diff options
author | Alyssa Ross <hi@alyssa.is> | 2019-08-14 00:20:49 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2019-08-14 00:23:16 +0000 |
commit | 4999a38db7c5de0ea9f514a12ecd4133cce647f3 (patch) | |
tree | bbb659ab07fda4c9b98053499b7e3f046ac6d5dc /nixpkgs/nixos/modules/config | |
parent | f9abd30e11337cf07034f2cc8ad1691aa4a69386 (diff) | |
parent | 8746c77a383f5c76153c7a181f3616d273acfa2a (diff) | |
download | nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.gz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.bz2 nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.lz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.xz nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.tar.zst nixlib-4999a38db7c5de0ea9f514a12ecd4133cce647f3.zip |
Merge commit '8746c77a383f5c76153c7a181f3616d273acfa2a'
Diffstat (limited to 'nixpkgs/nixos/modules/config')
-rw-r--r-- | nixpkgs/nixos/modules/config/locale.nix (renamed from nixpkgs/nixos/modules/config/timezone.nix) | 35 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/networking.nix | 104 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/no-x-libs.nix | 2 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/resolvconf.nix | 149 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/xdg/portal.nix | 58 |
5 files changed, 243 insertions, 105 deletions
diff --git a/nixpkgs/nixos/modules/config/timezone.nix b/nixpkgs/nixos/modules/config/locale.nix index b15948f6e2e5..6f0565881877 100644 --- a/nixpkgs/nixos/modules/config/timezone.nix +++ b/nixpkgs/nixos/modules/config/locale.nix @@ -9,6 +9,8 @@ let timezone = types.nullOr (types.addCheck types.str nospace) // { description = "null or string without spaces"; }; + lcfg = config.location; + in { @@ -37,12 +39,45 @@ in }; }; + + location = { + + latitude = mkOption { + type = types.float; + description = '' + Your current latitude, between + <literal>-90.0</literal> and <literal>90.0</literal>. Must be provided + along with longitude. + ''; + }; + + longitude = mkOption { + type = types.float; + description = '' + Your current longitude, between + between <literal>-180.0</literal> and <literal>180.0</literal>. Must be + provided along with latitude. + ''; + }; + + provider = mkOption { + type = types.enum [ "manual" "geoclue2" ]; + default = "manual"; + description = '' + The location provider to use for determining your location. If set to + <literal>manual</literal> you must also provide latitude/longitude. + ''; + }; + + }; }; config = { environment.sessionVariables.TZDIR = "/etc/zoneinfo"; + services.geoclue2.enable = mkIf (lcfg.provider == "geoclue2") true; + # This way services are restarted when tzdata changes. systemd.globalEnvironment.TZDIR = tzdir; diff --git a/nixpkgs/nixos/modules/config/networking.nix b/nixpkgs/nixos/modules/config/networking.nix index eab4e73e19a1..4b9086022ed5 100644 --- a/nixpkgs/nixos/modules/config/networking.nix +++ b/nixpkgs/nixos/modules/config/networking.nix @@ -7,16 +7,6 @@ with lib; let cfg = config.networking; - dnsmasqResolve = config.services.dnsmasq.enable && - config.services.dnsmasq.resolveLocalQueries; - hasLocalResolver = config.services.bind.enable || - config.services.unbound.enable || - dnsmasqResolve; - - resolvconfOptions = cfg.resolvconfOptions - ++ optional cfg.dnsSingleRequest "single-request" - ++ optional cfg.dnsExtensionMechanism "edns0"; - localhostMapped4 = cfg.hosts ? "127.0.0.1" && elem "localhost" cfg.hosts."127.0.0.1"; localhostMapped6 = cfg.hosts ? "::1" && elem "localhost" cfg.hosts."::1"; @@ -64,48 +54,6 @@ in ''; }; - networking.dnsSingleRequest = lib.mkOption { - type = types.bool; - default = false; - description = '' - Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA) - address queries at the same time, from the same port. Sometimes upstream - routers will systemically drop the ipv4 queries. The symptom of this problem is - that 'getent hosts example.com' only returns ipv6 (or perhaps only ipv4) addresses. The - workaround for this is to specify the option 'single-request' in - /etc/resolv.conf. This option enables that. - ''; - }; - - networking.dnsExtensionMechanism = lib.mkOption { - type = types.bool; - default = true; - description = '' - Enable the <code>edns0</code> option in <filename>resolv.conf</filename>. With - that option set, <code>glibc</code> supports use of the extension mechanisms for - DNS (EDNS) specified in RFC 2671. The most popular user of that feature is DNSSEC, - which does not work without it. - ''; - }; - - networking.extraResolvconfConf = lib.mkOption { - type = types.lines; - default = ""; - example = "libc=NO"; - description = '' - Extra configuration to append to <filename>resolvconf.conf</filename>. - ''; - }; - - networking.resolvconfOptions = lib.mkOption { - type = types.listOf types.str; - default = []; - example = [ "ndots:1" "rotate" ]; - description = '' - Set the options in <filename>/etc/resolv.conf</filename>. - ''; - }; - networking.timeServers = mkOption { default = [ "0.nixos.pool.ntp.org" @@ -240,35 +188,6 @@ in # /etc/host.conf: resolver configuration file "host.conf".text = cfg.hostConf; - # /etc/resolvconf.conf: Configuration for openresolv. - "resolvconf.conf".text = - '' - # This is the default, but we must set it here to prevent - # a collision with an apparently unrelated environment - # variable with the same name exported by dhcpcd. - interface_order='lo lo[0-9]*' - '' + optionalString config.services.nscd.enable '' - # Invalidate the nscd cache whenever resolv.conf is - # regenerated. - libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null' - '' + optionalString (length resolvconfOptions > 0) '' - # Options as described in resolv.conf(5) - resolv_conf_options='${concatStringsSep " " resolvconfOptions}' - '' + optionalString hasLocalResolver '' - # This hosts runs a full-blown DNS resolver. - name_servers='127.0.0.1' - '' + optionalString dnsmasqResolve '' - dnsmasq_conf=/etc/dnsmasq-conf.conf - dnsmasq_resolv=/etc/dnsmasq-resolv.conf - '' + cfg.extraResolvconfConf + '' - ''; - - } // optionalAttrs config.services.resolved.enable { - # symlink the dynamic stub resolver of resolv.conf as recommended by upstream: - # https://www.freedesktop.org/software/systemd/man/systemd-resolved.html#/etc/resolv.conf - "resolv.conf".source = "/run/systemd/resolve/stub-resolv.conf"; - } // optionalAttrs (config.services.resolved.enable && dnsmasqResolve) { - "dnsmasq-resolv.conf".source = "/run/systemd/resolve/resolv.conf"; } // optionalAttrs (pkgs.stdenv.hostPlatform.libc == "glibc") { # /etc/rpc: RPC program numbers. "rpc".source = pkgs.glibc.out + "/etc/rpc"; @@ -295,29 +214,6 @@ in # Install the proxy environment variables environment.sessionVariables = cfg.proxy.envVars; - # This is needed when /etc/resolv.conf is being overriden by networkd - # and other configurations. If the file is destroyed by an environment - # activation then it must be rebuilt so that applications which interface - # with /etc/resolv.conf directly don't break. - system.activationScripts.resolvconf = stringAfter [ "etc" "specialfs" "var" ] - '' - # Systemd resolved controls its own resolv.conf - rm -f /run/resolvconf/interfaces/systemd - ${optionalString config.services.resolved.enable '' - rm -rf /run/resolvconf/interfaces - mkdir -p /run/resolvconf/interfaces - ln -s /run/systemd/resolve/resolv.conf /run/resolvconf/interfaces/systemd - ''} - - # Make sure resolv.conf is up to date if not managed manually, by systemd or - # by NetworkManager - ${optionalString (!config.environment.etc?"resolv.conf" && - (cfg.networkmanager.enable -> - cfg.networkmanager.rc-manager == "resolvconf")) '' - ${pkgs.openresolv}/bin/resolvconf -u - ''} - ''; - }; } diff --git a/nixpkgs/nixos/modules/config/no-x-libs.nix b/nixpkgs/nixos/modules/config/no-x-libs.nix index aad02a9ca4e3..74cf74d74181 100644 --- a/nixpkgs/nixos/modules/config/no-x-libs.nix +++ b/nixpkgs/nixos/modules/config/no-x-libs.nix @@ -34,7 +34,7 @@ with lib; networkmanager-openvpn = super.networkmanager-openvpn.override { withGnome = false; }; networkmanager-vpnc = super.networkmanager-vpnc.override { withGnome = false; }; networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; }; - pinentry = super.pinentry.override { gtk2 = null; gcr = null; qt = null; }; + pinentry = super.pinentry.override { gtk2 = null; gcr = null; qt4 = null; qt5 = null; }; gobject-introspection = super.gobject-introspection.override { x11Support = false; }; })); }; diff --git a/nixpkgs/nixos/modules/config/resolvconf.nix b/nixpkgs/nixos/modules/config/resolvconf.nix new file mode 100644 index 000000000000..406c6a7ac329 --- /dev/null +++ b/nixpkgs/nixos/modules/config/resolvconf.nix @@ -0,0 +1,149 @@ +# /etc files related to networking, such as /etc/services. + +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.networking.resolvconf; + + resolvconfOptions = cfg.extraOptions + ++ optional cfg.dnsSingleRequest "single-request" + ++ optional cfg.dnsExtensionMechanism "edns0"; + + configText = + '' + # This is the default, but we must set it here to prevent + # a collision with an apparently unrelated environment + # variable with the same name exported by dhcpcd. + interface_order='lo lo[0-9]*' + '' + optionalString config.services.nscd.enable '' + # Invalidate the nscd cache whenever resolv.conf is + # regenerated. + libc_restart='${pkgs.systemd}/bin/systemctl try-restart --no-block nscd.service 2> /dev/null' + '' + optionalString (length resolvconfOptions > 0) '' + # Options as described in resolv.conf(5) + resolv_conf_options='${concatStringsSep " " resolvconfOptions}' + '' + optionalString cfg.useLocalResolver '' + # This hosts runs a full-blown DNS resolver. + name_servers='127.0.0.1' + '' + cfg.extraConfig; + +in + +{ + + options = { + + networking.resolvconf = { + + enable = mkOption { + type = types.bool; + default = false; + internal = true; + description = '' + DNS configuration is managed by resolvconf. + ''; + }; + + useHostResolvConf = mkOption { + type = types.bool; + default = false; + description = '' + In containers, whether to use the + <filename>resolv.conf</filename> supplied by the host. + ''; + }; + + dnsSingleRequest = lib.mkOption { + type = types.bool; + default = false; + description = '' + Recent versions of glibc will issue both ipv4 (A) and ipv6 (AAAA) + address queries at the same time, from the same port. Sometimes upstream + routers will systemically drop the ipv4 queries. The symptom of this problem is + that 'getent hosts example.com' only returns ipv6 (or perhaps only ipv4) addresses. The + workaround for this is to specify the option 'single-request' in + /etc/resolv.conf. This option enables that. + ''; + }; + + dnsExtensionMechanism = mkOption { + type = types.bool; + default = true; + description = '' + Enable the <code>edns0</code> option in <filename>resolv.conf</filename>. With + that option set, <code>glibc</code> supports use of the extension mechanisms for + DNS (EDNS) specified in RFC 2671. The most popular user of that feature is DNSSEC, + which does not work without it. + ''; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + example = "libc=NO"; + description = '' + Extra configuration to append to <filename>resolvconf.conf</filename>. + ''; + }; + + extraOptions = mkOption { + type = types.listOf types.str; + default = []; + example = [ "ndots:1" "rotate" ]; + description = '' + Set the options in <filename>/etc/resolv.conf</filename>. + ''; + }; + + useLocalResolver = mkOption { + type = types.bool; + default = false; + description = '' + Use local DNS server for resolving. + ''; + }; + + }; + + }; + + config = mkMerge [ + { + networking.resolvconf.enable = !(config.environment.etc ? "resolv.conf"); + + environment.etc."resolvconf.conf".text = + if !cfg.enable then + # Force-stop any attempts to use resolvconf + '' + echo "resolvconf is disabled on this system but was used anyway:" >&2 + echo "$0 $*" >&2 + exit 1 + '' + else configText; + } + + (mkIf cfg.enable { + environment.systemPackages = [ pkgs.openresolv ]; + + systemd.services.resolvconf = { + description = "resolvconf update"; + + before = [ "network-pre.target" ]; + wants = [ "network-pre.target" ]; + wantedBy = [ "multi-user.target" ]; + restartTriggers = [ config.environment.etc."resolvconf.conf".source ]; + + serviceConfig = { + Type = "oneshot"; + ExecStart = "${pkgs.openresolv}/bin/resolvconf -u"; + RemainAfterExit = true; + }; + }; + + }) + ]; + +} diff --git a/nixpkgs/nixos/modules/config/xdg/portal.nix b/nixpkgs/nixos/modules/config/xdg/portal.nix new file mode 100644 index 000000000000..bdbbfda2bb42 --- /dev/null +++ b/nixpkgs/nixos/modules/config/xdg/portal.nix @@ -0,0 +1,58 @@ +{ config, pkgs ,lib ,... }: + +with lib; + +{ + options.xdg.portal = { + enable = + mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{ + default = false; + }; + + extraPortals = mkOption { + type = types.listOf types.package; + default = []; + description = '' + List of additional portals to add to path. Portals allow interaction + with system, like choosing files or taking screenshots. At minimum, + a desktop portal implementation should be listed. GNOME and KDE already + adds <package>xdg-desktop-portal-gtk</package>; and + <package>xdg-desktop-portal-kde</package> respectively. On other desktop + environments you probably want to add them yourself. + ''; + }; + + gtkUsePortal = mkOption { + type = types.bool; + default = false; + description = '' + Sets environment variable <literal>GTK_USE_PORTAL</literal> to <literal>1</literal>. + This is needed for packages ran outside Flatpak to respect and use XDG Desktop Portals. + For example, you'd need to set this for non-flatpak Firefox to use native filechoosers. + Defaults to <literal>false</literal> to respect its opt-in nature. + ''; + }; + }; + + config = + let + cfg = config.xdg.portal; + packages = [ pkgs.xdg-desktop-portal ] ++ cfg.extraPortals; + + in mkIf cfg.enable { + + assertions = [ + { assertion = (cfg.gtkUsePortal -> cfg.extraPortals != []); + message = "Setting xdg.portal.gtkUsePortal to true requires a portal implementation in xdg.portal.extraPortals such as xdg-desktop-portal-gtk or xdg-desktop-portal-kde."; + } + ]; + + services.dbus.packages = packages; + systemd.packages = packages; + + environment.variables = { + GTK_USE_PORTAL = mkIf cfg.gtkUsePortal "1"; + XDG_DESKTOP_PORTAL_PATH = map (p: "${p}/share/xdg-desktop-portal/portals") cfg.extraPortals; + }; + }; +} |