JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge staging into closure-size

Browse Source
This commit is contained in:
Vladimír Čunát 2015-05-05 11:49:03 +02:00
commit 375bc8def7
869 changed files with 36250 additions and 30353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
doc/language-support.xml
View File

@ -670,7 +670,12 @@ net = buildGoPackage rec {
url = "https://${goPackagePath}";
sha256 = "1lkz4c9pyz3yz2yz18hiycvlfhgy3jxp68bs7mv7bcfpaj729qav";
};
propagatedBuildInputs = [ goPackages.text ]; <co xml:id='ex-buildGoPackage-3' />
renameImports = [ <co xml:id='ex-buildGoPackage-3' />
"code.google.com/p/go.crypto golang.org/x/crypto"
"code.google.com/p/goprotobuf github.com/golang/protobuf"
];
propagatedBuildInputs = [ goPackages.text ]; <co xml:id='ex-buildGoPackage-4' />
buildFlags = "--tags release"; <co xml:id='ex-buildGoPackage-5' />
};
</programlisting>
</example>
@ -698,7 +703,21 @@ the following arguments are of special significance to the function:
</para>
</callout>
<callout arearefs='ex-buildGoPackage-3'>
<callout arearefs='ex-buildGoPackage-4'>
<para>
<varname>renameImports</varname> is a list of import paths to be renamed before
building the package. The path to be renamed can be a regular expression.
</para>
<para>
In this example imports will be renamed from
<literal>code.google.com/p/go.crypto</literal> to
<literal>golang.org/x/crypto</literal> and from
<literal>code.google.com/p/goprotobuf</literal> to
<literal>github.com/golang/protobuf</literal>.
</para>
</callout>
<callout arearefs='ex-buildGoPackage-4'>
<para>
<varname>propagatedBuildInputs</varname> is where the dependencies of a Go library are
listed. Only libraries should list <varname>propagatedBuildInputs</varname>. If a standalone
@ -707,6 +726,12 @@ the following arguments are of special significance to the function:
</para>
</callout>
<callout arearefs='ex-buildGoPackage-5'>
<para>
<varname>buildFlags</varname> is a list of flags passed to the go build command.
</para>
</callout>
</calloutlist>
</para>

107
doc/packageconfig.xml
View File

@ -1,6 +1,6 @@
<chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-packageconfig">
xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-packageconfig">
<title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title>
@ -9,62 +9,79 @@
</para>
<para>
To apply the configuration edit <filename>~/.nixpkgs/config.nix</filename>
and set it like
To apply the configuration edit <filename>~/.nixpkgs/config.nix</filename>
and set it like
<programlisting>{
allowUnfree = true;
}</programlisting>
and will allow the Nix package manager to install unfree licensed packages.
and will allow the Nix package manager to install unfree licensed packages.
The configuration as listed also applies to NixOS under <option>nixpkgs.config</option> set.
The configuration as listed also applies to NixOS under <option>nixpkgs.config</option> set.
</para>
<itemizedlist>
<listitem>
<para>
Allow installing of packages that are distributed under unfree license by setting
<programlisting>allowUnfree = true;</programlisting>
or deny them by setting it to <literal>false</literal>.
</para>
<para>
Same can be achieved by setting the environment variable:
<programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
</para>
</listitem>
<listitem>
<para>
Allow installing of packages that are distributed under unfree license by setting
<programlisting>allowUnfree = true;</programlisting>
or deny them by setting it to <literal>false</literal>.
</para>
<para>
Same can be achieved by setting the environment variable:
<programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
</para>
</listitem>
<listitem>
<para>
Whenever unfree packages are not allowed, single packages can
still be allowed by a predicate function that accepts package
as an argument and should return a boolean:
<programlisting>allowUnfreePredicate = (pkg: ...);</programlisting>
<listitem>
<para>
Whenever unfree packages are not allowed, single packages can
still be allowed by a predicate function that accepts package
as an argument and should return a boolean:
<programlisting>allowUnfreePredicate = (pkg: ...);</programlisting>
Example to allow flash player only:
<programlisting>allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);</programlisting>
</para>
</listitem>
Example to allow flash player only:
<programlisting>allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);</programlisting>
</para>
</listitem>
<listitem>
<para>
Whenever unfree packages are not allowed, packages can still be
whitelisted by their license:
<programlisting>whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];</programlisting>
</para>
</listitem>
<listitem>
<para>
Whenever unfree packages are not allowed, packages can still be
whitelisted by their license:
<programlisting>whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];</programlisting>
</para>
</listitem>
<listitem>
<para>
In addition to whitelisting licenses which are denied by the
<literal>allowUnfree</literal> setting, you can also explicitely
deny installation of packages which have a certain license:
<programlisting>blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];</programlisting>
</para>
</listitem>
<listitem>
<para>
In addition to whitelisting licenses which are denied by the
<literal>allowUnfree</literal> setting, you can also explicitely
deny installation of packages which have a certain license:
<programlisting>blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];</programlisting>
</para>
</listitem>
</itemizedlist>
<para>
A complete list of licenses can be found in the file
<filename>lib/licenses.nix</filename> of the nix package tree.
A complete list of licenses can be found in the file
<filename>lib/licenses.nix</filename> of the nix package tree.
</para>
</chapter>
<section><title>Modify packages via <literal>packageOverrides</literal></title>
<para>
You can define a function called <varname>packageOverrides</varname>
in your local <filename>~/.nixpkgs/config</filename> to overide nix
packages. It must be a function that takes pkgs as an argument and
return modified set of packages.
<programlisting>{
packageOverrides = pkgs: rec {
foo = pkgs.foo.override { ... };
};
}</programlisting>
</para>
</section>
</chapter>

6
lib/maintainers.nix
View File

@ -49,7 +49,6 @@
chaoflow = "Florian Friesdorf <flo@chaoflow.net>";
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
cocreature = "Moritz Kiefer <moritz.kiefer@purelyfunctional.org>";
codyopel = "Cody Opel <codyopel@gmail.com>";
copumpkin = "Dan Peebles <pumpkingod@gmail.com>";
coroa = "Jonas Hörsch <jonas@chaoflow.net>";
@ -60,6 +59,7 @@
dbohdan = "Danyil Bohdan <danyil.bohdan@gmail.com>";
DerGuteMoritz = "Moritz Heidkamp <moritz@twoticketsplease.de>";
devhell = "devhell <\"^\"@regexmail.net>";
dezgeg = "Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>";
dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>";
doublec = "Chris Double <chris.double@double.co.nz>";
ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>";
@ -74,6 +74,7 @@
falsifian = "James Cook <james.cook@utoronto.ca>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
forkk = "Andrew Okin <forkk@forkk.net>";
fpletz = "Franz Pletz <fpletz@fnordicwalking.de>";
ftrvxmtrx = "Siarhei Zirukin <ftrvxmtrx@gmail.com>";
funfunctor = "Edward O'Callaghan <eocallaghan@alterapraxis.com>";
@ -88,6 +89,7 @@
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>";
hbunke = "Hendrik Bunke <bunke.hendrik@gmail.com>";
henrytill = "Henry Till <henrytill@gmail.com>";
hinton = "Tom Hinton <t@larkery.com>";
hrdinka = "Christoph Hrdinka <c.nix@hrdinka.at>";
@ -116,6 +118,7 @@
lethalman = "Luca Bruno <lucabru@src.gnome.org>";
lhvwb = "Nathaniel Baxter <nathaniel.baxter@gmail.com>";
linquize = "Linquize <linquize@yahoo.com.hk>";
linus = "Linus Arver <linusarver@gmail.com>";
lovek323 = "Jason O'Conal <jason@oconal.id.au>";
ludo = "Ludovic Courtès <ludo@gnu.org>";
madjar = "Georges Dubus <georges.dubus@compiletoi.net>";
@ -190,6 +193,7 @@
spwhitt = "Spencer Whitt <sw@swhitt.me>";
sztupi = "Attila Sztupak <attila.sztupak@gmail.com>";
tailhook = "Paul Colomiets <paul@colomiets.name>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>";
theuni = "Christian Theune <ct@flyingcircus.io>";

4
lib/platforms.nix
View File

@ -13,4 +13,8 @@ rec {
none = [];
allBut = platforms: lists.filter (x: !(builtins.elem x platforms)) all;
mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux"];
x86_64 = ["x86_64-linux" "x86_64-darwin" "x86_64-freebsd" "x86_64-openbsd" "x86_64-netbsd" "x86_64-cygwin"];
i686 = ["i686-linux" "i686-freebsd" "i686-netbsd" "i686-cygwin"];
arm = ["armv5tel-linux" "armv6l-linux" "armv7l-linux" ];
mips = [ "mips64el-linux" ];
}

1
nixos/doc/manual/development/development.xml
View File

@ -15,6 +15,7 @@ NixOS.</para>
<xi:include href="writing-modules.xml" />
<xi:include href="building-parts.xml" />
<xi:include href="building-nixos.xml" />
<xi:include href="nixos-tests.xml" />
<xi:include href="testing-installer.xml" />
</part>

3
nixos/doc/manual/development/nixos-tests.xml
View File

@ -15,5 +15,6 @@ required for the test.</para>
<xi:include href="writing-nixos-tests.xml" />
<xi:include href="running-nixos-tests.xml" />
<xi:include href="running-nixos-tests-interactively.xml" />
</chapter>
</chapter>

43
nixos/doc/manual/development/running-nixos-tests-interactively.xml Normal file
View File

@ -0,0 +1,43 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-running-nixos-tests">
<title>Running Tests interactively</title>
<para>The test itself can be run interactively. This is
particularly useful when developing or debugging a test:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-test-driver
starting VDE switch for network 1
&gt;
</screen>
You can then take any Perl statement, e.g.
<screen>
&gt; startAll
&gt; testScript
&gt; $machine->succeed("touch /tmp/foo")
</screen>
The function <command>testScript</command> executes the entire test
script and drops you back into the test driver command line upon its
completion. This allows you to inspect the state of the VMs after the
test (e.g. to debug the test script).</para>
<para>To just start and experiment with the VMs, run:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-run-vms
</screen>
The script <command>nixos-run-vms</command> starts the virtual
machines defined by test. The root file system of the VMs is created
on the fly and kept across VM restarts in
<filename>./</filename><varname>hostname</varname><filename>.qcow2</filename>.</para>
</section>

40
nixos/doc/manual/development/running-nixos-tests.xml
View File

@ -2,7 +2,7 @@
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-running-nixos-tests">
xml:id="sec-running-nixos-tests-interactively">
<title>Running Tests</title>
@ -38,42 +38,4 @@ $ firefox result/log.html
</screen>
</para>
<title>Running Tests interactively</title>
<para>The test itself can be run interactively. This is
particularly useful when developing or debugging a test:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-test-driver
starting VDE switch for network 1
&gt;
</screen>
You can then take any Perl statement, e.g.
<screen>
&gt; startAll
&gt; testScript
&gt; $machine->succeed("touch /tmp/foo")
</screen>
The function <command>testScript</command> executes the entire test
script and drops you back into the test driver command line upon its
completion. This allows you to inspect the state of the VMs after the
test (e.g. to debug the test script).</para>
<para>To just start and experiment with the VMs, run:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-run-vms
</screen>
The script <command>nixos-run-vms</command> starts the virtual
machines defined by test. The root file system of the VMs is created
on the fly and kept across VM restarts in
<filename>./</filename><varname>hostname</varname><filename>.qcow2</filename>.</para>
</section>

14
nixos/doc/manual/release-notes/rl-unstable.xml
View File

@ -35,6 +35,20 @@ and old <literal>steam</literal> package -- to <literal>steamOriginal</literal>.
was accordingly renamed to <literal>bomi</literal>
</para></listitem>
<listitem>
<para>
The default <literal>NIX_PATH</literal> for NixOS now includes
<literal>/nix/var/nix/profiles/per-user/root/channels</literal>, so it's
easy to add custom channels.
</para>
<para>
Moreover, whenever a <command>nixos-rebuild &lt;action&gt;
--upgrade</command> is issued, every channel that includes a file
called <filename>.update-on-nixos-rebuild</filename> will be upgraded
alongside of the <literal>nixos</literal> channel.
</para>
</listitem>
</itemizedlist>
</para>

7
nixos/modules/config/i18n.nix
View File

@ -74,14 +74,17 @@ in
config = {
environment.systemPackages = [ glibcLocales ];
environment.systemPackages =
optional (config.i18n.supportedLocales != []) glibcLocales;
environment.sessionVariables =
{ LANG = config.i18n.defaultLocale;
LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
};
systemd.globalEnvironment.LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive";
systemd.globalEnvironment = mkIf (config.i18n.supportedLocales != []) {
LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive";
};
# /etc/locale.conf is used by systemd.
environment.etc = singleton

4
nixos/modules/config/system-path.nix
View File

@ -23,7 +23,6 @@ let
pkgs.cpio
pkgs.curl
pkgs.diffutils
pkgs.eject # HAL depends on it anyway
pkgs.findutils
pkgs.gawk
pkgs.glibc # for ldd, getent
@ -40,15 +39,12 @@ let
pkgs.ncurses
pkgs.netcat
pkgs.openssh
pkgs.pciutils
pkgs.perl
pkgs.procps
pkgs.rsync
pkgs.strace
pkgs.sysvtools
pkgs.su
pkgs.time
pkgs.usbutils
pkgs.utillinux
extraManpages
];

6
nixos/modules/installer/cd-dvd/installation-cd-base.nix
View File

@ -45,12 +45,6 @@ with lib;
# Get a console as soon as the initrd loads fbcon on EFI boot.
boot.initrd.kernelModules = [ "fbcon" ];
# Add support for cow filesystems and their utilities
boot.supportedFilesystems = [ "zfs" "btrfs" ];
# Configure host id for ZFS to work
networking.hostId = "8425e349";
# Allow the user to log in as root without a password.
users.extraUsers.root.initialHashedPassword = "";
}

12
nixos/modules/installer/tools/nixos-install.sh
View File

@ -45,7 +45,9 @@ while [ "$#" -gt 0 ]; do
;;
--chroot)
runChroot=1
chrootCommand=("$@")
if [[ "$@" != "" ]]; then
chrootCommand=("$@")
fi
break
;;
--help)
@ -254,8 +256,14 @@ NIXOS_INSTALL_GRUB=1 chroot $mountPoint \
chroot $mountPoint /nix/var/nix/profiles/system/activate
# Some systems may not be prepared to use NixOS' paths.
export PATH=/run/current-system/sw/bin:/run/current-system/sw/sbin:$PATH
export NIX_PATH=/nix/var/nix/profiles/per-user/root/channels/nixos:nixpkgs=/etc/nixos/nixpkgs
export NIX_PATH=$NIX_PATH:nixos-config=/etc/nixos/configuration.nix:/nix/var/nix/profiles/per-user/root/channels
# Ask the user to set a root password.
if [ "$(chroot $mountPoint nix-instantiate --eval '<nixos>' -A config.users.mutableUsers)" = true ] && [ -t 0 ] ; then
if [ "$(chroot $mountPoint nix-instantiate --eval '<nixpkgs/nixos>' -A config.users.mutableUsers)" = true ] && [ -t 1 ] ; then
echo "setting root password..."
chroot $mountPoint /var/setuid-wrappers/passwd
fi

8
nixos/modules/installer/tools/nixos-rebuild.sh
View File

@ -96,6 +96,14 @@ fi
# If --upgrade is given, run nix-channel --update nixos.
if [ -n "$upgrade" -a -z "$_NIXOS_REBUILD_REEXEC" ]; then
nix-channel --update nixos
# If there are other channels that contain a file called
# ".update-on-nixos-rebuild", update them as well.
for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do
if [ -e "$channelpath/.update-on-nixos-rebuild" ]; then
nix-channel --update "$(basename "$channelpath")"
fi
done
fi
# Make sure that we use the Nix package we depend on, not something

14
nixos/modules/misc/ids.nix
View File

@ -203,17 +203,20 @@
sddm = 175;
tss = 176;
memcached = 177;
nscd = 178;
ntp = 179;
zabbix = 180;
redis = 181;
sshd = 182;
unifi = 183;
uptimed = 184;
zope2 = 185;
ripple-data-api = 186;
mediatomb = 187;
rdnssd = 188;
ihaskell = 189;
i2p = 190;
lambdabot = 191;
asterisk = 192;
plex = 193;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -394,17 +397,20 @@
sddm = 175;
tss = 176;
#memcached = 177; # unused
#nscd = 178; # unused
#ntp = 179; # unused
#zabbix = 180; # unused
#redis = 181; # unused
#sshd = 182; # unused
#unifi = 183; # unused
#uptimed = 184; # unused
#zope2 = 185; # unused
#ripple-data-api = 186; #unused
mediatomb = 187;
#rdnssd = 188; # unused
ihaskell = 189;
i2p = 190;
lambdabot = 191;
#asterisk = 192; # unused
plex = 193;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

11
nixos/modules/module-list.nix
View File

@ -149,6 +149,7 @@
./services/games/minecraft-server.nix
./services/games/minetest-server.nix
./services/hardware/acpid.nix
./services/hardware/actkbd.nix
./services/hardware/amd-hybrid-graphics.nix
./services/hardware/bluetooth.nix
./services/hardware/freefall.nix
@ -193,6 +194,7 @@
./services/misc/gitlab.nix
./services/misc/gitolite.nix
./services/misc/gpsd.nix
./services/misc/ihaskell.nix
./services/misc/mediatomb.nix
./services/misc/mesos-master.nix
./services/misc/mesos-slave.nix
@ -202,6 +204,7 @@
./services/misc/nix-ssh-serve.nix
./services/misc/parsoid.nix
./services/misc/phd.nix
./services/misc/plex.nix
./services/misc/redmine.nix
./services/misc/rippled.nix
./services/misc/ripple-data-api.nix
@ -241,6 +244,7 @@
./services/network-filesystems/yandex-disk.nix
./services/networking/aiccu.nix
./services/networking/amuled.nix
./services/networking/asterisk.nix
./services/networking/atftpd.nix
./services/networking/avahi-daemon.nix
./services/networking/bind.nix
@ -268,10 +272,12 @@
./services/networking/haproxy.nix
./services/networking/hostapd.nix
./services/networking/i2pd.nix
./services/networking/i2p.nix
./services/networking/ifplugd.nix
./services/networking/iodined.nix
./services/networking/ircd-hybrid/default.nix
./services/networking/kippo.nix
./services/networking/lambdabot.nix
./services/networking/mailpile.nix
./services/networking/minidlna.nix
./services/networking/mstpd.nix
@ -336,6 +342,7 @@
./services/security/fprot.nix
./services/security/frandom.nix
./services/security/haveged.nix
./services/security/hologram.nix
./services/security/munge.nix
./services/security/torify.nix
./services/security/tor.nix
@ -410,6 +417,9 @@
./system/boot/stage-1.nix
./system/boot/stage-2.nix
./system/boot/systemd.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/timesyncd.nix
./system/boot/tmp.nix
./system/etc/etc.nix
./system/upstart/upstart.nix
@ -423,6 +433,7 @@
./tasks/filesystems/f2fs.nix
./tasks/filesystems/jfs.nix
./tasks/filesystems/nfs.nix
./tasks/filesystems/ntfs.nix
./tasks/filesystems/reiserfs.nix
./tasks/filesystems/unionfs-fuse.nix
./tasks/filesystems/vfat.nix

6
nixos/modules/profiles/base.nix
View File

@ -29,6 +29,8 @@
pkgs.hdparm
pkgs.dmraid
pkgs.smartmontools # for diagnosing hard disks
pkgs.pciutils
pkgs.usbutils
# Tools to create / manipulate filesystems.
pkgs.ntfsprogs # for resizing NTFS partitions
@ -50,6 +52,8 @@
];
# Include support for various filesystems.
boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" ];
boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "zfs" "ntfs" "cifs" ];
# Configure host id for ZFS to work
networking.hostId = "8425e349";
}

4
nixos/modules/profiles/container.nix → nixos/modules/profiles/docker-container.nix
View File

@ -45,10 +45,6 @@ in {
${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
'';
# Disable some features that are not useful in a container.
sound.enable = mkDefault false;
services.udisks2.enable = mkDefault false;
# Install new init script
system.activationScripts.installInitScript = ''
ln -fs $systemConfig/init /init

7
nixos/modules/profiles/installation-device.nix
View File

@ -26,15 +26,14 @@ with lib;
# Disable some other stuff we don't need.
security.sudo.enable = false;
# Include only the en_US locale. This saves 75 MiB or so compared to
# the full glibcLocales package.
i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "en_US/ISO-8859-1"];
# Automatically log in at the virtual consoles.
services.mingetty.autologinUser = "root";
# Some more help text.
services.mingetty.helpLine =
''
Log in as "root" with an empty password. ${
The "root" account has an empty password. ${
optionalString config.services.xserver.enable
"Type `start display-manager' to\nstart the graphical user interface."}
'';

5
nixos/modules/profiles/minimal.nix
View File

@ -3,6 +3,9 @@
{ config, lib, pkgs, ... }:
with lib;
{
environment.noXlibs = true;
environment.noXlibs = mkDefault true;
i18n.supportedLocales = [ config.i18n.defaultLocale ];
}

1
nixos/modules/programs/environment.nix
View File

@ -28,6 +28,7 @@ in
[ "/nix/var/nix/profiles/per-user/root/channels/nixos"
"nixpkgs=/etc/nixos/nixpkgs"
"nixos-config=/etc/nixos/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
];
};

6
nixos/modules/programs/shadow.nix
View File

@ -100,8 +100,10 @@ in
chgpasswd = { rootOK = true; };
};
security.setuidPrograms = [ "passwd" "chfn" "su" "sg" "newgrp"
"newuidmap" "newgidmap" # new in shadow 4.2.x
security.setuidPrograms = [ "su" "chfn" ]
++ lib.optionals config.users.mutableUsers
[ "passwd" "sg" "newgrp"
"newuidmap" "newgidmap" # new in shadow 4.2.x
];
};

2
nixos/modules/programs/shell.nix
View File

@ -53,7 +53,7 @@ in
# Set up a default Nix expression from which to install stuff.
if [ ! -e $HOME/.nix-defexpr -o -L $HOME/.nix-defexpr ]; then
rm -f $HOME/.nix-defexpr
mkdir $HOME/.nix-defexpr
mkdir -p $HOME/.nix-defexpr
if [ "$USER" != root ]; then
ln -s /nix/var/nix/profiles/per-user/root/channels $HOME/.nix-defexpr/channels_root
fi

2
nixos/modules/rename.nix
View File

@ -135,7 +135,7 @@ in zipModules ([]
++ obsolete [ "services" "mysql55" ] [ "services" "mysql" ]
++ obsolete [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ]
++ alias [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ]
# XBMC
++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "kodi" ]

35
nixos/modules/security/grsecurity.nix
View File

@ -112,9 +112,6 @@ in
<literal>kernel.grsecurity.grsec_lock</literal> to
non-zero as soon as all sysctl options are set. *THIS IS
EXTREMELY IMPORTANT*!
If disabled, this also turns off the
<literal>systemd-sysctl</literal> service.
'';
};
@ -229,11 +226,8 @@ in
kernel 3.19) to continue.
'';
}
{ assertion = (cfg.stable -> !cfg.testing) || (cfg.testing -> !cfg.stable);
message = ''
You must select either the stable or testing patch, not
both.
'';
{ assertion = !(cfg.stable && cfg.testing);
message = "Select either one of the stable or testing patch";
}
{ assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) ||
(cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc);
@ -282,22 +276,21 @@ in
# };
# };
system.activationScripts.grsec =
''
mkdir -p /etc/grsec
if [ ! -f /etc/grsec/learn_config ]; then
cp ${pkgs.gradm}/etc/grsec/learn_config /etc/grsec
fi
if [ ! -f /etc/grsec/policy ]; then
cp ${pkgs.gradm}/etc/grsec/policy /etc/grsec
fi
chmod -R 0600 /etc/grsec
'';
system.activationScripts = lib.optionalAttrs (!cfg.config.disableRBAC) { grsec = ''
mkdir -p /etc/grsec
if [ ! -f /etc/grsec/learn_config ]; then
cp ${pkgs.gradm}/etc/grsec/learn_config /etc/grsec
fi
if [ ! -f /etc/grsec/policy ]; then
cp ${pkgs.gradm}/etc/grsec/policy /etc/grsec
fi
chmod -R 0600 /etc/grsec
''; };
# Enable AppArmor, gradm udev rules, and utilities
security.apparmor.enable = true;
boot.kernelPackages = customGrsecPkg;
services.udev.packages = [ pkgs.gradm ];
environment.systemPackages = [ pkgs.gradm pkgs.paxctl pkgs.pax-utils ];
services.udev.packages = lib.optional (!cfg.config.disableRBAC) pkgs.gradm;
environment.systemPackages = [ pkgs.paxctl pkgs.pax-utils ] ++ lib.optional (!cfg.config.disableRBAC) pkgs.gradm;
};
}

27
nixos/modules/services/audio/alsa.nix
View File

@ -33,6 +33,16 @@ in
'';
};
enableMediaKeys = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable volume and capture control with keyboard media keys.
Enabling this will turn on <option>services.actkbd</option>.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -80,6 +90,23 @@ in
};
};
services.actkbd = mkIf config.sound.enableMediaKeys {
enable = true;
bindings = [
# "Mute" media key
{ keys = [ 113 ]; events = [ "key" ]; command = "${alsaUtils}/bin/amixer -q set Master toggle"; }
# "Lower Volume" media key
{ keys = [ 114 ]; events = [ "key" "rep" ]; command = "${alsaUtils}/bin/amixer -q set Master 1- unmute"; }
# "Raise Volume" media key
{ keys = [ 115 ]; events = [ "key" "rep" ]; command = "${alsaUtils}/bin/amixer -q set Master 1+ unmute"; }
# "Mic Mute" media key
{ keys = [ 190 ]; events = [ "key" ]; command = "${alsaUtils}/bin/amixer -q set Capture toggle"; }
];
};
};
}

10
nixos/modules/services/audio/mpd.nix
View File

@ -11,7 +11,7 @@ let
mpdConf = pkgs.writeText "mpd.conf" ''
music_directory "${cfg.musicDirectory}"
playlist_directory "${cfg.dataDir}/playlists"
db_file "${cfg.dataDir}/tag_cache"
db_file "${cfg.dbFile}"
state_file "${cfg.dataDir}/state"
sticker_file "${cfg.dataDir}/sticker.sql"
log_file "syslog"
@ -93,6 +93,14 @@ in {
};
};
dbFile = mkOption {
type = types.str;
default = "${cfg.dataDir}/tag_cache";
description = ''
The path to MPD's database.
'';
};
};
};

34
nixos/modules/services/backup/tarsnap.nix
View File

@ -5,20 +5,21 @@ with lib;
let
cfg = config.services.tarsnap;
optionalNullStr = e: v: if e == null then "" else v;
configFile = cfg: ''
cachedir ${config.services.tarsnap.cachedir}
keyfile ${config.services.tarsnap.keyfile}
${optionalString cfg.nodump "nodump"}
${optionalString cfg.printStats "print-stats"}
${optionalString cfg.printStats "humanize-numbers"}
${optionalNullStr cfg.checkpointBytes "checkpoint-bytes "+cfg.checkpointBytes}
${optionalString (cfg.checkpointBytes != null) ("checkpoint-bytes "+cfg.checkpointBytes)}
${optionalString cfg.aggressiveNetworking "aggressive-networking"}
${concatStringsSep "\n" (map (v: "exclude "+v) cfg.excludes)}
${concatStringsSep "\n" (map (v: "include "+v) cfg.includes)}
${optionalString cfg.lowmem "lowmem"}
${optionalString cfg.verylowmem "verylowmem"}
${optionalString (cfg.maxbw != null) ("maxbw "+toString cfg.maxbw)}
${optionalString (cfg.maxbwRateUp != null) ("maxbw-rate-up "+toString cfg.maxbwRateUp)}
${optionalString (cfg.maxbwRateDown != null) ("maxbw-rate-down "+toString cfg.maxbwRateDown)}
'';
in
{
@ -166,6 +167,33 @@ in
slowing down the archiving process.
'';
};
maxbw = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
'';
};
maxbwRateUp = mkOption {
type = types.nullOr types.int;
default = null;
example = literalExample "25 * 1000";
description = ''
Upload bandwidth rate limit in bytes.
'';
};
maxbwRateDown = mkOption {
type = types.nullOr types.int;
default = null;
example = literalExample "50 * 1000";
description = ''
Download bandwidth rate limit in bytes.
'';
};
};
}
));

12
nixos/modules/services/cluster/kubernetes.nix
View File

@ -224,7 +224,7 @@ in {
machines = mkOption {
description = "Kubernetes controller list of machines to schedule to schedule onto";
default = [];
default = [config.networking.hostName];
type = types.listOf types.str;
};
@ -310,6 +310,12 @@ in {
type = types.str;
};
master = mkOption {
description = "Kubernetes apiserver address";
default = "${cfg.apiserver.address}:${toString cfg.apiserver.port}";
type = types.str;
};
extraOpts = mkOption {
description = "Kubernetes proxy extra command line options.";
default = "";
@ -355,6 +361,7 @@ in {
--secure_port=${toString cfg.apiserver.securePort} \
--portal_net=${cfg.apiserver.portalNet} \
--logtostderr=true \
--runtime_config=api/v1beta3 \
${optionalString cfg.verbose "--v=6 --log_flush_frequency=1s"} \
${cfg.apiserver.extraOpts}
'';
@ -416,7 +423,6 @@ in {
script = ''
export PATH="/bin:/sbin:/usr/bin:/usr/sbin:$PATH"
exec ${cfg.package}/bin/kubelet \
--etcd_servers=${concatMapStringsSep "," (f: "http://${f}") cfg.etcdServers} \
--api_servers=${concatMapStringsSep "," (f: "http://${f}") cfg.kubelet.apiServers} \
--address=${cfg.kubelet.address} \
--port=${toString cfg.kubelet.port} \
@ -443,7 +449,7 @@ in {
after = [ "network-interfaces.target" "etcd.service" ];
serviceConfig = {
ExecStart = ''${cfg.package}/bin/kube-proxy \
--etcd_servers=${concatMapStringsSep "," (s: "http://${s}") cfg.etcdServers} \
--master=${cfg.proxy.master} \
--bind_address=${cfg.proxy.address} \
--logtostderr=true \
${optionalString cfg.verbose "--v=6 --log_flush_frequency=1s"} \

2
nixos/modules/services/desktops/geoclue2.nix
View File

@ -34,6 +34,8 @@ with lib;
services.dbus.packages = [ pkgs.geoclue2 ];
systemd.packages = [ pkgs.geoclue2 ];
};
}

130
nixos/modules/services/hardware/actkbd.nix Normal file
View File

@ -0,0 +1,130 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.actkbd;
configFile = pkgs.writeText "actkbd.conf" ''
${concatMapStringsSep "\n"
({ keys, events, attributes, command, ... }:
''${concatMapStringsSep "+" toString keys}:${concatStringsSep "," events}:${concatStringsSep "," attributes}:${command}''
)
cfg.bindings}
${cfg.extraConfig}
'';
bindingCfg = { config, ... }: {
options = {
keys = mkOption {
type = types.listOf types.int;
description = "List of keycodes to match.";
};
events = mkOption {
type = types.listOf (types.enum ["key" "rep" "rel"]);
default = [ "key" ];
description = "List of events to match.";
};
attributes = mkOption {
type = types.listOf types.str;
default = [ "exec" ];
description = "List of attributes.";
};
command = mkOption {
type = types.str;
default = "";
description = "What to run.";
};
};
};
in
{
###### interface
options = {
services.actkbd = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the <command>actkbd</command> key mapping daemon.
Turning this on will start an <command>actkbd</command>
instance for every evdev input that has at least one key
(which is okay even for systems with tiny memory footprint,
since actkbd normally uses &lt;100 bytes of memory per
instance).
This allows binding keys globally without the need for e.g.
X11.
'';
};
bindings = mkOption {
type = types.listOf (types.submodule bindingCfg);
default = [];
example = lib.literalExample ''
[ { keys = [ 113 ]; events = [ "key" ]; command = "''${pkgs.alsaUtils}/bin/amixer -q set Master toggle"; }
]
'';
description = ''
Key bindings for <command>actkbd</command>.
See <command>actkbd</command> <filename>README</filename> for documentation.
The example shows a piece of what <option>sound.enableMediaKeys</option> does when enabled.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";
description = ''
Literal contents to append to the end of actkbd configuration file.
'';
};
};
};
###### implementation
config = mkIf cfg.enable {
services.udev.packages = lib.singleton (pkgs.writeTextFile {
name = "actkbd-udev-rules";
destination = "/etc/udev/rules.d/61-actkbd.rules";
text = ''
ACTION=="add", SUBSYSTEM=="input", KERNEL=="event[0-9]*", ENV{ID_INPUT_KEY}=="1", TAG+="systemd", ENV{SYSTEMD_WANTS}+="actkbd@$env{DEVNAME}.service"
'';
});
systemd.services."actkbd@" = {
enable = true;
restartIfChanged = true;
unitConfig = {
Description = "actkbd on %I";
ConditionPathExists = "%I";
};
serviceConfig = {
Type = "forking";
ExecStart = "${pkgs.actkbd}/bin/actkbd -D -c ${configFile} -d %I";
};
};
};
}

1
nixos/modules/services/logging/fluentd.nix
View File

@ -33,6 +33,7 @@ in {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.fluentd}/bin/fluentd -c ${pkgs.writeText "fluentd.conf" cfg.config}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
};
};
};

2
nixos/modules/services/misc/etcd.nix
View File

@ -11,7 +11,7 @@ in {
enable = mkOption {
description = "Whether to enable etcd.";
default = false;
type = types.uniq types.bool;
type = types.bool;
};
name = mkOption {

76
nixos/modules/services/misc/ihaskell.nix Normal file
View File

@ -0,0 +1,76 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.services.ihaskell;
ihaskell = pkgs.ihaskell.override {
inherit (cfg.haskellPackages) ihaskell ghcWithPackages;
packages = self: cfg.extraPackages self;
};
in
{
options = {
services.ihaskell = {
enable = mkOption {
default = false;
example = true;
description = "Autostart an IHaskell notebook service.";
};
haskellPackages = mkOption {
default = pkgs.haskellngPackages;
defaultText = "pkgs.haskellngPackages";
example = literalExample "pkgs.haskell-ng.packages.ghc784";
description = ''
haskellPackages used to build IHaskell and other packages.
This can be used to change the GHC version used to build
IHaskell and the packages listed in
<varname>extraPackages</varname>.
'';
};
extraPackages = mkOption {
default = self: [];
example = literalExample ''
haskellPackages: [
haskellPackages.wreq
haskellPackages.lens
]
'';
description = ''
Extra packages available to ghc when running ihaskell. The
value must be a function which receives the attrset defined
in <varname>haskellPackages</varname> as the sole argument.
'';
};
};
};
config = mkIf cfg.enable {
users.extraUsers.ihaskell = {
group = config.users.extraGroups.ihaskell.name;
description = "IHaskell user";
home = "/var/lib/ihaskell";
createHome = true;
uid = config.ids.uids.ihaskell;
};
users.extraGroups.ihaskell.gid = config.ids.gids.ihaskell;
systemd.services.ihaskell = {
description = "IHaskell notebook instance";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
User = config.users.extraUsers.ihaskell.name;
Group = config.users.extraGroups.ihaskell.name;
ExecStart = "${pkgs.stdenv.shell} -c \"cd $HOME;${ihaskell}/bin/ihaskell-notebook\"";
};
};
};
}

87
nixos/modules/services/misc/plex.nix Normal file
View File

@ -0,0 +1,87 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.plex;
plex = pkgs.plex;
in
{
options = {
services.plex = {
enable = mkEnableOption "Enable Plex Media Server";
# FIXME: In order for this config option to work, symlinks in the Plex
# package in the Nix store have to be changed to point to this directory.
dataDir = mkOption {
type = types.str;
default = "/var/lib/plex";
description = "The directory where Plex stores its data files.";
};
user = mkOption {
type = types.str;
default = "plex";
description = "User account under which Plex runs.";
};
group = mkOption {
type = types.str;
default = "plex";
description = "Group under which Plex runs.";
};
};
};
config = mkIf cfg.enable {
# Most of this is just copied from the RPM package's systemd service file.
systemd.services.plex = {
description = "Plex Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
test -d "${cfg.dataDir}" || {
echo "Creating initial Plex data directory in \"${cfg.dataDir}\"."
mkdir -p "${cfg.dataDir}"
chown -R ${cfg.user}:${cfg.group} "${cfg.dataDir}"
}
# Copy the database skeleton files to /var/lib/plex/.skeleton
test -d "${cfg.dataDir}/.skeleton" || mkdir "${cfg.dataDir}/.skeleton"
for db in "com.plexapp.plugins.library.db"; do
cp "${plex}/usr/lib/plexmediaserver/Resources/base_$db" "${cfg.dataDir}/.skeleton/$db"
chmod u+w "${cfg.dataDir}/.skeleton/$db"
chown ${cfg.user}:${cfg.group} "${cfg.dataDir}/.skeleton/$db"
done
'';
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = "true";
ExecStart = "/bin/sh -c '${plex}/usr/lib/plexmediaserver/Plex\\ Media\\ Server'";
};
environment = {
PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=cfg.dataDir;
PLEX_MEDIA_SERVER_HOME="${plex}/usr/lib/plexmediaserver";
PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6";
PLEX_MEDIA_SERVER_TMPDIR="/tmp";
LD_LIBRARY_PATH="${plex}/usr/lib/plexmediaserver";
LC_ALL="en_US.UTF-8";
LANG="en_US.UTF-8";
};
};
users.extraUsers = mkIf (cfg.user == "plex") {
plex = {
group = cfg.group;
uid = config.ids.uids.plex;
};
};
users.extraGroups = mkIf (cfg.group == "plex") {
plex = {
gid = config.ids.gids.plex;
};
};
};
}

30
nixos/modules/services/misc/ripple-data-api.nix
View File

@ -43,6 +43,24 @@ in {
type = types.int;
};
importMode = mkOption {
description = "Ripple data api import mode.";
default = "liveOnly";
type = types.enum ["live" "liveOnly"];
};
minLedger = mkOption {
description = "Ripple data api minimal ledger to fetch.";
default = null;
type = types.nullOr types.int;
};
maxLedger = mkOption {
description = "Ripple data api maximal ledger to fetch.";
default = null;
type = types.nullOr types.int;
};
redis = {
enable = mkOption {
description = "Whether to enable caching of ripple data to redis.";
@ -129,6 +147,7 @@ in {
serviceConfig = {
ExecStart = "${pkgs.ripple-data-api}/bin/api";
Restart = "always";
User = "ripple-data-api";
};
};
@ -145,8 +164,15 @@ in {
LOG_FILE = "/dev/null";
};
serviceConfig = {
ExecStart = "${pkgs.ripple-data-api}/bin/importer live debug2";
serviceConfig = let
importMode =
if cfg.minLedger != null && cfg.maxLedger != null then
"${toString cfg.minLedger} ${toString cfg.maxLedger}"
else
cfg.importMode;
in {
ExecStart = "${pkgs.ripple-data-api}/bin/importer ${importMode} debug";
Restart = "always";
User = "ripple-data-api";
};

32
nixos/modules/services/misc/rippled.nix
View File

@ -12,7 +12,7 @@ let
path=${db.path}
${optionalString (db.compression != null) ("compression=${b2i db.compression}") }
${optionalString (db.onlineDelete != null) ("online_delete=${toString db.onlineDelete}")}
${optionalString (db.advisoryDelete != null) ("advisory_delete=${toString db.advisoryDelete}")}
${optionalString (db.advisoryDelete != null) ("advisory_delete=${b2i db.advisoryDelete}")}
${db.extraOpts}
'';
@ -71,6 +71,13 @@ let
[sntp_servers]
${concatStringsSep "\n" cfg.sntpServers}
${optionalString cfg.statsd.enable ''
[insight]
server=statsd
address=${cfg.statsd.address}
prefix=${cfg.statsd.prefix}
''}
[rpc_startup]
{ "command": "log_level", "severity": "${cfg.logLevel}" }
'' + cfg.extraConfig;
@ -142,7 +149,6 @@ let
default = null;
type = types.nullOr types.path;
};
};
};
};
@ -150,7 +156,7 @@ let
dbOptions = {
type = mkOption {
description = "Rippled database type.";
type = types.enum ["rocksdb" "nudb" "sqlite"];
type = types.enum ["rocksdb" "nudb" "sqlite" "hyperleveldb"];
default = "rocksdb";
};
@ -317,7 +323,7 @@ in
Path to the ripple database.
'';
type = types.path;
default = "/var/lib/rippled/db";
default = "/var/lib/rippled";
};
validationQuorum = mkOption {
@ -366,6 +372,22 @@ in
default = "error";
};
statsd = {
enable = mkEnableOption "Whether enable statsd monitoring for rippled";
address = mkOption {
description = "The UDP address and port of the listening StatsD server.";
default = "127.0.0.1:8125";
type = types.str;
};
prefix = mkOption {
description = "A string prepended to each collected metric.";
default = "";
type = types.str;
};
};
extraConfig = mkOption {
default = "";
description = ''
@ -400,6 +422,8 @@ in
serviceConfig = {
ExecStart = "${cfg.package}/bin/rippled --fg --conf ${cfg.config}";
User = "rippled";
Restart = "on-failure";
LimitNOFILE=10000;
};
};

18
nixos/modules/services/network-filesystems/samba.nix
View File

@ -4,6 +4,10 @@ with lib;
let
smbToString = x: if builtins.typeOf x == "bool"
then (if x then "true" else "false")
else toString x;
cfg = config.services.samba;
samba = cfg.package;
@ -15,9 +19,9 @@ let
shareConfig = name:
let share = getAttr name cfg.shares; in
"[${name}]\n " + (toString (
"[${name}]\n " + (smbToString (
map
(key: "${key} = ${toString (getAttr key share)}\n")
(key: "${key} = ${smbToString (getAttr key share)}\n")
(attrNames share)
));
@ -27,12 +31,12 @@ let
[ global ]
security = ${cfg.securityType}
passwd program = /var/setuid-wrappers/passwd %u
pam password change = ${if cfg.syncPasswordsByPam then "yes" else "no"}
invalid users = ${toString cfg.invalidUsers}
pam password change = ${smbToString cfg.syncPasswordsByPam}
invalid users = ${smbToString cfg.invalidUsers}
${cfg.extraConfig}
${toString (map shareConfig (attrNames cfg.shares))}
${smbToString (map shareConfig (attrNames cfg.shares))}
'');
# This may include nss_ldap, needed for samba if it has to use ldap.
@ -151,7 +155,7 @@ in
example =
{ srv =
{ path = "/srv";
"read only" = "yes";
"read only" = true;
comment = "Public samba share.";
};
};
@ -193,7 +197,7 @@ in
"samba-setup" = {
description = "Samba Setup Task";
script = setupScript;
unitConfig.RequiresMountsFor = "/var/samba /var/log/samba";
unitConfig.RequiresMountsFor = "/var/lib/samba";
};
};
};

223
nixos/modules/services/networking/asterisk.nix Normal file
View File

@ -0,0 +1,223 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.asterisk;
asteriskUser = "asterisk";
varlibdir = "/var/lib/asterisk";
spooldir = "/var/spool/asterisk";
logdir = "/var/log/asterisk";
asteriskEtc = pkgs.stdenv.mkDerivation
((mapAttrs' (name: value: nameValuePair
# Fudge the names to make bash happy
((replaceChars ["."] ["_"] name) + "_")
(value)
) cfg.confFiles) //
{
confFilesString = concatStringsSep " " (
attrNames cfg.confFiles
);
name = "asterisk.etc";
# Default asterisk.conf file
# (Notice that astetcdir will be set to the path of this derivation)
asteriskConf = ''
[directories]
astetcdir => @out@
astmoddir => ${pkgs.asterisk}/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => ${pkgs.asterisk}/sbin
'';
extraConf = cfg.extraConfig;
# Loading all modules by default is considered sensible by the authors of
# "Asterisk: The Definitive Guide". Secure sites will likely want to
# specify their own "modules.conf" in the confFiles option.
modulesConf = ''
[modules]
autoload=yes
'';
# Use syslog for logging so logs can be viewed with journalctl
loggerConf = ''
[general]
[logfiles]
syslog.local0 => notice,warning,error
'';
buildCommand = ''
mkdir -p "$out"
# Create asterisk.conf, pointing astetcdir to the path of this derivation
echo "$asteriskConf" | sed "s|@out@|$out|g" > "$out"/asterisk.conf
echo "$extraConf" >> "$out"/asterisk.conf
echo "$modulesConf" > "$out"/modules.conf
echo "$loggerConf" > "$out"/logger.conf
# Config files specified in confFiles option override all other files
for i in $confFilesString; do
conf=$(echo "$i"_ | sed 's/\./_/g')
echo "''${!conf}" > "$out"/"$i"
done
'';
});
in
{
options = {
services.asterisk = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the Asterisk PBX server.
'';
};
extraConfig = mkOption {
default = "";
type = types.lines;
example = ''
[options]
verbose=3
debug=3
'';
description = ''
Extra configuration options appended to the default
<literal>asterisk.conf</literal> file.
'';
};
confFiles = mkOption {
default = {};
type = types.attrsOf types.str;
example = literalExample
''
{
"extensions.conf" = '''
[tests]
; Dial 100 for "hello, world"
exten => 100,1,Answer()
same => n,Wait(1)
same => n,Playback(hello-world)
same => n,Hangup()
[softphones]
include => tests
[unauthorized]
''';
"sip.conf" = '''
[general]
allowguest=no ; Require authentication
context=unauthorized ; Send unauthorized users to /dev/null
srvlookup=no ; Don't do DNS lookup
udpbindaddr=0.0.0.0 ; Listen on all interfaces
nat=force_rport,comedia ; Assume device is behind NAT
[softphone](!)
type=friend ; Match on username first, IP second
context=softphones ; Send to softphones context in
; extensions.conf file
host=dynamic ; Device will register with asterisk
disallow=all ; Manually specify codecs to allow
allow=g722
allow=ulaw
allow=alaw
[myphone](softphone)
secret=GhoshevFew ; Change this password!
''';
"logger.conf" = '''
[general]
[logfiles]
; Add debug output to log
syslog.local0 => notice,warning,error,debug
''';
}
'';
description = ''
Sets the content of config files (typically ending with
<literal>.conf</literal>) in the Asterisk configuration directory.
Note that if you want to change <literal>asterisk.conf</literal>, it
is preferable to use the <option>services.asterisk.extraConfig</option>
option over this option. If <literal>"asterisk.conf"</literal> is
specified with the <option>confFiles</option> option (not recommended),
you must be prepared to set your own <literal>astetcdir</literal>
path.
See
<link xlink:href="http://www.asterisk.org/community/documentation"/>
for more examples of what is possible here.
'';
};
extraArguments = mkOption {
default = [];
type = types.listOf types.str;
example =
[ "-vvvddd" "-e" "1024" ];
description = ''
Additional command line arguments to pass to Asterisk.
'';
};
};
};
config = mkIf cfg.enable {
users.extraUsers = singleton
{ name = asteriskUser;
uid = config.ids.uids.asterisk;
description = "Asterisk daemon user";
home = varlibdir;
};
systemd.services.asterisk = {
description = ''
Asterisk PBX server
'';
wantedBy = [ "multi-user.target" ];
preStart = ''
# Copy skeleton directory tree to /var
for d in '${varlibdir}' '${spooldir}' '${logdir}'; do
# TODO: Make exceptions for /var directories that likely should be updated
if [ ! -e "$d" ]; then
cp --recursive ${pkgs.asterisk}/"$d" "$d"
chown --recursive ${asteriskUser} "$d"
find "$d" -type d | xargs chmod 0755
fi
done
'';
serviceConfig = {
ExecStart =
let
# FIXME: This doesn't account for arguments with spaces
argString = concatStringsSep " " cfg.extraArguments;
in
"${pkgs.asterisk}/bin/asterisk -U ${asteriskUser} -C ${asteriskEtc}/asterisk.conf ${argString} -F";
Type = "forking";
PIDFile = "/var/run/asterisk/asterisk.pid";
};
};
};
}

4
nixos/modules/services/networking/btsync.nix
View File

@ -293,7 +293,7 @@ in
systemd.services.btsync = with pkgs; {
description = "Bittorrent Sync Service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
after = [ "network.target" "local-fs.target" ];
serviceConfig = {
Restart = "on-abort";
UMask = "0002";
@ -305,7 +305,7 @@ in
systemd.services."btsync@" = with pkgs; {
description = "Bittorrent Sync Service for %i";
after = [ "network.target" ];
after = [ "network.target" "local-fs.target" ];
serviceConfig = {
Restart = "on-abort";
User = "%i";

21
nixos/modules/services/networking/cjdns.nix
View File

@ -44,6 +44,9 @@ let
})
else "";
parseModules = x:
x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; };
# would be nice to merge 'cfg' with a //,
# but the json nesting is wacky.
cjdrouteConf = builtins.toJSON ( {
@ -53,8 +56,8 @@ let
};
authorizedPasswords = map (p: { password = p; }) cfg.authorizedPasswords;
interfaces = {
ETHInterface = if (cfg.ETHInterface.bind != "") then [ cfg.ETHInterface ] else [ ];
UDPInterface = if (cfg.UDPInterface.bind != "") then [ cfg.UDPInterface ] else [ ];
ETHInterface = if (cfg.ETHInterface.bind != "") then [ (parseModules cfg.ETHInterface) ] else [ ];
UDPInterface = if (cfg.UDPInterface.bind != "") then [ (parseModules cfg.UDPInterface) ] else [ ];
};
privateKey = "@CJDNS_PRIVATE_KEY@";
@ -151,12 +154,14 @@ in
ETHInterface = {
bind = mkOption {
default = "";
example = "eth0";
description = ''
Bind to this device for native ethernet operation.
'';
};
default = "";
example = "eth0";
description =
''
Bind to this device for native ethernet operation.
<literal>all</literal> is a pseudo-name which will try to connect to all devices.
'';
};
beacon = mkOption {
type = types.int;

4
nixos/modules/services/networking/ddclient.nix
View File

@ -127,8 +127,8 @@ in
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
# This may change back to forking if too many problems occur:
type = "simple";
# Uncomment this if too many problems occur:
# Type = "forking";
User = ddclientUser;
Group = "nogroup"; #TODO get this to work
PermissionsStartOnly = "true";

11
nixos/modules/services/networking/dnsmasq.nix
View File

@ -28,6 +28,7 @@ in
services.dnsmasq = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to run dnsmasq.
@ -35,14 +36,16 @@ in
};
resolveLocalQueries = mkOption {
type = types.bool;
default = true;
description = ''
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf)
/etc/resolv.conf).
'';
};
servers = mkOption {
type = types.listOf types.string;
default = [];
example = [ "8.8.8.8" "8.8.4.4" ];
description = ''
@ -51,11 +54,11 @@ in
};
extraConfig = mkOption {
type = types.string;
type = types.lines;
default = "";
description = ''
Extra configuration directives that should be added to
<literal>dnsmasq.conf</literal>
<literal>dnsmasq.conf</literal>.
'';
};
@ -81,7 +84,7 @@ in
};
systemd.services.dnsmasq = {
description = "dnsmasq daemon";
description = "Dnsmasq Daemon";
after = [ "network.target" "systemd-resolved.service" ];
wantedBy = [ "multi-user.target" ];
path = [ dnsmasq ];

42
nixos/modules/services/networking/i2p.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.i2p;
homeDir = "/var/lib/i2p";
in {
###### interface
options.services.i2p = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Enables i2p as a running service upon activation.
'';
};
};
###### implementation
config = mkIf cfg.enable {
users.extraUsers.i2p = {
group = "i2p";
description = "i2p User";
home = homeDir;
createHome = true;
uid = config.ids.uids.i2p;
};
users.extraGroups.i2p.gid = config.ids.gids.i2p;
systemd.services.i2p = {
description = "I2P router with administration interface for hidden services";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "i2p";
WorkingDirectory = homeDir;
Restart = "on-abort";
ExecStart = "${pkgs.i2p}/bin/i2prouter-plain";
};
};
};
}

81
nixos/modules/services/networking/lambdabot.nix Normal file
View File

@ -0,0 +1,81 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.lambdabot;
rc = builtins.toFile "script.rc" cfg.script;
in
{
### configuration
options = {
services.lambdabot = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the Lambdabot IRC bot";
};
package = mkOption {
type = types.package;
default = pkgs.lambdabot;
description = "Used lambdabot package";
};
script = mkOption {
type = types.str;
default = "";
description = "Lambdabot script";
};
};
};
### implementation
config = mkIf cfg.enable {
systemd.services.lambdabot = {
description = "Lambdabot daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
# Workaround for https://github.com/lambdabot/lambdabot/issues/117
script = ''
mkdir -p ~/.lambdabot
cd ~/.lambdabot
mkfifo /run/lambdabot/offline
(
echo 'rc ${rc}'
while true; do
cat /run/lambdabot/offline
done
) | ${cfg.package}/bin/lambdabot
'';
serviceConfig = {
User = "lambdabot";
RuntimeDirectory = [ "lambdabot" ];
};
};
users.extraUsers.lambdabot = {
group = "lambdabot";
description = "Lambdabot daemon user";
home = "/var/lib/lambdabot";
createHome = true;
uid = config.ids.uids.lambdabot;
};
users.extraGroups.lambdabot.gid = config.ids.gids.lambdabot;
};
}

33
nixos/modules/services/networking/networkmanager.nix
View File

@ -98,13 +98,23 @@ in {
'';
};
# Ugly hack for using the correct gnome3 packageSet
basePackages = mkOption {
type = types.attrsOf types.path;
default = { inherit networkmanager modemmanager wpa_supplicant
networkmanager_openvpn networkmanager_vpnc
networkmanager_openconnect
networkmanager_pptp networkmanager_l2tp; };
internal = true;
};
packages = mkOption {
type = types.listOf types.path;
default = [ ];
description = ''
Extra packages that provide NetworkManager plugins.
'';
apply = list: [ networkmanager modemmanager wpa_supplicant ] ++ list;
apply = list: (attrValues cfg.basePackages) ++ list;
};
appendNameservers = mkOption {
@ -164,7 +174,7 @@ in {
boot.kernelModules = [ "ppp_mppe" ]; # Needed for most (all?) PPTP VPN connections.
environment.etc = [
environment.etc = with cfg.basePackages; [
{ source = ipUpScript;
target = "NetworkManager/dispatcher.d/01nixos-ip-up";
}
@ -195,14 +205,7 @@ in {
target = "NetworkManager/dispatcher.d/${dispatcherTypesSubdirMap.${s.type}}03userscript${lib.fixedWidthNumber 4 i}";
}) cfg.dispatcherScripts;
environment.systemPackages = cfg.packages ++ [
networkmanager_openvpn
networkmanager_vpnc
networkmanager_openconnect
networkmanager_pptp
networkmanager_l2tp
modemmanager
];
environment.systemPackages = cfg.packages;
users.extraGroups = singleton {
name = "networkmanager";
@ -238,15 +241,7 @@ in {
security.polkit.extraConfig = polkitConf;
# openvpn plugin has only dbus interface
services.dbus.packages = cfg.packages ++ [
networkmanager_openvpn
networkmanager_vpnc
networkmanager_openconnect
networkmanager_pptp
networkmanager_l2tp
modemmanager
];
services.dbus.packages = cfg.packages;
services.udev.packages = cfg.packages;
};

10
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -281,10 +281,8 @@ in
config = mkIf cfg.enable {
users.extraUsers = singleton
{ name = "sshd";
uid = config.ids.uids.sshd;
description = "SSH privilege separation user";
users.extraUsers.sshd =
{ description = "SSH privilege separation user";
home = "/var/empty";
};
@ -379,7 +377,7 @@ in
Port ${toString port}
'') cfg.ports}
${concatMapStrings ({ port, addr }: ''
${concatMapStrings ({ port, addr, ... }: ''
ListenAddress ${addr}${if port != null then ":" + toString port else ""}
'') cfg.listenAddresses}
@ -418,7 +416,7 @@ in
(data.publicKey != null && data.publicKeyFile == null);
message = "knownHost ${name} must contain either a publicKey or publicKeyFile";
})
++ flip map cfg.listenAddresses ({ addr, port }: {
++ flip map cfg.listenAddresses ({ addr, port, ... }: {
assertion = addr != null;
message = "addr must be specified in each listenAddresses entry";
});

2
nixos/modules/services/networking/sslh.nix
View File

@ -81,7 +81,7 @@ in
description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F ${configFile}";
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F${configFile}";
serviceConfig.KillMode = "process";
serviceConfig.PIDFile = "${cfg.pidfile}";
};

102
nixos/modules/services/security/hologram.nix Normal file
View File

@ -0,0 +1,102 @@
{pkgs, config, lib, ...}:
with lib;
let
cfg = config.services.hologram-server;
cfgFile = pkgs.writeText "hologram-server.json" (builtins.toJSON {
ldap = {
host = cfg.ldapHost;
bind = {
dn = cfg.ldapBindDN;
password = cfg.ldapBindPassword;
};
insecureldap = cfg.ldapInsecure;
userattr = cfg.ldapUserAttr;
baseDN = cfg.ldapBaseDN;
};
aws = {
account = cfg.awsAccount;
defaultrole = cfg.awsDefaultRole;
};
stats = cfg.statsAddress;
listen = cfg.listenAddress;
});
in {
options = {
services.hologram-server = {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to enable the Hologram server for AWS instance credentials";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0:3100";
description = "Address and port to listen on";
};
ldapHost = mkOption {
type = types.str;
description = "Address of the LDAP server to use";
};
ldapInsecure = mkOption {
type = types.bool;
default = false;
description = "Whether to connect to LDAP over SSL or not";
};
ldapUserAttr = mkOption {
type = types.str;
default = "cn";
description = "The LDAP attribute for usernames";
};
ldapBaseDN = mkOption {
type = types.str;
description = "The base DN for your Hologram users";
};
ldapBindDN = mkOption {
type = types.str;
description = "DN of account to use to query the LDAP server";
};
ldapBindPassword = mkOption {
type = types.str;
description = "Password of account to use to query the LDAP server";
};
awsAccount = mkOption {
type = types.str;
description = "AWS account number";
};
awsDefaultRole = mkOption {
type = types.str;
description = "AWS default role";
};
statsAddress = mkOption {
type = types.str;
default = "";
description = "Address of statsd server";
};
};
};
config = mkIf cfg.enable {
systemd.services.hologram-server = {
description = "Provide EC2 instance credentials to machines outside of EC2";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.goPackages.hologram}/bin/hologram-server --debug --conf ${cfgFile}";
};
};
};
}

2
nixos/modules/services/system/dbus.nix
View File

@ -133,6 +133,8 @@ in
# Don't restart dbus-daemon. Bad things tend to happen if we do.
systemd.services.dbus.reloadIfChanged = true;
systemd.services.dbus.restartTriggers = [ configDir ];
environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ];
};

6
nixos/modules/services/system/nscd.nix
View File

@ -42,11 +42,7 @@ in
config = mkIf cfg.enable {
users.extraUsers = singleton
{ name = "nscd";
uid = config.ids.uids.nscd;
description = "Name service cache daemon user";
};
users.extraUsers.nscd.description = "Name service cache daemon user";
systemd.services.nscd =
{ description = "Name Service Cache Daemon";

23
nixos/modules/services/ttys/agetty.nix
View File

@ -10,6 +10,15 @@ with lib;
services.mingetty = {
autologinUser = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Username of the account that will be automatically logged in at the console.
If unspecified, a login prompt is shown as usual.
'';
};
greetingLine = mkOption {
type = types.str;
default = ''<<< Welcome to NixOS ${config.system.nixosVersion} (\m) - \l >>>'';
@ -46,28 +55,30 @@ with lib;
###### implementation
config = {
config = let
autologinArg = optionalString (config.services.mingetty.autologinUser != null) "--autologin ${config.services.mingetty.autologinUser}";
gettyCmd = extraArgs: "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login ${autologinArg} ${extraArgs}";
in {
systemd.services."getty@" =
{ serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud %I 115200,38400,9600 $TERM";
{ serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud %I 115200,38400,9600 $TERM";
restartIfChanged = false;
};
systemd.services."serial-getty@" =
{ serviceConfig.ExecStart =
let speeds = concatStringsSep "," (map toString config.services.mingetty.serialSpeed);
in "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login %I ${speeds} $TERM";
in gettyCmd "%I ${speeds} $TERM";
restartIfChanged = false;
};
systemd.services."container-getty@" =
{ unitConfig.ConditionPathExists = "/dev/pts/%I"; # Work around being respawned when "machinectl login" exits.
serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud pts/%I 115200,38400,9600 $TERM";
serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud pts/%I 115200,38400,9600 $TERM";
restartIfChanged = false;
};
systemd.services."console-getty" =
{ serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud console 115200,38400,9600 $TERM";
{ serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud console 115200,38400,9600 $TERM";
serviceConfig.Restart = "always";
restartIfChanged = false;
enable = mkDefault config.boot.isContainer;

3
nixos/modules/services/web-servers/apache-httpd/default.nix
View File

@ -231,6 +231,9 @@ let
${if cfg.sslServerCert != null then ''
SSLCertificateFile ${cfg.sslServerCert}
SSLCertificateKeyFile ${cfg.sslServerKey}
${if cfg.sslServerChain != null then ''
SSLCertificateChainFile ${cfg.sslServerChain}
'' else ""}
'' else ""}
${if cfg.enableSSL then ''

5
nixos/modules/services/web-servers/apache-httpd/mediawiki.nix
View File

@ -83,11 +83,11 @@ let
# Unpack Mediawiki and put the config file in its root directory.
mediawikiRoot = pkgs.stdenv.mkDerivation rec {
name= "mediawiki-1.23.3";
name= "mediawiki-1.23.9";
src = pkgs.fetchurl {
url = "http://download.wikimedia.org/mediawiki/1.23/${name}.tar.gz";
sha256 = "0l6798jwjwk2khfnm84mgc65ij53a8pnv30wdnn15ys4ivia4bpf";
sha256 = "1l7k4g0pgz92yvrfr52w26x740s4362v0gc95pk0i30vn2sp5bql";
};
skins = config.skins;
@ -142,6 +142,7 @@ in
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-f
RewriteCond %{DOCUMENT_ROOT}%{REQUEST_URI} !-d
${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedDirs}
${concatMapStringsSep "\n" (u: "RewriteCond %{REQUEST_URI} !^${u.urlPath}") serverInfo.vhostConfig.servedFiles}
RewriteRule ${if config.enableUploads
then "!^/images"
else "^.*\$"

193
nixos/modules/services/web-servers/apache-httpd/moodle.nix Normal file
View File

@ -0,0 +1,193 @@
{ config, lib, pkgs, serverInfo, php, ... }:
with lib;
let
httpd = serverInfo.serverConfig.package;
version24 = !versionOlder httpd.version "2.4";
allGranted = if version24 then ''
Require all granted
'' else ''
Order allow,deny
Allow from all
'';
moodleConfig = pkgs.writeText "config.php"
''
<?php
unset($CFG);
global $CFG;
$CFG = new stdClass();
$CFG->dbtype = '${config.dbType}';
$CFG->dblibrary = 'native';
$CFG->dbhost = '${config.dbHost}';
$CFG->dbname = '${config.dbName}';
$CFG->dbuser = '${config.dbUser}';
$CFG->dbpass = '${config.dbPassword}';
$CFG->prefix = '${config.dbPrefix}';
$CFG->dboptions = array(
'dbpersist' => false,
'dbsocket' => false,
'dbport' => "${config.dbPort}",
);
$CFG->wwwroot = '${config.wwwRoot}';
$CFG->dataroot = '${config.dataRoot}';
$CFG->directorypermissions = 02777;
$CFG->admin = 'admin';
${optionalString (config.debug.noEmailEver == true) ''
$CFG->noemailever = true;
''}
${config.extraConfig}
require_once(dirname(__FILE__) . '/lib/setup.php'); // Do not edit
'';
# Unpack Moodle and put the config file in its root directory.
moodleRoot = pkgs.stdenv.mkDerivation rec {
name= "moodle-2.8.5";
src = pkgs.fetchurl {
url = "https://download.moodle.org/stable28/${name}.tgz";
sha256 = "1a159a193010cddedce10ee009184502e6f732e4d7c85167d8597fe5dff9e190";
};
buildPhase =
''
'';
installPhase =
''
mkdir -p $out
cp -r * $out
cp ${moodleConfig} $out/config.php
'';
};
in
{
extraConfig =
''
# this should be config.urlPrefix instead of /
Alias / ${moodleRoot}/
<Directory ${moodleRoot}>
DirectoryIndex index.php
</Directory>
'';
documentRoot = moodleRoot; # TODO: fix this, should be config.urlPrefix
enablePHP = true;
options = {
id = mkOption {
default = "main";
description = ''
A unique identifier necessary to keep multiple Moodle server
instances on the same machine apart.
'';
};
dbType = mkOption {
default = "postgres";
example = "mysql";
description = "Database type.";
};
dbName = mkOption {
default = "moodle";
description = "Name of the database that holds the Moodle data.";
};
dbHost = mkOption {
default = "localhost";
example = "10.0.2.2";
description = ''
The location of the database server.
'';
};
dbPort = mkOption {
default = ""; # use the default port
example = "12345";
description = ''
The port that is used to connect to the database server.
'';
};
dbUser = mkOption {
default = "moodle";
description = "The user name for accessing the database.";
};
dbPassword = mkOption {
default = "";
example = "password";
description = ''
The password of the database user. Warning: this is stored in
cleartext in the Nix store!
'';
};
dbPrefix = mkOption {
default = "mdl_";
example = "my_other_mdl_";
description = ''
A prefix for each table, if multiple moodles should run in a single database.
'';
};
wwwRoot = mkOption {
type = types.string;
example = "http://my.machine.com/my-moodle";
description = ''
The full web address where moodle has been installed.
'';
};
dataRoot = mkOption {
default = "/var/lib/moodledata";
example = "/var/lib/moodledata";
description = ''
The data directory for moodle. Needs to be writable!
'';
type = types.path;
};
extraConfig = mkOption {
default = "";
example =
''
'';
description = ''
Any additional text to be appended to Moodle's
configuration file. This is a PHP script.
'';
};
debug = {
noEmailEver = mkOption {
default = false;
example = "true";
description = ''
Set this to true to prevent Moodle from ever sending any email.
'';
};
};
};
startupScript = pkgs.writeScript "moodle_startup.sh" ''
echo "Checking for existence of ${config.dataRoot}"
if [ ! -e "${config.dataRoot}" ]
then
mkdir -p "${config.dataRoot}"
chown ${serverInfo.serverConfig.user}.${serverInfo.serverConfig.group} "${config.dataRoot}"
fi
'';
}

9
nixos/modules/services/web-servers/apache-httpd/per-server-options.nix
View File

@ -56,6 +56,13 @@ with lib;
description = "Path to server SSL certificate key.";
};
sslServerChain = mkOption {
type = types.nullOr types.path;
default = null;
example = "/var/ca.pem";
description = "Path to server SSL chain file.";
};
adminAddr = mkOption ({
type = types.nullOr types.str;
example = "admin@example.org";
@ -90,7 +97,7 @@ with lib;
default = [];
example = [
{ urlPath = "/foo/bar.png";
dir = "/home/eelco/some-file.png";
files = "/home/eelco/some-file.png";
}
];
description = ''

209
nixos/modules/services/web-servers/apache-httpd/wordpress.nix Normal file
View File

@ -0,0 +1,209 @@
{ config, lib, pkgs, serverInfo, php, ... }:
with lib;
let
# https://wordpress.org/plugins/postgresql-for-wordpress/
# Wordpress plugin 'postgresql-for-wordpress' installation example
postgresqlForWordpressPlugin = pkgs.stdenv.mkDerivation {
name = "postgresql-for-wordpress-plugin";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = https://downloads.wordpress.org/plugin/postgresql-for-wordpress.1.3.1.zip;
sha256 = "f11a5d76af884c7bec2bc653ed5bd29d3ede9a8657bd67ab7824e329e5d809e8";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
# Our bare-bones wp-config.php file using the above settings
wordpressConfig = pkgs.writeText "wp-config.php" ''
<?php
define('DB_NAME', '${config.dbName}');
define('DB_USER', '${config.dbUser}');
define('DB_PASSWORD', '${config.dbPassword}');
define('DB_HOST', '${config.dbHost}');
define('DB_CHARSET', 'utf8');
$table_prefix = '${config.tablePrefix}';
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
require_once(ABSPATH . 'wp-settings.php');
${config.extraConfig}
'';
# .htaccess to support pretty URLs
htaccess = pkgs.writeText "htaccess" ''
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
'';
# The wordpress package itself
wordpressRoot = pkgs.stdenv.mkDerivation rec {
name = "wordpress";
# Fetch directly from the wordpress site, want to upgrade?
# Just change the version URL and update the hash
src = pkgs.fetchurl {
url = http://wordpress.org/wordpress-4.1.1.tar.gz;
sha256 = "1s9y0i9ms3m6dswb9gqrr95plnx6imahc07fyhvrp5g35f6c12k1";
};
installPhase = ''
mkdir -p $out
# Copy all the wordpress files we downloaded
cp -R * $out/
# We'll symlink the wordpress config
ln -s ${wordpressConfig} $out/wp-config.php
# As well as our custom .htaccess
ln -s ${htaccess} $out/.htaccess
# And the uploads directory
ln -s ${config.wordpressUploads} $out/wp-content/uploads
# And the theme(s)
${concatMapStrings (theme: "ln -s ${theme} $out/wp-content/themes/${theme.name}\n") config.themes}
# And the plugin(s)
# remove bundled plugin(s) coming with wordpress
rm -Rf $out/wp-content/plugins/akismet
# install plugins
${concatMapStrings (plugin: "ln -s ${plugin} $out/wp-content/plugins/${plugin.name}\n") (config.plugins ++ [ postgresqlForWordpressPlugin]) }
'';
};
in
{
# And some httpd extraConfig to make things work nicely
extraConfig = ''
<Directory ${wordpressRoot}>
DirectoryIndex index.php
Allow from *
Options FollowSymLinks
AllowOverride All
</Directory>
'';
enablePHP = true;
options = {
dbHost = mkOption {
default = "localhost";
description = "The location of the database server.";
example = "localhost";
};
dbName = mkOption {
default = "wordpress";
description = "Name of the database that holds the Wordpress data.";
example = "localhost";
};
dbUser = mkOption {
default = "wordpress";
description = "The dbUser, read the username, for the database.";
example = "wordpress";
};
dbPassword = mkOption {
default = "wordpress";
description = "The password to the respective dbUser.";
example = "wordpress";
};
tablePrefix = mkOption {
default = "wp_";
description = ''
The $table_prefix is the value placed in the front of your database tables. Change the value if you want to use something other than wp_ for your database prefix. Typically this is changed if you are installing multiple WordPress blogs in the same database. See <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php#table_prefix'/>.
'';
};
wordpressUploads = mkOption {
default = "/data/uploads";
description = ''
This directory is used for uploads of pictures and must be accessible (read: owned) by the httpd running user. The directory passed here is automatically created and permissions are given to the httpd running user.
'';
};
plugins = mkOption {
default = [];
type = types.listOf types.path;
description =
''
List of path(s) to respective plugin(s) which are symlinked from the 'plugins' directory. Note: These plugins need to be packaged before use.
'';
example = ''
# Wordpress plugin 'akismet' installation example
akismetPlugin = pkgs.stdenv.mkDerivation {
name = "akismet-plugin";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = https://downloads.wordpress.org/plugin/akismet.3.1.zip;
sha256 = "1i4k7qyzna08822ncaz5l00wwxkwcdg4j9h3z2g0ay23q640pclg";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
plugins = [ akismetPlugin ];
'';
};
themes = mkOption {
default = [];
type = types.listOf types.path;
description =
''
List of path(s) to respective theme(s) which are symlinked from the 'theme' directory. Note: These themes need to be packaged before use.
'';
example = ''
# For shits and giggles, let's package the responsive theme
responsiveTheme = pkgs.stdenv.mkDerivation {
name = "responsive-theme";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = http://wordpress.org/themes/download/responsive.1.9.7.6.zip;
sha256 = "06i26xlc5kdnx903b1gfvnysx49fb4kh4pixn89qii3a30fgd8r8";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
themes = [ responsiveTheme ];
'';
};
extraConfig = mkOption {
default = "";
example =
''
define( 'AUTOSAVE_INTERVAL', 60 ); // Seconds
'';
description = ''
Any additional text to be appended to Wordpress's wp-config.php
configuration file. This is a PHP script. For configuration
settings, see <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php'/>.
'';
};
};
documentRoot = wordpressRoot;
startupScript = pkgs.writeScript "init-wordpress.sh" ''
#!/bin/sh
mkdir -p ${config.wordpressUploads}
chown ${serverInfo.serverConfig.user} ${config.wordpressUploads}
# we should use systemd dependencies here
#waitForUnit("network-interfaces.target");
if [ ! -d ${serverInfo.fullConfig.services.mysql.dataDir}/${config.dbName} ]; then
# Wait until MySQL is up
while [ ! -e /var/run/mysql/mysqld.pid ]; do
sleep 1
done
${pkgs.mysql}/bin/mysql -e 'CREATE DATABASE ${config.dbName};'
${pkgs.mysql}/bin/mysql -e 'GRANT ALL ON ${config.dbName}.* TO ${config.dbUser}@localhost IDENTIFIED BY "${config.dbPassword}";'
fi
'';
}

1
nixos/modules/services/web-servers/nginx/default.nix
View File

@ -102,6 +102,7 @@ in
'';
serviceConfig = {
ExecStart = "${nginx}/bin/nginx -c ${configFile} -p ${cfg.stateDir}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "on-failure";
RestartSec = "10s";
StartLimitInterval = "1min";

61
nixos/modules/services/x11/desktop-managers/gnome3.nix
View File

@ -21,7 +21,7 @@ let
destination = "/share/applications/mimeapps.list";
text = ''
[Default Applications]
inode/directory=nautilus.desktop
inode/directory=nautilus.desktop;org.gnome.Nautilus.desktop
'';
};
@ -80,6 +80,7 @@ in {
services.telepathy.enable = mkDefault true;
networking.networkmanager.enable = mkDefault true;
services.upower.enable = config.powerManagement.enable;
hardware.bluetooth.enable = mkDefault true;
fonts.fonts = [ pkgs.dejavu_fonts pkgs.cantarell_fonts ];
@ -108,7 +109,7 @@ in {
# Override default mimeapps
export XDG_DATA_DIRS=$XDG_DATA_DIRS''${XDG_DATA_DIRS:+:}${mimeAppsList}/share
# Let gnome-control-center find gnome-shell search providers
# Let gnome-control-center find gnome-shell search providers. GNOME 3.12 compatibility.
export GNOME_SEARCH_PROVIDERS_DIR=${config.system.path}/share/gnome-shell/search-providers/
# Let nautilus find extensions
@ -120,6 +121,9 @@ in {
# Update user dirs as described in http://freedesktop.org/wiki/Software/xdg-user-dirs/
${pkgs.xdg-user-dirs}/bin/xdg-user-dirs-update
# Find the mouse
export XCURSOR_PATH=~/.icons:${config.system.path}/share/icons
${gnome3.gnome_session}/bin/gnome-session&
waitPID=$!
'';
@ -128,52 +132,15 @@ in {
environment.variables.GIO_EXTRA_MODULES = [ "${gnome3.dconf}/lib/gio/modules"
"${gnome3.glib_networking}/lib/gio/modules"
"${gnome3.gvfs}/lib/gio/modules" ];
environment.systemPackages =
[ pkgs.desktop_file_utils
gnome3.glib_networking
gnome3.gtk3 # for gtk-update-icon-cache
pkgs.ibus
pkgs.shared_mime_info # for update-mime-database
gnome3.gvfs
gnome3.dconf
gnome3.gnome-backgrounds
gnome3.gnome_control_center
gnome3.gnome_icon_theme
gnome3.gnome-menus
gnome3.gnome_settings_daemon
gnome3.gnome_shell
gnome3.gnome_themes_standard
] ++ cfg.sessionPath ++ (removePackagesByName [
gnome3.baobab
gnome3.empathy
gnome3.eog
gnome3.epiphany
gnome3.evince
gnome3.gucharmap
gnome3.nautilus
gnome3.totem
gnome3.vino
gnome3.yelp
gnome3.gnome-calculator
gnome3.gnome-contacts
gnome3.gnome-font-viewer
gnome3.gnome-screenshot
gnome3.gnome-shell-extensions
gnome3.gnome-system-log
gnome3.gnome-system-monitor
gnome3.gnome_terminal
gnome3.gnome-user-docs
environment.systemPackages = gnome3.corePackages ++ cfg.sessionPath
++ (removePackagesByName gnome3.optionalPackages config.environment.gnome3.excludePackages);
gnome3.bijiben
gnome3.evolution
gnome3.file-roller
gnome3.gedit
gnome3.gnome-clocks
gnome3.gnome-music
gnome3.gnome-tweak-tool
gnome3.gnome-photos
gnome3.nautilus-sendto
] config.environment.gnome3.excludePackages);
# Use the correct gnome3 packageSet
networking.networkmanager.basePackages =
{ inherit (pkgs) networkmanager modemmanager wpa_supplicant;
inherit (gnome3) networkmanager_openvpn networkmanager_vpnc
networkmanager_openconnect networkmanager_pptp
networkmanager_l2tp; };
# Needed for themes and backgrounds
environment.pathsToLink = [ "/share" ];

4
nixos/modules/services/x11/display-managers/gdm.nix
View File

@ -58,14 +58,14 @@ in
# Find the mouse
XCURSOR_PATH = "~/.icons:${config.system.path}/share/icons";
};
execCmd = "exec ${gdm}/sbin/gdm";
execCmd = "exec ${gdm}/bin/gdm";
};
# Because sd_login_monitor_new requires /run/systemd/machines
systemd.services.display-manager.wants = [ "systemd-machined.service" ];
systemd.services.display-manager.after = [ "systemd-machined.service" ];
systemd.services.display-manager.path = [ gnome3.gnome_shell gnome3.caribou ];
systemd.services.display-manager.path = [ gnome3.gnome_shell gnome3.caribou pkgs.xlibs.xhost pkgs.dbus_tools ];
services.dbus.packages = [ gdm ];

12
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -19,7 +19,7 @@ let
'';
theme = pkgs.gnome3.gnome_themes_standard;
icons = pkgs.gnome3.gnome_icon_theme;
icons = pkgs.gnome3.defaultIconTheme;
# The default greeter provided with this expression is the GTK greeter.
# Again, we need a few things in the environment for the greeter to run with
@ -69,6 +69,7 @@ let
xserver-command = ${xserverWrapper}
session-wrapper = ${dmcfg.session.script}
greeter-session = ${cfg.greeter.name}
${cfg.extraSeatDefaults}
'';
gtkGreeterConf = writeText "lightdm-gtk-greeter.conf"
@ -109,6 +110,15 @@ in
'';
};
extraSeatDefaults = mkOption {
type = types.lines;
default = "";
example = ''
greeter-show-manual-login=true
'';
description = "Extra lines to append to SeatDefaults section.";
};
};
};

42
nixos/modules/services/x11/xserver.nix
View File

@ -41,16 +41,24 @@ let
};
in imap mkHead cfg.xrandrHeads;
xrandrDeviceSection = flip concatMapStrings xrandrHeads (h: ''
Option "monitor-${h.output}" "${h.name}"
'');
xrandrDeviceSection = let
monitors = flip map xrandrHeads (h: ''
Option "monitor-${h.output}" "${h.name}"
'');
# First option is indented through the space in the config but any
# subsequent options aren't so we need to apply indentation to
# them here
monitorsIndented = if length monitors > 1
then singleton (head monitors) ++ map (m: " " + m) (tail monitors)
else monitors;
in concatStrings monitorsIndented;
# Here we chain every monitor from the left to right, so we have:
# m4 right of m3 right of m2 right of m1 .----.----.----.----.
# Which will end up in reverse ----------> | m1 | m2 | m3 | m4 |
# `----^----^----^----'
xrandrMonitorSections = let
mkMonitor = previous: current: previous ++ singleton {
mkMonitor = previous: current: singleton {
inherit (current) name;
value = ''
Section "Monitor"
@ -60,8 +68,8 @@ let
''}
EndSection
'';
};
monitors = foldl mkMonitor [] xrandrHeads;
} ++ previous;
monitors = reverseList (foldl mkMonitor [] xrandrHeads);
in concatMapStrings (getAttr "value") monitors;
configFile = pkgs.stdenv.mkDerivation {
@ -147,6 +155,19 @@ in
'';
};
inputClassSections = mkOption {
type = types.listOf types.lines;
default = [];
example = [ ''
Identifier "Trackpoint Wheel Emulation"
MatchProduct "ThinkPad USB Keyboard with TrackPoint"
Option "EmulateWheel" "true
Option "EmulateWheelButton" "2"
Option "Emulate3Buttons" "false"
'' ];
description = "Content of additional InputClass sections of the X server configuration file.";
};
modules = mkOption {
type = types.listOf types.path;
default = [];
@ -522,6 +543,14 @@ in
Option "XkbVariant" "${cfg.xkbVariant}"
EndSection
# Additional "InputClass" sections
${flip concatMapStrings cfg.inputClassSections (inputClassSection: ''
Section "InputClass"
${inputClassSection}
EndSection
'')}
Section "ServerLayout"
Identifier "Layout[all]"
${cfg.serverLayoutSection}
@ -593,4 +622,3 @@ in
};
}

4
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -322,7 +322,9 @@ foreach my $device (keys %$prevSwaps) {
# Should we have systemd re-exec itself?
my $restartSystemd = abs_path("/proc/1/exe") ne abs_path("@systemd@/lib/systemd/systemd");
my $prevSystemd = abs_path("/proc/1/exe") or die;
my $newSystemd = abs_path("@systemd@/lib/systemd/systemd") or die;
my $restartSystemd = $prevSystemd ne $newSystemd;
sub filterUnits {

4
nixos/modules/system/boot/loader/grub/install-grub.pl
View File

@ -468,8 +468,8 @@ sub getEfiTarget {
if ($grubTargetEfi eq "") { die }
else {return "only" }
} else {
# at least one grub target has to be given
die
# prevent an installation if neither grub nor grubEfi is given
return "neither"
}
}

670
nixos/modules/system/boot/networkd.nix Normal file
View File

@ -0,0 +1,670 @@
{ config, lib, pkgs, ... }:
with lib;
with import ./systemd-unit-options.nix { inherit config lib; };
with import ./systemd-lib.nix { inherit config lib pkgs; };
let
cfg = config.systemd.network;
checkLink = checkUnitConfig "Link" [
(assertOnlyFields [
"Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "Name"
"MTUBytes" "BitsPerSecond" "Duplex" "WakeOnLan"
])
(assertValueOneOf "MACAddressPolicy" ["persistent" "random"])
(assertMacAddress "MACAddress")
(assertValueOneOf "NamePolicy" [
"kernel" "database" "onboard" "slot" "path" "mac"
])
(assertByteFormat "MTUBytes")
(assertByteFormat "BitsPerSecond")
(assertValueOneOf "Duplex" ["half" "full"])
(assertValueOneOf "WakeOnLan" ["phy" "magic" "off"])
];
checkNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description" "Name" "Kind" "MTUBytes" "MACAddress"
])
(assertHasField "Name")
(assertHasField "Kind")
(assertValueOneOf "Kind" [
"bridge" "bond" "vlan" "macvlan" "vxlan" "ipip"
"gre" "sit" "vti" "veth" "tun" "tap" "dummy"
])
(assertByteFormat "MTUBytes")
(assertMacAddress "MACAddress")
];
checkVlan = checkUnitConfig "VLAN" [
(assertOnlyFields ["Id"])
(assertRange "Id" 0 4094)
];
checkMacvlan = checkUnitConfig "MACVLAN" [
(assertOnlyFields ["Mode"])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
checkVxlan = checkUnitConfig "VXLAN" [
(assertOnlyFields ["Id" "Group" "TOS" "TTL" "MacLearning"])
(assertRange "TTL" 0 255)
(assertValueOneOf "MacLearning" boolValues)
];
checkTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields ["Local" "Remote" "TOS" "TTL" "DiscoverPathMTU"])
(assertRange "TTL" 0 255)
(assertValueOneOf "DiscoverPathMTU" boolValues)
];
checkPeer = checkUnitConfig "Peer" [
(assertOnlyFields ["Name" "MACAddress"])
(assertMacAddress "MACAddress")
];
tunTapChecks = [
(assertOnlyFields ["OneQueue" "MultiQueue" "PacketInfo" "User" "Group"])
(assertValueOneOf "OneQueue" boolValues)
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
];
checkTun = checkUnitConfig "Tun" tunTapChecks;
checkTap = checkUnitConfig "Tap" tunTapChecks;
checkBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode" "TransmitHashPolicy" "LACPTransmitRate" "MIIMonitorSec"
"UpDelaySec" "DownDelaySec"
])
(assertValueOneOf "Mode" [
"balance-rr" "active-backup" "balance-xor"
"broadcast" "802.3ad" "balance-tlb" "balance-alb"
])
(assertValueOneOf "TransmitHashPolicy" [
"layer2" "layer3+4" "layer2+3" "encap2+3" "802.3ad" "encap3+4"
])
(assertValueOneOf "LACPTransmitRate" ["slow" "fast"])
];
checkNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description" "DHCP" "DHCPServer" "IPv4LL" "IPv4LLRoute"
"LLMNR" "Domains" "Bridge" "Bond"
])
(assertValueOneOf "DHCP" ["both" "none" "v4" "v6"])
(assertValueOneOf "DHCPServer" boolValues)
(assertValueOneOf "IPv4LL" boolValues)
(assertValueOneOf "IPv4LLRoute" boolValues)
(assertValueOneOf "LLMNR" boolValues)
];
checkAddress = checkUnitConfig "Address" [
(assertOnlyFields ["Address" "Peer" "Broadcast" "Label"])
(assertHasField "Address")
];
checkRoute = checkUnitConfig "Route" [
(assertOnlyFields ["Gateway" "Destination" "Metric"])
(assertHasField "Gateway")
];
checkDhcp = checkUnitConfig "DHCP" [
(assertOnlyFields [
"UseDNS" "UseMTU" "SendHostname" "UseHostname" "UseDomains" "UseRoutes"
"CriticalConnections" "VendorClassIdentifier" "RequestBroadcast"
"RouteMetric"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "SendHostname" boolValues)
(assertValueOneOf "UseHostname" boolValues)
(assertValueOneOf "UseDomains" boolValues)
(assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "CriticalConnections" boolValues)
(assertValueOneOf "RequestBroadcast" boolValues)
];
commonNetworkOptions = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to manage network configuration using <command>systemd-network</command>.
'';
};
matchConfig = mkOption {
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
description = ''
Each attribute in this set specifies an option in the
<literal>[Match]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.
'';
};
};
linkOptions = commonNetworkOptions // {
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
type = types.addCheck (types.attrsOf unitOption) checkLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
type = types.addCheck (types.attrsOf unitOption) checkNetdev;
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) checkMacvlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVxlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) checkTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) checkPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
type = types.addCheck (types.attrsOf unitOption) checkBond;
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
addressOptions = {
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
type = types.addCheck (types.attrsOf unitOption) checkAddress;
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
routeOptions = {
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
type = types.addCheck (types.attrsOf unitOption) checkRoute;
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkOptions = commonNetworkOptions // {
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dhcpConfig = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcp;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCP]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The name of the network interface to match against.
'';
};
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Whether to enable DHCP on the interfaces matched.
'';
};
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
A list of domains to pass to the network config.
'';
};
address = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of addresses to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
gateway = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of gateways to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dns = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of dns servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ntp = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of ntp servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of macvlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vxlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnel = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of tunnel interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
addresses = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ addressOptions ];
description = ''
A list of address sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
routes = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ routeOptions ];
description = ''
A list of route sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkConfig = { name, config, ... }: {
config = {
matchConfig = optionalAttrs (config.name != null) {
Name = config.name;
};
networkConfig = optionalAttrs (config.DHCP != null) {
DHCP = config.DHCP;
} // optionalAttrs (config.domains != null) {
Domains = concatStringsSep " " config.domains;
};
};
};
linkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Link]
${attrsToSection def.linkConfig}
'';
};
netdevToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[NetDev]
${attrsToSection def.netdevConfig}
${optionalString (def.vlanConfig != { }) ''
[VLAN]
${attrsToSection def.vlanConfig}
''}
${optionalString (def.macvlanConfig != { }) ''
[MACVLAN]
${attrsToSection def.macvlanConfig}
''}
${optionalString (def.vxlanConfig != { }) ''
[VXLAN]
${attrsToSection def.vxlanConfig}
''}
${optionalString (def.tunnelConfig != { }) ''
[Tunnel]
${attrsToSection def.tunnelConfig}
''}
${optionalString (def.peerConfig != { }) ''
[Peer]
${attrsToSection def.peerConfig}
''}
${optionalString (def.tunConfig != { }) ''
[Tun]
${attrsToSection def.tunConfig}
''}
${optionalString (def.tapConfig != { }) ''
[Tap]
${attrsToSection def.tapConfig}
''}
${optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
''}
'';
};
networkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Network]
${attrsToSection def.networkConfig}
${concatStringsSep "\n" (map (s: "Address=${s}") def.address)}
${concatStringsSep "\n" (map (s: "Gateway=${s}") def.gateway)}
${concatStringsSep "\n" (map (s: "DNS=${s}") def.dns)}
${concatStringsSep "\n" (map (s: "NTP=${s}") def.ntp)}
${concatStringsSep "\n" (map (s: "VLAN=${s}") def.vlan)}
${concatStringsSep "\n" (map (s: "MACVLAN=${s}") def.macvlan)}
${concatStringsSep "\n" (map (s: "VXLAN=${s}") def.vxlan)}
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${optionalString (def.dhcpConfig != { }) ''
[DHCP]
${attrsToSection def.dhcpConfig}
''}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
'';
};
in
{
options = {
systemd.network.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable networkd or not.
'';
};
systemd.network.links = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ linkOptions ];
description = "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ netdevOptions ];
description = "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ networkOptions networkConfig ];
description = "Definition of systemd networks.";
};
systemd.network.units = mkOption {
description = "Definition of networkd units.";
default = {};
type = types.attrsOf types.optionSet;
options = { name, config, ... }:
{ options = concreteUnitOptions;
config = {
unit = mkDefault (makeUnit name config);
};
};
};
};
config = mkIf config.systemd.network.enable {
systemd.additionalUpstreamSystemUnits =
[ "systemd-networkd.service" "systemd-networkd-wait-online.service" ];
systemd.network.units =
mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links
// mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
environment.etc."systemd/network".source =
generateUnits "network" cfg.units [] [];
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
before = [ "network-interfaces.target" ];
restartTriggers = [ config.environment.etc."systemd/network".source ];
};
systemd.services.systemd-networkd-wait-online = {
before = [ "network-online.target" "ip-up.target" ];
wantedBy = [ "network-online.target" "ip-up.target" ];
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
services.timesyncd.enable = mkDefault config.services.ntp.enable;
};
}

38
nixos/modules/system/boot/resolved.nix Normal file
View File

@ -0,0 +1,38 @@
{ config, lib, pkgs, ... }:
with lib;
{
options = {
services.resolved.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable the systemd DNS resolver daemon.
'';
};
};
config = mkIf config.services.resolved.enable {
systemd.additionalUpstreamSystemUnits = [ "systemd-resolved.service" ];
systemd.services.systemd-resolved = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
};
environment.etc."systemd/resolved.conf".text = ''
[Resolve]
DNS=${concatStringsSep " " config.networking.nameservers}
'';
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
};
}

1
nixos/modules/system/boot/stage-2.nix
View File

@ -24,7 +24,6 @@ let
path =
[ pkgs.coreutils
pkgs.utillinux
pkgs.sysvtools
pkgs.openresolv
] ++ optional config.nix.readOnlyStore readonlyMountpoint;
postBootCommands = pkgs.writeText "local-cmds"

118
nixos/modules/system/boot/systemd-lib.nix Normal file
View File

@ -0,0 +1,118 @@
{ config, lib, pkgs }:
with lib;
let cfg = config.systemd; in
rec {
shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
makeUnit = name: unit:
let
pathSafeName = lib.replaceChars ["@" ":" "\\"] ["-" "-" "-"] name;
in
if unit.enable then
pkgs.runCommand "unit-${pathSafeName}" { preferLocalBuild = true; inherit (unit) text; }
''
mkdir -p $out
echo -n "$text" > $out/${shellEscape name}
''
else
pkgs.runCommand "unit-${pathSafeName}-disabled" { preferLocalBuild = true; }
''
mkdir -p $out
ln -s /dev/null $out/${shellEscape name}
'';
generateUnits = type: units: upstreamUnits: upstreamWants:
pkgs.runCommand "${type}-units" { preferLocalBuild = true; } ''
mkdir -p $out
# Copy the upstream systemd units we're interested in.
for i in ${toString upstreamUnits}; do
fn=${cfg.package}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
if [ -L $fn ]; then
target="$(readlink "$fn")"
if [ ''${target:0:3} = ../ ]; then
ln -s "$(readlink -f "$fn")" $out/
else
cp -pd $fn $out/
fi
else
ln -s $fn $out/
fi
done
# Copy .wants links, but only those that point to units that
# we're interested in.
for i in ${toString upstreamWants}; do
fn=${cfg.package}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
x=$out/$(basename $fn)
mkdir $x
for i in $fn/*; do
y=$x/$(basename $i)
cp -pd $i $y
if ! [ -e $y ]; then rm $y; fi
done
done
# Symlink all units provided listed in systemd.packages.
for i in ${toString cfg.packages}; do
for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
if ! [[ "$fn" =~ .wants$ ]]; then
ln -s $fn $out/
fi
done
done
# Symlink all units defined by systemd.units. If these are also
# provided by systemd or systemd.packages, then add them as
# <unit-name>.d/overrides.conf, which makes them extend the
# upstream unit.
for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
fn=$(basename $i/*)
if [ -e $out/$fn ]; then
if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
ln -sfn /dev/null $out/$fn
else
mkdir $out/$fn.d
ln -s $i/$fn $out/$fn.d/overrides.conf
fi
else
ln -fs $i/$fn $out/
fi
done
# Created .wants and .requires symlinks from the wantedBy and
# requiredBy options.
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.wants'
ln -sfn '../${name}' $out/'${name2}.wants'/
'') unit.wantedBy) units)}
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.requires'
ln -sfn '../${name}' $out/'${name2}.requires'/
'') unit.requiredBy) units)}
${optionalString (type == "system") ''
# Stupid misc. symlinks.
ln -s ${cfg.defaultUnit} $out/default.target
ln -s rescue.target $out/kbrequest.target
mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../local-fs.target ../remote-fs.target ../network.target \
../nss-lookup.target ../nss-user-lookup.target ../swap.target \
$out/multi-user.target.wants/
''}
''; # */
}

464
nixos/modules/system/boot/systemd-unit-options.nix
View File

@ -62,126 +62,7 @@ let
])
];
checkLink = checkUnitConfig "Link" [
(assertOnlyFields [
"Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "Name"
"MTUBytes" "BitsPerSecond" "Duplex" "WakeOnLan"
])
(assertValueOneOf "MACAddressPolicy" ["persistent" "random"])
(assertMacAddress "MACAddress")
(assertValueOneOf "NamePolicy" [
"kernel" "database" "onboard" "slot" "path" "mac"
])
(assertByteFormat "MTUBytes")
(assertByteFormat "BitsPerSecond")
(assertValueOneOf "Duplex" ["half" "full"])
(assertValueOneOf "WakeOnLan" ["phy" "magic" "off"])
];
checkNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description" "Name" "Kind" "MTUBytes" "MACAddress"
])
(assertHasField "Name")
(assertHasField "Kind")
(assertValueOneOf "Kind" [
"bridge" "bond" "vlan" "macvlan" "vxlan" "ipip"
"gre" "sit" "vti" "veth" "tun" "tap" "dummy"
])
(assertByteFormat "MTUBytes")
(assertMacAddress "MACAddress")
];
checkVlan = checkUnitConfig "VLAN" [
(assertOnlyFields ["Id"])
(assertRange "Id" 0 4094)
];
checkMacvlan = checkUnitConfig "MACVLAN" [
(assertOnlyFields ["Mode"])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
checkVxlan = checkUnitConfig "VXLAN" [
(assertOnlyFields ["Id" "Group" "TOS" "TTL" "MacLearning"])
(assertRange "TTL" 0 255)
(assertValueOneOf "MacLearning" boolValues)
];
checkTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields ["Local" "Remote" "TOS" "TTL" "DiscoverPathMTU"])
(assertRange "TTL" 0 255)
(assertValueOneOf "DiscoverPathMTU" boolValues)
];
checkPeer = checkUnitConfig "Peer" [
(assertOnlyFields ["Name" "MACAddress"])
(assertMacAddress "MACAddress")
];
tunTapChecks = [
(assertOnlyFields ["OneQueue" "MultiQueue" "PacketInfo" "User" "Group"])
(assertValueOneOf "OneQueue" boolValues)
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
];
checkTun = checkUnitConfig "Tun" tunTapChecks;
checkTap = checkUnitConfig "Tap" tunTapChecks;
checkBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode" "TransmitHashPolicy" "LACPTransmitRate" "MIIMonitorSec"
"UpDelaySec" "DownDelaySec"
])
(assertValueOneOf "Mode" [
"balance-rr" "active-backup" "balance-xor"
"broadcast" "802.3ad" "balance-tlb" "balance-alb"
])
(assertValueOneOf "TransmitHashPolicy" [
"layer2" "layer3+4" "layer2+3" "encap2+3" "802.3ad" "encap3+4"
])
(assertValueOneOf "LACPTransmitRate" ["slow" "fast"])
];
checkNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description" "DHCP" "DHCPServer" "IPv4LL" "IPv4LLRoute"
"LLMNR" "Domains" "Bridge" "Bond"
])
(assertValueOneOf "DHCP" ["both" "none" "v4" "v6"])
(assertValueOneOf "DHCPServer" boolValues)
(assertValueOneOf "IPv4LL" boolValues)
(assertValueOneOf "IPv4LLRoute" boolValues)
(assertValueOneOf "LLMNR" boolValues)
];
checkAddress = checkUnitConfig "Address" [
(assertOnlyFields ["Address" "Peer" "Broadcast" "Label"])
(assertHasField "Address")
];
checkRoute = checkUnitConfig "Route" [
(assertOnlyFields ["Gateway" "Destination" "Metric"])
(assertHasField "Gateway")
];
checkDhcp = checkUnitConfig "DHCP" [
(assertOnlyFields [
"UseDNS" "UseMTU" "SendHostname" "UseHostname" "UseDomains" "UseRoutes"
"CriticalConnections" "VendorClassIdentifier" "RequestBroadcast"
"RouteMetric"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "SendHostname" boolValues)
(assertValueOneOf "UseHostname" boolValues)
(assertValueOneOf "UseDomains" boolValues)
(assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "CriticalConnections" boolValues)
(assertValueOneOf "RequestBroadcast" boolValues)
];
in rec {
unitOption = mkOptionType {
name = "systemd option";
@ -195,8 +76,6 @@ let
else mergeOneOption loc defs';
};
in rec {
sharedOptions = {
enable = mkOption {
@ -619,345 +498,4 @@ in rec {
targetOptions = commonUnitOptions;
commonNetworkOptions = {
enable = mkOption {
default = true;
type = types.bool;
description = ''
If set to false, this unit will be a symlink to
/dev/null.
'';
};
matchConfig = mkOption {
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
description = ''
Each attribute in this set specifies an option in the
<literal>[Match]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.
'';
};
};
linkOptions = commonNetworkOptions // {
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
type = types.addCheck (types.attrsOf unitOption) checkLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
type = types.addCheck (types.attrsOf unitOption) checkNetdev;
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) checkMacvlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVxlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) checkTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) checkPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
type = types.addCheck (types.attrsOf unitOption) checkBond;
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
addressOptions = {
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
type = types.addCheck (types.attrsOf unitOption) checkAddress;
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
routeOptions = {
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
type = types.addCheck (types.attrsOf unitOption) checkRoute;
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkOptions = commonNetworkOptions // {
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dhcpConfig = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcp;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCP]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The name of the network interface to match against.
'';
};
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Whether to enable DHCP on the interfaces matched.
'';
};
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
A list of domains to pass to the network config.
'';
};
address = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of addresses to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
gateway = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of gateways to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dns = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of dns servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ntp = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of ntp servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of macvlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vxlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnel = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of tunnel interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
addresses = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ addressOptions ];
description = ''
A list of address sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
routes = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ routeOptions ];
description = ''
A list of route sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
}

351
nixos/modules/system/boot/systemd.nix
View File

@ -3,6 +3,7 @@
with utils;
with lib;
with import ./systemd-unit-options.nix { inherit config lib; };
with import ./systemd-lib.nix { inherit config lib pkgs; };
let
@ -10,24 +11,6 @@ let
systemd = cfg.package;
makeUnit = name: unit:
let
pathSafeName = lib.replaceChars ["@" ":" "\\"] ["-" "-" "-"] name;
in
if unit.enable then
pkgs.runCommand "unit-${pathSafeName}" { preferLocalBuild = true; inherit (unit) text; }
''
mkdir -p $out
echo -n "$text" > $out/${shellEscape name}
''
else
pkgs.runCommand "unit-${pathSafeName}-disabled" { preferLocalBuild = true; }
''
mkdir -p $out
ln -s /dev/null $out/${shellEscape name}
'';
upstreamSystemUnits =
[ # Targets.
"basic.target"
@ -97,12 +80,6 @@ let
"systemd-modules-load.service"
"kmod-static-nodes.service"
# Networking
"systemd-networkd.service"
"systemd-networkd-wait-online.service"
"systemd-resolved.service"
"systemd-timesyncd.service"
# Filesystems.
"systemd-fsck@.service"
"systemd-fsck-root.service"
@ -196,8 +173,6 @@ let
"timers.target"
];
shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
makeJobScript = name: text:
let x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${shellEscape name}"; inherit text; };
in "${x}/bin/${shellEscape name}";
@ -301,19 +276,6 @@ let
};
};
networkConfig = { name, config, ... }: {
config = {
matchConfig = optionalAttrs (config.name != null) {
Name = config.name;
};
networkConfig = optionalAttrs (config.DHCP != null) {
DHCP = config.DHCP;
} // optionalAttrs (config.domains != null) {
Domains = concatStringsSep " " config.domains;
};
};
};
toOption = x:
if x == true then "true"
else if x == false then "false"
@ -412,188 +374,6 @@ let
${attrsToSection def.matchConfig}
'';
linkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Link]
${attrsToSection def.linkConfig}
'';
};
netdevToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[NetDev]
${attrsToSection def.netdevConfig}
${optionalString (def.vlanConfig != { }) ''
[VLAN]
${attrsToSection def.vlanConfig}
''}
${optionalString (def.macvlanConfig != { }) ''
[MACVLAN]
${attrsToSection def.macvlanConfig}
''}
${optionalString (def.vxlanConfig != { }) ''
[VXLAN]
${attrsToSection def.vxlanConfig}
''}
${optionalString (def.tunnelConfig != { }) ''
[Tunnel]
${attrsToSection def.tunnelConfig}
''}
${optionalString (def.peerConfig != { }) ''
[Peer]
${attrsToSection def.peerConfig}
''}
${optionalString (def.tunConfig != { }) ''
[Tun]
${attrsToSection def.tunConfig}
''}
${optionalString (def.tapConfig != { }) ''
[Tap]
${attrsToSection def.tapConfig}
''}
${optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
''}
'';
};
networkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Network]
${attrsToSection def.networkConfig}
${concatStringsSep "\n" (map (s: "Address=${s}") def.address)}
${concatStringsSep "\n" (map (s: "Gateway=${s}") def.gateway)}
${concatStringsSep "\n" (map (s: "DNS=${s}") def.dns)}
${concatStringsSep "\n" (map (s: "NTP=${s}") def.ntp)}
${concatStringsSep "\n" (map (s: "VLAN=${s}") def.vlan)}
${concatStringsSep "\n" (map (s: "MACVLAN=${s}") def.macvlan)}
${concatStringsSep "\n" (map (s: "VXLAN=${s}") def.vxlan)}
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${optionalString (def.dhcpConfig != { }) ''
[DHCP]
${attrsToSection def.dhcpConfig}
''}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
'';
};
generateUnits = type: units: upstreamUnits: upstreamWants:
pkgs.runCommand "${type}-units" { preferLocalBuild = true; } ''
mkdir -p $out
# Copy the upstream systemd units we're interested in.
for i in ${toString upstreamUnits}; do
fn=${systemd}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
if [ -L $fn ]; then
target="$(readlink "$fn")"
if [ ''${target:0:3} = ../ ]; then
ln -s "$(readlink -f "$fn")" $out/
else
cp -pd $fn $out/
fi
else
ln -s $fn $out/
fi
done
# Copy .wants links, but only those that point to units that
# we're interested in.
for i in ${toString upstreamWants}; do
fn=${systemd}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
x=$out/$(basename $fn)
mkdir $x
for i in $fn/*; do
y=$x/$(basename $i)
cp -pd $i $y
if ! [ -e $y ]; then rm $y; fi
done
done
# Symlink all units provided listed in systemd.packages.
for i in ${toString cfg.packages}; do
for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
if ! [[ "$fn" =~ .wants$ ]]; then
ln -s $fn $out/
fi
done
done
# Symlink all units defined by systemd.units. If these are also
# provided by systemd or systemd.packages, then add them as
# <unit-name>.d/overrides.conf, which makes them extend the
# upstream unit.
for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
fn=$(basename $i/*)
if [ -e $out/$fn ]; then
if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
ln -sfn /dev/null $out/$fn
else
mkdir $out/$fn.d
ln -s $i/$fn $out/$fn.d/overrides.conf
fi
else
ln -fs $i/$fn $out/
fi
done
# Created .wants and .requires symlinks from the wantedBy and
# requiredBy options.
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.wants'
ln -sfn '../${name}' $out/'${name2}.wants'/
'') unit.wantedBy) units)}
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.requires'
ln -sfn '../${name}' $out/'${name2}.requires'/
'') unit.requiredBy) units)}
${optionalString (type == "system") ''
# Stupid misc. symlinks.
ln -s ${cfg.defaultUnit} $out/default.target
ln -s rescue.target $out/kbrequest.target
mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../local-fs.target ../remote-fs.target ../network.target \
../nss-lookup.target ../nss-user-lookup.target ../swap.target \
$out/multi-user.target.wants/
''}
''; # */
in
{
@ -683,47 +463,6 @@ in
'';
};
systemd.network.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable networkd or not.
'';
};
systemd.network.links = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ linkOptions ];
description = "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ netdevOptions ];
description = "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ networkOptions networkConfig ];
description = "Definition of systemd networks.";
};
systemd.network.units = mkOption {
description = "Definition of networkd units.";
default = {};
type = types.attrsOf types.optionSet;
options = { name, config, ... }:
{ options = concreteUnitOptions;
config = {
unit = mkDefault (makeUnit name config);
};
};
};
systemd.defaultUnit = mkOption {
default = "multi-user.target";
type = types.str;
@ -807,22 +546,6 @@ in
'';
};
services.resolved.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd dns resolver daemon.
'';
};
services.timesyncd.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd ntp client daemon.
'';
};
systemd.tmpfiles.rules = mkOption {
type = types.listOf types.str;
default = [];
@ -886,7 +609,7 @@ in
###### implementation
config = mkMerge [ {
config = {
warnings = concatLists (mapAttrsToList (name: service:
optional (service.serviceConfig.Type or "" == "oneshot" && service.serviceConfig.Restart or "no" != "no")
@ -899,9 +622,6 @@ in
environment.etc."systemd/system".source =
generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants;
environment.etc."systemd/network".source =
generateUnits "network" cfg.network.units [] [];
environment.etc."systemd/user".source =
generateUnits "user" cfg.user.units upstreamUserUnits [];
@ -979,11 +699,6 @@ in
(v: let n = escapeSystemdPath v.where;
in nameValuePair "${n}.automount" (automountToUnit n v)) cfg.automounts);
systemd.network.units =
mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.network.links
// mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.network.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.network.networks;
systemd.user.units =
mapAttrs' (n: v: nameValuePair "${n}.service" (serviceToUnit n v)) cfg.user.services
// mapAttrs' (n: v: nameValuePair "${n}.socket" (socketToUnit n v)) cfg.user.sockets
@ -1006,15 +721,6 @@ in
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
# Generate timer units for all services that have a startAt value.
systemd.timers =
mapAttrs (name: service:
@ -1053,57 +759,6 @@ in
systemd.services.systemd-remount-fs.restartIfChanged = false;
systemd.services.systemd-journal-flush.restartIfChanged = false;
}
(mkIf config.systemd.network.enable {
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
before = [ "network-interfaces.target" ];
restartTriggers = [ config.environment.etc."systemd/network".source ];
};
};
systemd.services.systemd-networkd-wait-online = {
before = [ "network-online.target" "ip-up.target" ];
wantedBy = [ "network-online.target" "ip-up.target" ];
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
services.timesyncd.enable = mkDefault config.services.ntp.enable;
})
(mkIf config.services.resolved.enable {
systemd.services.systemd-resolved = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
};
environment.etc."systemd/resolved.conf".text = ''
[Resolve]
DNS=${concatStringsSep " " config.networking.nameservers}
'';
})
(mkIf config.services.timesyncd.enable {
systemd.services.systemd-timesyncd = {
wantedBy = [ "sysinit.target" ];
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
};
environment.etc."systemd/timesyncd.conf".text = ''
[Time]
NTP=${concatStringsSep " " config.services.ntp.servers}
'';
systemd.services.ntpd.enable = false;
})
];
}

40
nixos/modules/system/boot/timesyncd.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
with lib;
{
options = {
services.timesyncd.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd NTP client daemon.
'';
};
};
config = mkIf config.services.timesyncd.enable {
systemd.additionalUpstreamSystemUnits = [ "systemd-timesyncd.service" ];
systemd.services.systemd-timesyncd = {
wantedBy = [ "sysinit.target" ];
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
};
environment.etc."systemd/timesyncd.conf".text = ''
[Time]
NTP=${concatStringsSep " " config.services.ntp.servers}
'';
systemd.services.ntpd.enable = false;
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
};
}

4
nixos/modules/tasks/filesystems.nix
View File

@ -137,9 +137,7 @@ in
# Add the mount helpers to the system path so that `mount' can find them.
system.fsPackages = [ pkgs.dosfstools ];
environment.systemPackages =
[ pkgs.ntfs3g pkgs.fuse ]
++ config.system.fsPackages;
environment.systemPackages = [ pkgs.fuse ] ++ config.system.fsPackages;
environment.etc.fstab.text =
let

2
nixos/modules/tasks/filesystems/cifs.nix
View File

@ -11,7 +11,7 @@ in
{
config = {
system.fsPackages = [ pkgs.cifs_utils ];
system.fsPackages = mkIf (any (fs: fs == "cifs") config.boot.supportedFilesystems) [ pkgs.cifs_utils ];
boot.initrd.availableKernelModules = mkIf inInitrd
[ "cifs" "nls_utf8" "hmac" "md4" "ecb" "des_generic" "sha256" ];

11
nixos/modules/tasks/filesystems/ntfs.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
{
config = mkIf (any (fs: fs == "ntfs" || fs == "ntfs-3g") config.boot.supportedFilesystems) {
system.fsPackages = [ pkgs.ntfs3g ];
};
}

2
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@ -107,7 +107,7 @@ in
ips = interfaceIps i;
in
nameValuePair "network-addresses-${i.name}"
{ description = "Addresss configuration of ${i.name}";
{ description = "Address configuration of ${i.name}";
wantedBy = [ "network-interfaces.target" ];
before = [ "network-interfaces.target" ];
bindsTo = [ (subsystemDevice i.name) ];

3
nixos/modules/virtualisation/container-config.nix
View File

@ -9,6 +9,7 @@ with lib;
# Disable some features that are not useful in a container.
sound.enable = mkDefault false;
services.udisks2.enable = mkDefault false;
powerManagement.enable = mkDefault false;
networking.useHostResolvConf = true;
@ -20,6 +21,8 @@ with lib;
systemd.services.systemd-remount-fs.enable = false;
systemd.services.systemd-random-seed.enable = false;
};
}

2
nixos/modules/virtualisation/docker-image.nix
View File

@ -2,7 +2,7 @@
{
imports = [
../profiles/container.nix
../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
];
boot.postBootCommands =

4
nixos/modules/virtualisation/google-compute-config.nix
View File

@ -1,5 +1,5 @@
{ config, pkgs, modulesPath, ... }:
{ config, pkgs, ... }:
{
imports = [ "${modulesPath}/virtualisation/google-compute-image.nix" ];
imports = [ <nixpkgs/nixos/modules/virtualisation/google-compute-image.nix> ];
}

2
nixos/modules/virtualisation/lxc-container.nix
View File

@ -4,7 +4,7 @@ with lib;
{
imports = [
../profiles/container.nix
../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
];
# Allow the user to login as root without password.

34
nixos/tests/gnome3_16.nix Normal file
View File

@ -0,0 +1,34 @@
import ./make-test.nix {
name = "gnome3";
machine =
{ config, pkgs, ... }:
{ imports = [ ./common/user-account.nix ];
services.xserver.enable = true;
services.xserver.displayManager.auto.enable = true;
services.xserver.displayManager.auto.user = "alice";
services.xserver.desktopManager.gnome3.enable = true;
environment.gnome3.packageSet = pkgs.gnome3_16;
virtualisation.memorySize = 512;
};
testScript =
''
$machine->waitForX;
$machine->sleep(15);
# Check that logging in has given the user ownership of devices.
$machine->succeed("getfacl /dev/snd/timer | grep -q alice");
$machine->succeed("su - alice -c 'DISPLAY=:0.0 gnome-terminal &'");
$machine->waitForWindow(qr/Terminal/);
$machine->sleep(20);
$machine->screenshot("screen");
'';
}

125
nixos/tests/networking.nix
View File

@ -64,26 +64,26 @@ import ./make-test.nix ({ networkd, test, ... }:
$client->fail("systemctl status dhcpcd.service");
# Test vlan 1
$client->succeed("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2");
$client->succeed("ping -c 1 192.168.1.3");
$client->succeed("ping -c 1 192.168.1.10");
$client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client->waitUntilSucceeds("ping -c 1 192.168.1.3");
$client->waitUntilSucceeds("ping -c 1 192.168.1.10");
$router->succeed("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.3");
$router->succeed("ping -c 1 192.168.1.10");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->waitUntilSucceeds("ping -c 1 192.168.1.10");
# Test vlan 2
$client->succeed("ping -c 1 192.168.2.1");
$client->succeed("ping -c 1 192.168.2.2");
$client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->waitUntilSucceeds("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1");
$router->succeed("ping -c 1 192.168.2.2");
$router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->waitUntilSucceeds("ping -c 1 192.168.2.2");
# Test default gateway
$router->succeed("ping -c 1 192.168.3.1");
$client->succeed("ping -c 1 192.168.3.1");
$router->waitUntilSucceeds("ping -c 1 192.168.3.1");
$client->waitUntilSucceeds("ping -c 1 192.168.3.1");
'';
};
dhcpSimple = {
@ -109,22 +109,22 @@ import ./make-test.nix ({ networkd, test, ... }:
$router->waitForUnit("network.target");
# Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done");
$client->succeed("while ! ip addr show dev eth2 | grep '192.168.2'; do true; done");
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
$client->waitUntilSucceeds("ip addr show dev eth2 | grep -q '192.168.2'");
# Test vlan 1
$client->succeed("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2");
$client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
# Test vlan 2
$client->succeed("ping -c 1 192.168.2.1");
$client->succeed("ping -c 1 192.168.2.2");
$client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->waitUntilSucceeds("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1");
$router->succeed("ping -c 1 192.168.2.2");
$router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->waitUntilSucceeds("ping -c 1 192.168.2.2");
'';
};
dhcpOneIf = {
@ -147,26 +147,27 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to come up
$client->waitForUnit("network-interfaces.target");
$client->waitForUnit("network.target");
$router->waitForUnit("network-interfaces.target");
$router->waitForUnit("network.target");
# Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done");
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
# Test vlan 1
$client->succeed("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2");
$client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
# Test vlan 2
$client->succeed("ping -c 1 192.168.2.1");
$client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->fail("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1");
$router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->fail("ping -c 1 192.168.2.2");
'';
};
@ -195,17 +196,18 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to come up
$client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target");
$client2->waitForUnit("network.target");
# Test bonding
$client1->succeed("ping -c 2 192.168.1.1");
$client1->succeed("ping -c 2 192.168.1.2");
$client1->waitUntilSucceeds("ping -c 2 192.168.1.1");
$client1->waitUntilSucceeds("ping -c 2 192.168.1.2");
$client2->succeed("ping -c 2 192.168.1.1");
$client2->succeed("ping -c 2 192.168.1.2");
$client2->waitUntilSucceeds("ping -c 2 192.168.1.1");
$client2->waitUntilSucceeds("ping -c 2 192.168.1.2");
'';
};
bridge = let
@ -240,6 +242,7 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to come up
$client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target");
@ -248,17 +251,17 @@ import ./make-test.nix ({ networkd, test, ... }:
$router->waitForUnit("network.target");
# Test bridging
$client1->succeed("ping -c 1 192.168.1.1");
$client1->succeed("ping -c 1 192.168.1.2");
$client1->succeed("ping -c 1 192.168.1.3");
$client1->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client1->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client1->waitUntilSucceeds("ping -c 1 192.168.1.3");
$client2->succeed("ping -c 1 192.168.1.1");
$client2->succeed("ping -c 1 192.168.1.2");
$client2->succeed("ping -c 1 192.168.1.3");
$client2->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client2->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client2->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->succeed("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.3");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.3");
'';
};
macvlan = {
@ -278,23 +281,28 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to come up
$client->waitForUnit("network-interfaces.target");
$client->waitForUnit("network.target");
$router->waitForUnit("network-interfaces.target");
$router->waitForUnit("network.target");
# Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done");
$client->succeed("while ! ip addr show dev macvlan | grep '192.168.1'; do true; done");
$client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
$client->waitUntilSucceeds("ip addr show dev macvlan | grep -q '192.168.1'");
# Test macvlan
$client->succeed("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2");
$client->succeed("ping -c 1 192.168.1.3");
# Print diagnosting information
$router->succeed("ip addr >&2");
$client->succeed("ip addr >&2");
$router->succeed("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.3");
# Test macvlan creates routable ips
$client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.3");
'';
};
sit = let
@ -323,20 +331,22 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to be configured
$client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target");
$client2->waitForUnit("network.target");
# Print diagnostic information
$client1->succeed("ip addr >&2");
$client2->succeed("ip addr >&2");
# Test ipv6
$client1->succeed("ping6 -c 1 fc00::1");
$client1->succeed("ping6 -c 1 fc00::2");
$client1->waitUntilSucceeds("ping6 -c 1 fc00::1");
$client1->waitUntilSucceeds("ping6 -c 1 fc00::2");
$client2->succeed("ping6 -c 1 fc00::1");
$client2->succeed("ping6 -c 1 fc00::2");
$client2->waitUntilSucceeds("ping6 -c 1 fc00::1");
$client2->waitUntilSucceeds("ping6 -c 1 fc00::2");
'';
};
vlan = let
@ -364,6 +374,7 @@ import ./make-test.nix ({ networkd, test, ... }:
''
startAll;
# Wait for networking to be configured
$client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target");

2
pkgs/applications/altcoins/primecoin.nix
View File

@ -30,7 +30,7 @@ stdenv.mkDerivation rec{
else "install -D bitcoind $out/bin/primecoind";
meta = {
description = "A new type cryptocurrency which is proof-of-work based on searching for prime numbers.";
description = "A new type cryptocurrency which is proof-of-work based on searching for prime numbers";
longDescription= ''
Primecoin is an innovative cryptocurrency, a form of digital
currency secured by cryptography and issued through a

4
pkgs/applications/audio/abcde/default.nix
View File

@ -2,13 +2,13 @@
, perl, DigestSHA, MusicBrainz, MusicBrainzDiscID
, makeWrapper }:
let version = "2.5.4";
let version = "2.6";
in
stdenv.mkDerivation {
name = "abcde-${version}";
src = fetchurl {
url = "mirror://debian/pool/main/a/abcde/abcde_${version}.orig.tar.gz";
sha256 = "14g5lsgh53hza9848351kwpygc0yqpvvzp3s923aja77f2wpkdl5";
sha256 = "0y2cg233n2hixs0ji76dggpzgf52v4c4mnpwiai889ql2piafgk8";
};
# FIXME: This package does not support MP3 encoding (only Ogg),

4
pkgs/applications/audio/calf/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
name = "calf-${version}";
version = "0.0.19";
version = "0.0.60";
src = fetchurl {
url = "mirror://sourceforge/calf/${name}.tar.gz";
sha256 = "1v1cjbxv5wg6rsa2nfz1f8r7cykcpx6jm5ccqmzx866dggiff1hi";
sha256 = "019fwg00jv217a5r767z7szh7vdrarybac0pr2sk26xp81kibrx9";
};
buildInputs = [

15
pkgs/applications/audio/cdparanoia/default.nix
View File

@ -2,14 +2,25 @@
stdenv.mkDerivation rec {
name = "cdparanoia-III-10.2";
src = fetchurl {
url = "http://downloads.xiph.org/releases/cdparanoia/${name}.src.tgz";
sha256 = "1pv4zrajm46za0f6lv162iqffih57a8ly4pc69f7y0gfyigb8p80";
};
preConfigure = "unset CC";
patches = stdenv.lib.optionals stdenv.isDarwin [
(fetchurl {
url = "https://trac.macports.org/export/70964/trunk/dports/audio/cdparanoia/files/osx_interface.patch";
sha1 = "c86e573f51e6d58d5f349b22802a7a7eeece9fcd";
})
(fetchurl {
url = "https://trac.macports.org/export/70964/trunk/dports/audio/cdparanoia/files/patch-paranoia_paranoia.c.10.4.diff";
sha1 = "d7dc121374df3b82e82adf544df7bf1eec377bdb";
})
];
meta = {
homepage = http://xiph.org/paranoia;
description = "A tool and library for reading digital audio from CDs";

4
pkgs/applications/audio/chuck/default.nix
View File

@ -1,12 +1,12 @@
{ stdenv, fetchurl, alsaLib, bison, flex, libsndfile, which }:
stdenv.mkDerivation rec {
version = "1.3.4.0";
version = "1.3.5.0";
name = "chuck-${version}";
src = fetchurl {
url = "http://chuck.cs.princeton.edu/release/files/chuck-${version}.tgz";
sha256 = "0cwbk8b1i18nkh2nxwzk2prranw83lgglxw7ccnp6b0r2b2yfpmn";
sha256 = "0rj2l5k6ncm4jaiq0igwfc2bzryzchk1is1jhk1n7wifxcf3d3k5";
};
buildInputs = [ bison flex libsndfile which ]

21
pkgs/applications/audio/dirt/default.nix Normal file
View File

@ -0,0 +1,21 @@
{ stdenv, fetchFromGitHub, libsndfile, libsamplerate, liblo, jack2 }:
stdenv.mkDerivation rec {
name = "dirt-git";
src = fetchFromGitHub {
repo = "Dirt";
owner = "tidalcycles";
rev = "cfc5e85318defda7462192b5159103c823ce61f7";
sha256 = "1shbyp54q64g6bsl6hhch58k3z1dyyy9ph6cq2xvdf8syy00sisz";
};
buildInputs = [ libsndfile libsamplerate liblo jack2 ];
configurePhase = ''
export DESTDIR=$out
'';
meta = {
description = "An unimpressive thingie for playing bits of samples with some level of accuracy";
homepage = "https://github.com/tidalcycles/Dirt";
license = stdenv.lib.licenses.gpl3;
};
}

4
pkgs/applications/audio/drumkv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "drumkv1-${version}";
version = "0.6.0";
version = "0.6.1";
src = fetchurl {
url = "mirror://sourceforge/drumkv1/${name}.tar.gz";
sha256 = "1y3imsh059y9sihr92f3drwmcby4x3krmhly111ahwkydb94kphw";
sha256 = "082ml6g63n6s3w704fjkma8085g2l10az3f6r78y9hpgpw3042jw";
};
buildInputs = [ jack2 libsndfile lv2 qt4 ];

2
pkgs/applications/audio/gnaural/default.nix
View File

@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib;
{ description = "Auditory binaural-beat generator";
homepage = http://gnaural.sourceforge.net/;
licenses = licenses.gpl2;
license = licenses.gpl2;
maintainers = [ maintainers.emery ];
platforms = platforms.linux;
};

20
pkgs/applications/audio/id3v2/default.nix
View File

@ -1,28 +1,28 @@
{stdenv, fetchurl, id3lib, groff, zlib}:
let version = "0.1.12"; in
stdenv.mkDerivation rec {
name = "id3v2-0.1.11";
name = "id3v2-${version}";
src = fetchurl {
url = "mirror://sourceforge/id3v2/${name}.tar.gz";
sha256 = "00r6f9yzmkrqa62dnkm8njg5cjzhmy0l17nj1ba15nrrm0mnand4";
sha256 = "1gr22w8gar7zh5pyyvdy7cy26i47l57jp1l1nd60xfwx339zl1c1";
};
patches = [ ./id3v2-0.1.11-track-bad-free.patch ];
nativeBuildInputs = [ groff ];
buildInputs = [ id3lib zlib ];
configurePhase = ''
export makeFlags=PREFIX=$out
'';
makeFlags = "PREFIX=$(out)";
buildFlags = "clean all";
preInstall = ''
mkdir -p $out/bin $out/man/man1
mkdir -p $out/{bin,share/man/man1}
'';
meta = {
meta = with stdenv.lib; {
inherit version;
description = "A command line editor for id3v2 tags";
homepage = http://id3v2.sourceforge.net/;
license = stdenv.lib.licenses.gpl2Plus;
license = licenses.gpl2Plus;
maintainers = with maintainers; [ nckx ];
};
}

14
pkgs/applications/audio/id3v2/id3v2-0.1.11-track-bad-free.patch
View File

@ -1,14 +0,0 @@
http://sourceforge.net/tracker/index.php?func=detail&aid=1252035&group_id=4193&atid=304193
diff -up id3v2-0.1.11/id3v2.cpp~ id3v2-0.1.11/id3v2.cpp
--- id3v2-0.1.11/id3v2.cpp~ 2004-05-04 21:30:15.000000000 +0300
+++ id3v2-0.1.11/id3v2.cpp 2008-01-03 21:22:02.000000000 +0200
@@ -423,7 +423,7 @@ int main( int argc, char *argv[])
{
// check if there is a total track number and if we only have
// the track number for this file. In this case combine them.
- char *currentTrackNum, *newTrackNum;
+ char *currentTrackNum, *newTrackNum = NULL;
if (pFrame != NULL)
{

53
pkgs/applications/audio/jaaa/default.nix Normal file
View File

@ -0,0 +1,53 @@
{ stdenv, fetchurl, alsaLib, libclthreads, libclxclient, libX11, libXft, libXrender, fftwFloat, freetype, fontconfig, jack2, xlibs, zita-alsa-pcmi }:
stdenv.mkDerivation rec {
name = "jaaa-${version}";
version = "0.8.4";
src = fetchurl {
url = "http://kokkinizita.linuxaudio.org/linuxaudio/downloads/${name}.tar.bz2";
sha256 = "0jyll4rkb6vja2widc340ww078rr24c6nmxbxdqvbxw409nccd01";
};
buildInputs = [
alsaLib libclthreads libclxclient libX11 libXft libXrender fftwFloat jack2 zita-alsa-pcmi
];
NIX_CFLAGS_COMPILE = [
"-I${xlibs.xproto}/include"
"-I${libX11}/include"
"-I${libXft}/include"
"-I${freetype}/include"
"-I${fontconfig}/include"
"-I${libXrender}/include"
"-I${xlibs.renderproto}/include"
"-I${alsaLib}/include"
"-I${zita-alsa-pcmi}/include"
];
patchPhase = ''
cd source/
sed -i "s@clthreads.h@${libclthreads}/include@g" $(find . -name '*.cc')
sed -i "s@clxclient.h@${libclxclient}/include@g" $(find . -name '*.cc')
sed -i "s@clthreads.h@${libclthreads}/include@g" $(find . -name '*.h')
sed -i "s@clxclient.h@${libclxclient}/include@g" $(find . -name '*.h')
'';
buildlPhase = ''
make PREFIX="$out"
'';
installPhase = ''
echo zita= ${zita-alsa-pcmi}
make PREFIX="$out" install
install -Dm644 ../README "$out/README"
'';
meta = with stdenv.lib; {
homepage = http://kokkinizita.linuxaudio.org/linuxaudio/index.html;
description = "JACK and ALSA Audio Analyser";
license = licenses.gpl2;
maintainers = [ maintainers.magnetophon ];
platforms = platforms.linux;
};
}

4
pkgs/applications/audio/mikmod/default.nix
View File

@ -1,10 +1,10 @@
{ stdenv, fetchurl, libmikmod, ncurses }:
{ stdenv, fetchurl, libmikmod, ncurses, alsaLib }:
stdenv.mkDerivation rec {
name = "mikmod-3.2.6";
src = fetchurl {
url = "http://downloads.sourceforge.net/project/mikmod/mikmod/3.2.6/mikmod-3.2.6.tar.gz";
url = "mirror://sourceforge/mikmod/${name}.tar.gz";
sha256 = "0wr61raj10rpl64mk3x9g3rwys898fbzyg93c6mrz89nvc74wm04";
};

2
pkgs/applications/audio/mopidy-mopify/default.nix
View File

@ -16,7 +16,7 @@ pythonPackages.buildPythonPackage rec {
meta = with stdenv.lib; {
homepage = https://github.com/dirkgroenen/mopidy-mopify;
description = "A mopidy webclient based on the Spotify webbased interface.";
description = "A mopidy webclient based on the Spotify webbased interface";
license = licenses.gpl3;
maintainers = [ maintainers.Gonzih ];
};

30
pkgs/applications/audio/musescore/default.nix
View File

@ -1,33 +1,31 @@
{ stdenv, fetchurl, makeWrapper, cmake, qt4, pkgconfig, alsaLib, portaudio, jack2, libsndfile}:
{ stdenv, fetchurl, makeWrapper, cmake, qt5, pkgconfig, alsaLib, portaudio, jack2
, lame, libsndfile, libvorbis }:
stdenv.mkDerivation rec {
name = "musescore-1.3";
name = "musescore-${version}";
version = "2.0.0";
src = fetchurl {
url = "http://ftp.osuosl.org/pub/musescore/releases/MuseScore-1.3/mscore-1.3.tar.bz2";
sha256 = "a0b60cc892ac0266c58fc6392be72c0a21c3aa7fd0b6e4f1dddad1c8b36be683";
url = "https://github.com/musescore/MuseScore/archive/v${version}.tar.gz";
sha256 = "1a4fz9pqwz59brfa7qn61364hyd07lsq3lflkzn1w2q21d7xd20w";
};
buildInputs = [ makeWrapper cmake qt4 pkgconfig alsaLib portaudio jack2 libsndfile ];
buildInputs = [
makeWrapper cmake qt5 pkgconfig alsaLib portaudio jack2 lame libsndfile libvorbis
];
configurePhase = ''
cd mscore;
mkdir build;
cd build;
cmake -DCMAKE_INSTALL_PREFIX=$out -DQT_PLUGINS_DIR=$out/lib/qt4/plugins -DCMAKE_BUILD_TYPE=Release ..'';
preBuild = ''make lrelease;'';
postInstall = ''
wrapProgram $out/bin/mscore --prefix QT_PLUGIN_PATH : $out/lib/qt4/plugins
patchPhase = ''
sed s,"/usr/local",$out, -i Makefile
'';
preBuild = "make lrelease";
meta = with stdenv.lib; {
description = "Qt-based score editor";
homepage = http://musescore.org/;
license = licenses.gpl2;
platforms = platforms.linux;
maintainers = [ stdenv.lib.maintainers.vandenoever ];
maintainers = [ maintainers.vandenoever ];
repositories.git = https://github.com/musescore/MuseScore;
};
}

38
pkgs/applications/audio/pamixer/default.nix
View File

@ -1,20 +1,16 @@
{ stdenv, fetchgit, pulseaudio, boost }:
let
tag = "1.1";
in
{ stdenv, fetchurl, boost, pulseaudio }:
stdenv.mkDerivation rec {
name = "pamixer-${tag}";
name = "pamixer-${version}";
version = "1.2.1";
src = fetchgit {
url = git://github.com/cdemoulins/pamixer;
rev = "refs/tags/${tag}";
sha256 = "03r0sbfj85wp6yxa87pjg69ivmk0mxxa2nykr8gf2c607igmb034";
src = fetchurl {
url = "https://github.com/cdemoulins/pamixer/archive/${version}.tar.gz";
sha256 = "1ad6b46hh02hs1978pgihrm2bnq4z2v0imrfm3wy74xdkr6xjxy4";
};
buildInputs = [ pulseaudio boost ];
buildInputs = [ boost pulseaudio ];
installPhase = ''
mkdir -p $out/bin
@ -22,17 +18,19 @@ stdenv.mkDerivation rec {
'';
meta = with stdenv.lib; {
description = "Like amixer but for pulseaudio";
longDescription = "Features:
- Get the current volume of the default sink, the default source or a selected one by his id
- Set the volume for the default sink, the default source or any other device
- List the sinks
- List the sources
- Increase / Decrease the volume for a device
- Mute or unmute a device";
description = "Pulseaudio command line mixer";
longDescription = ''
Features:
- Get the current volume of the default sink, the default source or a selected one by his id
- Set the volume for the default sink, the default source or any other device
- List the sinks
- List the sources
- Increase / Decrease the volume for a device
- Mute or unmute a device
'';
homepage = https://github.com/cdemoulins/pamixer;
license = licenses.gpl3;
maintainers = with maintainers; [ _1126 ];
platforms = platforms.linux;
maintainers = [ maintainers._1126 ];
};
}

40
pkgs/applications/audio/pithos/default.nix Normal file
View File

@ -0,0 +1,40 @@
# Based on Richard Wallace's post here: http://comments.gmane.org/gmane.linux.distributions.nixos/14734
{ fetchurl, stdenv, pythonPackages, gtk3, libnotify, gst_all_1 }:
pythonPackages.buildPythonPackage rec {
name = "pithos-${version}";
version = "1.0.1";
src = fetchurl {
url = "https://github.com/pithos/pithos/archive/${version}.tar.gz";
sha256 = "67b83927d5111067aefbf034d23880f96b1a2d300464e8491efa80e97e67f50f";
};
postPatch = ''
substituteInPlace setup.py --replace "/usr/share" "$out/share"
'';
buildInputs = with gst_all_1; [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-plugins-bad libnotify ];
pythonPath = with pythonPackages; [ pygobject3 dbus pylast ];
propogatedBuildInputs = pythonPath;
postInstall = ''
wrapProgram "$out/bin/pithos" --prefix GST_PLUGIN_SYSTEM_PATH_1_0 ":" "$GST_PLUGIN_SYSTEM_PATH_1_0"
'';
meta = with stdenv.lib; {
description = "Pandora player";
longDescription = ''
Pandora Internet Radio player for GNOME
'';
homepage = http://pithos.github.io/ ;
license = licenses.gpl3;
maintainers = with maintainers; [ obadz ];
};
}

4
pkgs/applications/audio/qmmp/default.nix
View File

@ -28,11 +28,11 @@
# handle that.
stdenv.mkDerivation rec {
name = "qmmp-0.8.2";
name = "qmmp-0.8.4";
src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "1vwjy3bv1gj6k5kqkhw2q7aspashw6x4lxccl28iydjfzk7d7cd4";
sha256 = "1ld69xypyak3lzwmfvzbxsyd4fl841aaq0gmkfa7jpavbdlggydf";
};
buildInputs =

4
pkgs/applications/audio/qsynth/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
name = "qsynth-${version}";
version = "0.3.8";
version = "0.3.9";
src = fetchurl {
url = "mirror://sourceforge/qsynth/${name}.tar.gz";
sha256 = "0wmq61cq93x2l00xwr871373mj3dwamz1dg6v62x7s8m1612ndrw";
sha256 = "08kyn6cl755l9i1grzjx8yi3f8mgiz4gx0hgqad1n0d8yz85087b";
};
buildInputs = [ alsaLib fluidsynth jack2 qt4 ];

10
pkgs/applications/audio/qtractor/default.nix
View File

@ -1,20 +1,22 @@
{ alsaLib, autoconf, automake, dssi, fetchurl, gtk, jack2
, ladspaH, ladspaPlugins, liblo, libmad, libsamplerate, libsndfile
, libtool, libvorbis, pkgconfig, qt4, rubberband, stdenv }:
, libtool, libvorbis, lilv, lv2, pkgconfig, qt4, rubberband, serd
, sord, sratom, stdenv, suil }:
stdenv.mkDerivation rec {
version = "0.6.5";
version = "0.6.6";
name = "qtractor-${version}";
src = fetchurl {
url = "mirror://sourceforge/qtractor/${name}.tar.gz";
sha256 = "0znhm0p9azknmhga6m0qp01qaiahlnfzxya1jf9r05jn9hx5lzf0";
sha256 = "1n70hs4bx4hq3cp2p35jq5vlcans4fk2c35w72244vlqlajx05c0";
};
buildInputs =
[ alsaLib autoconf automake dssi gtk jack2 ladspaH
ladspaPlugins liblo libmad libsamplerate libsndfile libtool
libvorbis pkgconfig qt4 rubberband
libvorbis lilv lv2 pkgconfig qt4 rubberband serd sord sratom
suil
];
meta = with stdenv.lib; {

Some files were not shown because too many files have changed in this diff Show More