diff options
author | Vladimír Čunát <vcunat@gmail.com> | 2016-01-18 09:48:49 +0100 |
---|---|---|
committer | Vladimír Čunát <vcunat@gmail.com> | 2016-01-18 09:48:49 +0100 |
commit | 620c147ccee09d7d068fa21b2b5b94b6695993a5 (patch) | |
tree | 8bfa9b076f2712ba0318c986dcf80749e281db2d /nixos | |
parent | 85628148de308b96744986f44ef0d05807125082 (diff) | |
parent | c23b0856fda476df6aa58bcded9de6bdbeefdaed (diff) | |
download | nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar.gz nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar.bz2 nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar.lz nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar.xz nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.tar.zst nixlib-620c147ccee09d7d068fa21b2b5b94b6695993a5.zip |
Merge branch 'master' into staging
Diffstat (limited to 'nixos')
98 files changed, 942 insertions, 145 deletions
diff --git a/nixos/modules/config/ldap.nix b/nixos/modules/config/ldap.nix index c87996df8855..a6657768e061 100644 --- a/nixos/modules/config/ldap.nix +++ b/nixos/modules/config/ldap.nix @@ -57,6 +57,7 @@ in users.ldap = { enable = mkOption { + type = types.bool; default = false; description = "Whether to enable authentication against an LDAP server."; }; diff --git a/nixos/modules/config/pulseaudio.nix b/nixos/modules/config/pulseaudio.nix index 2ebc61260558..179e826ba059 100644 --- a/nixos/modules/config/pulseaudio.nix +++ b/nixos/modules/config/pulseaudio.nix @@ -99,6 +99,7 @@ in { package = mkOption { type = types.package; default = pulseaudioLight; + defaultText = "pkgs.pulseaudioLight"; example = literalExample "pkgs.pulseaudioFull"; description = '' The PulseAudio derivation to use. This can be used to enable diff --git a/nixos/modules/config/shells-environment.nix b/nixos/modules/config/shells-environment.nix index d0243f9775c5..9642981803bf 100644 --- a/nixos/modules/config/shells-environment.nix +++ b/nixos/modules/config/shells-environment.nix @@ -119,6 +119,7 @@ in environment.binsh = mkOption { default = "${config.system.build.binsh}/bin/sh"; + defaultText = "\${config.system.build.binsh}/bin/sh"; example = literalExample '' "''${pkgs.dash}/bin/dash" ''; diff --git a/nixos/modules/config/unix-odbc-drivers.nix b/nixos/modules/config/unix-odbc-drivers.nix index 98929392acec..eea6477fff23 100644 --- a/nixos/modules/config/unix-odbc-drivers.nix +++ b/nixos/modules/config/unix-odbc-drivers.nix @@ -10,8 +10,9 @@ with lib; options = { environment.unixODBCDrivers = mkOption { + type = types.listOf types.package; default = []; - example = literalExample "map (x : x.ini) (with pkgs.unixODBCDrivers; [ mysql psql psqlng ] )"; + example = literalExample "with pkgs.unixODBCDrivers; [ mysql psql psqlng ]"; description = '' Specifies Unix ODBC drivers to be registered in <filename>/etc/odbcinst.ini</filename>. You may also want to @@ -26,7 +27,7 @@ with lib; config = mkIf (config.environment.unixODBCDrivers != []) { environment.etc."odbcinst.ini".text = - let inis = config.environment.unixODBCDrivers; + let inis = map (x : x.ini) config.environment.unixODBCDrivers; in lib.concatStringsSep "\n" inis; }; diff --git a/nixos/modules/installer/cd-dvd/channel.nix b/nixos/modules/installer/cd-dvd/channel.nix index ea7e3e16b8df..1e5e2b2615c8 100644 --- a/nixos/modules/installer/cd-dvd/channel.nix +++ b/nixos/modules/installer/cd-dvd/channel.nix @@ -17,7 +17,9 @@ let mkdir -p $out cp -prd ${pkgs.path} $out/nixos chmod -R u+w $out/nixos - ln -s . $out/nixos/nixpkgs + if [ ! -e $out/nixos/nixpkgs ]; then + ln -s . $out/nixos/nixpkgs + fi rm -rf $out/nixos/.git echo -n ${config.system.nixosVersionSuffix} > $out/nixos/.version-suffix ''; diff --git a/nixos/modules/installer/cd-dvd/system-tarball-pc.nix b/nixos/modules/installer/cd-dvd/system-tarball-pc.nix index 1156003d3f47..5da5df81ede1 100644 --- a/nixos/modules/installer/cd-dvd/system-tarball-pc.nix +++ b/nixos/modules/installer/cd-dvd/system-tarball-pc.nix @@ -109,7 +109,7 @@ in # not be started by default on the installation CD because the # default root password is empty. services.openssh.enable = true; - jobs.openssh.startOn = lib.mkOverride 50 ""; + systemd.services.openssh.wantedBy = lib.mkOverride 50 []; # To be able to use the systemTarball to catch troubles. boot.crashDump = { diff --git a/nixos/modules/misc/crashdump.nix b/nixos/modules/misc/crashdump.nix index 773b5ac9da3e..5ef4b7781bd0 100644 --- a/nixos/modules/misc/crashdump.nix +++ b/nixos/modules/misc/crashdump.nix @@ -24,6 +24,7 @@ in ''; }; kernelPackages = mkOption { + type = types.package; default = pkgs.linuxPackages; # We don't want to evaluate all of linuxPackages for the manual # - some of it might not even evaluate correctly. diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 39ed914994c1..064b4cbc4b33 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -245,6 +245,9 @@ opendkim = 221; dspam = 222; gale = 223; + matrix-synapse = 224; + rspamd = 225; + rmilter = 226; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -467,6 +470,9 @@ opendkim = 221; dspam = 222; gale = 223; + matrix-synapse = 224; + rspamd = 225; + rmilter = 226; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/misc/nixos.nix b/nixos/modules/misc/nixos.nix index 356129211d06..84365b640a48 100644 --- a/nixos/modules/misc/nixos.nix +++ b/nixos/modules/misc/nixos.nix @@ -37,8 +37,8 @@ with lib; nixos.extraModules = mkOption { default = []; - example = literalExample "mkIf config.services.openssh.enable [ ./sshd-config.nix ]"; - type = types.listOf types.unspecified; + example = literalExample "[ ./sshd-config.nix ]"; + type = types.listOf (types.either (types.submodule ({...}:{options={};})) types.path); description = '' Define additional modules which would be loaded to evaluate the configuration. diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index d9e8c2da5b32..2ff61877c23d 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -193,6 +193,8 @@ ./services/mail/postfix.nix ./services/mail/postsrsd.nix ./services/mail/spamassassin.nix + ./services/mail/rspamd.nix + ./services/mail/rmilter.nix ./services/misc/apache-kafka.nix ./services/misc/autofs.nix ./services/misc/bepasty.nix @@ -214,6 +216,7 @@ ./services/misc/gpsd.nix ./services/misc/ihaskell.nix ./services/misc/mathics.nix + ./services/misc/matrix-synapse.nix ./services/misc/mbpfan.nix ./services/misc/mediatomb.nix ./services/misc/mesos-master.nix diff --git a/nixos/modules/programs/ssh.nix b/nixos/modules/programs/ssh.nix index 87a7bac208b7..260888be485f 100644 --- a/nixos/modules/programs/ssh.nix +++ b/nixos/modules/programs/ssh.nix @@ -93,7 +93,9 @@ in }; package = mkOption { + type = types.package; default = pkgs.openssh; + defaultText = "pkgs.openssh"; description = '' The package used for the openssh client and daemon. ''; @@ -142,16 +144,18 @@ in description = '' The set of system-wide known SSH hosts. ''; - example = [ - { - hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ]; - publicKeyFile = literalExample "./pubkeys/myhost_ssh_host_dsa_key.pub"; - } - { - hostNames = [ "myhost2" ]; - publicKeyFile = literalExample "./pubkeys/myhost2_ssh_host_dsa_key.pub"; - } - ]; + example = literalExample '' + [ + { + hostNames = [ "myhost" "myhost.mydomain.com" "10.10.1.4" ]; + publicKeyFile = "./pubkeys/myhost_ssh_host_dsa_key.pub"; + } + { + hostNames = [ "myhost2" ]; + publicKeyFile = "./pubkeys/myhost2_ssh_host_dsa_key.pub"; + } + ] + ''; }; }; diff --git a/nixos/modules/programs/zsh/zsh.nix b/nixos/modules/programs/zsh/zsh.nix index dae7e446b4cf..b51104c16fa9 100644 --- a/nixos/modules/programs/zsh/zsh.nix +++ b/nixos/modules/programs/zsh/zsh.nix @@ -98,18 +98,18 @@ in loginShellInit = cfge.loginShellInit; interactiveShellInit = '' - ${cfge.interactiveShellInit} - - ${cfg.promptInit} - ${zshAliases} - - # Some sane history defaults + # history defaults export SAVEHIST=2000 export HISTSIZE=2000 export HISTFILE=$HOME/.zsh_history setopt HIST_IGNORE_DUPS SHARE_HISTORY HIST_FCNTL_LOCK + ${cfge.interactiveShellInit} + + ${cfg.promptInit} + ${zshAliases} + # Tell zsh how to find installed completions for p in ''${(z)NIX_PROFILES}; do fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions) diff --git a/nixos/modules/services/audio/liquidsoap.nix b/nixos/modules/services/audio/liquidsoap.nix index bf67d2399ebb..1c19ed36bdc7 100644 --- a/nixos/modules/services/audio/liquidsoap.nix +++ b/nixos/modules/services/audio/liquidsoap.nix @@ -46,7 +46,7 @@ in example = { myStream1 = literalExample "\"/etc/liquidsoap/myStream1.liq\""; myStream2 = literalExample "./myStream2.liq"; - myStream3 = literalExample "\"out(playlist(\"/srv/music/\"))\""; + myStream3 = literalExample "\"out(playlist(\\\"/srv/music/\\\"))\""; }; type = types.attrsOf (types.either types.path types.str); diff --git a/nixos/modules/services/backup/bacula.nix b/nixos/modules/services/backup/bacula.nix index 69f3c3f8a758..8a26aae75fe9 100644 --- a/nixos/modules/services/backup/bacula.nix +++ b/nixos/modules/services/backup/bacula.nix @@ -207,7 +207,7 @@ in { description = '' Extra configuration to be passed in Client directive. ''; - example = literalExample '' + example = '' Maximum Concurrent Jobs = 20; Heartbeat Interval = 30; ''; @@ -218,7 +218,7 @@ in { description = '' Extra configuration to be passed in Messages directive. ''; - example = literalExample '' + example = '' console = all ''; }; diff --git a/nixos/modules/services/backup/rsnapshot.nix b/nixos/modules/services/backup/rsnapshot.nix index fb25bd9dd1e8..96657cf17fc5 100644 --- a/nixos/modules/services/backup/rsnapshot.nix +++ b/nixos/modules/services/backup/rsnapshot.nix @@ -43,6 +43,7 @@ in package = mkOption { type = types.package; default = pkgs.rsnapshot; + defaultText = "pkgs.rsnapshot"; example = literalExample "pkgs.rsnapshotGit"; description = '' RSnapshot package to use. diff --git a/nixos/modules/services/backup/tarsnap.nix b/nixos/modules/services/backup/tarsnap.nix index 3a51e6b7aa6c..78776786468b 100644 --- a/nixos/modules/services/backup/tarsnap.nix +++ b/nixos/modules/services/backup/tarsnap.nix @@ -5,9 +5,9 @@ with lib; let cfg = config.services.tarsnap; - configFile = cfg: '' - cachedir ${config.services.tarsnap.cachedir} - keyfile ${config.services.tarsnap.keyfile} + configFile = name: cfg: '' + cachedir ${config.services.tarsnap.cachedir}/${name} + keyfile ${cfg.keyfile} ${optionalString cfg.nodump "nodump"} ${optionalString cfg.printStats "print-stats"} ${optionalString cfg.printStats "humanize-numbers"} @@ -41,6 +41,20 @@ in account. Create the keyfile with <command>tarsnap-keygen</command>. + Note that each individual archive (specified below) may also have its + own individual keyfile specified. Tarsnap does not allow multiple + concurrent backups with the same cache directory and key (starting a + new backup will cause another one to fail). If you have multiple + archives specified, you should either spread out your backups to be + far apart, or specify a separate key for each archive. By default + every archive defaults to using + <literal>"/root/tarsnap.key"</literal>. + + It's recommended for backups that you generate a key for every archive + using <literal>tarsnap-keygen(1)</literal>, and then generate a + write-only tarsnap key using <literal>tarsnap-keymgmt(1)</literal>, + and keep your master key(s) for a particular machine off-site. + The keyfile name should be given as a string and not a path, to avoid the key being copied into the Nix store. ''; @@ -57,6 +71,12 @@ in will refuse to run until you manually rebuild the cache with <command>tarsnap --fsck</command>. + Note that each individual archive (specified below) has its own cache + directory specified under <literal>cachedir</literal>; this is because + tarsnap locks the cache during backups, meaning multiple services + archives cannot be backed up concurrently or overlap with a shared + cache. + Set to <literal>null</literal> to disable caching. ''; }; @@ -65,6 +85,28 @@ in type = types.attrsOf (types.submodule ( { options = { + keyfile = mkOption { + type = types.str; + default = config.services.tarsnap.keyfile; + description = '' + Set a specific keyfile for this archive. This defaults to + <literal>"/root/tarsnap.key"</literal> if left unspecified. + + Use this option if you want to run multiple backups + concurrently - each archive must have a unique key. You can + generate a write-only key derived from your master key (which + is recommended) using <literal>tarsnap-keymgmt(1)</literal>. + + Note: every archive must have an individual master key. You + must generate multiple keys with + <literal>tarsnap-keygen(1)</literal>, and then generate write + only keys from those. + + The keyfile name should be given as a string and not a path, to + avoid the key being copied into the Nix store. + ''; + }; + nodump = mkOption { type = types.bool; default = true; @@ -258,6 +300,7 @@ in mkdir -p -m 0700 ${cfg.cachedir} chown root:root ${cfg.cachedir} chmod 0700 ${cfg.cachedir} + mkdir -p -m 0700 ${cfg.cachedir}/$1 DIRS=`cat /etc/tarsnap/$1.dirs` exec tarsnap --configfile /etc/tarsnap/$1.conf -c -f $1-$(date +"%Y%m%d%H%M%S") $DIRS ''; @@ -280,7 +323,7 @@ in environment.etc = (mapAttrs' (name: cfg: nameValuePair "tarsnap/${name}.conf" - { text = configFile cfg; + { text = configFile name cfg; }) cfg.archives) // (mapAttrs' (name: cfg: nameValuePair "tarsnap/${name}.dirs" { text = concatStringsSep " " cfg.directories; diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix index d571aa3e199d..d6ae4b45ceef 100644 --- a/nixos/modules/services/continuous-integration/jenkins/default.nix +++ b/nixos/modules/services/continuous-integration/jenkins/default.nix @@ -80,6 +80,7 @@ in { packages = mkOption { default = [ pkgs.stdenv pkgs.git pkgs.jdk config.programs.ssh.package pkgs.nix ]; + defaultText = "[ pkgs.stdenv pkgs.git pkgs.jdk config.programs.ssh.package pkgs.nix ]"; type = types.listOf types.package; description = '' Packages to add to PATH for the jenkins process. diff --git a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix index 702d452279f8..7b1fe6269fe9 100644 --- a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix +++ b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix @@ -74,7 +74,7 @@ in { ]; }; } - ]; + ] ''; description = '' Job descriptions for Jenkins Job Builder in Nix format. diff --git a/nixos/modules/services/databases/couchdb.nix b/nixos/modules/services/databases/couchdb.nix index 2b1d07c355ef..ae0589b399e0 100644 --- a/nixos/modules/services/databases/couchdb.nix +++ b/nixos/modules/services/databases/couchdb.nix @@ -38,6 +38,7 @@ in { package = mkOption { type = types.package; default = pkgs.couchdb; + defaultText = "pkgs.couchdb"; example = literalExample "pkgs.couchdb"; description = '' CouchDB package to use. diff --git a/nixos/modules/services/databases/firebird.nix b/nixos/modules/services/databases/firebird.nix index c874b218a5e7..b9f66612d4eb 100644 --- a/nixos/modules/services/databases/firebird.nix +++ b/nixos/modules/services/databases/firebird.nix @@ -49,6 +49,7 @@ in package = mkOption { default = pkgs.firebirdSuper; + defaultText = "pkgs.firebirdSuper"; type = types.package; /* Example: <code>package = pkgs.firebirdSuper.override { icu = diff --git a/nixos/modules/services/databases/hbase.nix b/nixos/modules/services/databases/hbase.nix index ccfabc9de0b5..629d02209a9c 100644 --- a/nixos/modules/services/databases/hbase.nix +++ b/nixos/modules/services/databases/hbase.nix @@ -44,6 +44,7 @@ in { package = mkOption { type = types.package; default = pkgs.hbase; + defaultText = "pkgs.hbase"; example = literalExample "pkgs.hbase"; description = '' HBase package to use. diff --git a/nixos/modules/services/databases/influxdb.nix b/nixos/modules/services/databases/influxdb.nix index 8d63f14c67b5..e2268bd556ef 100644 --- a/nixos/modules/services/databases/influxdb.nix +++ b/nixos/modules/services/databases/influxdb.nix @@ -120,6 +120,7 @@ in package = mkOption { default = pkgs.influxdb; + defaultText = "pkgs.influxdb"; description = "Which influxdb derivation to use"; type = types.package; }; diff --git a/nixos/modules/services/databases/mongodb.nix b/nixos/modules/services/databases/mongodb.nix index 14ffdad9217d..ef9bc46e4a0e 100644 --- a/nixos/modules/services/databases/mongodb.nix +++ b/nixos/modules/services/databases/mongodb.nix @@ -41,6 +41,7 @@ in package = mkOption { default = pkgs.mongodb; + defaultText = "pkgs.mongodb"; type = types.package; description = " Which MongoDB derivation to use. diff --git a/nixos/modules/services/databases/neo4j.nix b/nixos/modules/services/databases/neo4j.nix index 1413839ce220..41b960685906 100644 --- a/nixos/modules/services/databases/neo4j.nix +++ b/nixos/modules/services/databases/neo4j.nix @@ -49,6 +49,7 @@ in { package = mkOption { description = "Neo4j package to use."; default = pkgs.neo4j; + defaultText = "pkgs.neo4j"; type = types.package; }; diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix index 29bdb2017523..6fd901a00559 100644 --- a/nixos/modules/services/databases/openldap.nix +++ b/nixos/modules/services/databases/openldap.nix @@ -25,22 +25,7 @@ in description = " Whether to enable the ldap server. "; - example = literalExample '' - openldap.enable = true; - openldap.extraConfig = ''' - include ''${pkgs.openldap}/etc/openldap/schema/core.schema - include ''${pkgs.openldap}/etc/openldap/schema/cosine.schema - include ''${pkgs.openldap}/etc/openldap/schema/inetorgperson.schema - include ''${pkgs.openldap}/etc/openldap/schema/nis.schema - - database bdb - suffix dc=example,dc=org - rootdn cn=admin,dc=example,dc=org - # NOTE: change after first start - rootpw secret - directory /var/db/openldap - '''; - ''; + example = true; }; user = mkOption { @@ -67,6 +52,19 @@ in description = " sldapd.conf configuration "; + example = '' + include ''${pkgs.openldap}/etc/openldap/schema/core.schema + include ''${pkgs.openldap}/etc/openldap/schema/cosine.schema + include ''${pkgs.openldap}/etc/openldap/schema/inetorgperson.schema + include ''${pkgs.openldap}/etc/openldap/schema/nis.schema + + database bdb + suffix dc=example,dc=org + rootdn cn=admin,dc=example,dc=org + # NOTE: change after first start + rootpw secret + directory /var/db/openldap + ''; }; }; diff --git a/nixos/modules/services/databases/opentsdb.nix b/nixos/modules/services/databases/opentsdb.nix index 0e73d4aca0e6..489cdcffe658 100644 --- a/nixos/modules/services/databases/opentsdb.nix +++ b/nixos/modules/services/databases/opentsdb.nix @@ -26,6 +26,7 @@ in { package = mkOption { type = types.package; default = pkgs.opentsdb; + defaultText = "pkgs.opentsdb"; example = literalExample "pkgs.opentsdb"; description = '' OpenTSDB package to use. diff --git a/nixos/modules/services/databases/redis.nix b/nixos/modules/services/databases/redis.nix index f2612d0b43b9..6323d2c8ce4e 100644 --- a/nixos/modules/services/databases/redis.nix +++ b/nixos/modules/services/databases/redis.nix @@ -46,6 +46,7 @@ in package = mkOption { type = types.package; default = pkgs.redis; + defaultText = "pkgs.redis"; description = "Which Redis derivation to use."; }; diff --git a/nixos/modules/services/hardware/acpid.nix b/nixos/modules/services/hardware/acpid.nix index e3421899d36e..48b2b6be09ed 100644 --- a/nixos/modules/services/hardware/acpid.nix +++ b/nixos/modules/services/hardware/acpid.nix @@ -20,7 +20,7 @@ let } ''; - events = [powerEvent lidEvent acEvent]; + events = [powerEvent lidEvent acEvent muteEvent volumeDownEvent volumeUpEvent cdPlayEvent cdNextEvent cdPrevEvent]; # Called when the power button is pressed. powerEvent = @@ -55,6 +55,61 @@ let ''; }; + muteEvent = { + name = "mute"; + event = "button/mute.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.muteCommands} + ''; + }; + + volumeDownEvent = { + name = "volume-down"; + event = "button/volumedown.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.volumeDownEventCommands} + ''; + }; + + volumeUpEvent = { + name = "volume-up"; + event = "button/volumeup.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.volumeUpEventCommands} + ''; + }; + + cdPlayEvent = { + name = "cd-play"; + event = "cd/play.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.cdPlayEventCommands} + ''; + }; + + cdNextEvent = { + name = "cd-next"; + event = "cd/next.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.cdNextEventCommands} + ''; + }; + + cdPrevEvent = { + name = "cd-prev"; + event = "cd/prev.*"; + action = '' + #! ${pkgs.bash}/bin/sh + ${config.services.acpid.cdPrevEventCommands} + ''; + }; + + in { @@ -89,6 +144,42 @@ in description = "Shell commands to execute on an ac_adapter.* event."; }; + muteCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an button/mute.* event."; + }; + + volumeDownEventCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an button/volumedown.* event."; + }; + + volumeUpEventCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an button/volumeup.* event."; + }; + + cdPlayEventCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an cd/play.* event."; + }; + + cdNextEventCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an cd/next.* event."; + }; + + cdPrevEventCommands = mkOption { + type = types.lines; + default = ""; + description = "Shell commands to execute on an cd/prev.* event."; + }; + }; }; diff --git a/nixos/modules/services/hardware/freefall.nix b/nixos/modules/services/hardware/freefall.nix index 2be339766069..066ccaa4d7cf 100644 --- a/nixos/modules/services/hardware/freefall.nix +++ b/nixos/modules/services/hardware/freefall.nix @@ -21,6 +21,7 @@ in { package = mkOption { type = types.package; default = pkgs.freefall; + defaultText = "pkgs.freefall"; description = '' freefall derivation to use. ''; diff --git a/nixos/modules/services/hardware/upower.nix b/nixos/modules/services/hardware/upower.nix index 0b6a101efa0b..739d76fbf1f5 100644 --- a/nixos/modules/services/hardware/upower.nix +++ b/nixos/modules/services/hardware/upower.nix @@ -27,6 +27,7 @@ in package = mkOption { type = types.package; default = pkgs.upower; + defaultText = "pkgs.upower"; example = lib.literalExample "pkgs.upower"; description = '' Which upower package to use. diff --git a/nixos/modules/services/logging/logrotate.nix b/nixos/modules/services/logging/logrotate.nix index 0186452de95e..fdd9f0f3e5c2 100644 --- a/nixos/modules/services/logging/logrotate.nix +++ b/nixos/modules/services/logging/logrotate.nix @@ -13,6 +13,7 @@ in options = { services.logrotate = { enable = mkOption { + type = lib.types.bool; default = false; description = '' Enable the logrotate cron job diff --git a/nixos/modules/services/logging/logstash.nix b/nixos/modules/services/logging/logstash.nix index 3a798c6f3724..e019e6c3f237 100644 --- a/nixos/modules/services/logging/logstash.nix +++ b/nixos/modules/services/logging/logstash.nix @@ -33,6 +33,7 @@ in package = mkOption { type = types.package; default = pkgs.logstash; + defaultText = "pkgs.logstash"; example = literalExample "pkgs.logstash"; description = "Logstash package to use."; }; @@ -84,7 +85,7 @@ in type = types.lines; default = ''stdin { type => "example" }''; description = "Logstash input configuration."; - example = literalExample '' + example = '' # Read from journal pipe { command => "''${pkgs.systemd}/bin/journalctl -f -o json" diff --git a/nixos/modules/services/logging/syslog-ng.nix b/nixos/modules/services/logging/syslog-ng.nix index 2bf6d1ff7904..21be286a6e98 100644 --- a/nixos/modules/services/logging/syslog-ng.nix +++ b/nixos/modules/services/logging/syslog-ng.nix @@ -39,6 +39,7 @@ in { package = mkOption { type = types.package; default = pkgs.syslogng; + defaultText = "pkgs.syslogng"; description = '' The package providing syslog-ng binaries. ''; diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix index 7ca4faae5d4f..36bdcaca47a3 100644 --- a/nixos/modules/services/mail/dovecot.nix +++ b/nixos/modules/services/mail/dovecot.nix @@ -90,6 +90,7 @@ in package = mkOption { type = types.package; default = pkgs.dovecot22; + defaultText = "pkgs.dovecot22"; description = "Dovecot package to use."; }; @@ -131,7 +132,7 @@ in modules = mkOption { type = types.listOf types.package; default = []; - example = [ pkgs.dovecot_pigeonhole ]; + example = literalExample "[ pkgs.dovecot_pigeonhole ]"; description = '' Symlinks the contents of lib/dovecot of every given package into /var/lib/dovecot/modules. This will make the given modules available diff --git a/nixos/modules/services/mail/postfix.nix b/nixos/modules/services/mail/postfix.nix index ab6ad3906000..6c5d7e92702b 100644 --- a/nixos/modules/services/mail/postfix.nix +++ b/nixos/modules/services/mail/postfix.nix @@ -300,7 +300,7 @@ in }; extraConfig = mkOption { - type = types.str; + type = types.lines; default = ""; description = " Extra lines to be added verbatim to the main.cf configuration file. diff --git a/nixos/modules/services/mail/rmilter.nix b/nixos/modules/services/mail/rmilter.nix new file mode 100644 index 000000000000..a6e2a9fc7808 --- /dev/null +++ b/nixos/modules/services/mail/rmilter.nix @@ -0,0 +1,189 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + rspamdCfg = config.services.rspamd; + cfg = config.services.rmilter; + + rmilterConf = '' +pidfile = /run/rmilter/rmilter.pid; +bind_socket = ${cfg.bindSocket}; +tempdir = /tmp; + + '' + (with cfg.rspamd; if enable then '' +spamd { + servers = ${concatStringsSep ", " servers}; + connect_timeout = 1s; + results_timeout = 20s; + error_time = 10; + dead_time = 300; + maxerrors = 10; + reject_message = "${rejectMessage}"; + ${optionalString (length whitelist != 0) "whitelist = ${concatStringsSep ", " whitelist};"} + + # rspamd_metric - metric for using with rspamd + # Default: "default" + rspamd_metric = "default"; + ${extraConfig} +}; + '' else "") + cfg.extraConfig; + + rmilterConfigFile = pkgs.writeText "rmilter.conf" rmilterConf; + +in + +{ + + ###### interface + + options = { + + services.rmilter = { + + enable = mkOption { + default = cfg.rspamd.enable; + description = "Whether to run the rmilter daemon."; + }; + + debug = mkOption { + default = false; + description = "Whether to run the rmilter daemon in debug mode."; + }; + + user = mkOption { + type = types.string; + default = "rmilter"; + description = '' + User to use when no root privileges are required. + ''; + }; + + group = mkOption { + type = types.string; + default = "rmilter"; + description = '' + Group to use when no root privileges are required. + ''; + }; + + bindSocket = mkOption { + type = types.string; + default = "unix:/run/rmilter/rmilter.sock"; + description = "Socket to listed for MTA requests"; + example = '' + "unix:/run/rmilter/rmilter.sock" or + "inet:11990@127.0.0.1" + ''; + }; + + rspamd = { + enable = mkOption { + default = rspamdCfg.enable; + description = "Whether to use rspamd to filter mails"; + }; + + servers = mkOption { + type = types.listOf types.str; + default = ["r:0.0.0.0:11333"]; + description = '' + Spamd socket definitions. + Is server name is prefixed with r: it is rspamd server. + ''; + }; + + whitelist = mkOption { + type = types.listOf types.str; + default = [ ]; + description = "list of ips or nets that should be not checked with spamd"; + }; + + rejectMessage = mkOption { + type = types.str; + default = "Spam message rejected; If this is not spam contact abuse"; + description = "reject message for spam"; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = "Custom snippet to append to end of `spamd' section"; + }; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = "Custom snippet to append to rmilter config"; + }; + + postfix = { + enable = mkOption { + type = types.bool; + default = false; + description = "Add rmilter to postfix main.conf"; + }; + + configFragment = mkOption { + type = types.str; + description = "Addon to postfix configuration"; + default = '' +smtpd_milters = ${cfg.bindSocket} +# or for TCP socket +# # smtpd_milters = inet:localhost:9900 +milter_protocol = 6 +milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} +# skip mail without checks if milter will die +milter_default_action = accept + ''; + }; + }; + + }; + + }; + + + ###### implementation + + config = mkIf cfg.enable { + + users.extraUsers = singleton { + name = cfg.user; + description = "rspamd daemon"; + uid = config.ids.uids.rmilter; + group = cfg.group; + }; + + users.extraGroups = singleton { + name = cfg.group; + gid = config.ids.gids.rmilter; + }; + + systemd.services.rmilter = { + description = "Rmilter Service"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + ExecStart = "${pkgs.rmilter}/bin/rmilter ${optionalString cfg.debug "-d"} -n -c ${rmilterConfigFile}"; + User = cfg.user; + Group = cfg.group; + PermissionsStartOnly = true; + Restart = "always"; + }; + + preStart = '' + ${pkgs.coreutils}/bin/mkdir -p /run/rmilter + ${pkgs.coreutils}/bin/chown ${cfg.user}:${cfg.group} /run/rmilter + ''; + + }; + + services.postfix.extraConfig = optionalString cfg.postfix.enable cfg.postfix.configFragment; + + }; + +} diff --git a/nixos/modules/services/mail/rspamd.nix b/nixos/modules/services/mail/rspamd.nix new file mode 100644 index 000000000000..a083f8293243 --- /dev/null +++ b/nixos/modules/services/mail/rspamd.nix @@ -0,0 +1,90 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.rspamd; + +in + +{ + + ###### interface + + options = { + + services.rspamd = { + + enable = mkOption { + default = false; + description = "Whether to run the rspamd daemon."; + }; + + debug = mkOption { + default = false; + description = "Whether to run the rspamd daemon in debug mode."; + }; + + user = mkOption { + type = types.string; + default = "rspamd"; + description = '' + User to use when no root privileges are required. + ''; + }; + + group = mkOption { + type = types.string; + default = "rspamd"; + description = '' + Group to use when no root privileges are required. + ''; + }; + }; + + }; + + + ###### implementation + + config = mkIf cfg.enable { + + # Allow users to run 'rspamc' and 'rspamadm'. + environment.systemPackages = [ pkgs.rspamd ]; + + users.extraUsers = singleton { + name = cfg.user; + description = "rspamd daemon"; + uid = config.ids.uids.rspamd; + group = cfg.group; + }; + + users.extraGroups = singleton { + name = cfg.group; + gid = config.ids.gids.spamd; + }; + + systemd.services.rspamd = { + description = "Rspamd Service"; + + wantedBy = [ "multi-user.target" ]; + after = [ "network.target" ]; + + serviceConfig = { + ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -f"; + RuntimeDirectory = "/var/lib/rspamd"; + PermissionsStartOnly = true; + Restart = "always"; + }; + + preStart = '' + ${pkgs.coreutils}/bin/mkdir -p /var/{lib,log}/rspamd + ${pkgs.coreutils}/bin/chown ${cfg.user}:${cfg.group} /var/lib/rspamd + ''; + + }; + + }; + +} diff --git a/nixos/modules/services/misc/apache-kafka.nix b/nixos/modules/services/misc/apache-kafka.nix index f6198e03bae5..88ce8b5a23fc 100644 --- a/nixos/modules/services/misc/apache-kafka.nix +++ b/nixos/modules/services/misc/apache-kafka.nix @@ -118,9 +118,8 @@ in { package = mkOption { description = "The kafka package to use"; - default = pkgs.apacheKafka; - + defaultText = "pkgs.apacheKafka"; type = types.package; }; diff --git a/nixos/modules/services/misc/autofs.nix b/nixos/modules/services/misc/autofs.nix index b4dae79cf8a9..3a95e9228200 100644 --- a/nixos/modules/services/misc/autofs.nix +++ b/nixos/modules/services/misc/autofs.nix @@ -27,8 +27,9 @@ in }; autoMaster = mkOption { + type = types.str; example = literalExample '' - autoMaster = let + let mapConf = pkgs.writeText "auto" ''' kernel -ro,soft,intr ftp.kernel.org:/pub/linux boot -fstype=ext2 :/dev/hda1 diff --git a/nixos/modules/services/misc/cgminer.nix b/nixos/modules/services/misc/cgminer.nix index 8f25df809cd6..868dc87f7238 100644 --- a/nixos/modules/services/misc/cgminer.nix +++ b/nixos/modules/services/misc/cgminer.nix @@ -41,6 +41,7 @@ in package = mkOption { default = pkgs.cgminer; + defaultText = "pkgs.cgminer"; description = "Which cgminer derivation to use."; type = types.package; }; diff --git a/nixos/modules/services/misc/confd.nix b/nixos/modules/services/misc/confd.nix index 50532a8a16fb..c0fbf06e6c4c 100644 --- a/nixos/modules/services/misc/confd.nix +++ b/nixos/modules/services/misc/confd.nix @@ -64,6 +64,7 @@ in { package = mkOption { description = "Confd package to use."; default = pkgs.confd; + defaultText = "pkgs.confd"; type = types.package; }; }; diff --git a/nixos/modules/services/misc/disnix.nix b/nixos/modules/services/misc/disnix.nix index 469a2a7ce3b4..218802e0cf00 100644 --- a/nixos/modules/services/misc/disnix.nix +++ b/nixos/modules/services/misc/disnix.nix @@ -110,6 +110,7 @@ in // optionalAttrs (config.services.mysql.enable) { mysqlPort = config.services.mysql.port; } // optionalAttrs (config.services.tomcat.enable) { tomcatPort = 8080; } // optionalAttrs (config.services.svnserve.enable) { svnBaseDir = config.services.svnserve.svnBaseDir; } + // optionalAttrs (config.services.ejabberd.enable) { ejabberdUser = config.services.ejabberd.user; } // optionalAttrs (cfg.publishInfrastructure.enableAuthentication) ( optionalAttrs (config.services.mysql.enable) { mysqlUsername = "root"; mysqlPassword = readFile config.services.mysql.rootPassword; }) ) diff --git a/nixos/modules/services/misc/etcd.nix b/nixos/modules/services/misc/etcd.nix index e1839b936f01..b3354e330962 100644 --- a/nixos/modules/services/misc/etcd.nix +++ b/nixos/modules/services/misc/etcd.nix @@ -77,11 +77,11 @@ in { default = {}; example = literalExample '' { - "CORS": "*", - "NAME": "default-name", - "MAX_RESULT_BUFFER": "1024", - "MAX_CLUSTER_SIZE": "9", - "MAX_RETRY_ATTEMPTS": "3" + "CORS" = "*"; + "NAME" = "default-name"; + "MAX_RESULT_BUFFER" = "1024"; + "MAX_CLUSTER_SIZE" = "9"; + "MAX_RETRY_ATTEMPTS" = "3"; } ''; }; diff --git a/nixos/modules/services/misc/felix.nix b/nixos/modules/services/misc/felix.nix index 08a8581711f9..d6ad9dcaebc2 100644 --- a/nixos/modules/services/misc/felix.nix +++ b/nixos/modules/services/misc/felix.nix @@ -23,7 +23,9 @@ in }; bundles = mkOption { + type = types.listOf types.package; default = [ pkgs.felix_remoteshell ]; + defaultText = "[ pkgs.felix_remoteshell ]"; description = "List of bundles that should be activated on startup"; }; diff --git a/nixos/modules/services/misc/gitit.nix b/nixos/modules/services/misc/gitit.nix index befd8c628f16..ab4d385ba165 100644 --- a/nixos/modules/services/misc/gitit.nix +++ b/nixos/modules/services/misc/gitit.nix @@ -35,6 +35,7 @@ let }; haskellPackages = mkOption { + type = types.attrsOf types.package; default = pkgs.haskellPackages; defaultText = "pkgs.haskellPackages"; example = literalExample "pkgs.haskell.packages.ghc784"; diff --git a/nixos/modules/services/misc/ihaskell.nix b/nixos/modules/services/misc/ihaskell.nix index 13c41466eab2..1927922909ee 100644 --- a/nixos/modules/services/misc/ihaskell.nix +++ b/nixos/modules/services/misc/ihaskell.nix @@ -22,6 +22,7 @@ in }; haskellPackages = mkOption { + type = types.attrsOf types.package; default = pkgs.haskellPackages; defaultText = "pkgs.haskellPackages"; example = literalExample "pkgs.haskell.packages.ghc784"; diff --git a/nixos/modules/services/misc/matrix-synapse-log_config.yaml b/nixos/modules/services/misc/matrix-synapse-log_config.yaml new file mode 100644 index 000000000000..d85bdd1208f9 --- /dev/null +++ b/nixos/modules/services/misc/matrix-synapse-log_config.yaml @@ -0,0 +1,25 @@ +version: 1 + +# In systemd's journal, loglevel is implicitly stored, so let's omit it +# from the message text. +formatters: + journal_fmt: + format: '%(name)s: [%(request)s] %(message)s' + +filters: + context: + (): synapse.util.logcontext.LoggingContextFilter + request: "" + +handlers: + journal: + class: systemd.journal.JournalHandler + formatter: journal_fmt + filters: [context] + SYSLOG_IDENTIFIER: synapse + +root: + level: INFO + handlers: [journal] + +disable_existing_loggers: False diff --git a/nixos/modules/services/misc/matrix-synapse.nix b/nixos/modules/services/misc/matrix-synapse.nix new file mode 100644 index 000000000000..27c5a38e6b88 --- /dev/null +++ b/nixos/modules/services/misc/matrix-synapse.nix @@ -0,0 +1,279 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.matrix-synapse; + logConfigFile = pkgs.writeText "log_config.yaml" cfg.logConfig; + configFile = pkgs.writeText "homeserver.yaml" '' +tls_certificate_path: "${cfg.tls_certificate_path}" +tls_private_key_path: "${cfg.tls_private_key_path}" +tls_dh_params_path: "${cfg.tls_dh_params_path}" +no_tls: ${if cfg.no_tls then "true" else "false"} +bind_port: ${toString cfg.bind_port} +unsecure_port: ${toString cfg.unsecure_port} +bind_host: "${cfg.bind_host}" +server_name: "${cfg.server_name}" +pid_file: "/var/run/matrix-synapse.pid" +web_client: ${if cfg.web_client then "true" else "false"} +database: { + name: "${cfg.database_type}", + args: { + ${concatStringsSep ",\n " ( + mapAttrsToList (n: v: "\"${n}\": ${v}") cfg.database_args + )} + } +} +log_file: "/var/log/matrix-synapse/homeserver.log" +log_config: "${logConfigFile}" +media_store_path: "/var/lib/matrix-synapse/media" +recaptcha_private_key: "${cfg.recaptcha_private_key}" +recaptcha_public_key: "${cfg.recaptcha_public_key}" +enable_registration_captcha: ${if cfg.enable_registration_captcha then "true" else "false"} +turn_uris: ${if (length cfg.turn_uris) == 0 then "[]" else ("\n" + (concatStringsSep "\n" (map (s: "- " + s) cfg.turn_uris)))} +turn_shared_secret: "${cfg.turn_shared_secret}" +enable_registration: ${if cfg.enable_registration then "true" else "false"} +${optionalString (cfg.registration_shared_secret != "") '' +registration_shared_secret: "${cfg.registration_shared_secret}" +''} +enable_metrics: ${if cfg.enable_metrics then "true" else "false"} +report_stats: ${if cfg.report_stats then "true" else "false"} +signing_key_path: "/var/lib/matrix-synapse/homeserver.signing.key" +perspectives: + servers: { + ${concatStringsSep "},\n" (mapAttrsToList (n: v: '' + "${n}": { + "verify_keys": { + ${concatStringsSep "},\n" (mapAttrsToList (n: v: '' + "${n}": { + "key": "${v}" + }'') v)} + } + '') cfg.servers)} + } + } +${cfg.extraConfig} +''; +in { + options = { + services.matrix-synapse = { + enable = mkEnableOption "matrix.org synapse"; + package = mkOption { + type = types.package; + default = pkgs.matrix-synapse; + description = '' + Overridable attribute of the matrix synapse server package to use. + ''; + }; + no_tls = mkOption { + type = types.bool; + default = false; + description = '' + Don't bind to the https port + ''; + }; + tls_certificate_path = mkOption { + type = types.path; + default = "/var/lib/matrix-synapse/homeserver.tls.crt"; + description = '' + PEM encoded X509 certificate for TLS + ''; + }; + tls_private_key_path = mkOption { + type = types.path; + default = "/var/lib/matrix-synapse/homeserver.tls.key"; + description = '' + PEM encoded private key for TLS + ''; + }; + tls_dh_params_path = mkOption { + type = types.path; + default = "/var/lib/matrix-synapse/homeserver.tls.dh"; + description = '' + PEM dh parameters for ephemeral keys + ''; + }; + bind_port = mkOption { + type = types.int; + default = 8448; + description = '' + The port to listen for HTTPS requests on. + For when matrix traffic is sent directly to synapse. + ''; + }; + unsecure_port = mkOption { + type = types.int; + default = 8008; + description = '' + The port to listen for HTTP requests on. + For when matrix traffic passes through loadbalancer that unwraps TLS. + ''; + }; + bind_host = mkOption { + type = types.str; + default = ""; + description = '' + Local interface to listen on. + The empty string will cause synapse to listen on all interfaces. + ''; + }; + server_name = mkOption { + type = types.str; + description = '' + The domain name of the server, with optional explicit port. + This is used by remote servers to connect to this server, + e.g. matrix.org, localhost:8080, etc. + This is also the last part of your UserID. + ''; + }; + web_client = mkOption { + type = types.bool; + default = false; + description = '' + Whether to serve a web client from the HTTP/HTTPS root resource. + ''; + }; + database_type = mkOption { + type = types.enum [ "sqlite3" "psycopg2" ]; + default = "sqlite3"; + description = '' + The database engine name. Can be sqlite or psycopg2. + ''; + }; + database_args = mkOption { + type = types.attrs; + default = { + database = "/var/lib/matrix-synapse/homeserver.db"; + }; + description = '' + Arguments to pass to the engine. + ''; + }; + recaptcha_private_key = mkOption { + type = types.str; + default = ""; + description = '' + This Home Server's ReCAPTCHA private key. + ''; + }; + recaptcha_public_key = mkOption { + type = types.str; + default = ""; + description = '' + This Home Server's ReCAPTCHA public key. + ''; + }; + enable_registration_captcha = mkOption { + type = types.bool; + default = false; + description = '' + Enables ReCaptcha checks when registering, preventing signup + unless a captcha is answered. Requires a valid ReCaptcha + public/private key. + ''; + }; + turn_uris = mkOption { + type = types.listOf types.str; + default = []; + description = '' + The public URIs of the TURN server to give to clients + ''; + }; + turn_shared_secret = mkOption { + type = types.str; + default = ""; + description = '' + The shared secret used to compute passwords for the TURN server + ''; + }; + enable_registration = mkOption { + type = types.bool; + default = false; + description = '' + Enable registration for new users. + ''; + }; + registration_shared_secret = mkOption { + type = types.str; + default = ""; + description = '' + If set, allows registration by anyone who also has the shared + secret, even if registration is otherwise disabled. + ''; + }; + enable_metrics = mkOption { + type = types.bool; + default = false; + description = '' + Enable collection and rendering of performance metrics + ''; + }; + report_stats = mkOption { + type = types.bool; + default = false; + description = '' + ''; + }; + servers = mkOption { + type = types.attrs; + default = { + "matrix.org" = { + "ed25519:auto" = "Noi6WqcDj0QmPxCNQqgezwTlBKrfqehY1u2FyWP9uYw"; + }; + }; + description = '' + The trusted servers to download signing keys from. + ''; + }; + extraConfig = mkOption { + type = types.lines; + default = ""; + description = '' + Extra config options for matrix-synapse. + ''; + }; + logConfig = mkOption { + type = types.lines; + default = readFile ./matrix-synapse-log_config.yaml; + description = '' + A yaml python logging config file + ''; + }; + }; + }; + + config = mkIf cfg.enable { + users.extraUsers = [ + { name = "matrix-synapse"; + group = "matrix-synapse"; + home = "/var/lib/matrix-synapse"; + createHome = true; + shell = "${pkgs.bash}/bin/bash"; + uid = config.ids.uids.matrix-synapse; + } ]; + + users.extraGroups = [ + { name = "matrix-synapse"; + gid = config.ids.gids.matrix-synapse; + } ]; + + systemd.services.matrix-synapse = { + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + preStart = '' + mkdir -p /var/lib/matrix-synapse + chmod 700 /var/lib/matrix-synapse + chown -R matrix-synapse:matrix-synapse /var/lib/matrix-synapse + ${cfg.package}/bin/homeserver --config-path ${configFile} --generate-keys + ''; + serviceConfig = { + Type = "simple"; + User = "matrix-synapse"; + Group = "matrix-synapse"; + WorkingDirectory = "/var/lib/matrix-synapse"; + PermissionsStartOnly = true; + ExecStart = "${cfg.package}/bin/homeserver --config-path ${configFile}"; + }; + }; + }; +} diff --git a/nixos/modules/services/misc/mbpfan.nix b/nixos/modules/services/misc/mbpfan.nix index 3fb5f684b761..972d8b572d36 100644 --- a/nixos/modules/services/misc/mbpfan.nix +++ b/nixos/modules/services/misc/mbpfan.nix @@ -17,7 +17,9 @@ in { }; package = mkOption { + type = types.package; default = pkgs.mbpfan; + defaultText = "pkgs.mbpfan"; description = '' The package used for the mbpfan daemon. ''; diff --git a/nixos/modules/services/misc/nix-daemon.nix b/nixos/modules/services/misc/nix-daemon.nix index 4aed91c34978..da03eb17e302 100644 --- a/nixos/modules/services/misc/nix-daemon.nix +++ b/nixos/modules/services/misc/nix-daemon.nix @@ -66,6 +66,7 @@ in package = mkOption { type = types.package; default = pkgs.nix; + defaultText = "pkgs.nix"; description = '' This option specifies the Nix package instance to use throughout the system. ''; diff --git a/nixos/modules/services/misc/plex.nix b/nixos/modules/services/misc/plex.nix index b9a58c0c5d50..fb62351365ed 100644 --- a/nixos/modules/services/misc/plex.nix +++ b/nixos/modules/services/misc/plex.nix @@ -75,7 +75,7 @@ in preStart = '' test -d "${cfg.dataDir}" || { echo "Creating initial Plex data directory in \"${cfg.dataDir}\"." - mkdir -p "${cfg.dataDir}" + mkdir -p "${cfg.dataDir}/Plex Media Server" chown -R ${cfg.user}:${cfg.group} "${cfg.dataDir}" } diff --git a/nixos/modules/services/misc/rippled.nix b/nixos/modules/services/misc/rippled.nix index d940c1bc900e..c6b67e8498ca 100644 --- a/nixos/modules/services/misc/rippled.nix +++ b/nixos/modules/services/misc/rippled.nix @@ -208,6 +208,7 @@ in description = "Which rippled package to use."; type = types.package; default = pkgs.rippled; + defaultText = "pkgs.rippled"; }; ports = mkOption { @@ -238,7 +239,7 @@ in nodeDb = mkOption { description = "Rippled main database options."; type = types.nullOr types.optionSet; - options = [dbOptions]; + options = dbOptions; default = { type = "rocksdb"; extraOpts = '' @@ -254,14 +255,14 @@ in tempDb = mkOption { description = "Rippled temporary database options."; type = types.nullOr types.optionSet; - options = [dbOptions]; + options = dbOptions; default = null; }; importDb = mkOption { description = "Settings for performing a one-time import."; type = types.nullOr types.optionSet; - options = [dbOptions]; + options = dbOptions; default = null; }; diff --git a/nixos/modules/services/monitoring/bosun.nix b/nixos/modules/services/monitoring/bosun.nix index 214a19d9483f..46273fc12187 100644 --- a/nixos/modules/services/monitoring/bosun.nix +++ b/nixos/modules/services/monitoring/bosun.nix @@ -33,6 +33,7 @@ in { package = mkOption { type = types.package; default = pkgs.bosun; + defaultText = "pkgs.bosun"; example = literalExample "pkgs.bosun"; description = '' bosun binary to use. diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index 6053990e8d3b..0b49038dd273 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -93,6 +93,7 @@ in { package = mkOption { description = "Package to use."; default = pkgs.grafana; + defaultText = "pkgs.grafana"; type = types.package; }; diff --git a/nixos/modules/services/monitoring/graphite.nix b/nixos/modules/services/monitoring/graphite.nix index 731e5fae9e9d..976fd253a7cd 100644 --- a/nixos/modules/services/monitoring/graphite.nix +++ b/nixos/modules/services/monitoring/graphite.nix @@ -108,7 +108,7 @@ in { finders = mkOption { description = "List of finder plugins to load."; default = []; - example = [ pkgs.python27Packages.graphite_influxdb ]; + example = literalExample "[ pkgs.python27Packages.graphite_influxdb ]"; type = types.listOf types.package; }; @@ -136,6 +136,7 @@ in { package = mkOption { description = "Package to use for graphite api."; default = pkgs.python27Packages.graphite_api; + defaultText = "pkgs.python27Packages.graphite_api"; type = types.package; }; @@ -146,7 +147,7 @@ in { directories: - ${dataDir}/whisper ''; - example = literalExample '' + example = '' allowed_origins: - dashboard.example.com cheat_times: true @@ -350,7 +351,7 @@ in { critical: 200 name: Test ''; - example = literalExample '' + example = '' pushbullet_key: pushbullet_api_key alerts: - target: stats.seatgeek.app.deal_quality.venue_info_cache.hit diff --git a/nixos/modules/services/monitoring/heapster.nix b/nixos/modules/services/monitoring/heapster.nix index 74b8c9ccd3ed..deee64aa41ea 100644 --- a/nixos/modules/services/monitoring/heapster.nix +++ b/nixos/modules/services/monitoring/heapster.nix @@ -33,6 +33,7 @@ in { package = mkOption { description = "Package to use by heapster"; default = pkgs.heapster; + defaultText = "pkgs.heapster"; type = types.package; }; }; diff --git a/nixos/modules/services/monitoring/munin.nix b/nixos/modules/services/monitoring/munin.nix index 31afa859e256..aaa041ad4cd6 100644 --- a/nixos/modules/services/monitoring/munin.nix +++ b/nixos/modules/services/monitoring/munin.nix @@ -122,21 +122,6 @@ in HTML output is in <filename>/var/www/munin/</filename>, configure your favourite webserver to serve static files. ''; - example = literalExample '' - services = { - munin-node.enable = true; - munin-cron = { - enable = true; - hosts = ''' - [''${config.networking.hostName}] - address localhost - '''; - extraGlobalConfig = ''' - contact.email.command mail -s "Munin notification for ''${var:host}" someone@example.com - '''; - }; - }; - ''; }; extraGlobalConfig = mkOption { @@ -147,6 +132,9 @@ in Useful to setup notifications, see <link xlink:href='http://munin-monitoring.org/wiki/HowToContact' /> ''; + example = '' + contact.email.command mail -s "Munin notification for ''${var:host}" someone@example.com + ''; }; hosts = mkOption { diff --git a/nixos/modules/services/monitoring/nagios.nix b/nixos/modules/services/monitoring/nagios.nix index c1f7ba0eca74..f2f7710de9e7 100644 --- a/nixos/modules/services/monitoring/nagios.nix +++ b/nixos/modules/services/monitoring/nagios.nix @@ -94,7 +94,9 @@ in }; plugins = mkOption { + type = types.listOf types.package; default = [pkgs.nagiosPluginsOfficial pkgs.ssmtp]; + defaultText = "[pkgs.nagiosPluginsOfficial pkgs.ssmtp]"; description = " Packages to be added to the Nagios <envar>PATH</envar>. Typically used to add plugins, but can be anything. @@ -102,14 +104,18 @@ in }; mainConfigFile = mkOption { + type = types.package; default = nagiosCfgFile; + defaultText = "nagiosCfgFile"; description = " Derivation for the main configuration file of Nagios. "; }; cgiConfigFile = mkOption { + type = types.package; default = nagiosCGICfgFile; + defaultText = "nagiosCGICfgFile"; description = " Derivation for the configuration file of Nagios CGI scripts that can be used in web servers for running the Nagios web interface. diff --git a/nixos/modules/services/monitoring/scollector.nix b/nixos/modules/services/monitoring/scollector.nix index 8b97daf8881a..1e397435e600 100644 --- a/nixos/modules/services/monitoring/scollector.nix +++ b/nixos/modules/services/monitoring/scollector.nix @@ -43,6 +43,7 @@ in { package = mkOption { type = types.package; default = pkgs.scollector; + defaultText = "pkgs.scollector"; example = literalExample "pkgs.scollector"; description = '' scollector binary to use. @@ -77,7 +78,7 @@ in { collectors = mkOption { type = with types; attrsOf (listOf path); default = {}; - example = literalExample "{ 0 = [ \"\${postgresStats}/bin/collect-stats\" ]; }"; + example = literalExample "{ \"0\" = [ \"\${postgresStats}/bin/collect-stats\" ]; }"; description = '' An attribute set mapping the frequency of collection to a list of binaries that should be executed at that frequency. You can use "0" diff --git a/nixos/modules/services/network-filesystems/samba.nix b/nixos/modules/services/network-filesystems/samba.nix index 72e9b6144d4b..576e5c9e87a3 100644 --- a/nixos/modules/services/network-filesystems/samba.nix +++ b/nixos/modules/services/network-filesystems/samba.nix @@ -85,7 +85,8 @@ in package = mkOption { type = types.package; default = pkgs.samba; - example = pkgs.samba4; + defaultText = "pkgs.samba"; + example = literalExample "pkgs.samba4"; description = '' Defines which package should be used for the samba server. ''; diff --git a/nixos/modules/services/networking/bind.nix b/nixos/modules/services/networking/bind.nix index dc11524ffeb8..b9e0eecf417d 100644 --- a/nixos/modules/services/networking/bind.nix +++ b/nixos/modules/services/networking/bind.nix @@ -120,7 +120,9 @@ in }; configFile = mkOption { + type = types.path; default = confFile; + defaultText = "confFile"; description = " Overridable config file to use for named. By default, that generated by nixos. diff --git a/nixos/modules/services/networking/consul.nix b/nixos/modules/services/networking/consul.nix index 7337eb873c77..58dad56014b0 100644 --- a/nixos/modules/services/networking/consul.nix +++ b/nixos/modules/services/networking/consul.nix @@ -118,6 +118,7 @@ in package = mkOption { description = "Package to use for consul-alerts."; default = pkgs.consul-alerts; + defaultText = "pkgs.consul-alerts"; type = types.package; }; diff --git a/nixos/modules/services/networking/firewall.nix b/nixos/modules/services/networking/firewall.nix index a61f0250ef8b..e11fe072be65 100644 --- a/nixos/modules/services/networking/firewall.nix +++ b/nixos/modules/services/networking/firewall.nix @@ -421,8 +421,9 @@ in }; networking.firewall.extraPackages = mkOption { + type = types.listOf types.package; default = [ ]; - example = [ pkgs.ipset ]; + example = literalExample "[ pkgs.ipset ]"; description = '' Additional packages to be included in the environment of the system diff --git a/nixos/modules/services/networking/lambdabot.nix b/nixos/modules/services/networking/lambdabot.nix index 4ef7c7c9ab63..5a61a9f96782 100644 --- a/nixos/modules/services/networking/lambdabot.nix +++ b/nixos/modules/services/networking/lambdabot.nix @@ -27,6 +27,7 @@ in package = mkOption { type = types.package; default = pkgs.lambdabot; + defaultText = "pkgs.lambdabot"; description = "Used lambdabot package"; }; diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index 8ab4cfcc114a..01c05fb4a245 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -110,7 +110,7 @@ in { # Ugly hack for using the correct gnome3 packageSet basePackages = mkOption { - type = types.attrsOf types.path; + type = types.attrsOf types.package; default = { inherit networkmanager modemmanager wpa_supplicant networkmanager_openvpn networkmanager_vpnc networkmanager_openconnect diff --git a/nixos/modules/services/networking/ngircd.nix b/nixos/modules/services/networking/ngircd.nix index 49e5f3559803..6a5290ffdee2 100644 --- a/nixos/modules/services/networking/ngircd.nix +++ b/nixos/modules/services/networking/ngircd.nix @@ -34,6 +34,7 @@ in { type = types.package; default = pkgs.ngircd; + defaultText = "pkgs.ngircd"; }; }; }; diff --git a/nixos/modules/services/networking/skydns.nix b/nixos/modules/services/networking/skydns.nix index f5eb452fec62..39ebaa45a794 100644 --- a/nixos/modules/services/networking/skydns.nix +++ b/nixos/modules/services/networking/skydns.nix @@ -56,6 +56,7 @@ in { package = mkOption { default = pkgs.skydns; + defaultText = "pkgs.skydns"; type = types.package; description = "Skydns package to use."; }; diff --git a/nixos/modules/services/networking/supplicant.nix b/nixos/modules/services/networking/supplicant.nix index 502a0468787f..16c4ee7e33bb 100644 --- a/nixos/modules/services/networking/supplicant.nix +++ b/nixos/modules/services/networking/supplicant.nix @@ -115,7 +115,7 @@ in path = mkOption { type = types.path; - example = "/etc/wpa_supplicant.conf"; + example = literalExample "/etc/wpa_supplicant.conf"; description = '' External <literal>wpa_supplicant.conf</literal> configuration file. The configuration options defined declaratively within <literal>networking.supplicant</literal> have diff --git a/nixos/modules/services/networking/syncthing.nix b/nixos/modules/services/networking/syncthing.nix index 56c384731c61..f5d5e1d25561 100644 --- a/nixos/modules/services/networking/syncthing.nix +++ b/nixos/modules/services/networking/syncthing.nix @@ -43,6 +43,7 @@ in package = mkOption { type = types.package; default = pkgs.syncthing; + defaultText = "pkgs.syncthing"; example = literalExample "pkgs.syncthing"; description = '' Syncthing package to use. diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix index 828bbe130e67..34f4f6b37b60 100644 --- a/nixos/modules/services/networking/tinc.nix +++ b/nixos/modules/services/networking/tinc.nix @@ -87,7 +87,9 @@ in }; package = mkOption { + type = types.package; default = pkgs.tinc_pre; + defaultText = "pkgs.tinc_pre"; description = '' The package to use for the tinc daemon's binary. ''; diff --git a/nixos/modules/services/networking/vsftpd.nix b/nixos/modules/services/networking/vsftpd.nix index 447149552f48..e7301e9ef5f5 100644 --- a/nixos/modules/services/networking/vsftpd.nix +++ b/nixos/modules/services/networking/vsftpd.nix @@ -120,7 +120,9 @@ in }; userlistFile = mkOption { + type = types.path; default = pkgs.writeText "userlist" (concatMapStrings (x: "${x}\n") cfg.userlist); + defaultText = "pkgs.writeText \"userlist\" (concatMapStrings (x: \"\${x}\n\") cfg.userlist)"; description = '' Newline separated list of names to be allowed/denied if <option>userlistEnable</option> is <literal>true</literal>. Meaning see <option>userlistDeny</option>. diff --git a/nixos/modules/services/search/elasticsearch.nix b/nixos/modules/services/search/elasticsearch.nix index b3f0a5251d71..ea0cf1dcd78f 100644 --- a/nixos/modules/services/search/elasticsearch.nix +++ b/nixos/modules/services/search/elasticsearch.nix @@ -40,6 +40,7 @@ in { package = mkOption { description = "Elasticsearch package to use."; default = pkgs.elasticsearch; + defaultText = "pkgs.elasticsearch"; type = types.package; }; diff --git a/nixos/modules/services/search/kibana.nix b/nixos/modules/services/search/kibana.nix index f9071ef66e72..4263ed22a8db 100644 --- a/nixos/modules/services/search/kibana.nix +++ b/nixos/modules/services/search/kibana.nix @@ -127,6 +127,7 @@ in { package = mkOption { description = "Kibana package to use"; default = pkgs.kibana; + defaultText = "pkgs.kibana"; type = types.package; }; diff --git a/nixos/modules/services/search/solr.nix b/nixos/modules/services/search/solr.nix index 7886d1e2e8e6..33d74e897237 100644 --- a/nixos/modules/services/search/solr.nix +++ b/nixos/modules/services/search/solr.nix @@ -45,6 +45,7 @@ in { javaPackage = mkOption { type = types.package; default = pkgs.jre; + defaultText = "pkgs.jre"; description = '' Which Java derivation to use for running solr. ''; @@ -53,6 +54,7 @@ in { solrPackage = mkOption { type = types.package; default = pkgs.solr; + defaultText = "pkgs.solr"; description = '' Which solr derivation to use for running solr. ''; diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index 7350a6a68c70..739181d861b2 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -429,6 +429,7 @@ in package = mkOption { type = types.package; default = pkgs.apacheHttpd; + defaultText = "pkgs.apacheHttpd"; description = '' Overridable attribute of the Apache HTTP Server package to use. ''; @@ -437,7 +438,8 @@ in configFile = mkOption { type = types.path; default = confFile; - example = literalExample ''pkgs.writeText "httpd.conf" "# my custom config file ...";''; + defaultText = "confFile"; + example = literalExample ''pkgs.writeText "httpd.conf" "# my custom config file ..."''; description = '' Override the configuration file used by Apache. By default, NixOS generates one automatically. diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index 25816446e999..27a33f33ff93 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -34,6 +34,7 @@ in package = mkOption { default = pkgs.nginx; + defaultText = "pkgs.nginx"; type = types.package; description = " Nginx package to use. diff --git a/nixos/modules/services/web-servers/phpfpm.nix b/nixos/modules/services/web-servers/phpfpm.nix index 82398948bfaa..bdd41ed702b5 100644 --- a/nixos/modules/services/web-servers/phpfpm.nix +++ b/nixos/modules/services/web-servers/phpfpm.nix @@ -36,7 +36,9 @@ in { }; phpPackage = mkOption { + type = types.package; default = pkgs.php; + defaultText = "pkgs.php"; description = '' The PHP package to use for running the FPM service. ''; diff --git a/nixos/modules/services/web-servers/tomcat.nix b/nixos/modules/services/web-servers/tomcat.nix index 6abd6dfb306b..c3be20b41e29 100644 --- a/nixos/modules/services/web-servers/tomcat.nix +++ b/nixos/modules/services/web-servers/tomcat.nix @@ -24,6 +24,7 @@ in package = mkOption { type = types.package; default = pkgs.tomcat7; + defaultText = "pkgs.tomcat7"; example = lib.literalExample "pkgs.tomcat8"; description = '' Which tomcat package to use. @@ -72,7 +73,9 @@ in }; webapps = mkOption { + type = types.listOf types.package; default = [ tomcat ]; + defaultText = "[ tomcat ]"; description = "List containing WAR files or directories with WAR files which are web applications to be deployed on Tomcat"; }; @@ -87,7 +90,9 @@ in }; jdk = mkOption { + type = types.package; default = pkgs.jdk; + defaultText = "pkgs.jdk"; description = "Which JDK to use."; }; diff --git a/nixos/modules/services/web-servers/winstone.nix b/nixos/modules/services/web-servers/winstone.nix index eed16a64f2a8..6dab467b35ef 100644 --- a/nixos/modules/services/web-servers/winstone.nix +++ b/nixos/modules/services/web-servers/winstone.nix @@ -31,6 +31,7 @@ let javaPackage = mkOption { type = types.package; default = pkgs.jre; + defaultText = "pkgs.jre"; description = '' Which Java derivation to use for running Winstone. ''; diff --git a/nixos/modules/services/web-servers/zope2.nix b/nixos/modules/services/web-servers/zope2.nix index bbe4d10f83d0..ef3cffd582ee 100644 --- a/nixos/modules/services/web-servers/zope2.nix +++ b/nixos/modules/services/web-servers/zope2.nix @@ -75,25 +75,26 @@ in services.zope2.instances = mkOption { default = {}; type = types.loaOf types.optionSet; - example = { - plone01 = { - http_address = "127.0.0.1:8080"; - extra = - '' - <zodb_db main> - mount-point / - cache-size 30000 - <blobstorage> - blob-dir /var/lib/zope2/plone01/blobstorage - <filestorage> - path /var/lib/zope2/plone01/filestorage/Data.fs - </filestorage> - </blobstorage> - </zodb_db> - ''; - - }; - }; + example = literalExample '' + { + plone01 = { + http_address = "127.0.0.1:8080"; + extra = + ''' + <zodb_db main> + mount-point / + cache-size 30000 + <blobstorage> + blob-dir /var/lib/zope2/plone01/blobstorage + <filestorage> + path /var/lib/zope2/plone01/filestorage/Data.fs + </filestorage> + </blobstorage> + </zodb_db> + '''; + }; + } + ''; description = "zope2 instances to be created automaticaly by the system."; options = [ zope2Opts ]; }; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index c1e14e45d759..be2411b3c7ff 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -62,6 +62,7 @@ in { }; environment.gnome3.packageSet = mkOption { + type = types.nullOr types.package; default = null; example = literalExample "pkgs.gnome3_16"; description = "Which GNOME 3 package set to use."; diff --git a/nixos/modules/services/x11/desktop-managers/kde4.nix b/nixos/modules/services/x11/desktop-managers/kde4.nix index 21b6243ba188..29cca248cde3 100644 --- a/nixos/modules/services/x11/desktop-managers/kde4.nix +++ b/nixos/modules/services/x11/desktop-managers/kde4.nix @@ -66,6 +66,7 @@ in kdeWorkspacePackage = mkOption { internal = true; default = pkgs.kde4.kde_workspace; + defaultText = "pkgs.kde4.kde_workspace"; type = types.package; description = "Custom kde-workspace, used for NixOS rebranding."; }; diff --git a/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix b/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix index ebcceabc785b..f5b6c20c5a05 100644 --- a/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix +++ b/nixos/modules/services/x11/display-managers/lightdm-greeters/gtk.nix @@ -67,8 +67,9 @@ in theme = { package = mkOption { - type = types.path; + type = types.package; default = pkgs.gnome3.gnome_themes_standard; + defaultText = "pkgs.gnome3.gnome_themes_standard"; description = '' The package path that contains the theme given in the name option. ''; @@ -87,8 +88,9 @@ in iconTheme = { package = mkOption { - type = types.path; + type = types.package; default = pkgs.gnome3.defaultIconTheme; + defaultText = "pkgs.gnome3.defaultIconTheme"; description = '' The package path that contains the icon theme given in the name option. ''; diff --git a/nixos/modules/services/x11/display-managers/lightdm.nix b/nixos/modules/services/x11/display-managers/lightdm.nix index ded694d90d50..9460395f86d6 100644 --- a/nixos/modules/services/x11/display-managers/lightdm.nix +++ b/nixos/modules/services/x11/display-managers/lightdm.nix @@ -69,7 +69,7 @@ in greeter = { package = mkOption { - type = types.path; + type = types.package; description = '' The LightDM greeter to login via. The package should be a directory containing a .desktop file matching the name in the 'name' option. @@ -86,6 +86,7 @@ in }; background = mkOption { + type = types.path; description = '' The background image or color to use. ''; diff --git a/nixos/modules/services/x11/display-managers/slim.nix b/nixos/modules/services/x11/display-managers/slim.nix index e3db0230d3b7..ce44c9f54a31 100644 --- a/nixos/modules/services/x11/display-managers/slim.nix +++ b/nixos/modules/services/x11/display-managers/slim.nix @@ -61,6 +61,10 @@ in url = "https://github.com/jagajaga/nixos-slim-theme/archive/2.0.tar.gz"; sha256 = "0lldizhigx7bjhxkipii87y432hlf5wdvamnfxrryf9z7zkfypc8"; }; + defaultText = ''pkgs.fetchurl { + url = "https://github.com/jagajaga/nixos-slim-theme/archive/2.0.tar.gz"; + sha256 = "0lldizhigx7bjhxkipii87y432hlf5wdvamnfxrryf9z7zkfypc8"; + }''; example = literalExample '' pkgs.fetchurl { url = "mirror://sourceforge/slim.berlios/slim-wave.tar.gz"; diff --git a/nixos/modules/services/x11/redshift.nix b/nixos/modules/services/x11/redshift.nix index 6614be261e50..4318a17a4fa5 100644 --- a/nixos/modules/services/x11/redshift.nix +++ b/nixos/modules/services/x11/redshift.nix @@ -76,6 +76,7 @@ in { package = mkOption { type = types.package; default = pkgs.redshift; + defaultText = "pkgs.redshift"; description = '' redshift derivation to use. ''; diff --git a/nixos/modules/services/x11/terminal-server.nix b/nixos/modules/services/x11/terminal-server.nix index a036e085b0bf..4d5dbd604159 100644 --- a/nixos/modules/services/x11/terminal-server.nix +++ b/nixos/modules/services/x11/terminal-server.nix @@ -9,19 +9,6 @@ with lib; -let - - # Wrap Xvfb to set some flags/variables. - xvfbWrapper = pkgs.writeScriptBin "Xvfb" - '' - #! ${pkgs.stdenv.shell} - export XKB_BINDIR=${pkgs.xorg.xkbcomp}/bin - export XORG_DRI_DRIVER_PATH=${pkgs.mesa}/lib/dri - exec ${pkgs.xorg.xorgserver}/bin/Xvfb "$@" -xkbdir ${pkgs.xkeyboard_config}/etc/X11/xkb - ''; - -in - { config = { @@ -54,7 +41,7 @@ in { description = "Terminal Server"; path = - [ xvfbWrapper pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth + [ pkgs.xorgserver pkgs.gawk pkgs.which pkgs.openssl pkgs.xorg.xauth pkgs.nettools pkgs.shadow pkgs.procps pkgs.utillinux pkgs.bash ]; diff --git a/nixos/modules/system/activation/top-level.nix b/nixos/modules/system/activation/top-level.nix index 1c242c88863d..d66580b7b9be 100644 --- a/nixos/modules/system/activation/top-level.nix +++ b/nixos/modules/system/activation/top-level.nix @@ -205,7 +205,7 @@ in system.replaceRuntimeDependencies = mkOption { default = []; - example = lib.literalExample "[ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { ... }; }) ]"; + example = lib.literalExample "[ ({ original = pkgs.openssl; replacement = pkgs.callPackage /path/to/openssl { }; }) ]"; type = types.listOf (types.submodule ( { options, ... }: { options.original = mkOption { diff --git a/nixos/modules/system/boot/kernel.nix b/nixos/modules/system/boot/kernel.nix index bef18fc8771b..6bc046d02611 100644 --- a/nixos/modules/system/boot/kernel.nix +++ b/nixos/modules/system/boot/kernel.nix @@ -63,7 +63,7 @@ in }; boot.extraModulePackages = mkOption { - type = types.listOf types.path; + type = types.listOf types.package; default = []; example = literalExample "[ pkgs.linuxPackages.nvidia_x11 ]"; description = "A list of additional packages supplying kernel modules."; diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index c2bf5764804c..d9f6f51f13a2 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -251,6 +251,7 @@ in }; extraFiles = mkOption { + type = types.attrsOf types.path; default = {}; example = literalExample '' { "memtest.bin" = "''${pkgs.memtest86plus}/memtest.bin"; } diff --git a/nixos/modules/system/boot/loader/grub/ipxe.nix b/nixos/modules/system/boot/loader/grub/ipxe.nix index 9b5097a4cfd9..249c2761934d 100644 --- a/nixos/modules/system/boot/loader/grub/ipxe.nix +++ b/nixos/modules/system/boot/loader/grub/ipxe.nix @@ -39,7 +39,7 @@ in dhcp chain http://boot.ipxe.org/demo/boot.php '''; - }; + } ''; }; }; diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix index 763703205630..59bff5472e84 100644 --- a/nixos/modules/system/boot/luksroot.nix +++ b/nixos/modules/system/boot/luksroot.nix @@ -229,7 +229,7 @@ in boot.initrd.luks.devices = mkOption { default = [ ]; - example = [ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } ]; + example = literalExample ''[ { name = "luksroot"; device = "/dev/sda3"; preLVM = true; } ]''; description = '' The list of devices that should be decrypted using LUKS before trying to mount the root partition. This works for both LVM-over-LUKS and LUKS-over-LVM setups. diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 0fc8491cdf8f..211e0423216e 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -374,6 +374,7 @@ in systemd.package = mkOption { default = pkgs.systemd; + defaultText = "pkgs.systemd"; type = types.package; description = "The systemd package."; }; diff --git a/nixos/modules/tasks/kbd.nix b/nixos/modules/tasks/kbd.nix index e36e9f85f1e3..e1574fa68ad9 100644 --- a/nixos/modules/tasks/kbd.nix +++ b/nixos/modules/tasks/kbd.nix @@ -5,13 +5,13 @@ with lib; let makeColor = n: value: "COLOR_${toString n}=${value}"; + colors = concatImapStringsSep "\n" makeColor config.i18n.consoleColors; - vconsoleConf = pkgs.writeText "vconsole.conf" - '' - KEYMAP=${config.i18n.consoleKeyMap} - FONT=${config.i18n.consoleFont} - '' + concatImapStringsSep "\n" makeColor config.i18n.consoleColors; - + vconsoleConf = pkgs.writeText "vconsole.conf" '' + KEYMAP=${config.i18n.consoleKeyMap} + FONT=${config.i18n.consoleFont} + ${colors} + ''; in { diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index ee21d735f959..e72c0f8956ed 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -355,6 +355,7 @@ in }; networking.nameservers = mkOption { + type = types.listOf types.str; default = []; example = ["130.161.158.4" "130.161.33.17"]; description = '' @@ -390,6 +391,7 @@ in }; networking.localCommands = mkOption { + type = types.str; default = ""; example = "text=anything; echo You can put $text here."; description = '' diff --git a/nixos/modules/virtualisation/libvirtd.nix b/nixos/modules/virtualisation/libvirtd.nix index 3668d17ac89b..67fbb8263b05 100644 --- a/nixos/modules/virtualisation/libvirtd.nix +++ b/nixos/modules/virtualisation/libvirtd.nix @@ -122,18 +122,14 @@ in chmod 755 /var/lib/libvirt chmod 755 /var/lib/libvirt/dnsmasq - # Libvirt unfortunately writes mutable state (such as - # runtime changes to VM, network or filter configurations) - # to /etc. So we can't use environment.etc to make the - # default network and filter definitions available, since - # libvirt will then modify the originals in the Nix store. - # So here we copy them instead. Ugly. - for i in $(cd ${pkgs.libvirt}/etc && echo \ + # Copy default libvirt network config .xml files to /var/lib + # Files modified by the user will not be overwritten + for i in $(cd ${pkgs.libvirt}/var/lib && echo \ libvirt/qemu/networks/*.xml libvirt/qemu/networks/autostart/*.xml \ libvirt/nwfilter/*.xml ); do - mkdir -p /etc/$(dirname $i) -m 755 - cp -fpd ${pkgs.libvirt}/etc/$i /etc/$i + mkdir -p /var/lib/$(dirname $i) -m 755 + cp -npd ${pkgs.libvirt}/var/lib/$i /var/lib/$i done # libvirtd puts the full path of the emulator binary in the machine diff --git a/nixos/modules/virtualisation/openvswitch.nix b/nixos/modules/virtualisation/openvswitch.nix index a0231315236c..4218a3840fc1 100644 --- a/nixos/modules/virtualisation/openvswitch.nix +++ b/nixos/modules/virtualisation/openvswitch.nix @@ -31,6 +31,7 @@ in { package = mkOption { type = types.package; default = pkgs.openvswitch; + defaultText = "pkgs.openvswitch"; description = '' Open vSwitch package to use. ''; diff --git a/nixos/tests/quake3.nix b/nixos/tests/quake3.nix index d42f7471c832..b8a632c6e14d 100644 --- a/nixos/tests/quake3.nix +++ b/nixos/tests/quake3.nix @@ -10,6 +10,13 @@ let }); }; + # Only allow the demo data to be used (only if it's unfreeRedistributable). + unfreePredicate = pkg: with pkgs.lib; let + allowDrvPredicates = [ "quake3-demo" "quake3-pointrelease" ]; + allowLicenses = [ pkgs.lib.licenses.unfreeRedistributable ]; + in any (flip hasPrefix pkg.name) allowDrvPredicates && + elem (pkg.meta.license or null) allowLicenses; + in rec { @@ -28,6 +35,7 @@ rec { hardware.opengl.driSupport = true; environment.systemPackages = [ pkgs.quake3demo ]; nixpkgs.config.packageOverrides = overrides; + nixpkgs.config.allowUnfreePredicate = unfreePredicate; }; nodes = @@ -37,10 +45,11 @@ rec { { systemd.services."quake3-server" = { wantedBy = [ "multi-user.target" ]; script = - "${pkgs.quake3demo}/bin/quake3-server '+set g_gametype 0' " + - "'+map q3dm7' '+addbot grunt' '+addbot daemia' 2> /tmp/log"; + "${pkgs.quake3demo}/bin/quake3-server +set g_gametype 0 " + + "+map q3dm7 +addbot grunt +addbot daemia 2> /tmp/log"; }; nixpkgs.config.packageOverrides = overrides; + nixpkgs.config.allowUnfreePredicate = unfreePredicate; networking.firewall.allowedUDPPorts = [ 27960 ]; }; @@ -56,8 +65,8 @@ rec { $client1->waitForX; $client2->waitForX; - $client1->execute("quake3 '+set r_fullscreen 0' '+set name Foo' '+connect server' &"); - $client2->execute("quake3 '+set r_fullscreen 0' '+set name Bar' '+connect server' &"); + $client1->execute("quake3 +set r_fullscreen 0 +set name Foo +connect server &"); + $client2->execute("quake3 +set r_fullscreen 0 +set name Bar +connect server &"); $server->waitUntilSucceeds("grep -q 'Foo.*entered the game' /tmp/log"); $server->waitUntilSucceeds("grep -q 'Bar.*entered the game' /tmp/log"); |