diff options
| author | Vladimír Čunát <v@cunat.cz> | 2019-08-25 14:57:11 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2019-08-25 14:57:11 +0200 |
| commit | 985d1ac425735963d396e1c09dd49ad111813649 (patch) | |
| tree | 38a90f65d3bf5906ef020ef2c9482565325e850e /nixos | |
| parent | bc238b8df55bad9d8a436e120615cc5cfbbb78dc (diff) | |
| parent | f188bad6eaf26ebee19d02df03b1c6ae56c4d7f6 (diff) | |
| download | nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar.gz nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar.bz2 nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar.lz nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar.xz nixlib-985d1ac425735963d396e1c09dd49ad111813649.tar.zst nixlib-985d1ac425735963d396e1c09dd49ad111813649.zip | |
Merge branch 'master' into staging-next
There were several more conflicts from name -> pname+version; all auto-solved by kdiff3, hopefully OK. Hydra nixpkgs: ?compare=1538611
Diffstat (limited to 'nixos')
23 files changed, 464 insertions, 354 deletions
diff --git a/nixos/doc/manual/development/releases.xml b/nixos/doc/manual/development/releases.xml index 3cb16d33cd48..1cdec64f69b0 100755 --- a/nixos/doc/manual/development/releases.xml +++ b/nixos/doc/manual/development/releases.xml @@ -220,6 +220,30 @@ </itemizedlist> </section> </section> + <section xml:id="release-managers"> + <title>Release Management Team</title> + <para> + For each release there are two release managers. After each release the + release manager having managed two releases steps down and the release + management team of the last release appoints a new release manager. + </para> + <para> + This makes sure a release management team always consists of one release + manager who already has managed one release and one release manager being + introduced to their role, making it easier to pass on knowledge and + experience. + </para> + <para> + A release manager's role and responsibilities are: + </para> + <itemizedlist> + <listitem><para>manage the release process</para></listitem> + <listitem><para>start discussions about features and changes for a given release</para></listitem> + <listitem><para>create a roadmap</para></listitem> + <listitem><para>release in cooperation with Eelco Dolstra</para></listitem> + <listitem><para>decide which bug fixes, features, etc... get backported after a release</para></listitem> + </itemizedlist> + </section> <section xml:id="release-schedule"> <title>Release schedule</title> diff --git a/nixos/modules/config/vte.nix b/nixos/modules/config/vte.nix index 9024ceddaee8..d4a8c926fef2 100644 --- a/nixos/modules/config/vte.nix +++ b/nixos/modules/config/vte.nix @@ -42,7 +42,7 @@ in config = mkMerge [ (mkIf config.programs.bash.vteIntegration { - programs.bash.interactiveShellInit = vteInitSnippet; + programs.bash.interactiveShellInit = mkBefore vteInitSnippet; }) (mkIf config.programs.zsh.vteIntegration { diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 79c72fc14224..388f4788b59e 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -649,6 +649,7 @@ ./services/networking/nullidentdmod.nix ./services/networking/nylon.nix ./services/networking/ocserv.nix + ./services/networking/ofono.nix ./services/networking/oidentd.nix ./services/networking/openfire.nix ./services/networking/openntpd.nix diff --git a/nixos/modules/programs/environment.nix b/nixos/modules/programs/environment.nix index 4d762314298d..66eb83482664 100644 --- a/nixos/modules/programs/environment.nix +++ b/nixos/modules/programs/environment.nix @@ -21,6 +21,7 @@ in PAGER = mkDefault "less -R"; EDITOR = mkDefault "nano"; XCURSOR_PATH = [ "$HOME/.icons" ]; + XDG_CONFIG_DIRS = [ "/etc/xdg" ]; # needs to be before profile-relative paths to allow changes through environment.etc }; environment.profiles = mkAfter diff --git a/nixos/modules/programs/gnupg.nix b/nixos/modules/programs/gnupg.nix index 9618d61a1f5b..bcbc994efe9b 100644 --- a/nixos/modules/programs/gnupg.nix +++ b/nixos/modules/programs/gnupg.nix @@ -83,7 +83,8 @@ in systemd.user.sockets.dirmngr = mkIf cfg.dirmngr.enable { wantedBy = [ "sockets.target" ]; }; - + + environment.systemPackages = with pkgs; [ cfg.package ]; systemd.packages = [ cfg.package ]; environment.interactiveShellInit = '' diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index e32fa6fded4a..65014b4beed4 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -178,6 +178,9 @@ with lib; The starting time can be configured via <literal>services.postgresqlBackup.startAt</literal>. '') + # phpfpm + (mkRemovedOptionModule [ "services" "phpfpm" "poolConfigs" ] "Use services.phpfpm.pools instead.") + # zabbixServer (mkRenamedOptionModule [ "services" "zabbixServer" "dbServer" ] [ "services" "zabbixServer" "database" "host" ]) diff --git a/nixos/modules/services/mail/roundcube.nix b/nixos/modules/services/mail/roundcube.nix index e8b2e11bf726..bdedfa1bb701 100644 --- a/nixos/modules/services/mail/roundcube.nix +++ b/nixos/modules/services/mail/roundcube.nix @@ -4,6 +4,7 @@ with lib; let cfg = config.services.roundcube; + fpm = config.services.phpfpm.pools.roundcube; in { options.services.roundcube = { @@ -105,7 +106,7 @@ in extraConfig = '' location ~* \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/run/phpfpm/roundcube; + fastcgi_pass unix:${fpm.socket}; include ${pkgs.nginx}/conf/fastcgi_params; include ${pkgs.nginx}/conf/fastcgi.conf; } @@ -119,24 +120,27 @@ in enable = true; }; - services.phpfpm.poolConfigs.roundcube = '' - listen = /run/phpfpm/roundcube - listen.owner = nginx - listen.group = nginx - listen.mode = 0660 - user = nginx - pm = dynamic - pm.max_children = 75 - pm.start_servers = 2 - pm.min_spare_servers = 1 - pm.max_spare_servers = 20 - pm.max_requests = 500 - php_admin_value[error_log] = 'stderr' - php_admin_flag[log_errors] = on - php_admin_value[post_max_size] = 25M - php_admin_value[upload_max_filesize] = 25M - catch_workers_output = yes - ''; + services.phpfpm.pools.roundcube = { + user = "nginx"; + phpOptions = '' + error_log = 'stderr' + log_errors = on + post_max_size = 25M + upload_max_filesize = 25M + ''; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0660"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 1; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "catch_workers_output" = true; + }; + }; systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ]; systemd.services.roundcube-setup = let diff --git a/nixos/modules/services/misc/zoneminder.nix b/nixos/modules/services/misc/zoneminder.nix index cf56ae89b399..6e83d47df1ca 100644 --- a/nixos/modules/services/misc/zoneminder.nix +++ b/nixos/modules/services/misc/zoneminder.nix @@ -2,6 +2,7 @@ let cfg = config.services.zoneminder; + fpm = config.services.phpfpm.pools.zoneminder; pkg = pkgs.zoneminder; dirName = pkg.dirName; @@ -19,8 +20,6 @@ let useCustomDir = cfg.storageDir != null; - socket = "/run/phpfpm/${dirName}.sock"; - zms = "/cgi-bin/zms"; dirs = dirList: [ dirName ] ++ map (e: "${dirName}/${e}") dirList; @@ -274,7 +273,7 @@ in { fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param HTTP_PROXY ""; - fastcgi_pass unix:${socket}; + fastcgi_pass unix:${fpm.socket}; } } ''; @@ -284,30 +283,27 @@ in { phpfpm = lib.mkIf useNginx { pools.zoneminder = { - listen = socket; + inherit user group; phpOptions = '' date.timezone = "${config.time.timeZone}" ${lib.concatStringsSep "\n" (map (e: "extension=${e.pkg}/lib/php/extensions/${e.name}.so") phpExtensions)} ''; - extraConfig = '' - user = ${user} - group = ${group} - - listen.owner = ${user} - listen.group = ${group} - listen.mode = 0660 - - pm = dynamic - pm.start_servers = 1 - pm.min_spare_servers = 1 - pm.max_spare_servers = 2 - pm.max_requests = 500 - pm.max_children = 5 - pm.status_path = /$pool-status - ping.path = /$pool-ping - ''; + settings = lib.mapAttrs (name: lib.mkDefault) { + "listen.owner" = user; + "listen.group" = group; + "listen.mode" = "0660"; + + "pm" = "dynamic"; + "pm.start_servers" = 1; + "pm.min_spare_servers" = 1; + "pm.max_spare_servers" = 2; + "pm.max_requests" = 500; + "pm.max_children" = 5; + "pm.status_path" = "/$pool-status"; + "ping.path" = "/$pool-ping"; + }; }; }; }; diff --git a/nixos/modules/services/networking/ofono.nix b/nixos/modules/services/networking/ofono.nix new file mode 100644 index 000000000000..40ef9433de0f --- /dev/null +++ b/nixos/modules/services/networking/ofono.nix @@ -0,0 +1,44 @@ +# Ofono daemon. +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.services.ofono; + + plugin_path = + lib.concatMapStringsSep ":" + (plugin: "${plugin}/lib/ofono/plugins") + cfg.plugins + ; + +in + +{ + ###### interface + options = { + services.ofono = { + enable = mkEnableOption "Ofono"; + + plugins = mkOption { + type = types.listOf types.package; + default = []; + example = literalExample "[ pkgs.modem-manager-gui ]"; + description = '' + The list of plugins to install. + ''; + }; + }; + }; + + ###### implementation + config = mkIf cfg.enable { + services.dbus.packages = [ pkgs.ofono ]; + + systemd.packages = [ pkgs.ofono ]; + + systemd.services.ofono.environment.OFONO_PLUGIN_PATH = mkIf (cfg.plugins != []) plugin_path; + + }; +} diff --git a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix index 6740131dccde..95c8fb160510 100644 --- a/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix +++ b/nixos/modules/services/web-apps/icingaweb2/icingaweb2.nix @@ -1,7 +1,7 @@ { config, lib, pkgs, ... }: with lib; let cfg = config.services.icingaweb2; + fpm = config.services.phpfpm.pools.${poolName}; poolName = "icingaweb2"; - phpfpmSocketName = "/var/run/phpfpm/${poolName}.sock"; defaultConfig = { global = { @@ -164,27 +164,26 @@ in { }; config = mkIf cfg.enable { - services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") { - "${poolName}" = '' - listen = "${phpfpmSocketName}" - listen.owner = nginx - listen.group = nginx - listen.mode = 0600 - user = icingaweb2 - pm = dynamic - pm.max_children = 75 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 10 - ''; + services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") { + "${poolName}" = { + user = "icingaweb2"; + phpOptions = '' + extension = ${pkgs.phpPackages.imagick}/lib/php/extensions/imagick.so + date.timezone = "${cfg.timezone}" + ''; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0600"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 10; + }; + }; }; - services.phpfpm.phpOptions = mkIf (cfg.pool == "${poolName}") - '' - extension = ${pkgs.phpPackages.imagick}/lib/php/extensions/imagick.so - date.timezone = "${cfg.timezone}" - ''; - systemd.services."phpfpm-${poolName}".serviceConfig.ReadWritePaths = [ "/etc/icingaweb2" ]; services.nginx = { @@ -208,7 +207,7 @@ in { include ${config.services.nginx.package}/conf/fastcgi.conf; try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${phpfpmSocketName}; + fastcgi_pass unix:${fpm.socket}; fastcgi_param SCRIPT_FILENAME ${pkgs.icingaweb2}/public/index.php; ''; }; diff --git a/nixos/modules/services/web-apps/limesurvey.nix b/nixos/modules/services/web-apps/limesurvey.nix index 84a94fc446e5..2797feb32ebf 100644 --- a/nixos/modules/services/web-apps/limesurvey.nix +++ b/nixos/modules/services/web-apps/limesurvey.nix @@ -120,15 +120,15 @@ in }; poolConfig = mkOption { - type = types.lines; - default = '' - pm = dynamic - pm.max_children = 32 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 4 - pm.max_requests = 500 - ''; + type = with types; attrsOf (oneOf [ str int bool ]); + default = { + "pm" = "dynamic"; + "pm.max_children" = 32; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 4; + "pm.max_requests" = 500; + }; description = '' Options for the LimeSurvey PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives. @@ -203,17 +203,12 @@ in }; services.phpfpm.pools.limesurvey = { - listen = "/run/phpfpm/limesurvey.sock"; - extraConfig = '' - listen.owner = ${config.services.httpd.user}; - listen.group = ${config.services.httpd.group}; - user = ${user}; - group = ${group}; - - env[LIMESURVEY_CONFIG] = ${limesurveyConfig} - - ${cfg.poolConfig} - ''; + inherit user group; + phpEnv.LIMESURVEY_CONFIG = "${limesurveyConfig}"; + settings = { + "listen.owner" = config.services.httpd.user; + "listen.group" = config.services.httpd.group; + } // cfg.poolConfig; }; services.httpd = { @@ -241,7 +236,7 @@ in <Directory "${pkg}/share/limesurvey"> <FilesMatch "\.php$"> <If "-f %{REQUEST_FILENAME}"> - SetHandler "proxy:unix:${fpm.listen}|fcgi://localhost/" + SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/" </If> </FilesMatch> diff --git a/nixos/modules/services/web-apps/matomo.nix b/nixos/modules/services/web-apps/matomo.nix index 14aca45a342b..bf8b9dbcc216 100644 --- a/nixos/modules/services/web-apps/matomo.nix +++ b/nixos/modules/services/web-apps/matomo.nix @@ -225,22 +225,24 @@ in { serviceConfig.UMask = "0007"; }; - services.phpfpm.poolConfigs = let + services.phpfpm.pools = let # workaround for when both are null and need to generate a string, # which is illegal, but as assertions apparently are being triggered *after* config generation, # we have to avoid already throwing errors at this previous stage. socketOwner = if (cfg.nginx != null) then config.services.nginx.user else if (cfg.webServerUser != null) then cfg.webServerUser else ""; in { - ${pool} = '' - listen = "${phpSocket}" - listen.owner = ${socketOwner} - listen.group = root - listen.mode = 0600 - user = ${user} - env[PIWIK_USER_PATH] = ${dataDir} - ${cfg.phpfpmProcessManagerConfig} - ''; + ${pool} = { + listen = phpSocket; + extraConfig = '' + listen.owner = ${socketOwner} + listen.group = root + listen.mode = 0600 + user = ${user} + env[PIWIK_USER_PATH] = ${dataDir} + ${cfg.phpfpmProcessManagerConfig} + ''; + }; }; diff --git a/nixos/modules/services/web-apps/mediawiki.nix b/nixos/modules/services/web-apps/mediawiki.nix index 5bd5977e592b..ec2568bf952d 100644 --- a/nixos/modules/services/web-apps/mediawiki.nix +++ b/nixos/modules/services/web-apps/mediawiki.nix @@ -312,17 +312,17 @@ in }; poolConfig = mkOption { - type = types.lines; - default = '' - pm = dynamic - pm.max_children = 32 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 4 - pm.max_requests = 500 - ''; + type = with types; attrsOf (oneOf [ str int bool ]); + default = { + "pm" = "dynamic"; + "pm.max_children" = 32; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 4; + "pm.max_requests" = 500; + }; description = '' - Options for MediaWiki's PHP pool. See the documentation on <literal>php-fpm.conf</literal> + Options for the MediaWiki PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives. ''; }; @@ -379,17 +379,12 @@ in }; services.phpfpm.pools.mediawiki = { - listen = "/run/phpfpm/mediawiki.sock"; - extraConfig = '' - listen.owner = ${config.services.httpd.user} - listen.group = ${config.services.httpd.group} - user = ${user} - group = ${group} - - env[MEDIAWIKI_CONFIG] = ${mediawikiConfig} - - ${cfg.poolConfig} - ''; + inherit user group; + phpEnv.MEDIAWIKI_CONFIG = "${mediawikiConfig}"; + settings = { + "listen.owner" = config.services.httpd.user; + "listen.group" = config.services.httpd.group; + } // cfg.poolConfig; }; services.httpd = { @@ -403,7 +398,7 @@ in <Directory "${pkg}/share/mediawiki"> <FilesMatch "\.php$"> <If "-f %{REQUEST_FILENAME}"> - SetHandler "proxy:unix:${fpm.listen}|fcgi://localhost/" + SetHandler "proxy:unix:${fpm.socket}|fcgi://localhost/" </If> </FilesMatch> diff --git a/nixos/modules/services/web-apps/nextcloud.nix b/nixos/modules/services/web-apps/nextcloud.nix index a0214a75d93e..ada14ad39291 100644 --- a/nixos/modules/services/web-apps/nextcloud.nix +++ b/nixos/modules/services/web-apps/nextcloud.nix @@ -4,6 +4,7 @@ with lib; let cfg = config.services.nextcloud; + fpm = config.services.phpfpm.pools.nextcloud; phpPackage = pkgs.php73; phpPackages = pkgs.php73Packages; @@ -410,25 +411,20 @@ in { }; services.phpfpm = { - pools.nextcloud = let - phpAdminValues = (toKeyValue - (foldr (a: b: a // b) {} - (mapAttrsToList (k: v: { "php_admin_value[${k}]" = v; }) - phpOptions))); - in { - phpOptions = phpOptionsExtensions; + pools.nextcloud = { + user = "nextcloud"; + group = "nginx"; + phpOptions = phpOptionsExtensions + phpOptionsStr; phpPackage = phpPackage; - listen = "/run/phpfpm/nextcloud"; - extraConfig = '' - listen.owner = nginx - listen.group = nginx - user = nextcloud - group = nginx - ${cfg.poolConfig} - env[NEXTCLOUD_CONFIG_DIR] = ${cfg.home}/config - env[PATH] = /run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin - ${phpAdminValues} - ''; + phpEnv = { + NEXTCLOUD_CONFIG_DIR = "${cfg.home}/config"; + PATH = "/run/wrappers/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:/usr/bin:/bin"; + }; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + }; + extraConfig = cfg.poolConfig; }; }; @@ -489,7 +485,7 @@ in { fastcgi_param HTTPS ${if cfg.https then "on" else "off"}; fastcgi_param modHeadersAvailable true; fastcgi_param front_controller_active true; - fastcgi_pass unix:/run/phpfpm/nextcloud; + fastcgi_pass unix:${fpm.socket}; fastcgi_intercept_errors on; fastcgi_request_buffering off; fastcgi_read_timeout 120s; diff --git a/nixos/modules/services/web-apps/restya-board.nix b/nixos/modules/services/web-apps/restya-board.nix index b200a89260ac..6a1b4143bc16 100644 --- a/nixos/modules/services/web-apps/restya-board.nix +++ b/nixos/modules/services/web-apps/restya-board.nix @@ -9,11 +9,11 @@ with lib; let cfg = config.services.restya-board; + fpm = config.services.phpfpm.pools.${poolName}; runDir = "/run/restya-board"; poolName = "restya-board"; - phpfpmSocketName = "/run/phpfpm/${poolName}.sock"; in @@ -180,7 +180,7 @@ in services.phpfpm.pools = { "${poolName}" = { - listen = phpfpmSocketName; + inherit (cfg) user group; phpOptions = '' date.timezone = "CET" @@ -191,20 +191,18 @@ in auth_password = ${cfg.email.password} ''} ''; - extraConfig = '' - listen.owner = nginx - listen.group = nginx - listen.mode = 0600 - user = ${cfg.user} - group = ${cfg.group} - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - catch_workers_output = 1 - ''; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0600"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "catch_workers_output" = 1; + }; }; }; @@ -241,7 +239,7 @@ in tryFiles = "$uri =404"; extraConfig = '' include ${pkgs.nginx}/conf/fastcgi_params; - fastcgi_pass unix:${phpfpmSocketName}; + fastcgi_pass unix:${fpm.socket}; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PHP_VALUE "upload_max_filesize=9G \n post_max_size=9G \n max_execution_time=200 \n max_input_time=200 \n memory_limit=256M"; diff --git a/nixos/modules/services/web-apps/selfoss.nix b/nixos/modules/services/web-apps/selfoss.nix index cd0f743a5fb8..56b7cafffe8b 100644 --- a/nixos/modules/services/web-apps/selfoss.nix +++ b/nixos/modules/services/web-apps/selfoss.nix @@ -4,7 +4,6 @@ let cfg = config.services.selfoss; poolName = "selfoss_pool"; - phpfpmSocketName = "/run/phpfpm/${poolName}.sock"; dataDir = "/var/lib/selfoss"; @@ -116,21 +115,22 @@ in config = mkIf cfg.enable { - services.phpfpm.poolConfigs = mkIf (cfg.pool == "${poolName}") { - "${poolName}" = '' - listen = "${phpfpmSocketName}"; - listen.owner = nginx - listen.group = nginx - listen.mode = 0600 - user = nginx - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - catch_workers_output = 1 - ''; + services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") { + "${poolName}" = { + user = "nginx"; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0600"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "catch_workers_output" = 1; + }; + }; }; systemd.services.selfoss-config = { diff --git a/nixos/modules/services/web-apps/tt-rss.nix b/nixos/modules/services/web-apps/tt-rss.nix index 1bd9de93735d..59b0ee1addc6 100644 --- a/nixos/modules/services/web-apps/tt-rss.nix +++ b/nixos/modules/services/web-apps/tt-rss.nix @@ -521,20 +521,19 @@ let services.phpfpm.pools = mkIf (cfg.pool == "${poolName}") { "${poolName}" = { - listen = "/var/run/phpfpm/${poolName}.sock"; - extraConfig = '' - listen.owner = nginx - listen.group = nginx - listen.mode = 0600 - user = ${cfg.user} - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - catch_workers_output = 1 - ''; + inherit (cfg) user; + settings = mapAttrs (name: mkDefault) { + "listen.owner" = "nginx"; + "listen.group" = "nginx"; + "listen.mode" = "0600"; + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + "catch_workers_output" = 1; + }; }; }; @@ -552,7 +551,7 @@ let locations."~ \.php$" = { extraConfig = '' fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.listen}; + fastcgi_pass unix:${config.services.phpfpm.pools.${cfg.pool}.socket}; fastcgi_index index.php; ''; }; diff --git a/nixos/modules/services/web-apps/wordpress.nix b/nixos/modules/services/web-apps/wordpress.nix index 624b0089a037..98dc84588189 100644 --- a/nixos/modules/services/web-apps/wordpress.nix +++ b/nixos/modules/services/web-apps/wordpress.nix @@ -216,15 +216,15 @@ let }; poolConfig = mkOption { - type = types.lines; - default = '' - pm = dynamic - pm.max_children = 32 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 4 - pm.max_requests = 500 - ''; + type = with types; attrsOf (oneOf [ str int bool ]); + default = { + "pm" = "dynamic"; + "pm.max_children" = 32; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 4; + "pm.max_requests" = 500; + }; description = '' Options for the WordPress PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives. @@ -280,15 +280,11 @@ in services.phpfpm.pools = mapAttrs' (hostName: cfg: ( nameValuePair "wordpress-${hostName}" { - listen = "/run/phpfpm/wordpress-${hostName}.sock"; - extraConfig = '' - listen.owner = ${config.services.httpd.user} - listen.group = ${config.services.httpd.group} - user = ${user} - group = ${group} - - ${cfg.poolConfig} - ''; + inherit user group; + settings = { + "listen.owner" = config.services.httpd.user; + "listen.group" = config.services.httpd.group; + } // cfg.poolConfig; } )) eachSite; @@ -303,7 +299,7 @@ in <Directory "${pkg hostName cfg}/share/wordpress"> <FilesMatch "\.php$"> <If "-f %{REQUEST_FILENAME}"> - SetHandler "proxy:unix:/run/phpfpm/wordpress-${hostName}.sock|fcgi://localhost/" + SetHandler "proxy:unix:${config.services.phpfpm.pools."wordpress-${hostName}".socket}|fcgi://localhost/" </If> </FilesMatch> diff --git a/nixos/modules/services/web-apps/zabbix.nix b/nixos/modules/services/web-apps/zabbix.nix index 4b5334579a99..fa358ffafbc3 100644 --- a/nixos/modules/services/web-apps/zabbix.nix +++ b/nixos/modules/services/web-apps/zabbix.nix @@ -133,15 +133,15 @@ in }; poolConfig = mkOption { - type = types.lines; - default = '' - pm = dynamic - pm.max_children = 32 - pm.start_servers = 2 - pm.min_spare_servers = 2 - pm.max_spare_servers = 4 - pm.max_requests = 500 - ''; + type = with types; attrsOf (oneOf [ str int bool ]); + default = { + "pm" = "dynamic"; + "pm.max_children" = 32; + "pm.start_servers" = 2; + "pm.min_spare_servers" = 2; + "pm.max_spare_servers" = 4; + "pm.max_requests" = 500; + }; description = '' Options for the Zabbix PHP pool. See the documentation on <literal>php-fpm.conf</literal> for details on configuration directives. ''; @@ -160,6 +160,8 @@ in ]; services.phpfpm.pools.zabbix = { + inherit user; + group = config.services.httpd.group; phpOptions = '' # https://www.zabbix.com/documentation/current/manual/installation/install memory_limit = 128M @@ -177,15 +179,11 @@ in '' + optionalString (cfg.database.type == "oracle") '' extension=${pkgs.phpPackages.oci8}/lib/php/extensions/oci8.so ''; - listen = "/run/phpfpm/zabbix.sock"; - extraConfig = '' - listen.owner = ${config.services.httpd.user}; - listen.group = ${config.services.httpd.group}; - user = ${user}; - group = ${config.services.httpd.group}; - env[ZABBIX_CONFIG] = ${zabbixConfig} - ${cfg.poolConfig} - ''; + phpEnv.ZABBIX_CONFIG = zabbixConfig; + settings = { + "listen.owner" = config.services.httpd.user; + "listen.group" = config.services.httpd.group; + } // cfg.poolConfig; }; services.httpd = { diff --git a/nixos/modules/services/web-servers/phpfpm/default.nix b/nixos/modules/services/web-servers/phpfpm/default.nix index ffafbc5e92f2..e95e71e0d997 100644 --- a/nixos/modules/services/web-servers/phpfpm/default.nix +++ b/nixos/modules/services/web-servers/phpfpm/default.nix @@ -4,41 +4,27 @@ with lib; let cfg = config.services.phpfpm; - enabled = cfg.poolConfigs != {} || cfg.pools != {}; - stateDir = "/run/phpfpm"; + runtimeDir = "/run/phpfpm"; - poolConfigs = - (mapAttrs mapPoolConfig cfg.poolConfigs) // - (mapAttrs mapPool cfg.pools); + toStr = value: + if true == value then "yes" + else if false == value then "no" + else toString value; - mapPoolConfig = n: p: { - phpPackage = cfg.phpPackage; - phpOptions = cfg.phpOptions; - config = p; - }; - - mapPool = n: p: { - phpPackage = p.phpPackage; - phpOptions = p.phpOptions; - config = '' - listen = ${p.listen} - ${p.extraConfig} - ''; - }; - - fpmCfgFile = pool: conf: pkgs.writeText "phpfpm-${pool}.conf" '' + fpmCfgFile = pool: poolOpts: pkgs.writeText "phpfpm-${pool}.conf" '' [global] - error_log = syslog - daemonize = no - ${cfg.extraConfig} + ${concatStringsSep "\n" (mapAttrsToList (n: v: "${n} = ${toStr v}") cfg.settings)} + ${optionalString (cfg.extraConfig != null) cfg.extraConfig} [${pool}] - ${conf} + ${concatStringsSep "\n" (mapAttrsToList (n: v: "${n} = ${toStr v}") poolOpts.settings)} + ${concatStringsSep "\n" (mapAttrsToList (n: v: "env[${n}] = ${toStr v}") poolOpts.phpEnv)} + ${optionalString (poolOpts.extraConfig != null) poolOpts.extraConfig} ''; - phpIni = pool: pkgs.runCommand "php.ini" { - inherit (pool) phpPackage phpOptions; + phpIni = poolOpts: pkgs.runCommand "php.ini" { + inherit (poolOpts) phpPackage phpOptions; preferLocalBuild = true; nixDefaults = '' sendmail_path = "/run/wrappers/bin/sendmail -t -i" @@ -48,13 +34,138 @@ let cat $phpPackage/etc/php.ini $nixDefaultsPath $phpOptionsPath > $out ''; + poolOpts = { name, ... }: + let + poolOpts = cfg.pools."${name}"; + in + { + options = { + socket = mkOption { + type = types.str; + readOnly = true; + description = '' + Path to the unix socket file on which to accept FastCGI requests. + <note><para>This option is read-only and managed by NixOS.</para></note> + ''; + }; + + listen = mkOption { + type = types.str; + default = ""; + example = "/path/to/unix/socket"; + description = '' + The address on which to accept FastCGI requests. + ''; + }; + + phpPackage = mkOption { + type = types.package; + default = cfg.phpPackage; + defaultText = "config.services.phpfpm.phpPackage"; + description = '' + The PHP package to use for running this PHP-FPM pool. + ''; + }; + + phpOptions = mkOption { + type = types.lines; + default = cfg.phpOptions; + defaultText = "config.services.phpfpm.phpOptions"; + description = '' + "Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool." + ''; + }; + + phpEnv = lib.mkOption { + type = with types; attrsOf str; + default = {}; + description = '' + Environment variables used for this PHP-FPM pool. + ''; + example = literalExample '' + { + HOSTNAME = "$HOSTNAME"; + TMP = "/tmp"; + TMPDIR = "/tmp"; + TEMP = "/tmp"; + } + ''; + }; + + user = mkOption { + type = types.str; + description = "User account under which this pool runs."; + }; + + group = mkOption { + type = types.str; + description = "Group account under which this pool runs."; + }; + + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool ]); + default = {}; + description = '' + PHP-FPM pool directives. Refer to the "List of pool directives" section of + <link xlink:href="https://www.php.net/manual/en/install.fpm.configuration.php"/> + for details. Note that settings names must be enclosed in quotes (e.g. + <literal>"pm.max_children"</literal> instead of <literal>pm.max_children</literal>). + ''; + example = literalExample '' + { + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; + } + ''; + }; + + extraConfig = mkOption { + type = with types; nullOr lines; + default = null; + description = '' + Extra lines that go into the pool configuration. + See the documentation on <literal>php-fpm.conf</literal> for + details on configuration directives. + ''; + }; + }; + + config = { + socket = if poolOpts.listen == "" then "${runtimeDir}/${name}.sock" else poolOpts.listen; + group = mkDefault poolOpts.user; + + settings = mapAttrs (name: mkDefault){ + listen = poolOpts.socket; + user = poolOpts.user; + group = poolOpts.group; + }; + }; + }; + in { options = { services.phpfpm = { + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool ]); + default = {}; + description = '' + PHP-FPM global directives. Refer to the "List of global php-fpm.conf directives" section of + <link xlink:href="https://www.php.net/manual/en/install.fpm.configuration.php"/> + for details. Note that settings names must be enclosed in quotes (e.g. + <literal>"pm.max_children"</literal> instead of <literal>pm.max_children</literal>). + You need not specify the options <literal>error_log</literal> or + <literal>daemonize</literal> here, since they are generated by NixOS. + ''; + }; + extraConfig = mkOption { - type = types.lines; - default = ""; + type = with types; nullOr lines; + default = null; description = '' Extra configuration that should be put in the global section of the PHP-FPM configuration file. Do not specify the options @@ -80,64 +191,56 @@ in { '' date.timezone = "CET" ''; - description = - "Options appended to the PHP configuration file <filename>php.ini</filename>."; - }; - - poolConfigs = mkOption { - default = {}; - type = types.attrsOf types.lines; - example = literalExample '' - { mypool = ''' - listen = /run/phpfpm/mypool - user = nobody - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - '''; - } - ''; description = '' - A mapping between PHP-FPM pool names and their configurations. - See the documentation on <literal>php-fpm.conf</literal> for - details on configuration directives. If no pools are defined, - the phpfpm service is disabled. + Options appended to the PHP configuration file <filename>php.ini</filename>. ''; }; pools = mkOption { - type = types.attrsOf (types.submodule (import ./pool-options.nix { - inherit lib config; - })); + type = types.attrsOf (types.submodule poolOpts); default = {}; example = literalExample '' { mypool = { - listen = "/path/to/unix/socket"; + user = "php"; + group = "php"; phpPackage = pkgs.php; - extraConfig = ''' - user = nobody - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 + settings = ''' + "pm" = "dynamic"; + "pm.max_children" = 75; + "pm.start_servers" = 10; + "pm.min_spare_servers" = 5; + "pm.max_spare_servers" = 20; + "pm.max_requests" = 500; '''; } }''; description = '' - PHP-FPM pools. If no pools or poolConfigs are defined, the PHP-FPM + PHP-FPM pools. If no pools are defined, the PHP-FPM service is disabled. ''; }; }; }; - config = mkIf enabled { + config = mkIf (cfg.pools != {}) { + + warnings = + mapAttrsToList (pool: poolOpts: '' + Using config.services.phpfpm.pools.${pool}.listen is deprecated and will become unsupported in a future release. Please reference the read-only option config.services.phpfpm.pools.${pool}.socket to access the path of your socket. + '') (filterAttrs (pool: poolOpts: poolOpts.listen != "") cfg.pools) ++ + mapAttrsToList (pool: poolOpts: '' + Using config.services.phpfpm.pools.${pool}.extraConfig is deprecated and will become unsupported in a future release. Please migrate your configuration to config.services.phpfpm.pools.${pool}.settings. + '') (filterAttrs (pool: poolOpts: poolOpts.extraConfig != null) cfg.pools) ++ + optional (cfg.extraConfig != null) '' + Using config.services.phpfpm.extraConfig is deprecated and will become unsupported in a future release. Please migrate your configuration to config.services.phpfpm.settings. + '' + ; + + services.phpfpm.settings = { + error_log = "syslog"; + daemonize = false; + }; systemd.slices.phpfpm = { description = "PHP FastCGI Process manager pools slice"; @@ -148,18 +251,15 @@ in { wantedBy = [ "multi-user.target" ]; }; - systemd.services = flip mapAttrs' poolConfigs (pool: poolConfig: + systemd.services = mapAttrs' (pool: poolOpts: nameValuePair "phpfpm-${pool}" { description = "PHP FastCGI Process Manager service for pool ${pool}"; after = [ "network.target" ]; wantedBy = [ "phpfpm.target" ]; partOf = [ "phpfpm.target" ]; - preStart = '' - mkdir -p ${stateDir} - ''; serviceConfig = let - cfgFile = fpmCfgFile pool poolConfig.config; - iniFile = phpIni poolConfig; + cfgFile = fpmCfgFile pool poolOpts; + iniFile = phpIni poolOpts; in { Slice = "phpfpm.slice"; PrivateDevices = true; @@ -168,10 +268,12 @@ in { # XXX: We need AF_NETLINK to make the sendmail SUID binary from postfix work RestrictAddressFamilies = "AF_UNIX AF_INET AF_INET6 AF_NETLINK"; Type = "notify"; - ExecStart = "${poolConfig.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}"; + ExecStart = "${poolOpts.phpPackage}/bin/php-fpm -y ${cfgFile} -c ${iniFile}"; ExecReload = "${pkgs.coreutils}/bin/kill -USR2 $MAINPID"; + RuntimeDirectory = "phpfpm"; + RuntimeDirectoryPreserve = true; # Relevant when multiple processes are running }; } - ); + ) cfg.pools; }; } diff --git a/nixos/modules/services/web-servers/phpfpm/pool-options.nix b/nixos/modules/services/web-servers/phpfpm/pool-options.nix deleted file mode 100644 index d9ad7eff71f2..000000000000 --- a/nixos/modules/services/web-servers/phpfpm/pool-options.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ lib, config }: - -let - fpmCfg = config.services.phpfpm; -in - -with lib; { - - options = { - - listen = mkOption { - type = types.str; - example = "/path/to/unix/socket"; - description = '' - The address on which to accept FastCGI requests. - ''; - }; - - phpPackage = mkOption { - type = types.package; - default = fpmCfg.phpPackage; - defaultText = "config.services.phpfpm.phpPackage"; - description = '' - The PHP package to use for running this PHP-FPM pool. - ''; - }; - - phpOptions = mkOption { - type = types.lines; - default = fpmCfg.phpOptions; - defaultText = "config.services.phpfpm.phpOptions"; - description = '' - "Options appended to the PHP configuration file <filename>php.ini</filename> used for this PHP-FPM pool." - ''; - }; - - extraConfig = mkOption { - type = types.lines; - example = '' - user = nobody - pm = dynamic - pm.max_children = 75 - pm.start_servers = 10 - pm.min_spare_servers = 5 - pm.max_spare_servers = 20 - pm.max_requests = 500 - ''; - - description = '' - Extra lines that go into the pool configuration. - See the documentation on <literal>php-fpm.conf</literal> for - details on configuration directives. - ''; - }; - }; -} - diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 6434731d951f..b18d06a095d1 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -29,10 +29,10 @@ let chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF [org.gnome.desktop.background] - picture-uri='${pkgs.nixos-artwork.wallpapers.simple-dark-gray}/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' + picture-uri='file://${pkgs.nixos-artwork.wallpapers.simple-dark-gray}/share/artwork/gnome/nix-wallpaper-simple-dark-gray.png' [org.gnome.desktop.screensaver] - picture-uri='${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png' + picture-uri='file://${pkgs.nixos-artwork.wallpapers.simple-dark-gray-bottom}/share/artwork/gnome/nix-wallpaper-simple-dark-gray_bottom.png' [org.gnome.shell] favorite-apps=[ 'org.gnome.Epiphany.desktop', 'evolution.desktop', 'org.gnome.Music.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop' ] diff --git a/nixos/modules/virtualisation/libvirtd.nix b/nixos/modules/virtualisation/libvirtd.nix index 394b4ce56563..16b79d869193 100644 --- a/nixos/modules/virtualisation/libvirtd.nix +++ b/nixos/modules/virtualisation/libvirtd.nix @@ -104,6 +104,18 @@ in { ''; }; + onBoot = mkOption { + type = types.enum ["start" "ignore" ]; + default = "start"; + description = '' + Specifies the action to be done to / on the guests when the host boots. + The "start" option starts all guests that were running prior to shutdown + regardless of their autostart settings. The "ignore" option will not + start the formally running guest on boot. However, any guest marked as + autostart will still be automatically started by libvirtd. + ''; + }; + onShutdown = mkOption { type = types.enum ["shutdown" "suspend" ]; default = "suspend"; @@ -221,6 +233,7 @@ in { path = with pkgs; [ coreutils libvirt gawk ]; restartIfChanged = false; + environment.ON_BOOT = "${cfg.onBoot}"; environment.ON_SHUTDOWN = "${cfg.onShutdown}"; }; |