treewide: remove redundant quotes
This commit is contained in:
parent
fe9c9f719d
commit
35d68ef143
@ -14,10 +14,10 @@ let
|
||||
builtins.map
|
||||
(subsetname: {
|
||||
subsetname = subsetname;
|
||||
functions = libDefPos toplib."${subsetname}";
|
||||
functions = libDefPos toplib.${subsetname};
|
||||
})
|
||||
(builtins.filter
|
||||
(name: builtins.isAttrs toplib."${name}")
|
||||
(name: builtins.isAttrs toplib.${name})
|
||||
(builtins.attrNames toplib));
|
||||
|
||||
nixpkgsLib = pkgs.lib;
|
||||
|
@ -446,11 +446,11 @@ rec {
|
||||
if length list < 2
|
||||
then # finish
|
||||
{ result = list; }
|
||||
else if dfsthis ? "cycle"
|
||||
else if dfsthis ? cycle
|
||||
then # there's a cycle, starting from the current vertex, return it
|
||||
{ cycle = reverseList ([ dfsthis.cycle ] ++ dfsthis.visited);
|
||||
inherit (dfsthis) loops; }
|
||||
else if toporest ? "cycle"
|
||||
else if toporest ? cycle
|
||||
then # there's a cycle somewhere else in the graph, return it
|
||||
toporest
|
||||
# Slow, but short. Can be made a bit faster with an explicit stack.
|
||||
|
@ -58,13 +58,13 @@ rec {
|
||||
uname = {
|
||||
# uname -s
|
||||
system = {
|
||||
"linux" = "Linux";
|
||||
"windows" = "Windows";
|
||||
"darwin" = "Darwin";
|
||||
"netbsd" = "NetBSD";
|
||||
"freebsd" = "FreeBSD";
|
||||
"openbsd" = "OpenBSD";
|
||||
"wasi" = "Wasi";
|
||||
linux = "Linux";
|
||||
windows = "Windows";
|
||||
darwin = "Darwin";
|
||||
netbsd = "NetBSD";
|
||||
freebsd = "FreeBSD";
|
||||
openbsd = "OpenBSD";
|
||||
wasi = "Wasi";
|
||||
}.${final.parsed.kernel.name} or null;
|
||||
|
||||
# uname -p
|
||||
@ -86,10 +86,10 @@ rec {
|
||||
else if final.isx86_64 then "x86_64"
|
||||
else if final.isx86 then "i386"
|
||||
else {
|
||||
"powerpc" = "ppc";
|
||||
"powerpcle" = "ppc";
|
||||
"powerpc64" = "ppc64";
|
||||
"powerpc64le" = "ppc64le";
|
||||
powerpc = "ppc";
|
||||
powerpcle = "ppc";
|
||||
powerpc64 = "ppc64";
|
||||
powerpc64le = "ppc64le";
|
||||
}.${final.parsed.cpu.name} or final.parsed.cpu.name;
|
||||
|
||||
emulator = pkgs: let
|
||||
|
@ -456,16 +456,16 @@ rec {
|
||||
};
|
||||
|
||||
selectBySystem = system: {
|
||||
"i486-linux" = pc32;
|
||||
"i586-linux" = pc32;
|
||||
"i686-linux" = pc32;
|
||||
"x86_64-linux" = pc64;
|
||||
"armv5tel-linux" = sheevaplug;
|
||||
"armv6l-linux" = raspberrypi;
|
||||
"armv7a-linux" = armv7l-hf-multiplatform;
|
||||
"armv7l-linux" = armv7l-hf-multiplatform;
|
||||
"aarch64-linux" = aarch64-multiplatform;
|
||||
"mipsel-linux" = fuloong2f_n32;
|
||||
"powerpc64le-linux" = powernv;
|
||||
i486-linux = pc32;
|
||||
i586-linux = pc32;
|
||||
i686-linux = pc32;
|
||||
x86_64-linux = pc64;
|
||||
armv5tel-linux = sheevaplug;
|
||||
armv6l-linux = raspberrypi;
|
||||
armv7a-linux = armv7l-hf-multiplatform;
|
||||
armv7l-linux = armv7l-hf-multiplatform;
|
||||
aarch64-linux = aarch64-multiplatform;
|
||||
mipsel-linux = fuloong2f_n32;
|
||||
powerpc64le-linux = powernv;
|
||||
}.${system} or pcBase;
|
||||
}
|
||||
|
@ -42,7 +42,7 @@ rec {
|
||||
# Default type functor
|
||||
defaultFunctor = name: {
|
||||
inherit name;
|
||||
type = types."${name}" or null;
|
||||
type = types.${name} or null;
|
||||
wrapped = null;
|
||||
payload = null;
|
||||
binOp = a: b: null;
|
||||
|
@ -17,9 +17,9 @@ in
|
||||
else throw "Unknown QEMU serial device for system '${pkgs.stdenv.hostPlatform.system}'";
|
||||
|
||||
qemuBinary = qemuPkg: {
|
||||
"x86_64-linux" = "${qemuPkg}/bin/qemu-kvm -cpu kvm64";
|
||||
"armv7l-linux" = "${qemuPkg}/bin/qemu-system-arm -enable-kvm -machine virt -cpu host";
|
||||
"aarch64-linux" = "${qemuPkg}/bin/qemu-system-aarch64 -enable-kvm -machine virt,gic-version=host -cpu host";
|
||||
"x86_64-darwin" = "${qemuPkg}/bin/qemu-kvm -cpu kvm64";
|
||||
x86_64-linux = "${qemuPkg}/bin/qemu-kvm -cpu kvm64";
|
||||
armv7l-linux = "${qemuPkg}/bin/qemu-system-arm -enable-kvm -machine virt -cpu host";
|
||||
aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -enable-kvm -machine virt,gic-version=host -cpu host";
|
||||
x86_64-darwin = "${qemuPkg}/bin/qemu-kvm -cpu kvm64";
|
||||
}.${pkgs.stdenv.hostPlatform.system} or "${qemuPkg}/bin/qemu-kvm";
|
||||
}
|
||||
|
@ -35,8 +35,8 @@ let
|
||||
then "fontconfig"
|
||||
else "fontconfig_${version}";
|
||||
makeCache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.fonts; };
|
||||
cache = makeCache pkgs."${fcPackage}";
|
||||
cache32 = makeCache pkgs.pkgsi686Linux."${fcPackage}";
|
||||
cache = makeCache pkgs.${fcPackage};
|
||||
cache32 = makeCache pkgs.pkgsi686Linux.${fcPackage};
|
||||
in
|
||||
pkgs.writeText "fc-00-nixos-cache.conf" ''
|
||||
<?xml version='1.0'?>
|
||||
|
@ -79,7 +79,7 @@ in
|
||||
config = mkIf (config.fonts.fontconfig.enable && cfg.enable) {
|
||||
|
||||
fonts.fontconfig.confPackages = [ confPkg ];
|
||||
environment.variables."INFINALITY_FT" = cfg.preset;
|
||||
environment.variables.INFINALITY_FT = cfg.preset;
|
||||
|
||||
};
|
||||
|
||||
|
@ -50,8 +50,8 @@ let cfg = config.fonts.fontconfig;
|
||||
then "fontconfig"
|
||||
else "fontconfig_${version}";
|
||||
makeCache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.fonts; };
|
||||
cache = makeCache pkgs."${fcPackage}";
|
||||
cache32 = makeCache pkgs.pkgsi686Linux."${fcPackage}";
|
||||
cache = makeCache pkgs.${fcPackage};
|
||||
cache32 = makeCache pkgs.pkgsi686Linux.${fcPackage};
|
||||
in
|
||||
pkgs.writeText "fc-00-nixos-cache.conf" ''
|
||||
<?xml version='1.0'?>
|
||||
|
@ -15,7 +15,7 @@ let
|
||||
realms = optionalAttrs (lib.all (value: value != null) [
|
||||
cfg.defaultRealm cfg.kdc cfg.kerberosAdminServer
|
||||
]) {
|
||||
"${cfg.defaultRealm}" = {
|
||||
${cfg.defaultRealm} = {
|
||||
kdc = cfg.kdc;
|
||||
admin_server = cfg.kerberosAdminServer;
|
||||
};
|
||||
@ -25,7 +25,7 @@ let
|
||||
cfg.domainRealm cfg.defaultRealm
|
||||
]) {
|
||||
".${cfg.domainRealm}" = cfg.defaultRealm;
|
||||
"${cfg.domainRealm}" = cfg.defaultRealm;
|
||||
${cfg.domainRealm} = cfg.defaultRealm;
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -6,7 +6,7 @@ let
|
||||
|
||||
# The set of alternative malloc(3) providers.
|
||||
providers = {
|
||||
"graphene-hardened" = rec {
|
||||
graphene-hardened = rec {
|
||||
libPath = "${pkgs.graphene-hardened-malloc}/lib/libhardened_malloc.so";
|
||||
description = ''
|
||||
An allocator designed to mitigate memory corruption attacks, such as
|
||||
@ -14,7 +14,7 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
"jemalloc" = {
|
||||
jemalloc = {
|
||||
libPath = "${pkgs.jemalloc}/lib/libjemalloc.so";
|
||||
description = ''
|
||||
A general purpose allocator that emphasizes fragmentation avoidance
|
||||
@ -22,7 +22,7 @@ let
|
||||
'';
|
||||
};
|
||||
|
||||
"scudo" = {
|
||||
scudo = {
|
||||
libPath = "${pkgs.llvmPackages.compiler-rt}/lib/linux/libclang_rt.scudo-x86_64.so";
|
||||
description = ''
|
||||
A user-mode allocator based on LLVM Sanitizer’s CombinedAllocator,
|
||||
@ -32,7 +32,7 @@ let
|
||||
};
|
||||
};
|
||||
|
||||
providerConf = providers."${cfg.provider}";
|
||||
providerConf = providers.${cfg.provider};
|
||||
|
||||
# An output that contains only the shared library, to avoid
|
||||
# needlessly bloating the system closure
|
||||
|
@ -171,13 +171,13 @@ in
|
||||
|
||||
environment.etc =
|
||||
{ # /etc/services: TCP/UDP port assignments.
|
||||
"services".source = pkgs.iana-etc + "/etc/services";
|
||||
services.source = pkgs.iana-etc + "/etc/services";
|
||||
|
||||
# /etc/protocols: IP protocol numbers.
|
||||
"protocols".source = pkgs.iana-etc + "/etc/protocols";
|
||||
protocols.source = pkgs.iana-etc + "/etc/protocols";
|
||||
|
||||
# /etc/hosts: Hostname-to-IP mappings.
|
||||
"hosts".text = let
|
||||
hosts.text = let
|
||||
oneToString = set: ip: ip + " " + concatStringsSep " " set.${ip};
|
||||
allToString = set: concatMapStringsSep "\n" (oneToString set) (attrNames set);
|
||||
in ''
|
||||
@ -190,7 +190,7 @@ in
|
||||
|
||||
} // optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") {
|
||||
# /etc/rpc: RPC program numbers.
|
||||
"rpc".source = pkgs.glibc.out + "/etc/rpc";
|
||||
rpc.source = pkgs.glibc.out + "/etc/rpc";
|
||||
};
|
||||
|
||||
networking.proxy.envVars =
|
||||
|
@ -78,7 +78,7 @@ in
|
||||
};
|
||||
|
||||
# Service executed before suspending/hibernating.
|
||||
systemd.services."pre-sleep" =
|
||||
systemd.services.pre-sleep =
|
||||
{ description = "Pre-Sleep Actions";
|
||||
wantedBy = [ "sleep.target" ];
|
||||
before = [ "sleep.target" ];
|
||||
@ -89,7 +89,7 @@ in
|
||||
serviceConfig.Type = "oneshot";
|
||||
};
|
||||
|
||||
systemd.services."post-resume" =
|
||||
systemd.services.post-resume =
|
||||
{ description = "Post-Resume Actions";
|
||||
after = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" ];
|
||||
script =
|
||||
|
@ -163,7 +163,7 @@ in
|
||||
l = "ls -alh";
|
||||
};
|
||||
|
||||
environment.etc."shells".text =
|
||||
environment.etc.shells.text =
|
||||
''
|
||||
${concatStringsSep "\n" (map utils.toShellPath cfg.shells)}
|
||||
/bin/sh
|
||||
@ -171,7 +171,7 @@ in
|
||||
|
||||
# For resetting environment with `. /etc/set-environment` when needed
|
||||
# and discoverability (see motivation of #30418).
|
||||
environment.etc."set-environment".source = config.system.build.setEnvironment;
|
||||
environment.etc.set-environment.source = config.system.build.setEnvironment;
|
||||
|
||||
system.build.setEnvironment = pkgs.writeText "set-environment"
|
||||
''
|
||||
|
@ -8,7 +8,7 @@
|
||||
"/share/terminfo"
|
||||
];
|
||||
|
||||
environment.etc."terminfo" = {
|
||||
environment.etc.terminfo = {
|
||||
source = "${config.system.path}/share/terminfo";
|
||||
};
|
||||
|
||||
|
@ -546,11 +546,11 @@ in {
|
||||
environment.systemPackages = systemShells;
|
||||
|
||||
environment.etc = {
|
||||
"subuid" = {
|
||||
subuid = {
|
||||
text = subuidFile;
|
||||
mode = "0644";
|
||||
};
|
||||
"subgid" = {
|
||||
subgid = {
|
||||
text = subgidFile;
|
||||
mode = "0644";
|
||||
};
|
||||
|
@ -36,6 +36,6 @@ in
|
||||
{ inherit (cfg) group; }
|
||||
))
|
||||
];
|
||||
users.groups."${cfg.group}" = {};
|
||||
users.groups.${cfg.group} = {};
|
||||
};
|
||||
}
|
||||
|
@ -33,7 +33,7 @@ in
|
||||
|
||||
boot.blacklistedKernelModules = [ "radeon" ];
|
||||
|
||||
environment.etc."ati".source = "${ati_x11}/etc/ati";
|
||||
environment.etc.ati.source = "${ati_x11}/etc/ati";
|
||||
|
||||
};
|
||||
|
||||
|
@ -85,7 +85,7 @@ in
|
||||
# Generate /etc/os-release. See
|
||||
# https://www.freedesktop.org/software/systemd/man/os-release.html for the
|
||||
# format.
|
||||
environment.etc."os-release".text =
|
||||
environment.etc.os-release.text =
|
||||
''
|
||||
NAME=NixOS
|
||||
ID=nixos
|
||||
|
@ -30,7 +30,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf (cfg.settings != {}) {
|
||||
environment.etc."atoprc".text =
|
||||
environment.etc.atoprc.text =
|
||||
concatStrings (mapAttrsToList (n: v: "${n} ${toString v}\n") cfg.settings);
|
||||
};
|
||||
}
|
||||
|
@ -159,7 +159,7 @@ in
|
||||
|
||||
};
|
||||
|
||||
environment.etc."profile".text =
|
||||
environment.etc.profile.text =
|
||||
''
|
||||
# /etc/profile: DO NOT EDIT -- this file has been generated automatically.
|
||||
# This file is read for login shells.
|
||||
@ -184,7 +184,7 @@ in
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.etc."bashrc".text =
|
||||
environment.etc.bashrc.text =
|
||||
''
|
||||
# /etc/bashrc: DO NOT EDIT -- this file has been generated automatically.
|
||||
|
||||
@ -212,7 +212,7 @@ in
|
||||
|
||||
# Configuration for readline in bash. We use "option default"
|
||||
# priority to allow user override using both .text and .source.
|
||||
environment.etc."inputrc".source = mkOptionDefault ./inputrc;
|
||||
environment.etc.inputrc.source = mkOptionDefault ./inputrc;
|
||||
|
||||
users.defaultUserShell = mkDefault pkgs.bashInteractive;
|
||||
|
||||
|
@ -54,8 +54,8 @@ in
|
||||
type = types.attrsOf types.str;
|
||||
default = {};
|
||||
example = {
|
||||
"h" = "noaction 5\e(";
|
||||
"l" = "noaction 5\e)";
|
||||
h = "noaction 5\e(";
|
||||
l = "noaction 5\e)";
|
||||
};
|
||||
description = "Defines new command keys.";
|
||||
};
|
||||
@ -74,7 +74,7 @@ in
|
||||
type = types.attrsOf types.str;
|
||||
default = {};
|
||||
example = {
|
||||
"\e" = "abort";
|
||||
e = "abort";
|
||||
};
|
||||
description = "Defines new line-editing keys.";
|
||||
};
|
||||
@ -111,11 +111,11 @@ in
|
||||
environment.systemPackages = [ pkgs.less ];
|
||||
|
||||
environment.variables = {
|
||||
"LESSKEY_SYSTEM" = toString lessKey;
|
||||
LESSKEY_SYSTEM = toString lessKey;
|
||||
} // optionalAttrs (cfg.lessopen != null) {
|
||||
"LESSOPEN" = cfg.lessopen;
|
||||
LESSOPEN = cfg.lessopen;
|
||||
} // optionalAttrs (cfg.lessclose != null) {
|
||||
"LESSCLOSE" = cfg.lessclose;
|
||||
LESSCLOSE = cfg.lessclose;
|
||||
};
|
||||
|
||||
warnings = optional (
|
||||
|
@ -35,7 +35,7 @@ in
|
||||
###### implementation
|
||||
|
||||
config = lib.mkIf (cfg.nanorc != "" || cfg.syntaxHighlight) {
|
||||
environment.etc."nanorc".text = lib.concatStrings [ cfg.nanorc
|
||||
environment.etc.nanorc.text = lib.concatStrings [ cfg.nanorc
|
||||
(lib.optionalString cfg.syntaxHighlight ''${LF}include "${pkgs.nano}/share/nano/*.nanorc"'') ];
|
||||
};
|
||||
|
||||
|
@ -36,7 +36,7 @@ in
|
||||
###### implementation
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
environment.etc."npmrc".text = cfg.npmrc;
|
||||
environment.etc.npmrc.text = cfg.npmrc;
|
||||
|
||||
environment.variables.NPM_CONFIG_GLOBALCONFIG = "/etc/npmrc";
|
||||
|
||||
|
@ -24,7 +24,7 @@ in
|
||||
###### implementation
|
||||
|
||||
config = mkIf (cfg.screenrc != "") {
|
||||
environment.etc."screenrc".text = cfg.screenrc;
|
||||
environment.etc.screenrc.text = cfg.screenrc;
|
||||
|
||||
environment.systemPackages = [ pkgs.screen ];
|
||||
};
|
||||
|
@ -61,7 +61,7 @@ in
|
||||
description = "Setup of xfs_quota projects. Make sure the filesystem is mounted with the pquota option.";
|
||||
|
||||
example = {
|
||||
"projname" = {
|
||||
projname = {
|
||||
id = 50;
|
||||
path = "/xfsprojects/projname";
|
||||
sizeHardLimit = "50g";
|
||||
|
@ -45,7 +45,7 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
environment.etc."xonshrc".text = cfg.config;
|
||||
environment.etc.xonshrc.text = cfg.config;
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
|
@ -135,7 +135,7 @@ in
|
||||
|
||||
programs.zsh.shellAliases = mapAttrs (name: mkDefault) cfge.shellAliases;
|
||||
|
||||
environment.etc."zshenv".text =
|
||||
environment.etc.zshenv.text =
|
||||
''
|
||||
# /etc/zshenv: DO NOT EDIT -- this file has been generated automatically.
|
||||
# This file is read for all shells.
|
||||
@ -159,7 +159,7 @@ in
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.etc."zprofile".text =
|
||||
environment.etc.zprofile.text =
|
||||
''
|
||||
# /etc/zprofile: DO NOT EDIT -- this file has been generated automatically.
|
||||
# This file is read for login shells.
|
||||
@ -178,7 +178,7 @@ in
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.etc."zshrc".text =
|
||||
environment.etc.zshrc.text =
|
||||
''
|
||||
# /etc/zshrc: DO NOT EDIT -- this file has been generated automatically.
|
||||
# This file is read for interactive shells.
|
||||
@ -219,7 +219,7 @@ in
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.etc."zinputrc".source = ./zinputrc;
|
||||
environment.etc.zinputrc.source = ./zinputrc;
|
||||
|
||||
environment.systemPackages = [ pkgs.zsh ]
|
||||
++ optional cfg.enableCompletion pkgs.nix-zsh-completions;
|
||||
|
@ -378,8 +378,8 @@ in
|
||||
})
|
||||
);
|
||||
|
||||
systemd.targets."acme-selfsigned-certificates" = mkIf cfg.preliminarySelfsigned {};
|
||||
systemd.targets."acme-certificates" = {};
|
||||
systemd.targets.acme-selfsigned-certificates = mkIf cfg.preliminarySelfsigned {};
|
||||
systemd.targets.acme-certificates = {};
|
||||
})
|
||||
|
||||
];
|
||||
|
@ -24,6 +24,6 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ sandbox ];
|
||||
security.wrappers."${sandbox.passthru.sandboxExecutableName}".source = "${sandbox}/bin/${sandbox.passthru.sandboxExecutableName}";
|
||||
security.wrappers.${sandbox.passthru.sandboxExecutableName}.source = "${sandbox}/bin/${sandbox.passthru.sandboxExecutableName}";
|
||||
};
|
||||
}
|
||||
|
@ -85,7 +85,7 @@ in
|
||||
|
||||
security.wrappers = {
|
||||
pkexec.source = "${pkgs.polkit.bin}/bin/pkexec";
|
||||
"polkit-agent-helper-1".source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
|
||||
polkit-agent-helper-1.source = "${pkgs.polkit.out}/lib/polkit-1/polkit-agent-helper-1";
|
||||
};
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
|
@ -4,7 +4,7 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.prey;
|
||||
myPrey = pkgs."prey-bash-client".override {
|
||||
myPrey = pkgs.prey-bash-client.override {
|
||||
apiKey = cfg.apiKey;
|
||||
deviceKey = cfg.deviceKey;
|
||||
};
|
||||
|
@ -7,7 +7,7 @@ let
|
||||
|
||||
programs =
|
||||
(lib.mapAttrsToList
|
||||
(n: v: (if v ? "program" then v else v // {program=n;}))
|
||||
(n: v: (if v ? program then v else v // {program=n;}))
|
||||
wrappers);
|
||||
|
||||
securityWrapper = pkgs.stdenv.mkDerivation {
|
||||
@ -74,15 +74,15 @@ let
|
||||
|
||||
mkWrappedPrograms =
|
||||
builtins.map
|
||||
(s: if (s ? "capabilities")
|
||||
(s: if (s ? capabilities)
|
||||
then mkSetcapProgram
|
||||
({ owner = "root";
|
||||
group = "root";
|
||||
} // s)
|
||||
else if
|
||||
(s ? "setuid" && s.setuid) ||
|
||||
(s ? "setgid" && s.setgid) ||
|
||||
(s ? "permissions")
|
||||
(s ? setuid && s.setuid) ||
|
||||
(s ? setgid && s.setgid) ||
|
||||
(s ? permissions)
|
||||
then mkSetuidProgram s
|
||||
else mkSetuidProgram
|
||||
({ owner = "root";
|
||||
|
@ -99,7 +99,7 @@ in
|
||||
|
||||
boot.kernelModules = optional config.sound.enableOSSEmulation "snd_pcm_oss";
|
||||
|
||||
systemd.services."alsa-store" =
|
||||
systemd.services.alsa-store =
|
||||
{ description = "Store Sound Card State";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
unitConfig.RequiresMountsFor = "/var/lib/alsa";
|
||||
|
@ -103,7 +103,7 @@ in
|
||||
}];
|
||||
|
||||
systemd = {
|
||||
timers."mysql-backup" = {
|
||||
timers.mysql-backup = {
|
||||
description = "Mysql backup timer";
|
||||
wantedBy = [ "timers.target" ];
|
||||
timerConfig = {
|
||||
@ -112,7 +112,7 @@ in
|
||||
Unit = "mysql-backup.service";
|
||||
};
|
||||
};
|
||||
services."mysql-backup" = {
|
||||
services.mysql-backup = {
|
||||
description = "Mysql backup service";
|
||||
enable = true;
|
||||
serviceConfig = {
|
||||
|
@ -78,7 +78,7 @@ in
|
||||
config = mkIf cfg.enable {
|
||||
inherit assertions;
|
||||
programs.tsmClient.enable = true;
|
||||
programs.tsmClient.servers."${cfg.servername}".passwdDir =
|
||||
programs.tsmClient.servers.${cfg.servername}.passwdDir =
|
||||
mkDefault "/var/lib/tsm-backup/password";
|
||||
systemd.services.tsm-backup = {
|
||||
description = "IBM Spectrum Protect (Tivoli Storage Manager) Backup";
|
||||
|
@ -60,7 +60,7 @@ in {
|
||||
pkgs.lz4
|
||||
];
|
||||
|
||||
systemd.services."zfs-replication" = {
|
||||
systemd.services.zfs-replication = {
|
||||
after = [
|
||||
"zfs-snapshot-daily.service"
|
||||
"zfs-snapshot-frequent.service"
|
||||
|
@ -361,7 +361,7 @@ in
|
||||
environment.systemPackages = [ pkgs.znapzend ];
|
||||
|
||||
systemd.services = {
|
||||
"znapzend" = {
|
||||
znapzend = {
|
||||
description = "ZnapZend - ZFS Backup System";
|
||||
wantedBy = [ "zfs.target" ];
|
||||
after = [ "zfs.target" ];
|
||||
|
@ -24,7 +24,7 @@ with lib;
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf cfg.hdfs.namenode.enabled {
|
||||
systemd.services."hdfs-namenode" = {
|
||||
systemd.services.hdfs-namenode = {
|
||||
description = "Hadoop HDFS NameNode";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
@ -44,7 +44,7 @@ with lib;
|
||||
};
|
||||
})
|
||||
(mkIf cfg.hdfs.datanode.enabled {
|
||||
systemd.services."hdfs-datanode" = {
|
||||
systemd.services.hdfs-datanode = {
|
||||
description = "Hadoop HDFS DataNode";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
|
@ -35,7 +35,7 @@ with lib;
|
||||
})
|
||||
|
||||
(mkIf cfg.yarn.resourcemanager.enabled {
|
||||
systemd.services."yarn-resourcemanager" = {
|
||||
systemd.services.yarn-resourcemanager = {
|
||||
description = "Hadoop YARN ResourceManager";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
@ -53,7 +53,7 @@ with lib;
|
||||
})
|
||||
|
||||
(mkIf cfg.yarn.nodemanager.enabled {
|
||||
systemd.services."yarn-nodemanager" = {
|
||||
systemd.services.yarn-nodemanager = {
|
||||
description = "Hadoop YARN NodeManager";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
|
@ -74,7 +74,7 @@ in {
|
||||
spec = {
|
||||
replicas = 1;
|
||||
revisionHistoryLimit = 10;
|
||||
selector.matchLabels."k8s-app" = "kubernetes-dashboard";
|
||||
selector.matchLabels.k8s-app = "kubernetes-dashboard";
|
||||
template = {
|
||||
metadata = {
|
||||
labels = {
|
||||
|
@ -73,7 +73,7 @@ in {
|
||||
metadata = {
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
"kubernetes.io/bootstrapping" = "rbac-defaults";
|
||||
};
|
||||
@ -102,7 +102,7 @@ in {
|
||||
};
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
"kubernetes.io/bootstrapping" = "rbac-defaults";
|
||||
};
|
||||
@ -130,7 +130,7 @@ in {
|
||||
metadata = {
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
};
|
||||
name = "coredns";
|
||||
@ -144,7 +144,7 @@ in {
|
||||
metadata = {
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = cfg.reconcileMode;
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
};
|
||||
name = "coredns";
|
||||
@ -175,7 +175,7 @@ in {
|
||||
metadata = {
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = cfg.reconcileMode;
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
"kubernetes.io/name" = "CoreDNS";
|
||||
};
|
||||
@ -301,7 +301,7 @@ in {
|
||||
};
|
||||
labels = {
|
||||
"addonmanager.kubernetes.io/mode" = "Reconcile";
|
||||
"k8s-app" = "kube-dns";
|
||||
k8s-app = "kube-dns";
|
||||
"kubernetes.io/cluster-service" = "true";
|
||||
"kubernetes.io/name" = "CoreDNS";
|
||||
};
|
||||
|
@ -397,14 +397,14 @@ in {
|
||||
}
|
||||
];
|
||||
users = mkIf (cfg.user == defaultUser) {
|
||||
extraUsers."${defaultUser}" =
|
||||
extraUsers.${defaultUser} =
|
||||
{ group = cfg.group;
|
||||
home = cfg.homeDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.cassandra;
|
||||
description = "Cassandra service user";
|
||||
};
|
||||
extraGroups."${defaultUser}".gid = config.ids.gids.cassandra;
|
||||
extraGroups.${defaultUser}.gid = config.ids.gids.cassandra;
|
||||
};
|
||||
|
||||
systemd.services.cassandra =
|
||||
|
@ -59,8 +59,8 @@ in {
|
||||
type = types.attrsOf types.str;
|
||||
default = {};
|
||||
example = {
|
||||
"nuc-server" = "hostaddr=192.168.0.100 port=5432 dbname=postgres";
|
||||
"mini-server" = "hostaddr=127.0.0.1 port=5432 dbname=postgres sslmode=require";
|
||||
nuc-server = "hostaddr=192.168.0.100 port=5432 dbname=postgres";
|
||||
mini-server = "hostaddr=127.0.0.1 port=5432 dbname=postgres sslmode=require";
|
||||
};
|
||||
description = ''
|
||||
pgmanage requires at least one PostgreSQL server be defined.
|
||||
@ -192,13 +192,13 @@ in {
|
||||
};
|
||||
};
|
||||
users = {
|
||||
users."${pgmanage}" = {
|
||||
users.${pgmanage} = {
|
||||
name = pgmanage;
|
||||
group = pgmanage;
|
||||
home = cfg.sqlRoot;
|
||||
createHome = true;
|
||||
};
|
||||
groups."${pgmanage}" = {
|
||||
groups.${pgmanage} = {
|
||||
name = pgmanage;
|
||||
};
|
||||
};
|
||||
|
@ -202,14 +202,14 @@ in
|
||||
];
|
||||
|
||||
# restart geoclue service when the configuration changes
|
||||
systemd.services."geoclue".restartTriggers = [
|
||||
systemd.services.geoclue.restartTriggers = [
|
||||
config.environment.etc."geoclue/geoclue.conf".source
|
||||
];
|
||||
|
||||
# this needs to run as a user service, since it's associated with the
|
||||
# user who is making the requests
|
||||
systemd.user.services = mkIf cfg.enableDemoAgent {
|
||||
"geoclue-agent" = {
|
||||
geoclue-agent = {
|
||||
description = "Geoclue agent";
|
||||
script = "${package}/libexec/geoclue-2.0/demos/agent";
|
||||
# this should really be `partOf = [ "geoclue.service" ]`, but
|
||||
@ -219,12 +219,12 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
services.geoclue2.appConfig."epiphany" = {
|
||||
services.geoclue2.appConfig.epiphany = {
|
||||
isAllowed = true;
|
||||
isSystem = false;
|
||||
};
|
||||
|
||||
services.geoclue2.appConfig."firefox" = {
|
||||
services.geoclue2.appConfig.firefox = {
|
||||
isAllowed = true;
|
||||
isSystem = false;
|
||||
};
|
||||
|
@ -4,7 +4,7 @@ with lib;
|
||||
|
||||
let
|
||||
cfg = config.services.terraria;
|
||||
worldSizeMap = { "small" = 1; "medium" = 2; "large" = 3; };
|
||||
worldSizeMap = { small = 1; medium = 2; large = 3; };
|
||||
valFlag = name: val: optionalString (val != null) "-${name} \"${escape ["\\" "\""] (toString val)}\"";
|
||||
boolFlag = name: val: optionalString val "-${name}";
|
||||
flags = [
|
||||
|
@ -124,7 +124,7 @@ in
|
||||
environment.sessionVariables = env;
|
||||
services.udev.packages = backends;
|
||||
|
||||
users.groups."scanner".gid = config.ids.gids.scanner;
|
||||
users.groups.scanner.gid = config.ids.gids.scanner;
|
||||
})
|
||||
|
||||
(mkIf config.services.saned.enable {
|
||||
@ -152,7 +152,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.users."scanner" = {
|
||||
users.users.scanner = {
|
||||
uid = config.ids.uids.scanner;
|
||||
group = "scanner";
|
||||
};
|
||||
|
@ -20,7 +20,7 @@ in {
|
||||
config = mkIf cfg.enable {
|
||||
systemd.packages = [ pkgs.throttled ];
|
||||
# The upstream package has this in Install, but that's not enough, see the NixOS manual
|
||||
systemd.services."lenovo_fix".wantedBy = [ "multi-user.target" ];
|
||||
systemd.services.lenovo_fix.wantedBy = [ "multi-user.target" ];
|
||||
|
||||
environment.etc."lenovo_fix.conf".source =
|
||||
if cfg.extraConfig != ""
|
||||
|
@ -60,11 +60,11 @@ in
|
||||
powerManagement.cpufreq.max = null;
|
||||
powerManagement.cpufreq.min = null;
|
||||
|
||||
systemd.sockets."systemd-rfkill".enable = false;
|
||||
systemd.sockets.systemd-rfkill.enable = false;
|
||||
|
||||
systemd.services = {
|
||||
"systemd-rfkill@".enable = false;
|
||||
"systemd-rfkill".enable = false;
|
||||
systemd-rfkill.enable = false;
|
||||
|
||||
tlp = {
|
||||
description = "TLP system startup/shutdown";
|
||||
|
@ -23,9 +23,9 @@ let
|
||||
flags = "-r ${rulesDir} -c ${configFile} -L ${logFiles} -${levelFlag} -m ${cfg.mailTo}";
|
||||
|
||||
levelFlag = getAttrFromPath [cfg.level]
|
||||
{ "paranoid" = "p";
|
||||
"server" = "s";
|
||||
"workstation" = "w";
|
||||
{ paranoid = "p";
|
||||
server = "s";
|
||||
workstation = "w";
|
||||
};
|
||||
|
||||
cronJob = ''
|
||||
|
@ -137,7 +137,7 @@ in
|
||||
${pkgs.postfix}/bin/postmap ${stateDir}/transports
|
||||
'';
|
||||
|
||||
systemd.services."mlmmj-maintd" = {
|
||||
systemd.services.mlmmj-maintd = {
|
||||
description = "mlmmj maintenance daemon";
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
@ -146,7 +146,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
systemd.timers."mlmmj-maintd" = {
|
||||
systemd.timers.mlmmj-maintd = {
|
||||
description = "mlmmj maintenance timer";
|
||||
timerConfig.OnUnitActiveSec = cfg.maintInterval;
|
||||
wantedBy = [ "timers.target" ];
|
||||
|
@ -40,7 +40,7 @@ with lib;
|
||||
systemPackages = [ pkgs.pfixtools ];
|
||||
};
|
||||
|
||||
systemd.services."pfix-srsd" = {
|
||||
systemd.services.pfix-srsd = {
|
||||
description = "Postfix sender rewriting scheme daemon";
|
||||
before = [ "postfix.service" ];
|
||||
#note that we use requires rather than wants because postfix
|
||||
|
@ -877,22 +877,22 @@ in
|
||||
}
|
||||
|
||||
(mkIf haveAliases {
|
||||
services.postfix.aliasFiles."aliases" = aliasesFile;
|
||||
services.postfix.aliasFiles.aliases = aliasesFile;
|
||||
})
|
||||
(mkIf haveTransport {
|
||||
services.postfix.mapFiles."transport" = transportFile;
|
||||
services.postfix.mapFiles.transport = transportFile;
|
||||
})
|
||||
(mkIf haveVirtual {
|
||||
services.postfix.mapFiles."virtual" = virtualFile;
|
||||
services.postfix.mapFiles.virtual = virtualFile;
|
||||
})
|
||||
(mkIf haveLocalRecipients {
|
||||
services.postfix.mapFiles."local_recipients" = localRecipientMapFile;
|
||||
services.postfix.mapFiles.local_recipients = localRecipientMapFile;
|
||||
})
|
||||
(mkIf cfg.enableHeaderChecks {
|
||||
services.postfix.mapFiles."header_checks" = headerChecksFile;
|
||||
services.postfix.mapFiles.header_checks = headerChecksFile;
|
||||
})
|
||||
(mkIf (cfg.dnsBlacklists != []) {
|
||||
services.postfix.mapFiles."client_access" = checkClientAccessFile;
|
||||
services.postfix.mapFiles.client_access = checkClientAccessFile;
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
@ -7,7 +7,7 @@ with lib; let
|
||||
natural = with types; addCheck int (x: x >= 0);
|
||||
natural' = with types; addCheck int (x: x > 0);
|
||||
|
||||
socket = with types; addCheck (either (submodule unixSocket) (submodule inetSocket)) (x: x ? "path" || x ? "port");
|
||||
socket = with types; addCheck (either (submodule unixSocket) (submodule inetSocket)) (x: x ? path || x ? port);
|
||||
|
||||
inetSocket = with types; {
|
||||
options = {
|
||||
@ -151,7 +151,7 @@ in {
|
||||
};
|
||||
|
||||
systemd.services.postgrey = let
|
||||
bind-flag = if cfg.socket ? "path" then
|
||||
bind-flag = if cfg.socket ? path then
|
||||
''--unix=${cfg.socket.path} --socketmode=${cfg.socket.mode}''
|
||||
else
|
||||
''--inet=${optionalString (cfg.socket.addr != null) (cfg.socket.addr + ":")}${toString cfg.socket.port}'';
|
||||
|
@ -387,7 +387,7 @@ in
|
||||
gid = config.ids.gids.rspamd;
|
||||
};
|
||||
|
||||
environment.etc."rspamd".source = rspamdDir;
|
||||
environment.etc.rspamd.source = rspamdDir;
|
||||
|
||||
systemd.services.rspamd = {
|
||||
description = "Rspamd Service";
|
||||
|
@ -138,8 +138,8 @@ in {
|
||||
|
||||
services.nginx = mkIf (cfg.virtualHost != null) {
|
||||
enable = true;
|
||||
virtualHosts."${cfg.virtualHost}" = {
|
||||
locations."${cfg.contextPath}".proxyPass = "http://${cfg.listenAddress}:${toString cfg.port}";
|
||||
virtualHosts.${cfg.virtualHost} = {
|
||||
locations.${cfg.contextPath}.proxyPass = "http://${cfg.listenAddress}:${toString cfg.port}";
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -8,9 +8,9 @@ let
|
||||
printProperties = properties:
|
||||
concatMapStrings (propertyName:
|
||||
let
|
||||
property = properties."${propertyName}";
|
||||
property = properties.${propertyName};
|
||||
in
|
||||
if isList property then "${propertyName}=(${lib.concatMapStrings (elem: "\"${toString elem}\" ") (properties."${propertyName}")})\n"
|
||||
if isList property then "${propertyName}=(${lib.concatMapStrings (elem: "\"${toString elem}\" ") (properties.${propertyName})})\n"
|
||||
else "${propertyName}=\"${toString property}\"\n"
|
||||
) (builtins.attrNames properties);
|
||||
|
||||
@ -31,7 +31,7 @@ let
|
||||
|
||||
${concatMapStrings (containerName:
|
||||
let
|
||||
containerProperties = cfg.containers."${containerName}";
|
||||
containerProperties = cfg.containers.${containerName};
|
||||
in
|
||||
''
|
||||
cat > ${containerName} <<EOF
|
||||
@ -49,10 +49,10 @@ let
|
||||
|
||||
${concatMapStrings (componentName:
|
||||
let
|
||||
component = cfg.components."${containerName}"."${componentName}";
|
||||
component = cfg.components.${containerName}.${componentName};
|
||||
in
|
||||
"ln -s ${component} ${containerName}/${componentName}\n"
|
||||
) (builtins.attrNames (cfg.components."${containerName}" or {}))}
|
||||
) (builtins.attrNames (cfg.components.${containerName} or {}))}
|
||||
'';
|
||||
|
||||
componentsDir = pkgs.stdenv.mkDerivation {
|
||||
|
@ -58,7 +58,7 @@ let
|
||||
};
|
||||
};
|
||||
cliOptions = concatStringsSep " " (mapAttrsToList (k: v: "--${k} ${v}") (filterAttrs (k: v: v != null && v != "") (cliOptionsCommon //
|
||||
cliOptionsPerConfig."${cfg.configType}" //
|
||||
cliOptionsPerConfig.${cfg.configType} //
|
||||
s3CommonOptions //
|
||||
optionalAttrs cfg.s3Backup { s3backup = "true"; } //
|
||||
optionalAttrs cfg.fileSystemBackup { filesystembackup = "true"; }
|
||||
|
@ -147,7 +147,7 @@ in
|
||||
group = cfg.group;
|
||||
useDefaultShell = true;
|
||||
};
|
||||
users.groups."${cfg.group}".gid = config.ids.gids.gitolite;
|
||||
users.groups.${cfg.group}.gid = config.ids.gids.gitolite;
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d '${cfg.dataDir}' 0750 ${cfg.user} ${cfg.group} - -"
|
||||
@ -157,7 +157,7 @@ in
|
||||
"Z ${cfg.dataDir} 0750 ${cfg.user} ${cfg.group} - -"
|
||||
];
|
||||
|
||||
systemd.services."gitolite-init" = {
|
||||
systemd.services.gitolite-init = {
|
||||
description = "Gitolite initialization";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
unitConfig.RequiresMountsFor = cfg.dataDir;
|
||||
|
@ -374,7 +374,7 @@ in {
|
||||
user = cfg.database_user;
|
||||
database = cfg.database_name;
|
||||
};
|
||||
}."${cfg.database_type}";
|
||||
}.${cfg.database_type};
|
||||
description = ''
|
||||
Arguments to pass to the engine.
|
||||
'';
|
||||
|
@ -495,12 +495,12 @@ in
|
||||
optionals (pkgs.stdenv.isx86_64 && pkgs.hostPlatform.platform ? gcc.arch) (
|
||||
# a x86_64 builder can run code for `platform.gcc.arch` and minor architectures:
|
||||
[ "gccarch-${pkgs.hostPlatform.platform.gcc.arch}" ] ++ {
|
||||
"sandybridge" = [ "gccarch-westmere" ];
|
||||
"ivybridge" = [ "gccarch-westmere" "gccarch-sandybridge" ];
|
||||
"haswell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" ];
|
||||
"broadwell" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" ];
|
||||
"skylake" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" ];
|
||||
"skylake-avx512" = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" "gccarch-skylake" ];
|
||||
sandybridge = [ "gccarch-westmere" ];
|
||||
ivybridge = [ "gccarch-westmere" "gccarch-sandybridge" ];
|
||||
haswell = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" ];
|
||||
broadwell = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" ];
|
||||
skylake = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" ];
|
||||
skylake-avx512 = [ "gccarch-westmere" "gccarch-sandybridge" "gccarch-ivybridge" "gccarch-haswell" "gccarch-broadwell" "gccarch-skylake" ];
|
||||
}.${pkgs.hostPlatform.platform.gcc.arch} or []
|
||||
)
|
||||
);
|
||||
|
@ -54,7 +54,7 @@ in
|
||||
(mkIf (cfg.showManual && cfgd.enable && cfgd.nixos.enable) {
|
||||
boot.extraTTYs = [ "tty${toString cfg.ttyNumber}" ];
|
||||
|
||||
systemd.services."nixos-manual" = {
|
||||
systemd.services.nixos-manual = {
|
||||
description = "NixOS Manual";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
|
@ -44,7 +44,7 @@ in
|
||||
configs = mkOption {
|
||||
default = { };
|
||||
example = literalExample {
|
||||
"home" = {
|
||||
home = {
|
||||
subvolume = "/home";
|
||||
extraConfig = ''
|
||||
ALLOW_USERS="alice"
|
||||
|
@ -83,7 +83,7 @@ in
|
||||
|
||||
config = mkMerge [
|
||||
(mkIf cfgC.enable {
|
||||
systemd.user.services."synergy-client" = {
|
||||
systemd.user.services.synergy-client = {
|
||||
after = [ "network.target" "graphical-session.target" ];
|
||||
description = "Synergy client";
|
||||
wantedBy = optional cfgC.autoStart "graphical-session.target";
|
||||
@ -93,7 +93,7 @@ in
|
||||
};
|
||||
})
|
||||
(mkIf cfgS.enable {
|
||||
systemd.user.services."synergy-server" = {
|
||||
systemd.user.services.synergy-server = {
|
||||
after = [ "network.target" "graphical-session.target" ];
|
||||
description = "Synergy server";
|
||||
wantedBy = optional cfgS.autoStart "graphical-session.target";
|
||||
|
@ -10,7 +10,7 @@ let
|
||||
group = {
|
||||
nginx = config.services.nginx.group;
|
||||
none = user;
|
||||
}."${cfg.webserver}";
|
||||
}.${cfg.webserver};
|
||||
|
||||
useNginx = cfg.webserver == "nginx";
|
||||
|
||||
@ -223,7 +223,7 @@ in {
|
||||
nginx = lib.mkIf useNginx {
|
||||
enable = true;
|
||||
virtualHosts = {
|
||||
"${cfg.hostname}" = {
|
||||
${cfg.hostname} = {
|
||||
default = true;
|
||||
root = "${pkg}/share/zoneminder/www";
|
||||
listen = [ { addr = "0.0.0.0"; inherit (cfg) port; } ];
|
||||
@ -357,11 +357,11 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.groups."${user}" = {
|
||||
users.groups.${user} = {
|
||||
gid = config.ids.gids.zoneminder;
|
||||
};
|
||||
|
||||
users.users."${user}" = {
|
||||
users.users.${user} = {
|
||||
uid = config.ids.uids.zoneminder;
|
||||
group = user;
|
||||
inherit home;
|
||||
|
@ -185,7 +185,7 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ pkgs."dd-agent" pkgs.sysstat pkgs.procps ];
|
||||
environment.systemPackages = [ pkgs.dd-agent pkgs.sysstat pkgs.procps ];
|
||||
|
||||
users.users.datadog = {
|
||||
description = "Datadog Agent User";
|
||||
|
@ -51,7 +51,7 @@ in {
|
||||
description = "FusionInventory user";
|
||||
};
|
||||
|
||||
systemd.services."fusion-inventory" = {
|
||||
systemd.services.fusion-inventory = {
|
||||
description = "Fusion Inventory Agent";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
||||
|
@ -23,7 +23,7 @@ in
|
||||
|
||||
environment.systemPackages = [ pkgs.monit ];
|
||||
|
||||
environment.etc."monitrc" = {
|
||||
environment.etc.monitrc = {
|
||||
text = cfg.config;
|
||||
mode = "0400";
|
||||
};
|
||||
@ -39,7 +39,7 @@ in
|
||||
KillMode = "process";
|
||||
Restart = "always";
|
||||
};
|
||||
restartTriggers = [ config.environment.etc."monitrc".source ];
|
||||
restartTriggers = [ config.environment.etc.monitrc.source ];
|
||||
};
|
||||
|
||||
};
|
||||
|
@ -70,14 +70,14 @@ let
|
||||
} ''json2yaml -i $json -o $out'';
|
||||
|
||||
thanos = cmd: "${cfg.package}/bin/thanos ${cmd}" +
|
||||
(let args = cfg."${cmd}".arguments;
|
||||
(let args = cfg.${cmd}.arguments;
|
||||
in optionalString (length args != 0) (" \\\n " +
|
||||
concatStringsSep " \\\n " args));
|
||||
|
||||
argumentsOf = cmd: concatLists (collect isList
|
||||
(flip mapParamsRecursive params."${cmd}" (path: param:
|
||||
(flip mapParamsRecursive params.${cmd} (path: param:
|
||||
let opt = concatStringsSep "." path;
|
||||
v = getAttrFromPath path cfg."${cmd}";
|
||||
v = getAttrFromPath path cfg.${cmd};
|
||||
in param.toArgs opt v)));
|
||||
|
||||
mkArgumentsOption = cmd: mkOption {
|
||||
@ -95,7 +95,7 @@ let
|
||||
};
|
||||
|
||||
mapParamsRecursive =
|
||||
let noParam = attr: !(attr ? "toArgs" && attr ? "option");
|
||||
let noParam = attr: !(attr ? toArgs && attr ? option);
|
||||
in mapAttrsRecursiveCond noParam;
|
||||
|
||||
paramsToOptions = mapParamsRecursive (_path: param: param.option);
|
||||
@ -607,7 +607,7 @@ let
|
||||
assertRelativeStateDir = cmd: {
|
||||
assertions = [
|
||||
{
|
||||
assertion = !hasPrefix "/" cfg."${cmd}".stateDir;
|
||||
assertion = !hasPrefix "/" cfg.${cmd}.stateDir;
|
||||
message =
|
||||
"The option services.thanos.${cmd}.stateDir should not be an absolute directory." +
|
||||
" It should be a directory relative to /var/lib.";
|
||||
|
@ -135,7 +135,7 @@ in
|
||||
|
||||
users.groups.${group} = { };
|
||||
|
||||
systemd.services."zabbix-agent" = {
|
||||
systemd.services.zabbix-agent = {
|
||||
description = "Zabbix Agent";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -252,7 +252,7 @@ in
|
||||
fping.source = "${pkgs.fping}/bin/fping";
|
||||
};
|
||||
|
||||
systemd.services."zabbix-proxy" = {
|
||||
systemd.services.zabbix-proxy = {
|
||||
description = "Zabbix Proxy";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -237,7 +237,7 @@ in
|
||||
fping.source = "${pkgs.fping}/bin/fping";
|
||||
};
|
||||
|
||||
systemd.services."zabbix-server" = {
|
||||
systemd.services.zabbix-server = {
|
||||
description = "Zabbix Server";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -69,7 +69,7 @@ let
|
||||
# functions to generate systemd.service entries
|
||||
|
||||
systemdEntry = service: cfgFile: (mapAttrs' ( name: cfg:
|
||||
(nameValuePair "beegfs-${service}-${name}" (mkIf cfg."${service}".enable {
|
||||
(nameValuePair "beegfs-${service}-${name}" (mkIf cfg.${service}.enable {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
requires = [ "network-online.target" ];
|
||||
after = [ "network-online.target" ];
|
||||
|
@ -324,10 +324,10 @@ in
|
||||
# Remove all name-value pairs with null values from the attribute set to avoid making empty sections in the ceph.conf
|
||||
globalConfig = mapAttrs' (name: value: nameValuePair (translateOption name) value) (filterAttrs (name: value: value != null) globalAndMgrConfig);
|
||||
totalConfig = {
|
||||
"global" = globalConfig;
|
||||
} // optionalAttrs (cfg.mon.enable && cfg.mon.extraConfig != {}) { "mon" = cfg.mon.extraConfig; }
|
||||
// optionalAttrs (cfg.mds.enable && cfg.mds.extraConfig != {}) { "mds" = cfg.mds.extraConfig; }
|
||||
// optionalAttrs (cfg.osd.enable && cfg.osd.extraConfig != {}) { "osd" = cfg.osd.extraConfig; }
|
||||
global = globalConfig;
|
||||
} // optionalAttrs (cfg.mon.enable && cfg.mon.extraConfig != {}) { mon = cfg.mon.extraConfig; }
|
||||
// optionalAttrs (cfg.mds.enable && cfg.mds.extraConfig != {}) { mds = cfg.mds.extraConfig; }
|
||||
// optionalAttrs (cfg.osd.enable && cfg.osd.extraConfig != {}) { osd = cfg.osd.extraConfig; }
|
||||
// optionalAttrs (cfg.client.enable && cfg.client.extraConfig != {}) cfg.client.extraConfig;
|
||||
in
|
||||
generators.toINI {} totalConfig;
|
||||
@ -355,7 +355,7 @@ in
|
||||
|
||||
systemd.targets = let
|
||||
targets = [
|
||||
{ "ceph" = { description = "Ceph target allowing to start/stop all ceph service instances at once"; }; }
|
||||
{ ceph = { description = "Ceph target allowing to start/stop all ceph service instances at once"; }; }
|
||||
] ++ optional cfg.mon.enable (generateTargetFile "mon")
|
||||
++ optional cfg.mds.enable (generateTargetFile "mds")
|
||||
++ optional cfg.osd.enable (generateTargetFile "osd")
|
||||
|
@ -234,10 +234,10 @@ in
|
||||
# Refer to https://github.com/samba-team/samba/tree/master/packaging/systemd
|
||||
# for correct use with systemd
|
||||
services = {
|
||||
"samba-smbd" = daemonService "smbd" "";
|
||||
"samba-nmbd" = mkIf cfg.enableNmbd (daemonService "nmbd" "");
|
||||
"samba-winbindd" = mkIf cfg.enableWinbindd (daemonService "winbindd" "");
|
||||
"samba-setup" = {
|
||||
samba-smbd = daemonService "smbd" "";
|
||||
samba-nmbd = mkIf cfg.enableNmbd (daemonService "nmbd" "");
|
||||
samba-winbindd = mkIf cfg.enableWinbindd (daemonService "winbindd" "");
|
||||
samba-setup = {
|
||||
description = "Samba Setup Task";
|
||||
script = setupScript;
|
||||
unitConfig.RequiresMountsFor = "/var/lib/samba";
|
||||
|
@ -52,7 +52,7 @@ in
|
||||
example =
|
||||
{
|
||||
type = "tunnel";
|
||||
"split-horizon" = true;
|
||||
split-horizon = true;
|
||||
};
|
||||
};
|
||||
|
||||
@ -66,8 +66,8 @@ in
|
||||
example =
|
||||
{ enp0s2 =
|
||||
{ type = "wired";
|
||||
"hello-interval" = 5;
|
||||
"split-horizon" = "auto";
|
||||
hello-interval = 5;
|
||||
split-horizon = "auto";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -82,7 +82,7 @@ in {
|
||||
|
||||
environment.systemPackages = [ connman ];
|
||||
|
||||
systemd.services."connman" = {
|
||||
systemd.services.connman = {
|
||||
description = "Connection service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "syslog.target" ];
|
||||
@ -95,7 +95,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."connman-vpn" = mkIf cfg.enableVPN {
|
||||
systemd.services.connman-vpn = mkIf cfg.enableVPN {
|
||||
description = "ConnMan VPN service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "syslog.target" ];
|
||||
@ -108,7 +108,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."net-connman-vpn" = mkIf cfg.enableVPN {
|
||||
systemd.services.net-connman-vpn = mkIf cfg.enableVPN {
|
||||
description = "D-BUS Service";
|
||||
serviceConfig = {
|
||||
Name = "net.connman.vpn";
|
||||
|
@ -156,7 +156,7 @@ in
|
||||
config = mkIf cfg.enable (
|
||||
mkMerge [{
|
||||
|
||||
users.users."consul" = {
|
||||
users.users.consul = {
|
||||
description = "Consul agent daemon user";
|
||||
uid = config.ids.uids.consul;
|
||||
# The shell is needed for health checks
|
||||
|
@ -58,7 +58,7 @@ let
|
||||
${text}
|
||||
''; in "${dir}/bin/${name}";
|
||||
|
||||
defaultInterface = { default = mapAttrs (name: value: cfg."${name}") commonOptions; };
|
||||
defaultInterface = { default = mapAttrs (name: value: cfg.${name}) commonOptions; };
|
||||
allInterfaces = defaultInterface // cfg.interfaces;
|
||||
|
||||
startScript = writeShScript "firewall-start" ''
|
||||
|
@ -115,7 +115,7 @@ in
|
||||
gid = config.ids.gids.git;
|
||||
};
|
||||
|
||||
systemd.services."git-daemon" = {
|
||||
systemd.services.git-daemon = {
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
script = "${pkgs.git}/bin/git daemon --reuseaddr "
|
||||
|
@ -68,7 +68,7 @@ let
|
||||
inherit (cfg) spoolAreaPath;
|
||||
};
|
||||
|
||||
sockets."hylafax-hfaxd" = {
|
||||
sockets.hylafax-hfaxd = {
|
||||
description = "HylaFAX server socket";
|
||||
documentation = [ "man:hfaxd(8)" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -77,7 +77,7 @@ let
|
||||
socketConfig.Accept = true;
|
||||
};
|
||||
|
||||
paths."hylafax-faxq" = {
|
||||
paths.hylafax-faxq = {
|
||||
description = "HylaFAX queue manager sendq watch";
|
||||
documentation = [ "man:faxq(8)" "man:sendq(5)" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
@ -87,11 +87,11 @@ let
|
||||
timers = mkMerge [
|
||||
(
|
||||
mkIf (cfg.faxcron.enable.frequency!=null)
|
||||
{ "hylafax-faxcron".timerConfig.Persistent = true; }
|
||||
{ hylafax-faxcron.timerConfig.Persistent = true; }
|
||||
)
|
||||
(
|
||||
mkIf (cfg.faxqclean.enable.frequency!=null)
|
||||
{ "hylafax-faxqclean".timerConfig.Persistent = true; }
|
||||
{ hylafax-faxqclean.timerConfig.Persistent = true; }
|
||||
)
|
||||
];
|
||||
|
||||
@ -121,7 +121,7 @@ let
|
||||
in
|
||||
service: service // { serviceConfig = apply service; };
|
||||
|
||||
services."hylafax-spool" = {
|
||||
services.hylafax-spool = {
|
||||
description = "HylaFAX spool area preparation";
|
||||
documentation = [ "man:hylafax-server(4)" ];
|
||||
script = ''
|
||||
@ -140,7 +140,7 @@ let
|
||||
unitConfig.RequiresMountsFor = [ cfg.spoolAreaPath ];
|
||||
};
|
||||
|
||||
services."hylafax-faxq" = {
|
||||
services.hylafax-faxq = {
|
||||
description = "HylaFAX queue manager";
|
||||
documentation = [ "man:faxq(8)" ];
|
||||
requires = [ "hylafax-spool.service" ];
|
||||
@ -178,7 +178,7 @@ let
|
||||
serviceConfig.PrivateNetwork = null;
|
||||
};
|
||||
|
||||
services."hylafax-faxcron" = rec {
|
||||
services.hylafax-faxcron = rec {
|
||||
description = "HylaFAX spool area maintenance";
|
||||
documentation = [ "man:faxcron(8)" ];
|
||||
after = [ "hylafax-spool.service" ];
|
||||
@ -194,7 +194,7 @@ let
|
||||
];
|
||||
};
|
||||
|
||||
services."hylafax-faxqclean" = rec {
|
||||
services.hylafax-faxqclean = rec {
|
||||
description = "HylaFAX spool area queue cleaner";
|
||||
documentation = [ "man:faxqclean(8)" ];
|
||||
after = [ "hylafax-spool.service" ];
|
||||
|
@ -121,7 +121,7 @@ in
|
||||
|
||||
users.groups.ircd.gid = config.ids.gids.ircd;
|
||||
|
||||
systemd.services."ircd-hybrid" = {
|
||||
systemd.services.ircd-hybrid = {
|
||||
description = "IRCD Hybrid server";
|
||||
after = [ "started networking" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -50,8 +50,8 @@ in
|
||||
users = mkOption {
|
||||
type = types.attrsOf types.str;
|
||||
example = {
|
||||
"tg" = "00000000000000000000000000000000";
|
||||
"tg2" = "0123456789abcdef0123456789abcdef";
|
||||
tg = "00000000000000000000000000000000";
|
||||
tg2 = "0123456789abcdef0123456789abcdef";
|
||||
};
|
||||
description = ''
|
||||
Allowed users and their secrets. A secret is a 32 characters long hex string.
|
||||
@ -80,7 +80,7 @@ in
|
||||
type = types.attrs;
|
||||
default = {};
|
||||
example = {
|
||||
"STATS_PRINT_PERIOD" = 600;
|
||||
STATS_PRINT_PERIOD = 600;
|
||||
};
|
||||
description = ''
|
||||
Extra configuration options for mtprotoproxy.
|
||||
|
@ -142,7 +142,7 @@ in {
|
||||
messages, and respond to them according to a set of rules.
|
||||
'';
|
||||
default = {};
|
||||
example = { "eth0".rules."1111::/64" = {}; };
|
||||
example = { eth0.rules."1111::/64" = {}; };
|
||||
};
|
||||
};
|
||||
|
||||
@ -153,7 +153,7 @@ in {
|
||||
'' ];
|
||||
|
||||
services.ndppd.proxies = mkIf (cfg.interface != null && cfg.network != null) {
|
||||
"${cfg.interface}".rules."${cfg.network}" = {};
|
||||
${cfg.interface}.rules.${cfg.network} = {};
|
||||
};
|
||||
|
||||
systemd.services.ndppd = {
|
||||
|
@ -81,9 +81,9 @@ let
|
||||
'';
|
||||
|
||||
dispatcherTypesSubdirMap = {
|
||||
"basic" = "";
|
||||
"pre-up" = "pre-up.d/";
|
||||
"pre-down" = "pre-down.d/";
|
||||
basic = "";
|
||||
pre-up = "pre-up.d/";
|
||||
pre-down = "pre-down.d/";
|
||||
};
|
||||
|
||||
macAddressOpt = mkOption {
|
||||
@ -453,7 +453,7 @@ in {
|
||||
|
||||
systemd.packages = cfg.packages;
|
||||
|
||||
systemd.services."NetworkManager" = {
|
||||
systemd.services.NetworkManager = {
|
||||
wantedBy = [ "network.target" ];
|
||||
restartTriggers = [ configFile ];
|
||||
|
||||
@ -483,7 +483,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."NetworkManager-dispatcher" = {
|
||||
systemd.services.NetworkManager-dispatcher = {
|
||||
wantedBy = [ "network.target" ];
|
||||
restartTriggers = [ configFile ];
|
||||
|
||||
|
@ -955,7 +955,7 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
systemd.timers."nsd-dnssec" = mkIf dnssec {
|
||||
systemd.timers.nsd-dnssec = mkIf dnssec {
|
||||
description = "Automatic DNSSEC key rollover";
|
||||
|
||||
wantedBy = [ "nsd.service" ];
|
||||
@ -966,7 +966,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services."nsd-dnssec" = mkIf dnssec {
|
||||
systemd.services.nsd-dnssec = mkIf dnssec {
|
||||
description = "DNSSEC key rollover";
|
||||
|
||||
wantedBy = [ "nsd.service" ];
|
||||
|
@ -128,7 +128,7 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.users."${username}" = {
|
||||
users.users.${username} = {
|
||||
home = dataDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.pdns-recursor;
|
||||
|
@ -93,18 +93,18 @@ with lib;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
environment = {
|
||||
"INTERFACE" = name;
|
||||
"TUN_MODE" = toString qtcfg.tunMode;
|
||||
"REMOTE_ADDRESS" = qtcfg.remoteAddress;
|
||||
"LOCAL_ADDRESS" = qtcfg.localAddress;
|
||||
"LOCAL_PORT" = toString qtcfg.localPort;
|
||||
"REMOTE_PORT" = toString qtcfg.remotePort;
|
||||
"REMOTE_FLOAT" = toString qtcfg.remoteFloat;
|
||||
"PRIVATE_KEY" = qtcfg.privateKey;
|
||||
"PUBLIC_KEY" = qtcfg.publicKey;
|
||||
"TIME_WINDOW" = toString qtcfg.timeWindow;
|
||||
"TUN_UP_SCRIPT" = pkgs.writeScript "quicktun-${name}-up.sh" qtcfg.upScript;
|
||||
"SUID" = "nobody";
|
||||
INTERFACE = name;
|
||||
TUN_MODE = toString qtcfg.tunMode;
|
||||
REMOTE_ADDRESS = qtcfg.remoteAddress;
|
||||
LOCAL_ADDRESS = qtcfg.localAddress;
|
||||
LOCAL_PORT = toString qtcfg.localPort;
|
||||
REMOTE_PORT = toString qtcfg.remotePort;
|
||||
REMOTE_FLOAT = toString qtcfg.remoteFloat;
|
||||
PRIVATE_KEY = qtcfg.privateKey;
|
||||
PUBLIC_KEY = qtcfg.publicKey;
|
||||
TIME_WINDOW = toString qtcfg.timeWindow;
|
||||
TUN_UP_SCRIPT = pkgs.writeScript "quicktun-${name}-up.sh" qtcfg.upScript;
|
||||
SUID = "nobody";
|
||||
};
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
|
@ -275,7 +275,7 @@ in
|
||||
];
|
||||
security.wrappers = {
|
||||
fping.source = "${pkgs.fping}/bin/fping";
|
||||
"fping6".source = "${pkgs.fping}/bin/fping6";
|
||||
fping6.source = "${pkgs.fping}/bin/fping6";
|
||||
};
|
||||
environment.systemPackages = [ pkgs.fping ];
|
||||
users.users = singleton {
|
||||
|
@ -68,7 +68,7 @@ in
|
||||
mkMerge [{
|
||||
environment.systemPackages = [ package ];
|
||||
|
||||
systemd.services."softether-init" = {
|
||||
systemd.services.softether-init = {
|
||||
description = "SoftEther VPN services initial task";
|
||||
after = [ "keys.target" ];
|
||||
wants = [ "keys.target" ];
|
||||
|
@ -63,7 +63,7 @@ rec {
|
||||
StrongSwan default: <literal><![CDATA[${builtins.toJSON strongswanDefault}]]></literal>
|
||||
'';
|
||||
|
||||
single = f: name: value: { "${name}" = f value; };
|
||||
single = f: name: value: { ${name} = f value; };
|
||||
|
||||
mkStrParam = mkParamOfType types.str;
|
||||
mkOptionalStrParam = mkStrParam null;
|
||||
|
@ -21,7 +21,7 @@ rec {
|
||||
mkConf = indent : ps :
|
||||
concatMapStringsSep "\n"
|
||||
(name:
|
||||
let value = ps."${name}";
|
||||
let value = ps.${name};
|
||||
indentation = replicate indent " ";
|
||||
in
|
||||
indentation + (
|
||||
@ -58,7 +58,7 @@ rec {
|
||||
) set);
|
||||
|
||||
# Recursively map over every parameter in the given attribute set.
|
||||
mapParamsRecursive = mapAttrsRecursiveCond' (as: (!(as ? "_type" && as._type == "param")));
|
||||
mapParamsRecursive = mapAttrsRecursiveCond' (as: (!(as ? _type && as._type == "param")));
|
||||
|
||||
mapAttrsRecursiveCond' = cond: f: set:
|
||||
let
|
||||
@ -67,7 +67,7 @@ rec {
|
||||
g =
|
||||
name: value:
|
||||
if isAttrs value && cond value
|
||||
then { "${name}" = recurse (path ++ [name]) value; }
|
||||
then { ${name} = recurse (path ++ [name]) value; }
|
||||
else f (path ++ [name]) name value;
|
||||
in mapAttrs'' g set;
|
||||
in recurse [] set;
|
||||
@ -77,6 +77,6 @@ rec {
|
||||
|
||||
# Extract the options from the given set of parameters.
|
||||
paramsToOptions = ps :
|
||||
mapParamsRecursive (_path: name: param: { "${name}" = param.option; }) ps;
|
||||
mapParamsRecursive (_path: name: param: { ${name} = param.option; }) ps;
|
||||
|
||||
}
|
||||
|
@ -373,7 +373,7 @@ in {
|
||||
systemd.packages = [ pkgs.syncthing ];
|
||||
|
||||
users.users = mkIf (cfg.systemService && cfg.user == defaultUser) {
|
||||
"${defaultUser}" =
|
||||
${defaultUser} =
|
||||
{ group = cfg.group;
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
@ -383,7 +383,7 @@ in {
|
||||
};
|
||||
|
||||
users.groups = mkIf (cfg.systemService && cfg.group == defaultUser) {
|
||||
"${defaultUser}".gid =
|
||||
${defaultUser}.gid =
|
||||
config.ids.gids.syncthing;
|
||||
};
|
||||
|
||||
|
@ -44,9 +44,9 @@ let cfg = config.services.networking.websockify; in {
|
||||
scriptArgs = "%i";
|
||||
};
|
||||
|
||||
systemd.targets."default-websockify" = {
|
||||
systemd.targets.default-websockify = {
|
||||
description = "Target to start all default websockify@ services";
|
||||
unitConfig."X-StopOnReconfiguration" = true;
|
||||
unitConfig.X-StopOnReconfiguration = true;
|
||||
wants = mapAttrsToList (name: value: "websockify@${name}:${toString value}.service") cfg.portMap;
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
@ -74,7 +74,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) {
|
||||
users.users."${cfg.user}" =
|
||||
users.users.${cfg.user} =
|
||||
if cfg.user == "zerobin" then {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
@ -82,7 +82,7 @@ in
|
||||
createHome = true;
|
||||
}
|
||||
else {};
|
||||
users.groups."${cfg.group}" = {};
|
||||
users.groups.${cfg.group} = {};
|
||||
|
||||
systemd.services.zerobin = {
|
||||
enable = true;
|
||||
|
@ -287,7 +287,7 @@ in
|
||||
};
|
||||
|
||||
environment.systemPackages = [ cups.out ] ++ optional polkitEnabled cups-pk-helper;
|
||||
environment.etc."cups".source = "/var/lib/cups";
|
||||
environment.etc.cups.source = "/var/lib/cups";
|
||||
|
||||
services.dbus.packages = [ cups.out ] ++ optional polkitEnabled cups-pk-helper;
|
||||
|
||||
|
@ -67,7 +67,7 @@ in {
|
||||
|
||||
services.cron.systemCronJobs = [ "*/${toString cfg.updater.frequency} * * * * root start fprot-updater" ];
|
||||
|
||||
systemd.services."fprot-updater" = {
|
||||
systemd.services.fprot-updater = {
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
RemainAfterExit = false;
|
||||
|
@ -99,7 +99,7 @@ in
|
||||
# for physlock -l and physlock -L
|
||||
environment.systemPackages = [ pkgs.physlock ];
|
||||
|
||||
systemd.services."physlock" = {
|
||||
systemd.services.physlock = {
|
||||
enable = true;
|
||||
description = "Physlock";
|
||||
wantedBy = optional cfg.lockOn.suspend "suspend.target"
|
||||
|
@ -108,7 +108,7 @@ in {
|
||||
hkpAddress = "'" + (builtins.concatStringsSep " " cfg.hkpAddress) + "'" ;
|
||||
hkpPort = builtins.toString cfg.hkpPort;
|
||||
in {
|
||||
"sks-db" = {
|
||||
sks-db = {
|
||||
description = "SKS database server";
|
||||
after = [ "network.target" ];
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
|
@ -22,7 +22,7 @@ in {
|
||||
config = mkIf cfg.enable {
|
||||
services.geoclue2 = {
|
||||
enable = true;
|
||||
appConfig."localtime" = {
|
||||
appConfig.localtime = {
|
||||
isAllowed = true;
|
||||
isSystem = true;
|
||||
};
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user