diff options
author | Alyssa Ross <hi@alyssa.is> | 2023-10-22 08:39:18 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-10-22 08:39:18 +0000 |
commit | 403acf82248d3cdbc0beda0c5c373c1b46b9b636 (patch) | |
tree | e3913fd47e374b9525858fa1e61064fd1113e475 /nixpkgs/nixos/modules | |
parent | b5faee77a2dceb31545db209ebee1476acb71198 (diff) | |
parent | 8dfad603247387df1df4826b8bea58efc5d012d8 (diff) | |
download | nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar.gz nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar.bz2 nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar.lz nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar.xz nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.tar.zst nixlib-403acf82248d3cdbc0beda0c5c373c1b46b9b636.zip |
Merge commit '8dfad603247387df1df4826b8bea58efc5d012d8'
Diffstat (limited to 'nixpkgs/nixos/modules')
-rw-r--r-- | nixpkgs/nixos/modules/config/fanout.nix | 49 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/module-list.nix | 2 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/programs/firefox.nix | 10 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/cluster/hadoop/default.nix | 18 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/cluster/hadoop/yarn.nix | 2 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/misc/soft-serve.nix | 99 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/virtualisation/qemu-vm.nix | 1 |
7 files changed, 166 insertions, 15 deletions
diff --git a/nixpkgs/nixos/modules/config/fanout.nix b/nixpkgs/nixos/modules/config/fanout.nix new file mode 100644 index 000000000000..60ee145f19af --- /dev/null +++ b/nixpkgs/nixos/modules/config/fanout.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }: +let + cfg = config.services.fanout; + mknodCmds = n: lib.lists.imap0 (i: s: + "mknod /dev/fanout${builtins.toString i} c $MAJOR ${builtins.toString i}" + ) (lib.lists.replicate n ""); +in +{ + options.services.fanout = { + enable = lib.mkEnableOption (lib.mdDoc "fanout"); + fanoutDevices = lib.mkOption { + type = lib.types.int; + default = 1; + description = "Number of /dev/fanout devices"; + }; + bufferSize = lib.mkOption { + type = lib.types.int; + default = 16384; + description = "Size of /dev/fanout buffer in bytes"; + }; + }; + + config = lib.mkIf cfg.enable { + boot.extraModulePackages = [ config.boot.kernelPackages.fanout.out ]; + + boot.kernelModules = [ "fanout" ]; + + boot.extraModprobeConfig = '' + options fanout buffersize=${builtins.toString cfg.bufferSize} + ''; + + systemd.services.fanout = { + description = "Bring up /dev/fanout devices"; + script = '' + MAJOR=$(${pkgs.gnugrep}/bin/grep fanout /proc/devices | ${pkgs.gawk}/bin/awk '{print $1}') + ${lib.strings.concatLines (mknodCmds cfg.fanoutDevices)} + ''; + + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + Type = "oneshot"; + User = "root"; + RemainAfterExit = "yes"; + Restart = "no"; + }; + }; + }; +} diff --git a/nixpkgs/nixos/modules/module-list.nix b/nixpkgs/nixos/modules/module-list.nix index 5108b8c42a30..a9d6bf817d49 100644 --- a/nixpkgs/nixos/modules/module-list.nix +++ b/nixpkgs/nixos/modules/module-list.nix @@ -2,6 +2,7 @@ ./config/appstream.nix ./config/console.nix ./config/debug-info.nix + ./config/fanout.nix ./config/fonts/fontconfig.nix ./config/fonts/fontdir.nix ./config/fonts/ghostscript.nix @@ -731,6 +732,7 @@ ./services/misc/signald.nix ./services/misc/siproxd.nix ./services/misc/snapper.nix + ./services/misc/soft-serve.nix ./services/misc/sonarr.nix ./services/misc/sourcehut ./services/misc/spice-vdagentd.nix diff --git a/nixpkgs/nixos/modules/programs/firefox.nix b/nixpkgs/nixos/modules/programs/firefox.nix index 99236f01c537..813e0e0105f6 100644 --- a/nixpkgs/nixos/modules/programs/firefox.nix +++ b/nixpkgs/nixos/modules/programs/firefox.nix @@ -224,11 +224,11 @@ in extraPrefs = cfg.autoConfig; extraNativeMessagingHosts = old.extraNativeMessagingHosts or [] - ++ optional nmh.ff2mpv ff2mpv - ++ optional nmh.euwebid web-eid-app - ++ optional nmh.gsconnect gnomeExtensions.gsconnect - ++ optional nmh.jabref jabref - ++ optional nmh.passff passff-host; + ++ optional nmh.ff2mpv pkgs.ff2mpv + ++ optional nmh.euwebid pkgs.web-eid-app + ++ optional nmh.gsconnect pkgs.gnomeExtensions.gsconnect + ++ optional nmh.jabref pkgs.jabref + ++ optional nmh.passff pkgs.passff-host; cfg = let # copy-pasted from the wrapper; TODO: figure out fix applicationName = cfg.package.binaryName or (lib.getName cfg.package); diff --git a/nixpkgs/nixos/modules/services/cluster/hadoop/default.nix b/nixpkgs/nixos/modules/services/cluster/hadoop/default.nix index 72bf25c21146..ff6b4d5588b1 100644 --- a/nixpkgs/nixos/modules/services/cluster/hadoop/default.nix +++ b/nixpkgs/nixos/modules/services/cluster/hadoop/default.nix @@ -67,16 +67,16 @@ with lib; mapredSiteDefault = mkOption { default = { "mapreduce.framework.name" = "yarn"; - "yarn.app.mapreduce.am.env" = "HADOOP_MAPRED_HOME=${cfg.package}/lib/${cfg.package.untarDir}"; - "mapreduce.map.env" = "HADOOP_MAPRED_HOME=${cfg.package}/lib/${cfg.package.untarDir}"; - "mapreduce.reduce.env" = "HADOOP_MAPRED_HOME=${cfg.package}/lib/${cfg.package.untarDir}"; + "yarn.app.mapreduce.am.env" = "HADOOP_MAPRED_HOME=${cfg.package}"; + "mapreduce.map.env" = "HADOOP_MAPRED_HOME=${cfg.package}"; + "mapreduce.reduce.env" = "HADOOP_MAPRED_HOME=${cfg.package}"; }; defaultText = literalExpression '' { "mapreduce.framework.name" = "yarn"; - "yarn.app.mapreduce.am.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}/lib/''${config.${opt.package}.untarDir}"; - "mapreduce.map.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}/lib/''${config.${opt.package}.untarDir}"; - "mapreduce.reduce.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}/lib/''${config.${opt.package}.untarDir}"; + "yarn.app.mapreduce.am.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}"; + "mapreduce.map.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}"; + "mapreduce.reduce.env" = "HADOOP_MAPRED_HOME=''${config.${opt.package}}"; } ''; type = types.attrsOf types.anything; @@ -154,13 +154,13 @@ with lib; }; log4jProperties = mkOption { - default = "${cfg.package}/lib/${cfg.package.untarDir}/etc/hadoop/log4j.properties"; + default = "${cfg.package}/etc/hadoop/log4j.properties"; defaultText = literalExpression '' - "''${config.${opt.package}}/lib/''${config.${opt.package}.untarDir}/etc/hadoop/log4j.properties" + "''${config.${opt.package}}/etc/hadoop/log4j.properties" ''; type = types.path; example = literalExpression '' - "''${pkgs.hadoop}/lib/''${pkgs.hadoop.untarDir}/etc/hadoop/log4j.properties"; + "''${pkgs.hadoop}/etc/hadoop/log4j.properties"; ''; description = lib.mdDoc "log4j.properties file added to HADOOP_CONF_DIR"; }; diff --git a/nixpkgs/nixos/modules/services/cluster/hadoop/yarn.nix b/nixpkgs/nixos/modules/services/cluster/hadoop/yarn.nix index 26077f35fdd0..a49aafbd1dca 100644 --- a/nixpkgs/nixos/modules/services/cluster/hadoop/yarn.nix +++ b/nixpkgs/nixos/modules/services/cluster/hadoop/yarn.nix @@ -160,7 +160,7 @@ in umount /run/wrappers/yarn-nodemanager/cgroup/cpu || true rm -rf /run/wrappers/yarn-nodemanager/ || true mkdir -p /run/wrappers/yarn-nodemanager/{bin,etc/hadoop,cgroup/cpu} - cp ${cfg.package}/lib/${cfg.package.untarDir}/bin/container-executor /run/wrappers/yarn-nodemanager/bin/ + cp ${cfg.package}/bin/container-executor /run/wrappers/yarn-nodemanager/bin/ chgrp hadoop /run/wrappers/yarn-nodemanager/bin/container-executor chmod 6050 /run/wrappers/yarn-nodemanager/bin/container-executor cp ${hadoopConf}/container-executor.cfg /run/wrappers/yarn-nodemanager/etc/hadoop/ diff --git a/nixpkgs/nixos/modules/services/misc/soft-serve.nix b/nixpkgs/nixos/modules/services/misc/soft-serve.nix new file mode 100644 index 000000000000..0f246493880b --- /dev/null +++ b/nixpkgs/nixos/modules/services/misc/soft-serve.nix @@ -0,0 +1,99 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.soft-serve; + configFile = format.generate "config.yaml" cfg.settings; + format = pkgs.formats.yaml { }; + docUrl = "https://charm.sh/blog/self-hosted-soft-serve/"; + stateDir = "/var/lib/soft-serve"; +in +{ + options = { + services.soft-serve = { + enable = mkEnableOption "Enable soft-serve service"; + + package = mkPackageOption pkgs "soft-serve" { }; + + settings = mkOption { + type = format.type; + default = { }; + description = mdDoc '' + The contents of the configuration file. + + See <${docUrl}>. + ''; + example = literalExpression '' + { + name = "dadada's repos"; + log_format = "text"; + ssh = { + listen_addr = ":23231"; + public_url = "ssh://localhost:23231"; + max_timeout = 30; + idle_timeout = 120; + }; + stats.listen_addr = ":23233"; + } + ''; + }; + }; + }; + + config = mkIf cfg.enable { + + systemd.tmpfiles.rules = [ + # The config file has to be inside the state dir + "L+ ${stateDir}/config.yaml - - - - ${configFile}" + ]; + + systemd.services.soft-serve = { + description = "Soft Serve git server"; + documentation = [ docUrl ]; + requires = [ "network-online.target" ]; + after = [ "network-online.target" ]; + wantedBy = [ "multi-user.target" ]; + + environment.SOFT_SERVE_DATA_PATH = stateDir; + + serviceConfig = { + Type = "simple"; + DynamicUser = true; + Restart = "always"; + ExecStart = "${getExe cfg.package} serve"; + StateDirectory = "soft-serve"; + WorkingDirectory = stateDir; + RuntimeDirectory = "soft-serve"; + RuntimeDirectoryMode = "0750"; + ProcSubset = "pid"; + ProtectProc = "invisible"; + UMask = "0027"; + CapabilityBoundingSet = ""; + ProtectHome = true; + PrivateDevices = true; + PrivateUsers = true; + ProtectHostname = true; + ProtectClock = true; + ProtectKernelTunables = true; + ProtectKernelModules = true; + ProtectKernelLogs = true; + ProtectControlGroups = true; + RestrictAddressFamilies = [ "AF_UNIX" "AF_INET" "AF_INET6" ]; + RestrictNamespaces = true; + LockPersonality = true; + MemoryDenyWriteExecute = true; + RestrictRealtime = true; + RemoveIPC = true; + PrivateMounts = true; + SystemCallArchitectures = "native"; + SystemCallFilter = [ + "@system-service" + "~@cpu-emulation @debug @keyring @module @mount @obsolete @privileged @raw-io @reboot @setuid @swap" + ]; + }; + }; + }; + + meta.maintainers = [ maintainers.dadada ]; +} diff --git a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix index e0004df6f6b2..737a935711ae 100644 --- a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix @@ -267,6 +267,7 @@ let }; storeImage = import ../../lib/make-disk-image.nix { + name = "nix-store-image"; inherit pkgs config lib; additionalPaths = [ regInfo ]; format = "qcow2"; |