodule (import ./kernel-options.nix {
|
||||
inherit lib pkgs;
|
||||
})));
|
||||
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
python3 = let
|
||||
env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
|
||||
@ -153,8 +150,8 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf cfg.enable {
|
||||
config = lib.mkMerge [
|
||||
(lib.mkIf cfg.enable {
|
||||
systemd.services.jupyter = {
|
||||
description = "Jupyter development server";
|
||||
|
||||
@ -183,10 +180,10 @@ in {
|
||||
};
|
||||
};
|
||||
})
|
||||
(mkIf (cfg.enable && (cfg.group == "jupyter")) {
|
||||
(lib.mkIf (cfg.enable && (cfg.group == "jupyter")) {
|
||||
users.groups.jupyter = {};
|
||||
})
|
||||
(mkIf (cfg.enable && (cfg.user == "jupyter")) {
|
||||
(lib.mkIf (cfg.enable && (cfg.user == "jupyter")) {
|
||||
users.extraUsers.jupyter = {
|
||||
extraGroups = [ cfg.group ];
|
||||
home = "/var/lib/jupyter";
|
||||
|
@ -1,17 +1,14 @@
|
||||
# Options that can be used for creating a jupyter kernel.
|
||||
{ lib, pkgs }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
freeformType = (pkgs.formats.json { }).type;
|
||||
|
||||
options = {
|
||||
|
||||
displayName = mkOption {
|
||||
type = types.str;
|
||||
displayName = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
"Python 3"
|
||||
"Python 3 for Data Science"
|
||||
'';
|
||||
@ -20,8 +17,8 @@ with lib;
|
||||
'';
|
||||
};
|
||||
|
||||
argv = mkOption {
|
||||
type = types.listOf types.str;
|
||||
argv = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
example = [
|
||||
"{customEnv.interpreter}"
|
||||
"-m"
|
||||
@ -34,16 +31,16 @@ with lib;
|
||||
'';
|
||||
};
|
||||
|
||||
language = mkOption {
|
||||
type = types.str;
|
||||
language = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "python";
|
||||
description = ''
|
||||
Language of the environment. Typically the name of the binary.
|
||||
'';
|
||||
};
|
||||
|
||||
env = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
env = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
default = { };
|
||||
example = { OMP_NUM_THREADS = "1"; };
|
||||
description = ''
|
||||
@ -51,27 +48,27 @@ with lib;
|
||||
'';
|
||||
};
|
||||
|
||||
logo32 = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
logo32 = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
example = literalExpression ''"''${env.sitePackages}/ipykernel/resources/logo-32x32.png"'';
|
||||
example = lib.literalExpression ''"''${env.sitePackages}/ipykernel/resources/logo-32x32.png"'';
|
||||
description = ''
|
||||
Path to 32x32 logo png.
|
||||
'';
|
||||
};
|
||||
logo64 = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
logo64 = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
example = literalExpression ''"''${env.sitePackages}/ipykernel/resources/logo-64x64.png"'';
|
||||
example = lib.literalExpression ''"''${env.sitePackages}/ipykernel/resources/logo-64x64.png"'';
|
||||
description = ''
|
||||
Path to 64x64 logo png.
|
||||
'';
|
||||
};
|
||||
|
||||
extraPaths = mkOption {
|
||||
type = types.attrsOf types.path;
|
||||
extraPaths = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.path;
|
||||
default = { };
|
||||
example = literalExpression ''"{ examples = ''${env.sitePack}/IRkernel/kernelspec/kernel.js"; }'';
|
||||
example = lib.literalExpression ''"{ examples = ''${env.sitePack}/IRkernel/kernelspec/kernel.js"; }'';
|
||||
description = ''
|
||||
Extra paths to link in kernel directory
|
||||
'';
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.jupyterhub;
|
||||
@ -27,13 +24,13 @@ let
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
in {
|
||||
meta.maintainers = with maintainers; [ costrouc ];
|
||||
meta.maintainers = with lib.maintainers; [ costrouc ];
|
||||
|
||||
options.services.jupyterhub = {
|
||||
enable = mkEnableOption "Jupyterhub development server";
|
||||
enable = lib.mkEnableOption "Jupyterhub development server";
|
||||
|
||||
authentication = mkOption {
|
||||
type = types.str;
|
||||
authentication = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "jupyterhub.auth.PAMAuthenticator";
|
||||
description = ''
|
||||
Jupyterhub authentication to use
|
||||
@ -43,8 +40,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
spawner = mkOption {
|
||||
type = types.str;
|
||||
spawner = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "systemdspawner.SystemdSpawner";
|
||||
description = ''
|
||||
Jupyterhub spawner to use
|
||||
@ -54,8 +51,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra contents appended to the jupyterhub configuration
|
||||
@ -72,13 +69,13 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
jupyterhubEnv = mkOption {
|
||||
type = types.package;
|
||||
jupyterhubEnv = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.python3.withPackages (p: with p; [
|
||||
jupyterhub
|
||||
jupyterhub-systemdspawner
|
||||
]);
|
||||
defaultText = literalExpression ''
|
||||
defaultText = lib.literalExpression ''
|
||||
pkgs.python3.withPackages (p: with p; [
|
||||
jupyterhub
|
||||
jupyterhub-systemdspawner
|
||||
@ -94,13 +91,13 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
jupyterlabEnv = mkOption {
|
||||
type = types.package;
|
||||
jupyterlabEnv = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.python3.withPackages (p: with p; [
|
||||
jupyterhub
|
||||
jupyterlab
|
||||
]);
|
||||
defaultText = literalExpression ''
|
||||
defaultText = lib.literalExpression ''
|
||||
pkgs.python3.withPackages (p: with p; [
|
||||
jupyterhub
|
||||
jupyterlab
|
||||
@ -117,13 +114,13 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
kernels = mkOption {
|
||||
type = types.nullOr (types.attrsOf(types.submodule (import ../jupyter/kernel-options.nix {
|
||||
kernels = lib.mkOption {
|
||||
type = lib.types.nullOr (lib.types.attrsOf(lib.types.submodule (import ../jupyter/kernel-options.nix {
|
||||
inherit lib pkgs;
|
||||
})));
|
||||
|
||||
default = null;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
python3 = let
|
||||
env = (pkgs.python3.withPackages (pythonPackages: with pythonPackages; [
|
||||
@ -156,24 +153,24 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 8000;
|
||||
description = ''
|
||||
Port number Jupyterhub will be listening on
|
||||
'';
|
||||
};
|
||||
|
||||
host = mkOption {
|
||||
type = types.str;
|
||||
host = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "0.0.0.0";
|
||||
description = ''
|
||||
Bind IP JupyterHub will be listening on
|
||||
'';
|
||||
};
|
||||
|
||||
stateDirectory = mkOption {
|
||||
type = types.str;
|
||||
stateDirectory = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "jupyterhub";
|
||||
description = ''
|
||||
Directory for jupyterhub state (token + database)
|
||||
@ -181,8 +178,8 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf cfg.enable {
|
||||
config = lib.mkMerge [
|
||||
(lib.mkIf cfg.enable {
|
||||
systemd.services.jupyterhub = {
|
||||
description = "Jupyterhub development server";
|
||||
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.livebook;
|
||||
in
|
||||
@ -10,12 +8,12 @@ in
|
||||
# either has access to all the data or none at all), the decision
|
||||
# was made to run this as a user service. If that changes in the
|
||||
# future, this can be changed to a system service.
|
||||
enableUserService = mkEnableOption "a user service for Livebook";
|
||||
enableUserService = lib.mkEnableOption "a user service for Livebook";
|
||||
|
||||
package = mkPackageOption pkgs "livebook" { };
|
||||
package = lib.mkPackageOption pkgs "livebook" { };
|
||||
|
||||
environment = mkOption {
|
||||
type = with types; attrsOf (nullOr (oneOf [ bool int str ]));
|
||||
environment = lib.mkOption {
|
||||
type = with lib.types; attrsOf (nullOr (oneOf [ bool int str ]));
|
||||
default = { };
|
||||
description = ''
|
||||
Environment variables to set.
|
||||
@ -37,15 +35,15 @@ in
|
||||
variables specified in this option.
|
||||
'';
|
||||
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
LIVEBOOK_PORT = 8080;
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
environmentFile = mkOption {
|
||||
type = with types; nullOr types.path;
|
||||
environmentFile = lib.mkOption {
|
||||
type = with lib.types; nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Additional dnvironment file as defined in {manpage}`systemd.exec(5)`.
|
||||
@ -72,17 +70,17 @@ in
|
||||
example = "/var/lib/livebook.env";
|
||||
};
|
||||
|
||||
extraPackages = mkOption {
|
||||
type = with types; listOf package;
|
||||
extraPackages = lib.mkOption {
|
||||
type = with lib.types; listOf package;
|
||||
default = [ ];
|
||||
description = ''
|
||||
Extra packages to make available to the Livebook service.
|
||||
'';
|
||||
example = literalExpression "with pkgs; [ gcc gnumake ]";
|
||||
example = lib.literalExpression "with pkgs; [ gcc gnumake ]";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enableUserService {
|
||||
config = lib.mkIf cfg.enableUserService {
|
||||
systemd.user.services.livebook = {
|
||||
serviceConfig = {
|
||||
Restart = "always";
|
||||
@ -97,8 +95,8 @@ in
|
||||
# stuck running a `cat /dev/urandom | tr | fold` pipeline.
|
||||
IgnoreSIGPIPE = false;
|
||||
};
|
||||
environment = mapAttrs (name: value:
|
||||
if isBool value then boolToString value else toString value)
|
||||
environment = lib.mapAttrs (name: value:
|
||||
if lib.isBool value then lib.boolToString value else toString value)
|
||||
cfg.environment;
|
||||
path = [ pkgs.bash ] ++ cfg.extraPackages;
|
||||
wantedBy = [ "default.target" ];
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.rstudio-server;
|
||||
@ -18,41 +15,41 @@ let
|
||||
|
||||
in
|
||||
{
|
||||
meta.maintainers = with maintainers; [ jbedo cfhammill ];
|
||||
meta.maintainers = with lib.maintainers; [ jbedo cfhammill ];
|
||||
|
||||
options.services.rstudio-server = {
|
||||
enable = mkEnableOption "RStudio server";
|
||||
enable = lib.mkEnableOption "RStudio server";
|
||||
|
||||
serverWorkingDir = mkOption {
|
||||
type = types.str;
|
||||
serverWorkingDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/var/lib/rstudio-server";
|
||||
description = ''
|
||||
Default working directory for server (server-working-dir in rserver.conf).
|
||||
'';
|
||||
};
|
||||
|
||||
listenAddr = mkOption {
|
||||
type = types.str;
|
||||
listenAddr = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "127.0.0.1";
|
||||
description = ''
|
||||
Address to listen on (www-address in rserver.conf).
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "rstudio-server" {
|
||||
package = lib.mkPackageOption pkgs "rstudio-server" {
|
||||
example = "rstudioServerWrapper.override { packages = [ pkgs.rPackages.ggplot2 ]; }";
|
||||
};
|
||||
|
||||
rserverExtraConfig = mkOption {
|
||||
type = types.str;
|
||||
rserverExtraConfig = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra contents for rserver.conf.
|
||||
'';
|
||||
};
|
||||
|
||||
rsessionExtraConfig = mkOption {
|
||||
type = types.str;
|
||||
rsessionExtraConfig = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Extra contents for resssion.conf.
|
||||
@ -61,7 +58,7 @@ in
|
||||
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable
|
||||
config = lib.mkIf cfg.enable
|
||||
{
|
||||
systemd.services.rstudio-server = {
|
||||
description = "Rstudio server";
|
||||
|
@ -1,6 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.greetd;
|
||||
tty = "tty${toString cfg.vt}";
|
||||
@ -8,13 +6,13 @@ let
|
||||
in
|
||||
{
|
||||
options.services.greetd = {
|
||||
enable = mkEnableOption "greetd, a minimal and flexible login manager daemon";
|
||||
enable = lib.mkEnableOption "greetd, a minimal and flexible login manager daemon";
|
||||
|
||||
package = mkPackageOption pkgs [ "greetd" "greetd" ] { };
|
||||
package = lib.mkPackageOption pkgs [ "greetd" "greetd" ] { };
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
type = settingsFormat.type;
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
default_session = {
|
||||
command = "''${pkgs.greetd.greetd}/bin/agreety --cmd sway";
|
||||
@ -27,8 +25,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
greeterManagesPlymouth = mkOption {
|
||||
type = types.bool;
|
||||
greeterManagesPlymouth = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
internal = true;
|
||||
default = false;
|
||||
description = ''
|
||||
@ -38,18 +36,18 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
vt = mkOption {
|
||||
type = types.int;
|
||||
vt = lib.mkOption {
|
||||
type = lib.types.int;
|
||||
default = 1;
|
||||
description = ''
|
||||
The virtual console (tty) that greetd should use. This option also disables getty on that tty.
|
||||
'';
|
||||
};
|
||||
|
||||
restart = mkOption {
|
||||
type = types.bool;
|
||||
restart = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = !(cfg.settings ? initial_session);
|
||||
defaultText = literalExpression "!(config.services.greetd.settings ? initial_session)";
|
||||
defaultText = lib.literalExpression "!(config.services.greetd.settings ? initial_session)";
|
||||
description = ''
|
||||
Whether to restart greetd when it terminates (e.g. on failure).
|
||||
This is usually desirable so a user can always log in, but should be disabled when using 'settings.initial_session' (autologin),
|
||||
@ -57,15 +55,15 @@ in
|
||||
'';
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
services.greetd.settings.terminal.vt = mkDefault cfg.vt;
|
||||
services.greetd.settings.default_session.user = mkDefault "greeter";
|
||||
services.greetd.settings.terminal.vt = lib.mkDefault cfg.vt;
|
||||
services.greetd.settings.default_session.user = lib.mkDefault "greeter";
|
||||
|
||||
security.pam.services.greetd = {
|
||||
allowNullPassword = true;
|
||||
startSession = true;
|
||||
enableGnomeKeyring = mkDefault config.services.gnome.gnome-keyring.enable;
|
||||
enableGnomeKeyring = lib.mkDefault config.services.gnome.gnome-keyring.enable;
|
||||
};
|
||||
|
||||
# This prevents nixos-rebuild from killing greetd by activating getty again
|
||||
@ -95,7 +93,7 @@ in
|
||||
serviceConfig = {
|
||||
ExecStart = "${pkgs.greetd.greetd}/bin/greetd --config ${settingsFormat.generate "greetd.toml" cfg.settings}";
|
||||
|
||||
Restart = mkIf cfg.restart "on-success";
|
||||
Restart = lib.mkIf cfg.restart "on-success";
|
||||
|
||||
# Defaults from greetd upstream configuration
|
||||
IgnoreSIGPIPE = false;
|
||||
@ -128,5 +126,5 @@ in
|
||||
users.groups.greeter = { };
|
||||
};
|
||||
|
||||
meta.maintainers = with maintainers; [ queezle ];
|
||||
meta.maintainers = with lib.maintainers; [ queezle ];
|
||||
}
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
|
||||
cfg = config.services.emacs;
|
||||
@ -18,8 +15,8 @@ in
|
||||
{
|
||||
|
||||
options.services.emacs = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable a user service for the Emacs daemon. Use `emacsclient` to connect to the
|
||||
@ -28,8 +25,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
install = mkOption {
|
||||
type = types.bool;
|
||||
install = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to install a user service for the Emacs daemon. Once
|
||||
@ -43,10 +40,10 @@ in
|
||||
};
|
||||
|
||||
|
||||
package = mkPackageOption pkgs "emacs" { };
|
||||
package = lib.mkPackageOption pkgs "emacs" { };
|
||||
|
||||
defaultEditor = mkOption {
|
||||
type = types.bool;
|
||||
defaultEditor = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
When enabled, configures emacsclient to be the default editor
|
||||
@ -54,17 +51,17 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
startWithGraphical = mkOption {
|
||||
type = types.bool;
|
||||
startWithGraphical = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = config.services.xserver.enable;
|
||||
defaultText = literalExpression "config.services.xserver.enable";
|
||||
defaultText = lib.literalExpression "config.services.xserver.enable";
|
||||
description = ''
|
||||
Start emacs with the graphical session instead of any session. Without this, emacs clients will not be able to create frames in the graphical session.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable || cfg.install) {
|
||||
config = lib.mkIf (cfg.enable || cfg.install) {
|
||||
systemd.user.services.emacs = {
|
||||
description = "Emacs: the extensible, self-documenting text editor";
|
||||
|
||||
@ -75,16 +72,16 @@ in
|
||||
Restart = "always";
|
||||
};
|
||||
|
||||
unitConfig = optionalAttrs cfg.startWithGraphical {
|
||||
unitConfig = lib.optionalAttrs cfg.startWithGraphical {
|
||||
After = "graphical-session.target";
|
||||
};
|
||||
} // optionalAttrs cfg.enable {
|
||||
} // lib.optionalAttrs cfg.enable {
|
||||
wantedBy = if cfg.startWithGraphical then [ "graphical-session.target" ] else [ "default.target" ];
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cfg.package editorScript ];
|
||||
|
||||
environment.variables.EDITOR = mkIf cfg.defaultEditor (mkOverride 900 "emacseditor");
|
||||
environment.variables.EDITOR = lib.mkIf cfg.defaultEditor (lib.mkOverride 900 "emacseditor");
|
||||
};
|
||||
|
||||
meta.doc = ./emacs.md;
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
pkg = pkgs.haste-server;
|
||||
cfg = config.services.haste-server;
|
||||
@ -10,10 +7,10 @@ let
|
||||
in
|
||||
{
|
||||
options.services.haste-server = {
|
||||
enable = mkEnableOption "haste-server";
|
||||
openFirewall = mkEnableOption "firewall passthrough for haste-server";
|
||||
enable = lib.mkEnableOption "haste-server";
|
||||
openFirewall = lib.mkEnableOption "firewall passthrough for haste-server";
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
description = ''
|
||||
Configuration for haste-server.
|
||||
For documentation see [project readme](https://github.com/toptal/haste-server#settings)
|
||||
@ -22,21 +19,21 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) {
|
||||
networking.firewall.allowedTCPPorts = mkIf (cfg.openFirewall) [ cfg.settings.port ];
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
networking.firewall.allowedTCPPorts = lib.mkIf (cfg.openFirewall) [ cfg.settings.port ];
|
||||
|
||||
services.haste-server = {
|
||||
settings = {
|
||||
host = mkDefault "::";
|
||||
port = mkDefault 7777;
|
||||
host = lib.mkDefault "::";
|
||||
port = lib.mkDefault 7777;
|
||||
|
||||
keyLength = mkDefault 10;
|
||||
maxLength = mkDefault 400000;
|
||||
keyLength = lib.mkDefault 10;
|
||||
maxLength = lib.mkDefault 400000;
|
||||
|
||||
staticMaxAge = mkDefault 86400;
|
||||
recompressStaticAssets = mkDefault false;
|
||||
staticMaxAge = lib.mkDefault 86400;
|
||||
recompressStaticAssets = lib.mkDefault false;
|
||||
|
||||
logging = mkDefault [
|
||||
logging = lib.mkDefault [
|
||||
{
|
||||
level = "verbose";
|
||||
type = "Console";
|
||||
@ -44,25 +41,25 @@ in
|
||||
}
|
||||
];
|
||||
|
||||
keyGenerator = mkDefault {
|
||||
keyGenerator = lib.mkDefault {
|
||||
type = "phonetic";
|
||||
};
|
||||
|
||||
rateLimits = {
|
||||
categories = {
|
||||
normal = {
|
||||
totalRequests = mkDefault 500;
|
||||
every = mkDefault 60000;
|
||||
totalRequests = lib.mkDefault 500;
|
||||
every = lib.mkDefault 60000;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
storage = mkDefault {
|
||||
storage = lib.mkDefault {
|
||||
type = "file";
|
||||
};
|
||||
|
||||
documents = {
|
||||
about = mkDefault "${pkg}/share/haste-server/about.md";
|
||||
about = lib.mkDefault "${pkg}/share/haste-server/about.md";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -1,33 +1,30 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.infinoted;
|
||||
in {
|
||||
options.services.infinoted = {
|
||||
enable = mkEnableOption "infinoted";
|
||||
enable = lib.mkEnableOption "infinoted";
|
||||
|
||||
package = mkPackageOption pkgs "libinfinity" { };
|
||||
package = lib.mkPackageOption pkgs "libinfinity" { };
|
||||
|
||||
keyFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
keyFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Private key to use for TLS
|
||||
'';
|
||||
};
|
||||
|
||||
certificateFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
certificateFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Server certificate to use for TLS
|
||||
'';
|
||||
};
|
||||
|
||||
certificateChain = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
certificateChain = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Chain of CA-certificates to which our `certificateFile` is relative.
|
||||
@ -35,48 +32,48 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
securityPolicy = mkOption {
|
||||
type = types.enum ["no-tls" "allow-tls" "require-tls"];
|
||||
securityPolicy = lib.mkOption {
|
||||
type = lib.types.enum ["no-tls" "allow-tls" "require-tls"];
|
||||
default = "require-tls";
|
||||
description = ''
|
||||
How strictly to enforce clients connection with TLS.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 6523;
|
||||
description = ''
|
||||
Port to listen on
|
||||
'';
|
||||
};
|
||||
|
||||
rootDirectory = mkOption {
|
||||
type = types.path;
|
||||
rootDirectory = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/infinoted/documents/";
|
||||
description = ''
|
||||
Root of the directory structure to serve
|
||||
'';
|
||||
};
|
||||
|
||||
plugins = mkOption {
|
||||
type = types.listOf types.str;
|
||||
plugins = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ "note-text" "note-chat" "logging" "autosave" ];
|
||||
description = ''
|
||||
Plugins to enable
|
||||
'';
|
||||
};
|
||||
|
||||
passwordFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
passwordFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
File to read server-wide password from
|
||||
'';
|
||||
};
|
||||
|
||||
extraConfig = mkOption {
|
||||
type = types.lines;
|
||||
extraConfig = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = ''
|
||||
[autosave]
|
||||
interval=10
|
||||
@ -86,16 +83,16 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "infinoted";
|
||||
description = ''
|
||||
What to call the dedicated user under which infinoted is run
|
||||
'';
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "infinoted";
|
||||
description = ''
|
||||
What to call the primary group of the dedicated user under which infinoted is run
|
||||
@ -103,15 +100,15 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) {
|
||||
users.users = optionalAttrs (cfg.user == "infinoted")
|
||||
config = lib.mkIf (cfg.enable) {
|
||||
users.users = lib.optionalAttrs (cfg.user == "infinoted")
|
||||
{ infinoted = {
|
||||
description = "Infinoted user";
|
||||
group = cfg.group;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
users.groups = optionalAttrs (cfg.group == "infinoted")
|
||||
users.groups = lib.optionalAttrs (cfg.group == "infinoted")
|
||||
{ infinoted = { };
|
||||
};
|
||||
|
||||
@ -134,14 +131,14 @@ in {
|
||||
install -o ${cfg.user} -g ${cfg.group} -m 0600 /dev/null /var/lib/infinoted/infinoted.conf
|
||||
cat >>/var/lib/infinoted/infinoted.conf <<EOF
|
||||
[infinoted]
|
||||
${optionalString (cfg.keyFile != null) "key-file=${cfg.keyFile}"}
|
||||
${optionalString (cfg.certificateFile != null) "certificate-file=${cfg.certificateFile}"}
|
||||
${optionalString (cfg.certificateChain != null) "certificate-chain=${cfg.certificateChain}"}
|
||||
${lib.optionalString (cfg.keyFile != null) "key-file=${cfg.keyFile}"}
|
||||
${lib.optionalString (cfg.certificateFile != null) "certificate-file=${cfg.certificateFile}"}
|
||||
${lib.optionalString (cfg.certificateChain != null) "certificate-chain=${cfg.certificateChain}"}
|
||||
port=${toString cfg.port}
|
||||
security-policy=${cfg.securityPolicy}
|
||||
root-directory=${cfg.rootDirectory}
|
||||
plugins=${concatStringsSep ";" cfg.plugins}
|
||||
${optionalString (cfg.passwordFile != null) "password=$(head -n 1 ${cfg.passwordFile})"}
|
||||
plugins=${lib.concatStringsSep ";" cfg.plugins}
|
||||
${lib.optionalString (cfg.passwordFile != null) "password=$(head -n 1 ${cfg.passwordFile})"}
|
||||
|
||||
${cfg.extraConfig}
|
||||
EOF
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.odoo;
|
||||
format = pkgs.formats.ini {};
|
||||
@ -9,35 +6,35 @@ in
|
||||
{
|
||||
options = {
|
||||
services.odoo = {
|
||||
enable = mkEnableOption "odoo, an open source ERP and CRM system";
|
||||
enable = lib.mkEnableOption "odoo, an open source ERP and CRM system";
|
||||
|
||||
package = mkPackageOption pkgs "odoo" { };
|
||||
package = lib.mkPackageOption pkgs "odoo" { };
|
||||
|
||||
addons = mkOption {
|
||||
type = with types; listOf package;
|
||||
addons = lib.mkOption {
|
||||
type = with lib.types; listOf package;
|
||||
default = [];
|
||||
example = literalExpression "[ pkgs.odoo_enterprise ]";
|
||||
example = lib.literalExpression "[ pkgs.odoo_enterprise ]";
|
||||
description = "Odoo addons.";
|
||||
};
|
||||
|
||||
autoInit = mkEnableOption "automatically initialize the DB";
|
||||
autoInit = lib.mkEnableOption "automatically initialize the DB";
|
||||
|
||||
autoInitExtraFlags = mkOption {
|
||||
type = with types; listOf str;
|
||||
autoInitExtraFlags = lib.mkOption {
|
||||
type = with lib.types; listOf str;
|
||||
default = [ ];
|
||||
example = literalExpression /*nix*/ ''
|
||||
example = lib.literalExpression /*nix*/ ''
|
||||
[ "--without-demo=all" ]
|
||||
'';
|
||||
description = "Extra flags passed to odoo when run for the first time by autoInit";
|
||||
};
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
type = format.type;
|
||||
default = {};
|
||||
description = ''
|
||||
Odoo configuration settings. For more details see <https://www.odoo.com/documentation/15.0/administration/install/deploy.html>
|
||||
'';
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
options = {
|
||||
db_user = "odoo";
|
||||
db_password="odoo";
|
||||
@ -45,18 +42,18 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
domain = mkOption {
|
||||
type = with types; nullOr str;
|
||||
domain = lib.mkOption {
|
||||
type = with lib.types; nullOr str;
|
||||
description = "Domain to host Odoo with nginx";
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) (let
|
||||
config = lib.mkIf (cfg.enable) (let
|
||||
cfgFile = format.generate "odoo.cfg" cfg.settings;
|
||||
in {
|
||||
services.nginx = mkIf (cfg.domain != null) {
|
||||
services.nginx = lib.mkIf (cfg.domain != null) {
|
||||
upstreams = {
|
||||
odoo.servers = {
|
||||
"127.0.0.1:8069" = {};
|
||||
@ -98,7 +95,7 @@ in
|
||||
data_dir = "/var/lib/private/odoo/data";
|
||||
proxy_mode = cfg.domain != null;
|
||||
} // (lib.optionalAttrs (cfg.addons != []) {
|
||||
addons_path = concatMapStringsSep "," escapeShellArg cfg.addons;
|
||||
addons_path = lib.concatMapStringsSep "," lib.escapeShellArg cfg.addons;
|
||||
});
|
||||
|
||||
users.users.odoo = {
|
||||
@ -137,7 +134,7 @@ in
|
||||
echo "pre-start: auto-init"
|
||||
INITIALIZED="${cfg.settings.options.data_dir}/.odoo.initialized"
|
||||
if [ ! -e "$INITIALIZED" ]; then
|
||||
${cfg.package}/bin/odoo --init=INIT --database=odoo --db_user=odoo --stop-after-init ${concatStringsSep " " cfg.autoInitExtraFlags}
|
||||
${cfg.package}/bin/odoo --init=INIT --database=odoo --db_user=odoo --stop-after-init ${lib.concatStringsSep " " cfg.autoInitExtraFlags}
|
||||
touch "$INITIALIZED"
|
||||
fi
|
||||
'')
|
||||
|
@ -1,21 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.crossfire-server;
|
||||
serverPort = 13327;
|
||||
in {
|
||||
options.services.crossfire-server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, the Crossfire game server will be started at boot.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "crossfire-server" {
|
||||
package = lib.mkPackageOption pkgs "crossfire-server" {
|
||||
extraDescription = ''
|
||||
::: {.note}
|
||||
This will also be used for map/arch data, if you don't change {option}`dataDir`
|
||||
@ -23,10 +20,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "${cfg.package}/share/crossfire";
|
||||
defaultText = literalExpression ''"''${config.services.crossfire.package}/share/crossfire"'';
|
||||
defaultText = lib.literalExpression ''"''${config.services.crossfire.package}/share/crossfire"'';
|
||||
description = ''
|
||||
Where to load readonly data from -- maps, archetypes, treasure tables,
|
||||
and the like. If you plan to edit the data on the live server (rather
|
||||
@ -36,8 +33,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.str;
|
||||
stateDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/var/lib/crossfire";
|
||||
description = ''
|
||||
Where to store runtime data (save files, persistent items, etc).
|
||||
@ -49,16 +46,16 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to open ports in the firewall for the server.
|
||||
'';
|
||||
};
|
||||
|
||||
configFiles = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
configFiles = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
description = ''
|
||||
Text to append to the corresponding configuration files. Note that the
|
||||
files given in the example are *not* the complete set of files available
|
||||
@ -70,7 +67,7 @@ in {
|
||||
overwrite the example files that come with the server, rather than being
|
||||
appended to them as the other configuration files are.
|
||||
'';
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
dm_file = '''
|
||||
admin:secret_password:localhost
|
||||
@ -101,7 +98,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.users.crossfire = {
|
||||
description = "Crossfire server daemon user";
|
||||
home = cfg.stateDir;
|
||||
@ -120,8 +117,8 @@ in {
|
||||
(name: value: lib.attrsets.nameValuePair "crossfire/${name}" {
|
||||
mode = "0644";
|
||||
text =
|
||||
(optionalString (!elem name ["motd" "news" "rules"])
|
||||
(fileContents "${cfg.package}/etc/crossfire/${name}"))
|
||||
(lib.optionalString (!lib.elem name ["motd" "news" "rules"])
|
||||
(lib.fileContents "${cfg.package}/etc/crossfire/${name}"))
|
||||
+ "\n${value}";
|
||||
}) ({
|
||||
ban_file = "";
|
||||
@ -129,9 +126,9 @@ in {
|
||||
exp_table = "";
|
||||
forbid = "";
|
||||
metaserver2 = "";
|
||||
motd = fileContents "${cfg.package}/etc/crossfire/motd";
|
||||
news = fileContents "${cfg.package}/etc/crossfire/news";
|
||||
rules = fileContents "${cfg.package}/etc/crossfire/rules";
|
||||
motd = lib.fileContents "${cfg.package}/etc/crossfire/motd";
|
||||
news = lib.fileContents "${cfg.package}/etc/crossfire/news";
|
||||
rules = lib.fileContents "${cfg.package}/etc/crossfire/rules";
|
||||
settings = "";
|
||||
stat_bonus = "";
|
||||
} // cfg.configFiles);
|
||||
@ -141,7 +138,7 @@ in {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
||||
serviceConfig = mkMerge [
|
||||
serviceConfig = lib.mkMerge [
|
||||
{
|
||||
ExecStart = "${cfg.package}/bin/crossfire-server -conf /etc/crossfire -local '${cfg.stateDir}' -data '${cfg.dataDir}'";
|
||||
Restart = "always";
|
||||
@ -149,7 +146,7 @@ in {
|
||||
Group = "crossfire";
|
||||
WorkingDirectory = cfg.stateDir;
|
||||
}
|
||||
(mkIf (cfg.stateDir == "/var/lib/crossfire") {
|
||||
(lib.mkIf (cfg.stateDir == "/var/lib/crossfire") {
|
||||
StateDirectory = "crossfire";
|
||||
})
|
||||
];
|
||||
@ -170,7 +167,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ serverPort ];
|
||||
};
|
||||
};
|
||||
|
@ -1,21 +1,18 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.deliantra-server;
|
||||
serverPort = 13327;
|
||||
in {
|
||||
options.services.deliantra-server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, the Deliantra game server will be started at boot.
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "deliantra-server" {
|
||||
package = lib.mkPackageOption pkgs "deliantra-server" {
|
||||
extraDescription = ''
|
||||
::: {.note}
|
||||
This will also be used for map/arch data, if you don't change {option}`dataDir`
|
||||
@ -23,10 +20,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "${pkgs.deliantra-data}";
|
||||
defaultText = literalExpression ''"''${pkgs.deliantra-data}"'';
|
||||
defaultText = lib.literalExpression ''"''${pkgs.deliantra-data}"'';
|
||||
description = ''
|
||||
Where to store readonly data (maps, archetypes, sprites, etc).
|
||||
Note that if you plan to use the live map editor (rather than editing
|
||||
@ -36,8 +33,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
stateDir = mkOption {
|
||||
type = types.str;
|
||||
stateDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/var/lib/deliantra";
|
||||
description = ''
|
||||
Where to store runtime data (save files, persistent items, etc).
|
||||
@ -49,16 +46,16 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to open ports in the firewall for the server.
|
||||
'';
|
||||
};
|
||||
|
||||
configFiles = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
configFiles = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.str;
|
||||
description = ''
|
||||
Contents of the server configuration files. These will be appended to
|
||||
the example configurations the server comes with and overwrite any
|
||||
@ -67,7 +64,7 @@ in {
|
||||
The example here is not comprehensive. See the files in
|
||||
/etc/deliantra-server after enabling this module for full documentation.
|
||||
'';
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
dm_file = '''
|
||||
admin:secret_password:localhost
|
||||
@ -92,7 +89,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.users.deliantra = {
|
||||
description = "Deliantra server daemon user";
|
||||
home = cfg.stateDir;
|
||||
@ -113,8 +110,8 @@ in {
|
||||
text =
|
||||
# Deliantra doesn't come with a motd file, but respects it if present
|
||||
# in /etc.
|
||||
(optionalString (name != "motd")
|
||||
(fileContents "${cfg.package}/etc/deliantra-server/${name}"))
|
||||
(lib.optionalString (name != "motd")
|
||||
(lib.fileContents "${cfg.package}/etc/deliantra-server/${name}"))
|
||||
+ "\n${value}";
|
||||
}) ({
|
||||
motd = "";
|
||||
@ -134,7 +131,7 @@ in {
|
||||
DELIANTRA_CONFDIR="/etc/deliantra-server";
|
||||
};
|
||||
|
||||
serviceConfig = mkMerge [
|
||||
serviceConfig = lib.mkMerge [
|
||||
{
|
||||
ExecStart = "${cfg.package}/bin/deliantra-server";
|
||||
Restart = "always";
|
||||
@ -142,7 +139,7 @@ in {
|
||||
Group = "deliantra";
|
||||
WorkingDirectory = cfg.stateDir;
|
||||
}
|
||||
(mkIf (cfg.stateDir == "/var/lib/deliantra") {
|
||||
(lib.mkIf (cfg.stateDir == "/var/lib/deliantra") {
|
||||
StateDirectory = "deliantra";
|
||||
})
|
||||
];
|
||||
@ -163,7 +160,7 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ serverPort ];
|
||||
};
|
||||
};
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.factorio;
|
||||
name = "Factorio";
|
||||
@ -37,7 +34,7 @@ let
|
||||
autosave_only_on_server = true;
|
||||
non_blocking_saving = cfg.nonBlockingSaving;
|
||||
} // cfg.extraSettings;
|
||||
serverSettingsString = builtins.toJSON (filterAttrsRecursive (n: v: v != null) serverSettings);
|
||||
serverSettingsString = builtins.toJSON (lib.filterAttrsRecursive (n: v: v != null) serverSettings);
|
||||
serverSettingsFile = pkgs.writeText "server-settings.json" serverSettingsString;
|
||||
serverAdminsFile = pkgs.writeText "server-adminlist.json" (builtins.toJSON cfg.admins);
|
||||
modDir = pkgs.factorio-utils.mkModDirDrv cfg.mods cfg.mods-dat;
|
||||
@ -45,25 +42,25 @@ in
|
||||
{
|
||||
options = {
|
||||
services.factorio = {
|
||||
enable = mkEnableOption name;
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
enable = lib.mkEnableOption name;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 34197;
|
||||
description = ''
|
||||
The port to which the service should bind.
|
||||
'';
|
||||
};
|
||||
|
||||
bind = mkOption {
|
||||
type = types.str;
|
||||
bind = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "0.0.0.0";
|
||||
description = ''
|
||||
The address to which the service should bind.
|
||||
'';
|
||||
};
|
||||
|
||||
admins = mkOption {
|
||||
type = types.listOf types.str;
|
||||
admins = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
example = [ "username" ];
|
||||
description = ''
|
||||
@ -71,15 +68,15 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to automatically open the specified UDP port in the firewall.
|
||||
'';
|
||||
};
|
||||
saveName = mkOption {
|
||||
type = types.str;
|
||||
saveName = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "default";
|
||||
description = ''
|
||||
The name of the savegame that will be used by the server.
|
||||
@ -88,8 +85,8 @@ in
|
||||
a new map with default settings will be generated before starting the service.
|
||||
'';
|
||||
};
|
||||
loadLatestSave = mkOption {
|
||||
type = types.bool;
|
||||
loadLatestSave = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Load the latest savegame on startup. This overrides saveName, in that the latest
|
||||
@ -104,10 +101,10 @@ in
|
||||
# TODO XXX The server tries to copy a newly created config file over the old one
|
||||
# on shutdown, but fails, because it's in the nix store. When is this needed?
|
||||
# Can an admin set options in-game and expect to have them persisted?
|
||||
configFile = mkOption {
|
||||
type = types.path;
|
||||
configFile = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = configFile;
|
||||
defaultText = literalExpression "configFile";
|
||||
defaultText = lib.literalExpression "configFile";
|
||||
description = ''
|
||||
The server's configuration file.
|
||||
|
||||
@ -116,8 +113,8 @@ in
|
||||
customizations.
|
||||
'';
|
||||
};
|
||||
extraSettingsFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
extraSettingsFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
File, which is dynamically applied to server-settings.json before
|
||||
@ -133,8 +130,8 @@ in
|
||||
```
|
||||
'';
|
||||
};
|
||||
stateDirName = mkOption {
|
||||
type = types.str;
|
||||
stateDirName = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "factorio";
|
||||
description = ''
|
||||
Name of the directory under /var/lib holding the server's data.
|
||||
@ -142,8 +139,8 @@ in
|
||||
The configuration and map will be stored here.
|
||||
'';
|
||||
};
|
||||
mods = mkOption {
|
||||
type = types.listOf types.package;
|
||||
mods = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.package;
|
||||
default = [];
|
||||
description = ''
|
||||
Mods the server should install and activate.
|
||||
@ -154,8 +151,8 @@ in
|
||||
derivations via nixos-channel. Until then, this is for experts only.
|
||||
'';
|
||||
};
|
||||
mods-dat = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
mods-dat = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Mods settings can be changed by specifying a dat file, in the [mod
|
||||
@ -163,44 +160,44 @@ in
|
||||
format](https://wiki.factorio.com/Mod_settings_file_format).
|
||||
'';
|
||||
};
|
||||
game-name = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
game-name = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = "Factorio Game";
|
||||
description = ''
|
||||
Name of the game as it will appear in the game listing.
|
||||
'';
|
||||
};
|
||||
description = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
description = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = "";
|
||||
description = ''
|
||||
Description of the game that will appear in the listing.
|
||||
'';
|
||||
};
|
||||
extraSettings = mkOption {
|
||||
type = types.attrs;
|
||||
extraSettings = lib.mkOption {
|
||||
type = lib.types.attrs;
|
||||
default = {};
|
||||
example = { admins = [ "username" ];};
|
||||
description = ''
|
||||
Extra game configuration that will go into server-settings.json
|
||||
'';
|
||||
};
|
||||
public = mkOption {
|
||||
type = types.bool;
|
||||
public = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Game will be published on the official Factorio matching server.
|
||||
'';
|
||||
};
|
||||
lan = mkOption {
|
||||
type = types.bool;
|
||||
lan = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Game will be broadcast on LAN.
|
||||
'';
|
||||
};
|
||||
username = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
username = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Your factorio.com login credentials. Required for games with visibility public.
|
||||
@ -208,11 +205,11 @@ in
|
||||
This option is insecure. Use extraSettingsFile instead.
|
||||
'';
|
||||
};
|
||||
package = mkPackageOption pkgs "factorio-headless" {
|
||||
package = lib.mkPackageOption pkgs "factorio-headless" {
|
||||
example = "factorio-headless-experimental";
|
||||
};
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Your factorio.com login credentials. Required for games with visibility public.
|
||||
@ -220,15 +217,15 @@ in
|
||||
This option is insecure. Use extraSettingsFile instead.
|
||||
'';
|
||||
};
|
||||
token = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
token = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Authentication token. May be used instead of 'password' above.
|
||||
'';
|
||||
};
|
||||
game-password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
game-password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Game password.
|
||||
@ -236,23 +233,23 @@ in
|
||||
This option is insecure. Use extraSettingsFile instead.
|
||||
'';
|
||||
};
|
||||
requireUserVerification = mkOption {
|
||||
type = types.bool;
|
||||
requireUserVerification = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
When set to true, the server will only allow clients that have a valid factorio.com account.
|
||||
'';
|
||||
};
|
||||
autosave-interval = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
autosave-interval = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
example = 10;
|
||||
description = ''
|
||||
Autosave interval in minutes.
|
||||
'';
|
||||
};
|
||||
nonBlockingSaving = mkOption {
|
||||
type = types.bool;
|
||||
nonBlockingSaving = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Highly experimental feature, enable only at your own risk of losing your saves.
|
||||
@ -263,7 +260,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.factorio = {
|
||||
description = "Factorio headless server";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -276,9 +273,9 @@ in
|
||||
"${cfg.package}/bin/factorio"
|
||||
"--config=${cfg.configFile}"
|
||||
"--create=${mkSavePath cfg.saveName}"
|
||||
(optionalString (cfg.mods != []) "--mod-directory=${modDir}")
|
||||
(lib.optionalString (cfg.mods != []) "--mod-directory=${modDir}")
|
||||
])
|
||||
+ (optionalString (cfg.extraSettingsFile != null) ("\necho ${lib.strings.escapeShellArg serverSettingsString}"
|
||||
+ (lib.optionalString (cfg.extraSettingsFile != null) ("\necho ${lib.strings.lib.escapeShellArg serverSettingsString}"
|
||||
+ " \"$(cat ${cfg.extraSettingsFile})\" | ${lib.getExe pkgs.jq} -s add"
|
||||
+ " > ${stateDir}/server-settings.json"));
|
||||
|
||||
@ -293,15 +290,15 @@ in
|
||||
"--config=${cfg.configFile}"
|
||||
"--port=${toString cfg.port}"
|
||||
"--bind=${cfg.bind}"
|
||||
(optionalString (!cfg.loadLatestSave) "--start-server=${mkSavePath cfg.saveName}")
|
||||
(lib.optionalString (!cfg.loadLatestSave) "--start-server=${mkSavePath cfg.saveName}")
|
||||
"--server-settings=${
|
||||
if (cfg.extraSettingsFile != null)
|
||||
then "${stateDir}/server-settings.json"
|
||||
else serverSettingsFile
|
||||
}"
|
||||
(optionalString cfg.loadLatestSave "--start-server-load-latest")
|
||||
(optionalString (cfg.mods != []) "--mod-directory=${modDir}")
|
||||
(optionalString (cfg.admins != []) "--server-adminlist=${serverAdminsFile}")
|
||||
(lib.optionalString cfg.loadLatestSave "--start-server-load-latest")
|
||||
(lib.optionalString (cfg.mods != []) "--mod-directory=${modDir}")
|
||||
(lib.optionalString (cfg.admins != []) "--server-adminlist=${serverAdminsFile}")
|
||||
];
|
||||
|
||||
# Sandboxing
|
||||
@ -320,6 +317,6 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedUDPPorts = optional cfg.openFirewall cfg.port;
|
||||
networking.firewall.allowedUDPPorts = lib.optional cfg.openFirewall cfg.port;
|
||||
};
|
||||
}
|
||||
|
@ -1,5 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.freeciv;
|
||||
inherit (config.users) groups;
|
||||
@ -16,31 +15,31 @@ let
|
||||
generate = name: value:
|
||||
let mkParam = k: v:
|
||||
if v == null then []
|
||||
else if isBool v then optional v ("--"+k)
|
||||
else if lib.isBool v then lib.optional v ("--"+k)
|
||||
else [("--"+k) v];
|
||||
mkParams = k: v: map (mkParam k) (if isList v then v else [v]);
|
||||
in escapeShellArgs (concatLists (concatLists (mapAttrsToList mkParams value)));
|
||||
mkParams = k: v: map (mkParam k) (if lib.isList v then v else [v]);
|
||||
in lib.escapeShellArgs (lib.concatLists (lib.concatLists (lib.mapAttrsToList mkParams value)));
|
||||
};
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.freeciv = {
|
||||
enable = mkEnableOption ''freeciv'';
|
||||
settings = mkOption {
|
||||
enable = lib.mkEnableOption ''freeciv'';
|
||||
settings = lib.mkOption {
|
||||
description = ''
|
||||
Parameters of freeciv-server.
|
||||
'';
|
||||
default = {};
|
||||
type = types.submodule {
|
||||
type = lib.types.submodule {
|
||||
freeformType = argsFormat.type;
|
||||
options.Announce = mkOption {
|
||||
type = types.enum ["IPv4" "IPv6" "none"];
|
||||
options.Announce = lib.mkOption {
|
||||
type = lib.types.enum ["IPv4" "IPv6" "none"];
|
||||
default = "none";
|
||||
description = "Announce game in LAN using given protocol.";
|
||||
};
|
||||
options.auth = mkEnableOption "server authentication";
|
||||
options.Database = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
options.auth = lib.mkEnableOption "server authentication";
|
||||
options.Database = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
apply = pkgs.writeText "auth.conf";
|
||||
default = ''
|
||||
[fcdb]
|
||||
@ -49,34 +48,34 @@ in
|
||||
'';
|
||||
description = "Enable database connection with given configuration.";
|
||||
};
|
||||
options.debug = mkOption {
|
||||
type = types.ints.between 0 3;
|
||||
options.debug = lib.mkOption {
|
||||
type = lib.types.ints.between 0 3;
|
||||
default = 0;
|
||||
description = "Set debug log level.";
|
||||
};
|
||||
options.exit-on-end = mkEnableOption "exit instead of restarting when a game ends";
|
||||
options.Guests = mkEnableOption "guests to login if auth is enabled";
|
||||
options.Newusers = mkEnableOption "new users to login if auth is enabled";
|
||||
options.port = mkOption {
|
||||
type = types.port;
|
||||
options.exit-on-end = lib.mkEnableOption "exit instead of restarting when a game ends";
|
||||
options.Guests = lib.mkEnableOption "guests to login if auth is enabled";
|
||||
options.Newusers = lib.mkEnableOption "new users to login if auth is enabled";
|
||||
options.port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 5556;
|
||||
description = "Listen for clients on given port";
|
||||
};
|
||||
options.quitidle = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
options.quitidle = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
description = "Quit if no players for given time in seconds.";
|
||||
};
|
||||
options.read = mkOption {
|
||||
type = types.lines;
|
||||
options.read = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
apply = v: pkgs.writeTextDir "read.serv" v + "/read";
|
||||
default = ''
|
||||
/fcdb lua sqlite_createdb()
|
||||
'';
|
||||
description = "Startup script.";
|
||||
};
|
||||
options.saves = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
options.saves = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = "/var/lib/freeciv/saves/";
|
||||
description = ''
|
||||
Save games to given directory,
|
||||
@ -86,10 +85,10 @@ in
|
||||
};
|
||||
};
|
||||
};
|
||||
openFirewall = mkEnableOption "opening the firewall for the port listening for clients";
|
||||
openFirewall = lib.mkEnableOption "opening the firewall for the port listening for clients";
|
||||
};
|
||||
};
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.groups.freeciv = {};
|
||||
# Use with:
|
||||
# journalctl -u freeciv.service -f -o cat &
|
||||
@ -119,8 +118,8 @@ in
|
||||
set -eux
|
||||
savedir=$(date +%Y-%m-%d_%H-%M-%S)
|
||||
'' + "${pkgs.freeciv}/bin/freeciv-server"
|
||||
+ " " + optionalString (cfg.settings.saves != null)
|
||||
(concatStringsSep " " [ "--saves" "${escapeShellArg cfg.settings.saves}/$savedir" ])
|
||||
+ " " + lib.optionalString (cfg.settings.saves != null)
|
||||
(lib.concatStringsSep " " [ "--saves" "${lib.escapeShellArg cfg.settings.saves}/$savedir" ])
|
||||
+ " " + argsFormat.generate "freeciv-server" (cfg.settings // { saves = null; }));
|
||||
DynamicUser = true;
|
||||
# Create rootDir in the host's mount namespace.
|
||||
@ -152,7 +151,7 @@ in
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
PrivateMounts = true;
|
||||
PrivateNetwork = mkDefault false;
|
||||
PrivateNetwork = lib.mkDefault false;
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProtectClock = true;
|
||||
@ -180,7 +179,7 @@ in
|
||||
SystemCallErrorNumber = "EPERM";
|
||||
};
|
||||
};
|
||||
networking.firewall = mkIf cfg.openFirewall
|
||||
networking.firewall = lib.mkIf cfg.openFirewall
|
||||
{ allowedTCPPorts = [ cfg.settings.port ]; };
|
||||
};
|
||||
meta.maintainers = with lib.maintainers; [ julm ];
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.minecraft-server;
|
||||
|
||||
@ -13,13 +10,13 @@ let
|
||||
|
||||
whitelistFile = pkgs.writeText "whitelist.json"
|
||||
(builtins.toJSON
|
||||
(mapAttrsToList (n: v: { name = n; uuid = v; }) cfg.whitelist));
|
||||
(lib.mapAttrsToList (n: v: { name = n; uuid = v; }) cfg.whitelist));
|
||||
|
||||
cfgToString = v: if builtins.isBool v then boolToString v else toString v;
|
||||
cfgToString = v: if builtins.isBool v then lib.boolToString v else toString v;
|
||||
|
||||
serverPropertiesFile = pkgs.writeText "server.properties" (''
|
||||
# server.properties managed by NixOS configuration
|
||||
'' + concatStringsSep "\n" (mapAttrsToList
|
||||
'' + lib.concatStringsSep "\n" (lib.mapAttrsToList
|
||||
(n: v: "${n}=${cfgToString v}") cfg.serverProperties));
|
||||
|
||||
stopScript = pkgs.writeShellScript "minecraft-server-stop" ''
|
||||
@ -51,8 +48,8 @@ in {
|
||||
options = {
|
||||
services.minecraft-server = {
|
||||
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, start a Minecraft Server. The server
|
||||
@ -61,8 +58,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
declarative = mkOption {
|
||||
type = types.bool;
|
||||
declarative = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to use a declarative Minecraft server configuration.
|
||||
@ -73,8 +70,8 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
eula = mkOption {
|
||||
type = types.bool;
|
||||
eula = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether you agree to
|
||||
@ -84,29 +81,29 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.path;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.path;
|
||||
default = "/var/lib/minecraft";
|
||||
description = ''
|
||||
Directory to store Minecraft database and other state/data files.
|
||||
'';
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to open ports in the firewall for the server.
|
||||
'';
|
||||
};
|
||||
|
||||
whitelist = mkOption {
|
||||
whitelist = lib.mkOption {
|
||||
type = let
|
||||
minecraftUUID = types.strMatching
|
||||
minecraftUUID = lib.types.strMatching
|
||||
"[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" // {
|
||||
description = "Minecraft UUID";
|
||||
};
|
||||
in types.attrsOf minecraftUUID;
|
||||
in lib.types.attrsOf minecraftUUID;
|
||||
default = {};
|
||||
description = ''
|
||||
Whitelisted players, only has an effect when
|
||||
@ -118,7 +115,7 @@ in {
|
||||
You can use <https://mcuuid.net/> to get a
|
||||
Minecraft UUID for a username.
|
||||
'';
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
username1 = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
|
||||
username2 = "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy";
|
||||
@ -126,10 +123,10 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
serverProperties = mkOption {
|
||||
type = with types; attrsOf (oneOf [ bool int str ]);
|
||||
serverProperties = lib.mkOption {
|
||||
type = with lib.types; attrsOf (oneOf [ bool int str ]);
|
||||
default = {};
|
||||
example = literalExpression ''
|
||||
example = lib.literalExpression ''
|
||||
{
|
||||
server-port = 43000;
|
||||
difficulty = 3;
|
||||
@ -150,12 +147,12 @@ in {
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "minecraft-server" {
|
||||
package = lib.mkPackageOption pkgs "minecraft-server" {
|
||||
example = "minecraft-server_1_12_2";
|
||||
};
|
||||
|
||||
jvmOpts = mkOption {
|
||||
type = types.separatedString " ";
|
||||
jvmOpts = lib.mkOption {
|
||||
type = lib.types.separatedString " ";
|
||||
default = "-Xmx2048M -Xms2048M";
|
||||
# Example options from https://minecraft.gamepedia.com/Tutorials/Server_startup_script
|
||||
example = "-Xms4092M -Xmx4092M -XX:+UseG1GC -XX:+CMSIncrementalPacing "
|
||||
@ -166,7 +163,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
users.users.minecraft = {
|
||||
description = "Minecraft server service user";
|
||||
@ -259,11 +256,11 @@ in {
|
||||
'');
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall (if cfg.declarative then {
|
||||
networking.firewall = lib.mkIf cfg.openFirewall (if cfg.declarative then {
|
||||
allowedUDPPorts = [ serverPort ];
|
||||
allowedTCPPorts = [ serverPort ]
|
||||
++ optional (queryPort != null) queryPort
|
||||
++ optional (rconPort != null) rconPort;
|
||||
++ lib.optional (queryPort != null) queryPort
|
||||
++ lib.optional (rconPort != null) rconPort;
|
||||
} else {
|
||||
allowedUDPPorts = [ defaultServerPort ];
|
||||
allowedTCPPorts = [ defaultServerPort ];
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
CONTAINS_NEWLINE_RE = ".*\n.*";
|
||||
# The following values are reserved as complete option values:
|
||||
@ -53,14 +50,14 @@ in
|
||||
{
|
||||
options = {
|
||||
services.minetest-server = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "If enabled, starts a Minetest Server.";
|
||||
};
|
||||
|
||||
gameId = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
gameId = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Id of the game to use. To list available games run
|
||||
@ -70,8 +67,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
world = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
world = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Name of the world to use. To list available worlds run
|
||||
@ -81,8 +78,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
configPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
configPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Path to the config to use.
|
||||
@ -92,8 +89,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
config = mkOption {
|
||||
type = types.attrsOf types.anything;
|
||||
config = lib.mkOption {
|
||||
type = lib.types.attrsOf lib.types.anything;
|
||||
default = {};
|
||||
description = ''
|
||||
Settings to add to the minetest config file.
|
||||
@ -102,8 +99,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
logPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
logPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
Path to logfile for logging.
|
||||
@ -113,8 +110,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.nullOr types.int;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.int;
|
||||
default = null;
|
||||
description = ''
|
||||
Port number to bind to.
|
||||
@ -123,8 +120,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
extraArgs = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraArgs = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
Additional command line flags to pass to the minetest executable.
|
||||
@ -133,7 +130,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.users.minetest = {
|
||||
description = "Minetest Server Service user";
|
||||
home = "/var/lib/minetest";
|
||||
|
@ -1,13 +1,10 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.teeworlds;
|
||||
register = cfg.register;
|
||||
|
||||
bool = b: if b != null && b then "1" else "0";
|
||||
optionalSetting = s: setting: optionalString (s != null) "${setting} ${s}";
|
||||
optionalSetting = s: setting: lib.optionalString (s != null) "${setting} ${s}";
|
||||
lookup = attrs: key: default: if attrs ? key then attrs."${key}" else default;
|
||||
|
||||
inactivePenaltyOptions = {
|
||||
@ -86,33 +83,33 @@ let
|
||||
sv_vote_kick_bantime ${toString cfg.game.voteKickBanTime}
|
||||
sv_vote_kick_min ${toString cfg.game.voteKickMinimumPlayers}
|
||||
|
||||
${concatStringsSep "\n" cfg.extraOptions}
|
||||
${lib.concatStringsSep "\n" cfg.extraOptions}
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.teeworlds = {
|
||||
enable = mkEnableOption "Teeworlds Server";
|
||||
enable = lib.mkEnableOption "Teeworlds Server";
|
||||
|
||||
package = mkPackageOption pkgs "teeworlds-server" { };
|
||||
package = lib.mkPackageOption pkgs "teeworlds-server" { };
|
||||
|
||||
openPorts = mkOption {
|
||||
type = types.bool;
|
||||
openPorts = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Whether to open firewall ports for Teeworlds.";
|
||||
};
|
||||
|
||||
name = mkOption {
|
||||
type = types.str;
|
||||
name = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "unnamed server";
|
||||
description = ''
|
||||
Name of the server.
|
||||
'';
|
||||
};
|
||||
|
||||
register = mkOption {
|
||||
type = types.bool;
|
||||
register = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
example = true;
|
||||
default = false;
|
||||
description = ''
|
||||
@ -120,40 +117,40 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
motd = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
motd = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
The server's message of the day text.
|
||||
'';
|
||||
};
|
||||
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Password to connect to the server.
|
||||
'';
|
||||
};
|
||||
|
||||
rconPassword = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
rconPassword = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Password to access the remote console. If not set, a randomly generated one is displayed in the server log.
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 8303;
|
||||
description = ''
|
||||
Port the server will listen on.
|
||||
'';
|
||||
};
|
||||
|
||||
extraOptions = mkOption {
|
||||
type = types.listOf types.str;
|
||||
extraOptions = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [];
|
||||
description = ''
|
||||
Extra configuration lines for the {file}`teeworlds.cfg`. See [Teeworlds Documentation](https://www.teeworlds.com/?page=docs&wiki=server_settings).
|
||||
@ -162,32 +159,32 @@ in
|
||||
};
|
||||
|
||||
server = {
|
||||
bindAddr = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
bindAddr = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
The address the server will bind to.
|
||||
'';
|
||||
};
|
||||
|
||||
enableHighBandwidth = mkOption {
|
||||
type = types.bool;
|
||||
enableHighBandwidth = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable high bandwidth mode on LAN servers. This will double the amount of bandwidth required for running the server.
|
||||
'';
|
||||
};
|
||||
|
||||
hostName = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
hostName = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Hostname for the server.
|
||||
'';
|
||||
};
|
||||
|
||||
inactivePenalty = mkOption {
|
||||
type = types.enum [ "spectator" "spectator/kick" "kick" ];
|
||||
inactivePenalty = lib.mkOption {
|
||||
type = lib.types.enum [ "spectator" "spectator/kick" "kick" ];
|
||||
example = "spectator";
|
||||
default = "spectator/kick";
|
||||
description = ''
|
||||
@ -201,48 +198,48 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
kickInactiveSpectators = mkOption {
|
||||
type = types.bool;
|
||||
kickInactiveSpectators = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to kick inactive spectators.
|
||||
'';
|
||||
};
|
||||
|
||||
inactiveTime = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
inactiveTime = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 3;
|
||||
description = ''
|
||||
The amount of minutes a client has to idle before it is considered inactive.
|
||||
'';
|
||||
};
|
||||
|
||||
maxClients = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
maxClients = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 12;
|
||||
description = ''
|
||||
The maximum amount of clients that can be connected to the server at the same time.
|
||||
'';
|
||||
};
|
||||
|
||||
maxClientsPerIP = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
maxClientsPerIP = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 12;
|
||||
description = ''
|
||||
The maximum amount of clients with the same IP address that can be connected to the server at the same time.
|
||||
'';
|
||||
};
|
||||
|
||||
skillLevel = mkOption {
|
||||
type = types.enum [ "casual" "normal" "competitive" ];
|
||||
skillLevel = lib.mkOption {
|
||||
type = lib.types.enum [ "casual" "normal" "competitive" ];
|
||||
default = "normal";
|
||||
description = ''
|
||||
The skill level shown in the server browser.
|
||||
'';
|
||||
};
|
||||
|
||||
enableSpamProtection = mkOption {
|
||||
type = types.bool;
|
||||
enableSpamProtection = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable chat spam protection.
|
||||
@ -251,8 +248,8 @@ in
|
||||
};
|
||||
|
||||
game = {
|
||||
gameType = mkOption {
|
||||
type = types.str;
|
||||
gameType = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "ctf";
|
||||
default = "dm";
|
||||
description = ''
|
||||
@ -262,8 +259,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
map = mkOption {
|
||||
type = types.str;
|
||||
map = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = "ctf5";
|
||||
default = "dm1";
|
||||
description = ''
|
||||
@ -271,16 +268,16 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
swapTeams = mkOption {
|
||||
type = types.bool;
|
||||
swapTeams = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to swap teams each round.
|
||||
'';
|
||||
};
|
||||
|
||||
enableReadyMode = mkOption {
|
||||
type = types.bool;
|
||||
enableReadyMode = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable "ready mode"; where players can pause/unpause the game
|
||||
@ -288,24 +285,24 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
playerSlots = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
playerSlots = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 8;
|
||||
description = ''
|
||||
The amount of slots to reserve for players (as opposed to spectators).
|
||||
'';
|
||||
};
|
||||
|
||||
enablePowerups = mkOption {
|
||||
type = types.bool;
|
||||
enablePowerups = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to allow powerups such as the ninja.
|
||||
'';
|
||||
};
|
||||
|
||||
scoreLimit = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
scoreLimit = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
example = 400;
|
||||
default = 20;
|
||||
description = ''
|
||||
@ -313,24 +310,24 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
restrictSpectators = mkOption {
|
||||
type = types.bool;
|
||||
restrictSpectators = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to restrict access to information such as health, ammo and armour in spectator mode.
|
||||
'';
|
||||
};
|
||||
|
||||
enableTeamDamage = mkOption {
|
||||
type = types.bool;
|
||||
enableTeamDamage = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable team damage; whether to allow team mates to inflict damage on one another.
|
||||
'';
|
||||
};
|
||||
|
||||
timeLimit = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
timeLimit = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 0;
|
||||
description = ''
|
||||
Time limit of the game. In cases of equal points, there will be sudden death.
|
||||
@ -338,8 +335,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
tournamentMode = mkOption {
|
||||
type = types.enum [ "disable" "enable" "restrictSpectators" ];
|
||||
tournamentMode = lib.mkOption {
|
||||
type = lib.types.enum [ "disable" "enable" "restrictSpectators" ];
|
||||
default = "disable";
|
||||
description = ''
|
||||
Whether to enable tournament mode. In tournament mode, players join as spectators.
|
||||
@ -347,24 +344,24 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
enableVoteKick = mkOption {
|
||||
type = types.bool;
|
||||
enableVoteKick = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
description = ''
|
||||
Whether to enable voting to kick players.
|
||||
'';
|
||||
};
|
||||
|
||||
voteKickBanTime = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
voteKickBanTime = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 5;
|
||||
description = ''
|
||||
The amount of minutes that a player is banned for if they get kicked by a vote.
|
||||
'';
|
||||
};
|
||||
|
||||
voteKickMinimumPlayers = mkOption {
|
||||
type = types.ints.unsigned;
|
||||
voteKickMinimumPlayers = lib.mkOption {
|
||||
type = lib.types.ints.unsigned;
|
||||
default = 5;
|
||||
description = ''
|
||||
The minimum amount of players required to start a kick vote.
|
||||
@ -374,8 +371,8 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
networking.firewall = mkIf cfg.openPorts {
|
||||
config = lib.mkIf cfg.enable {
|
||||
networking.firewall = lib.mkIf cfg.openPorts {
|
||||
allowedUDPPorts = [ cfg.port ];
|
||||
};
|
||||
|
||||
|
@ -1,13 +1,10 @@
|
||||
{ config, lib, options, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.terraria;
|
||||
opt = options.services.terraria;
|
||||
worldSizeMap = { small = 1; medium = 2; large = 3; };
|
||||
valFlag = name: val: optionalString (val != null) "-${name} \"${escape ["\\" "\""] (toString val)}\"";
|
||||
boolFlag = name: val: optionalString val "-${name}";
|
||||
valFlag = name: val: lib.optionalString (val != null) "-${name} \"${lib.escape ["\\" "\""] (toString val)}\"";
|
||||
boolFlag = name: val: lib.optionalString val "-${name}";
|
||||
flags = [
|
||||
(valFlag "port" cfg.port)
|
||||
(valFlag "maxPlayers" cfg.maxPlayers)
|
||||
@ -46,8 +43,8 @@ in
|
||||
{
|
||||
options = {
|
||||
services.terraria = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
If enabled, starts a Terraria server. The server can be connected to via `tmux -S ''${config.${opt.dataDir}}/terraria.sock attach`
|
||||
@ -55,40 +52,40 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
port = mkOption {
|
||||
type = types.port;
|
||||
port = lib.mkOption {
|
||||
type = lib.types.port;
|
||||
default = 7777;
|
||||
description = ''
|
||||
Specifies the port to listen on.
|
||||
'';
|
||||
};
|
||||
|
||||
maxPlayers = mkOption {
|
||||
type = types.ints.u8;
|
||||
maxPlayers = lib.mkOption {
|
||||
type = lib.types.ints.u8;
|
||||
default = 255;
|
||||
description = ''
|
||||
Sets the max number of players (between 1 and 255).
|
||||
'';
|
||||
};
|
||||
|
||||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
password = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Sets the server password. Leave `null` for no password.
|
||||
'';
|
||||
};
|
||||
|
||||
messageOfTheDay = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
messageOfTheDay = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
default = null;
|
||||
description = ''
|
||||
Set the server message of the day text.
|
||||
'';
|
||||
};
|
||||
|
||||
worldPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
worldPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
The path to the world file (`.wld`) which should be loaded.
|
||||
@ -97,8 +94,8 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
autoCreatedWorldSize = mkOption {
|
||||
type = types.enum [ "small" "medium" "large" ];
|
||||
autoCreatedWorldSize = lib.mkOption {
|
||||
type = lib.types.enum [ "small" "medium" "large" ];
|
||||
default = "medium";
|
||||
description = ''
|
||||
Specifies the size of the auto-created world if `worldPath` does not
|
||||
@ -106,34 +103,34 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
banListPath = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
banListPath = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.path;
|
||||
default = null;
|
||||
description = ''
|
||||
The path to the ban list.
|
||||
'';
|
||||
};
|
||||
|
||||
secure = mkOption {
|
||||
type = types.bool;
|
||||
secure = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Adds additional cheat protection to the server.";
|
||||
};
|
||||
|
||||
noUPnP = mkOption {
|
||||
type = types.bool;
|
||||
noUPnP = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Disables automatic Universal Plug and Play.";
|
||||
};
|
||||
|
||||
openFirewall = mkOption {
|
||||
type = types.bool;
|
||||
openFirewall = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Whether to open ports in the firewall";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
dataDir = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = "/var/lib/terraria";
|
||||
example = "/srv/terraria";
|
||||
description = "Path to variable state data directory for terraria.";
|
||||
@ -141,7 +138,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
users.users.terraria = {
|
||||
description = "Terraria server service user";
|
||||
group = "terraria";
|
||||
@ -165,12 +162,12 @@ in
|
||||
Type = "forking";
|
||||
GuessMainPID = true;
|
||||
UMask = 007;
|
||||
ExecStart = "${tmuxCmd} new -d ${pkgs.terraria-server}/bin/TerrariaServer ${concatStringsSep " " flags}";
|
||||
ExecStart = "${tmuxCmd} new -d ${pkgs.terraria-server}/bin/TerrariaServer ${lib.concatStringsSep " " flags}";
|
||||
ExecStop = "${stopScript} $MAINPID";
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall = mkIf cfg.openFirewall {
|
||||
networking.firewall = lib.mkIf cfg.openFirewall {
|
||||
allowedTCPPorts = [ cfg.port ];
|
||||
allowedUDPPorts = [ cfg.port ];
|
||||
};
|
||||
|
@ -1,7 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.acpid;
|
||||
|
||||
@ -34,7 +31,7 @@ let
|
||||
echo "event=${handler.event}" > $fn
|
||||
echo "action=${pkgs.writeShellScriptBin "${name}.sh" handler.action }/bin/${name}.sh '%e'" >> $fn
|
||||
'';
|
||||
in concatStringsSep "\n" (mapAttrsToList f (canonicalHandlers // cfg.handlers))
|
||||
in lib.concatStringsSep "\n" (lib.mapAttrsToList f (canonicalHandlers // cfg.handlers))
|
||||
}
|
||||
'';
|
||||
|
||||
@ -48,25 +45,25 @@ in
|
||||
|
||||
services.acpid = {
|
||||
|
||||
enable = mkEnableOption "the ACPI daemon";
|
||||
enable = lib.mkEnableOption "the ACPI daemon";
|
||||
|
||||
logEvents = mkOption {
|
||||
type = types.bool;
|
||||
logEvents = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Log all event activity.";
|
||||
};
|
||||
|
||||
handlers = mkOption {
|
||||
type = types.attrsOf (types.submodule {
|
||||
handlers = lib.mkOption {
|
||||
type = lib.types.attrsOf (lib.types.submodule {
|
||||
options = {
|
||||
event = mkOption {
|
||||
type = types.str;
|
||||
example = literalExpression ''"button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*"'';
|
||||
event = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
example = lib.literalExpression ''"button/power.*" "button/lid.*" "ac_adapter.*" "button/mute.*" "button/volumedown.*" "cd/play.*" "cd/next.*"'';
|
||||
description = "Event type.";
|
||||
};
|
||||
|
||||
action = mkOption {
|
||||
type = types.lines;
|
||||
action = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
description = "Shell commands to execute when the event is triggered.";
|
||||
};
|
||||
};
|
||||
@ -101,20 +98,20 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
powerEventCommands = mkOption {
|
||||
type = types.lines;
|
||||
powerEventCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = "Shell commands to execute on a button/power.* event.";
|
||||
};
|
||||
|
||||
lidEventCommands = mkOption {
|
||||
type = types.lines;
|
||||
lidEventCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = "Shell commands to execute on a button/lid.* event.";
|
||||
};
|
||||
|
||||
acEventCommands = mkOption {
|
||||
type = types.lines;
|
||||
acEventCommands = lib.mkOption {
|
||||
type = lib.types.lines;
|
||||
default = "";
|
||||
description = "Shell commands to execute on an ac_adapter.* event.";
|
||||
};
|
||||
@ -126,7 +123,7 @@ in
|
||||
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
systemd.services.acpid = {
|
||||
description = "ACPI Daemon";
|
||||
@ -135,12 +132,12 @@ in
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = escapeShellArgs
|
||||
ExecStart = lib.escapeShellArgs
|
||||
([ "${pkgs.acpid}/bin/acpid"
|
||||
"--foreground"
|
||||
"--netlink"
|
||||
"--confdir" "${acpiConfDir}"
|
||||
] ++ optional cfg.logEvents "--logevents"
|
||||
] ++ lib.optional cfg.logEvents "--logevents"
|
||||
);
|
||||
};
|
||||
unitConfig = {
|
||||
|
@ -1,5 +1,4 @@
|
||||
{ config, lib, pkgs, ... }:
|
||||
with lib;
|
||||
let
|
||||
cfg = config.services.auto-cpufreq;
|
||||
cfgFilename = "auto-cpufreq.conf";
|
||||
@ -9,9 +8,9 @@ let
|
||||
in {
|
||||
options = {
|
||||
services.auto-cpufreq = {
|
||||
enable = mkEnableOption "auto-cpufreq daemon";
|
||||
enable = lib.mkEnableOption "auto-cpufreq daemon";
|
||||
|
||||
settings = mkOption {
|
||||
settings = lib.mkOption {
|
||||
description = ''
|
||||
Configuration for `auto-cpufreq`.
|
||||
|
||||
@ -19,12 +18,12 @@ in {
|
||||
'';
|
||||
|
||||
default = {};
|
||||
type = types.submodule { freeformType = format.type; };
|
||||
type = lib.types.submodule { freeformType = format.type; };
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs.auto-cpufreq ];
|
||||
|
||||
systemd = {
|
||||
|
@ -1,15 +1,12 @@
|
||||
{ config, lib, pkgs, ...}:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.hardware.bolt;
|
||||
in
|
||||
{
|
||||
options = {
|
||||
services.hardware.bolt = {
|
||||
enable = mkOption {
|
||||
type = types.bool;
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = ''
|
||||
Whether to enable Bolt, a userspace daemon to enable
|
||||
@ -19,11 +16,11 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
package = mkPackageOption pkgs "bolt" { };
|
||||
package = lib.mkPackageOption pkgs "bolt" { };
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
services.udev.packages = [ cfg.package ];
|
||||
systemd.packages = [ cfg.package ];
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user