diff options
| author | Alyssa Ross <hi@alyssa.is> | 2023-09-16 08:50:56 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2023-09-16 08:50:56 +0000 |
| commit | c51a27c0e7727fcd2be7d2d7d275f365ab1235be (patch) | |
| tree | c6f917179329e0cad02bf8b818569fe6e905ab13 /nixpkgs/nixos | |
| parent | 9d1daa60832979d5d361dfdac136fb9e5a1af2c5 (diff) | |
| parent | ace5093e36ab1e95cb9463863491bee90d5a4183 (diff) | |
| download | nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar.gz nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar.bz2 nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar.lz nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar.xz nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.tar.zst nixlib-c51a27c0e7727fcd2be7d2d7d275f365ab1235be.zip | |
Merge branch 'nixos-unstable' of https://github.com/NixOS/nixpkgs
Diffstat (limited to 'nixpkgs/nixos')
| -rw-r--r-- | nixpkgs/nixos/lib/make-btrfs-fs.nix | 65 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/hardware/video/nvidia.nix | 9 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/module-list.nix | 1 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/programs/hyprland.nix | 4 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/programs/yubikey-touch-detector.nix | 21 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/services/misc/cfdyndns.nix | 19 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/mobilizon.nix | 36 | ||||
| -rw-r--r-- | nixpkgs/nixos/modules/virtualisation/qemu-vm.nix | 2 | ||||
| -rw-r--r-- | nixpkgs/nixos/tests/anbox.nix | 4 | ||||
| -rw-r--r-- | nixpkgs/nixos/tests/discourse.nix | 2 |
10 files changed, 115 insertions, 48 deletions
diff --git a/nixpkgs/nixos/lib/make-btrfs-fs.nix b/nixpkgs/nixos/lib/make-btrfs-fs.nix new file mode 100644 index 000000000000..225666f9a50e --- /dev/null +++ b/nixpkgs/nixos/lib/make-btrfs-fs.nix @@ -0,0 +1,65 @@ +# Builds an btrfs image containing a populated /nix/store with the closure +# of store paths passed in the storePaths parameter, in addition to the +# contents of a directory that can be populated with commands. The +# generated image is sized to only fit its contents, with the expectation +# that a script resizes the filesystem at boot time. +{ pkgs +, lib +# List of derivations to be included +, storePaths +# Whether or not to compress the resulting image with zstd +, compressImage ? false, zstd +# Shell commands to populate the ./files directory. +# All files in that directory are copied to the root of the FS. +, populateImageCommands ? "" +, volumeLabel +, uuid ? "44444444-4444-4444-8888-888888888888" +, btrfs-progs +}: + +let + sdClosureInfo = pkgs.buildPackages.closureInfo { rootPaths = storePaths; }; +in +pkgs.stdenv.mkDerivation { + name = "btrfs-fs.img${lib.optionalString compressImage ".zst"}"; + + nativeBuildInputs = [ btrfs-progs ] ++ lib.optional compressImage zstd; + + buildCommand = + '' + ${if compressImage then "img=temp.img" else "img=$out"} + + set -x + ( + mkdir -p ./files + ${populateImageCommands} + ) + + mkdir -p ./rootImage/nix/store + + xargs -I % cp -a --reflink=auto % -t ./rootImage/nix/store/ < ${sdClosureInfo}/store-paths + ( + GLOBIGNORE=".:.." + shopt -u dotglob + + for f in ./files/*; do + cp -a --reflink=auto -t ./rootImage/ "$f" + done + ) + + cp ${sdClosureInfo}/registration ./rootImage/nix-path-registration + + touch $img + mkfs.btrfs -L ${volumeLabel} -U ${uuid} -r ./rootImage --shrink $img + + if ! btrfs check $img; then + echo "--- 'btrfs check' failed for BTRFS image ---" + return 1 + fi + + if [ ${builtins.toString compressImage} ]; then + echo "Compressing image" + zstd -v --no-progress ./$img -o $out + fi + ''; +} diff --git a/nixpkgs/nixos/modules/hardware/video/nvidia.nix b/nixpkgs/nixos/modules/hardware/video/nvidia.nix index 0b1238dd888a..a40713ac25c7 100644 --- a/nixpkgs/nixos/modules/hardware/video/nvidia.nix +++ b/nixpkgs/nixos/modules/hardware/video/nvidia.nix @@ -4,10 +4,9 @@ pkgs, ... }: let - x11Enabled = config.services.xserver.enable - && (lib.elem "nvidia" config.services.xserver.videoDrivers); + nvidiaEnabled = (lib.elem "nvidia" config.services.xserver.videoDrivers); nvidia_x11 = - if x11Enabled || cfg.datacenter.enable + if nvidiaEnabled || cfg.datacenter.enable then cfg.package else null; @@ -256,7 +255,7 @@ in { ({ assertions = [ { - assertion = !(x11Enabled && cfg.datacenter.enable); + assertion = !(nvidiaEnabled && cfg.datacenter.enable); message = "You cannot configure both X11 and Data Center drivers at the same time."; } ]; @@ -289,7 +288,7 @@ in { ]; }) # X11 - (lib.mkIf x11Enabled { + (lib.mkIf nvidiaEnabled { assertions = [ { assertion = primeEnabled -> pCfg.intelBusId == "" || pCfg.amdgpuBusId == ""; diff --git a/nixpkgs/nixos/modules/module-list.nix b/nixpkgs/nixos/modules/module-list.nix index 05b0415d8558..4a54ee3f4dd4 100644 --- a/nixpkgs/nixos/modules/module-list.nix +++ b/nixpkgs/nixos/modules/module-list.nix @@ -280,6 +280,7 @@ ./programs/xwayland.nix ./programs/yabar.nix ./programs/yazi.nix + ./programs/yubikey-touch-detector.nix ./programs/zmap.nix ./programs/zsh/oh-my-zsh.nix ./programs/zsh/zsh-autoenv.nix diff --git a/nixpkgs/nixos/modules/programs/hyprland.nix b/nixpkgs/nixos/modules/programs/hyprland.nix index e0ee5b6bd2a4..638dfb98e8ab 100644 --- a/nixpkgs/nixos/modules/programs/hyprland.nix +++ b/nixpkgs/nixos/modules/programs/hyprland.nix @@ -7,9 +7,7 @@ with lib; let cfg = config.programs.hyprland; finalPortalPackage = cfg.portalPackage.override { - hyprland-share-picker = pkgs.hyprland-share-picker.override { - hyprland = cfg.finalPackage; - }; + hyprland = cfg.finalPackage; }; in { diff --git a/nixpkgs/nixos/modules/programs/yubikey-touch-detector.nix b/nixpkgs/nixos/modules/programs/yubikey-touch-detector.nix new file mode 100644 index 000000000000..9a0d107f73c9 --- /dev/null +++ b/nixpkgs/nixos/modules/programs/yubikey-touch-detector.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: +let cfg = config.programs.yubikey-touch-detector; +in { + options = { + programs.yubikey-touch-detector = { + enable = lib.mkEnableOption "yubikey-touch-detector"; + }; + }; + + config = lib.mkIf cfg.enable { + systemd.packages = [ pkgs.yubikey-touch-detector ]; + + systemd.user.services.yubikey-touch-detector = { + path = [ pkgs.gnupg ]; + wantedBy = [ "graphical-session.target" ]; + }; + systemd.user.sockets.yubikey-touch-detector = { + wantedBy = [ "sockets.target" ]; + }; + }; +} diff --git a/nixpkgs/nixos/modules/services/misc/cfdyndns.nix b/nixpkgs/nixos/modules/services/misc/cfdyndns.nix index 5a02de2aad21..dba8ac200151 100644 --- a/nixpkgs/nixos/modules/services/misc/cfdyndns.nix +++ b/nixpkgs/nixos/modules/services/misc/cfdyndns.nix @@ -60,8 +60,8 @@ in startAt = "*:0/5"; serviceConfig = { Type = "simple"; - User = config.ids.uids.cfdyndns; - Group = config.ids.gids.cfdyndns; + LoadCredential = lib.optional (cfg.apiTokenFile != null) "CLOUDFLARE_APITOKEN_FILE:${cfg.apiTokenFile}"; + DynamicUser = true; }; environment = { CLOUDFLARE_RECORDS="${concatStringsSep "," cfg.records}"; @@ -72,23 +72,10 @@ in export CLOUDFLARE_EMAIL="${cfg.email}" ''} ${optionalString (cfg.apiTokenFile != null) '' - export CLOUDFLARE_APITOKEN="$(cat ${escapeShellArg cfg.apiTokenFile})" + export CLOUDFLARE_APITOKEN=$(${pkgs.systemd}/bin/systemd-creds cat CLOUDFLARE_APITOKEN_FILE) ''} ${pkgs.cfdyndns}/bin/cfdyndns ''; }; - - users.users = { - cfdyndns = { - group = "cfdyndns"; - uid = config.ids.uids.cfdyndns; - }; - }; - - users.groups = { - cfdyndns = { - gid = config.ids.gids.cfdyndns; - }; - }; }; } diff --git a/nixpkgs/nixos/modules/services/web-apps/mobilizon.nix b/nixpkgs/nixos/modules/services/web-apps/mobilizon.nix index 4e796e2bc80c..e9264a38f0e6 100644 --- a/nixpkgs/nixos/modules/services/web-apps/mobilizon.nix +++ b/nixpkgs/nixos/modules/services/web-apps/mobilizon.nix @@ -60,13 +60,13 @@ in options = { services.mobilizon = { enable = mkEnableOption - "Mobilizon federated organization and mobilization platform"; + (lib.mdDoc "Mobilizon federated organization and mobilization platform"); nginx.enable = lib.mkOption { type = lib.types.bool; default = true; - description = '' - Whether an <literal>nginx</literal> virtual host should be + description = lib.mdDoc '' + Whether an Nginx virtual host should be set up to serve Mobilizon. ''; }; @@ -87,10 +87,10 @@ in "Mobilizon.Web.Endpoint" = { url.host = mkOption { type = elixirTypes.str; - defaultText = literalExpression '' + defaultText = lib.literalMD '' ''${settings.":mobilizon".":instance".hostname} ''; - description = '' + description = lib.mdDoc '' Your instance's hostname for generating URLs throughout the app ''; }; @@ -99,14 +99,14 @@ in port = mkOption { type = elixirTypes.port; default = 4000; - description = '' + description = lib.mdDoc '' The port to run the server ''; }; ip = mkOption { type = elixirTypes.tuple; default = settingsFormat.lib.mkTuple [ 0 0 0 0 0 0 0 1 ]; - description = '' + description = lib.mdDoc '' The IP address to listen on. Defaults to [::1] notated as a byte tuple. ''; }; @@ -115,7 +115,7 @@ in has_reverse_proxy = mkOption { type = elixirTypes.bool; default = true; - description = '' + description = lib.mdDoc '' Whether you use a reverse proxy ''; }; @@ -124,14 +124,14 @@ in ":instance" = { name = mkOption { type = elixirTypes.str; - description = '' + description = lib.mdDoc '' The fallback instance name if not configured into the admin UI ''; }; hostname = mkOption { type = elixirTypes.str; - description = '' + description = lib.mdDoc '' Your instance's hostname ''; }; @@ -141,7 +141,7 @@ in defaultText = literalExpression '' noreply@''${settings.":mobilizon".":instance".hostname} ''; - description = '' + description = lib.mdDoc '' The email for the From: header in emails ''; }; @@ -151,7 +151,7 @@ in defaultText = literalExpression '' ''${email_from} ''; - description = '' + description = lib.mdDoc '' The email for the Reply-To: header in emails ''; }; @@ -161,7 +161,7 @@ in socket_dir = mkOption { type = types.nullOr elixirTypes.str; default = postgresqlSocketDir; - description = '' + description = lib.mdDoc '' Path to the postgres socket directory. Set this to null if you want to connect to a remote database. @@ -171,14 +171,14 @@ in If connecting to a remote database, please follow the instructions on how to setup your database: - <link xlink:href="https://docs.joinmobilizon.org/administration/install/release/#database-setup"/> + <https://docs.joinmobilizon.org/administration/install/release/#database-setup> ''; }; username = mkOption { type = types.nullOr elixirTypes.str; default = user; - description = '' + description = lib.mdDoc '' User used to connect to the database ''; }; @@ -186,7 +186,7 @@ in database = mkOption { type = types.nullOr elixirTypes.str; default = "mobilizon_prod"; - description = '' + description = lib.mdDoc '' Name of the database ''; }; @@ -196,9 +196,9 @@ in }; default = { }; - description = '' + description = lib.mdDoc '' Mobilizon Elixir documentation, see - <link xlink:href="https://docs.joinmobilizon.org/administration/configure/reference/"/> + <https://docs.joinmobilizon.org/administration/configure/reference/> for supported values. ''; }; diff --git a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix index d0a5ddd87ccf..74c3e1ecd03f 100644 --- a/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixpkgs/nixos/modules/virtualisation/qemu-vm.nix @@ -647,7 +647,7 @@ in import pkgs.path { system = "x86_64-darwin"; } ''; description = lib.mdDoc '' - pkgs set to use for the host-specific packages of the vm runner. + Package set to use for the host-specific packages of the VM runner. Changing this to e.g. a Darwin package set allows running NixOS VMs on Darwin. ''; }; diff --git a/nixpkgs/nixos/tests/anbox.nix b/nixpkgs/nixos/tests/anbox.nix index d78f63ec761f..dfd6c13d9318 100644 --- a/nixpkgs/nixos/tests/anbox.nix +++ b/nixpkgs/nixos/tests/anbox.nix @@ -16,10 +16,6 @@ virtualisation.anbox.enable = true; boot.kernelPackages = pkgs.linuxPackages_5_15; - - # The AArch64 anbox image will not start. - # Meanwhile the postmarketOS images work just fine. - virtualisation.anbox.image = pkgs.anbox.postmarketos-image; virtualisation.memorySize = 2500; }; diff --git a/nixpkgs/nixos/tests/discourse.nix b/nixpkgs/nixos/tests/discourse.nix index c79ba41c2eb9..3e69a314905c 100644 --- a/nixpkgs/nixos/tests/discourse.nix +++ b/nixpkgs/nixos/tests/discourse.nix @@ -166,7 +166,7 @@ import ./make-test-python.nix ( request = builtins.toJSON { title = "Private message"; raw = "This is a test message."; - target_usernames = admin.username; + target_recipients = admin.username; archetype = "private_message"; }; in '' |