diff options
author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-09-25 21:36:31 +0200 |
---|---|---|
committer | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-09-25 21:36:31 +0200 |
commit | 68c0ca4416f0d36d37fc2dd0659ccd1ca152f593 (patch) | |
tree | 41cf60fbd3ed13ca6827f589f369f4e9b49b3919 /nixos | |
parent | 86afd1c57926318e3299a9cae2cd0130eb694614 (diff) | |
parent | 5fa1488e2b0effad849125784310f17b16f59004 (diff) | |
download | nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar.gz nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar.bz2 nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar.lz nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar.xz nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.tar.zst nixlib-68c0ca4416f0d36d37fc2dd0659ccd1ca152f593.zip |
Merge remote-tracking branch 'origin/master' into staging-next
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2211.section.xml | 8 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2211.section.md | 3 | ||||
-rw-r--r-- | nixos/lib/make-options-doc/mergeJSON.py | 18 | ||||
-rw-r--r-- | nixos/modules/security/pam.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/v2ray.nix | 18 | ||||
-rw-r--r-- | nixos/modules/services/networking/yggdrasil.nix | 8 | ||||
-rw-r--r-- | nixos/modules/services/networking/yggdrasil.xml | 4 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/onlyoffice.nix | 5 | ||||
-rw-r--r-- | nixos/modules/services/x11/desktop-managers/plasma5.nix | 11 | ||||
-rw-r--r-- | nixos/modules/virtualisation/docker.nix | 2 | ||||
-rw-r--r-- | nixos/tests/all-tests.nix | 2 | ||||
-rw-r--r-- | nixos/tests/docker.nix | 1 | ||||
-rw-r--r-- | nixos/tests/v2ray.nix | 12 |
13 files changed, 71 insertions, 23 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index 0f1dffc798e7..8f4a7dd002d3 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -476,6 +476,14 @@ </listitem> <listitem> <para> + The (previously undocumented) Nixpkgs configuration option + <literal>checkMeta</literal> now defaults to + <literal>true</literal>. This may cause evaluation failures + for packages with incorrect <literal>meta</literal> attribute. + </para> + </listitem> + <listitem> + <para> xow package removed along with the <literal>hardware.xow</literal> module, due to the project being deprecated in favor of <literal>xone</literal>, which is diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index 7214937781d2..f6515256dbc6 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -164,6 +164,9 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - riak package removed along with `services.riak` module, due to lack of maintainer to update the package. +- The (previously undocumented) Nixpkgs configuration option `checkMeta` now defaults to `true`. This may cause evaluation + failures for packages with incorrect `meta` attribute. + - xow package removed along with the `hardware.xow` module, due to the project being deprecated in favor of `xone`, which is available via the `hardware.xone` module. - dd-agent package removed along with the `services.dd-agent` module, due to the project being deprecated in favor of `datadog-agent`, which is available via the `services.datadog-agent` module. diff --git a/nixos/lib/make-options-doc/mergeJSON.py b/nixos/lib/make-options-doc/mergeJSON.py index eae9ca031244..8a8498746bf6 100644 --- a/nixos/lib/make-options-doc/mergeJSON.py +++ b/nixos/lib/make-options-doc/mergeJSON.py @@ -259,20 +259,24 @@ def is_docbook(o, key): # check that every option has a description hasWarnings = False hasErrors = False +hasDocBookErrors = False for (k, v) in options.items(): if errorOnDocbook: if isinstance(v.value.get('description', {}), str): hasErrors = True + hasDocBookErrors = True print( f"\x1b[1;31merror: option {v.name} description uses DocBook\x1b[0m", file=sys.stderr) elif is_docbook(v.value, 'defaultText'): hasErrors = True + hasDocBookErrors = True print( f"\x1b[1;31merror: option {v.name} default uses DocBook\x1b[0m", file=sys.stderr) elif is_docbook(v.value, 'example'): hasErrors = True + hasDocBookErrors = True print( f"\x1b[1;31merror: option {v.name} example uses DocBook\x1b[0m", file=sys.stderr) @@ -287,6 +291,20 @@ for (k, v) in options.items(): f"\x1b[1;31m{severity}: option {v.name} has no type. Please specify a valid type, see " + "https://nixos.org/manual/nixos/stable/index.html#sec-option-types\x1b[0m", file=sys.stderr) +if hasDocBookErrors: + print("Explanation: The documentation contains descriptions, examples, or defaults written in DocBook. " + + "NixOS is in the process of migrating from DocBook to Markdown, and " + + "DocBook is disallowed for in-tree modules. To change your contribution to "+ + "use Markdown, apply mdDoc and literalMD. For example:\n" + + "\n" + + " example.foo = mkOption {\n" + + " description = lib.mdDoc ''your description'';\n" + + " defaultText = lib.literalMD ''your description of default'';\n" + + " }\n" + + "\n" + + " example.enable = mkEnableOption (lib.mdDoc ''your thing'');", + file = sys.stderr) + if hasErrors: sys.exit(1) if hasWarnings and warningsAreErrors: diff --git a/nixos/modules/security/pam.nix b/nixos/modules/security/pam.nix index c4d891333f57..c74f66d91829 100644 --- a/nixos/modules/security/pam.nix +++ b/nixos/modules/security/pam.nix @@ -1279,7 +1279,7 @@ in mr ${pkgs.pam_mount}/lib/security/pam_mount.so, '' + optionalString (isEnabled (cfg: cfg.enableGnomeKeyring)) '' - mr ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so, + mr ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so, '' + optionalString (isEnabled (cfg: cfg.startSession)) '' mr ${config.systemd.package}/lib/security/pam_systemd.so, diff --git a/nixos/modules/services/networking/v2ray.nix b/nixos/modules/services/networking/v2ray.nix index 1ff1feed8f47..ba2aa5bc1de7 100644 --- a/nixos/modules/services/networking/v2ray.nix +++ b/nixos/modules/services/networking/v2ray.nix @@ -34,7 +34,7 @@ with lib; Either `configFile` or `config` must be specified. - See <https://www.v2fly.org/en_US/config/overview.html>. + See <https://www.v2fly.org/en_US/v5/config/overview.html>. ''; }; @@ -56,7 +56,7 @@ with lib; Either `configFile` or `config` must be specified. - See <https://www.v2fly.org/en_US/config/overview.html>. + See <https://www.v2fly.org/en_US/v5/config/overview.html>. ''; }; }; @@ -71,7 +71,7 @@ with lib; name = "v2ray.json"; text = builtins.toJSON cfg.config; checkPhase = '' - ${cfg.package}/bin/v2ray -test -config $out + ${cfg.package}/bin/v2ray test -c $out ''; }; @@ -83,13 +83,15 @@ with lib; } ]; + environment.etc."v2ray/config.json".source = configFile; + + systemd.packages = [ cfg.package ]; + systemd.services.v2ray = { - description = "v2ray Daemon"; - after = [ "network.target" ]; + restartTriggers = [ config.environment.etc."v2ray/config.json".source ]; + + # Workaround: https://github.com/NixOS/nixpkgs/issues/81138 wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${cfg.package}/bin/v2ray -config ${configFile}"; - }; }; }; } diff --git a/nixos/modules/services/networking/yggdrasil.nix b/nixos/modules/services/networking/yggdrasil.nix index 620ace2d8c83..e56f169d05eb 100644 --- a/nixos/modules/services/networking/yggdrasil.nix +++ b/nixos/modules/services/networking/yggdrasil.nix @@ -40,14 +40,14 @@ in { If the {option}`persistentKeys` is enabled then the keys that are generated during activation will override - those in {option}`config` or + those in {option}`settings` or {option}`configFile`. If no keys are specified then ephemeral keys are generated and the Yggdrasil interface will have a random IPv6 address each time the service is started, this is the default. - If both {option}`configFile` and {option}`config` + If both {option}`configFile` and {option}`settings` are supplied, they will be combined, with values from {option}`configFile` taking precedence. @@ -62,7 +62,7 @@ in { example = "/run/keys/yggdrasil.conf"; description = lib.mdDoc '' A file which contains JSON configuration for yggdrasil. - See the {option}`config` option for more information. + See the {option}`settings` option for more information. ''; }; @@ -81,7 +81,7 @@ in { discovery. The NixOS firewall blocks link-local communication, so in order to make local peering work you will also need to set `LinkLocalTCPPort` in your - yggdrasil configuration ({option}`config` or + yggdrasil configuration ({option}`settings` or {option}`configFile`) to a port number other than 0, and then add that port to {option}`networking.firewall.allowedTCPPorts`. diff --git a/nixos/modules/services/networking/yggdrasil.xml b/nixos/modules/services/networking/yggdrasil.xml index a341d5d8153b..bc9da84fa431 100644 --- a/nixos/modules/services/networking/yggdrasil.xml +++ b/nixos/modules/services/networking/yggdrasil.xml @@ -27,7 +27,7 @@ An annotated example of a simple configuration: # The NixOS module will generate new keys and a new IPv6 address each time # it is started if persistentKeys is not enabled. - config = { + settings = { Peers = [ # Yggdrasil will automatically connect and "peer" with other nodes it # discovers via link-local multicast annoucements. Unless this is the @@ -58,7 +58,7 @@ in { services.yggdrasil = { enable = true; persistentKeys = true; # Maintain a fixed public key and IPv6 address. - config = { + settings = { Peers = [ "tcp://1.2.3.4:1024" "tcp://1.2.3.5:1024" ]; NodeInfo = { # This information is visible to the network. diff --git a/nixos/modules/services/web-apps/onlyoffice.nix b/nixos/modules/services/web-apps/onlyoffice.nix index ad0a527759ca..db4a9582794e 100644 --- a/nixos/modules/services/web-apps/onlyoffice.nix +++ b/nixos/modules/services/web-apps/onlyoffice.nix @@ -252,7 +252,10 @@ in .rabbitmq.url = "${cfg.rabbitmqUrl}" ' /run/onlyoffice/config/default.json | sponge /run/onlyoffice/config/default.json - if ! psql -d onlyoffice -c "SELECT 'task_result'::regclass;" >/dev/null; then + if psql -d onlyoffice -c "SELECT 'task_result'::regclass;" >/dev/null; then + psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/removetbl.sql + psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/createdb.sql + else psql -f ${cfg.package}/var/www/onlyoffice/documentserver/server/schema/postgresql/createdb.sql fi ''; diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index dc8b24dc3829..3e04f6d0e6bb 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -444,11 +444,14 @@ in services.xserver.displayManager.setupCommands = startplasma; nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true; + }) - environment.etc = { - "xdg/kwinrc".text = lib.generators.toINI {} cfg.kwinrc; - "xdg/kdeglobals".text = lib.generators.toINI {} cfg.kdeglobals; - }; + (mkIf (cfg.kwinrc != {}) { + environment.etc."xdg/kwinrc".text = lib.generators.toINI {} cfg.kwinrc; + }) + + (mkIf (cfg.kdeglobals != {}) { + environment.etc."xdg/kdeglobals".text = lib.generators.toINI {} cfg.kdeglobals; }) # Plasma Desktop diff --git a/nixos/modules/virtualisation/docker.nix b/nixos/modules/virtualisation/docker.nix index 66c94f30088f..d9bd10ba1fc8 100644 --- a/nixos/modules/virtualisation/docker.nix +++ b/nixos/modules/virtualisation/docker.nix @@ -221,6 +221,8 @@ in ''; startAt = optional cfg.autoPrune.enable cfg.autoPrune.dates; + after = [ "docker.service" ]; + requires = [ "docker.service" ]; }; assertions = [ diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 1fbbb1ffce19..79cce713460b 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -86,7 +86,7 @@ in { cjdns = handleTest ./cjdns.nix {}; clickhouse = handleTest ./clickhouse.nix {}; cloud-init = handleTest ./cloud-init.nix {}; - cntr = handleTest ./cntr.nix {}; + cntr = handleTestOn ["aarch64-linux" "x86_64-linux"] ./cntr.nix {}; cockroachdb = handleTestOn ["x86_64-linux"] ./cockroachdb.nix {}; collectd = handleTest ./collectd.nix {}; consul = handleTest ./consul.nix {}; diff --git a/nixos/tests/docker.nix b/nixos/tests/docker.nix index dee7480eb4a9..93baa198088b 100644 --- a/nixos/tests/docker.nix +++ b/nixos/tests/docker.nix @@ -11,6 +11,7 @@ import ./make-test-python.nix ({ pkgs, ...} : { { pkgs, ... }: { virtualisation.docker.enable = true; + virtualisation.docker.autoPrune.enable = true; virtualisation.docker.package = pkgs.docker; users.users = { diff --git a/nixos/tests/v2ray.nix b/nixos/tests/v2ray.nix index fb36ea8557d5..9eee962c64e4 100644 --- a/nixos/tests/v2ray.nix +++ b/nixos/tests/v2ray.nix @@ -20,7 +20,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let port = 1081; listen = "127.0.0.1"; protocol = "vmess"; - settings.clients = [v2rayUser]; + settings.clients = [ v2rayUser ]; } ]; outbounds = [ @@ -30,7 +30,7 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let settings.vnext = [{ address = "127.0.0.1"; port = 1081; - users = [v2rayUser]; + users = [ v2rayUser ]; }]; } { @@ -49,6 +49,14 @@ import ./make-test-python.nix ({ lib, pkgs, ... }: let inboundTag = "vmess_in"; outboundTag = "direct"; } + + # Assert assets "geoip" and "geosite" are accessible. + { + type = "field"; + ip = [ "geoip:private" ]; + domain = [ "geosite:category-ads" ]; + outboundTag = "direct"; + } ]; }; |