diff options
Diffstat (limited to 'nixos/modules/services')
-rw-r--r-- | nixos/modules/services/desktops/bamf.nix | 23 | ||||
-rw-r--r-- | nixos/modules/services/hardware/udisks2.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/logging/journalwatch.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/ssh/sshd.nix | 16 | ||||
-rw-r--r-- | nixos/modules/services/networking/znc.nix | 11 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/matomo.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/web-apps/nexus.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/web-servers/apache-httpd/default.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/x11/desktop-managers/plasma5.nix | 5 | ||||
-rw-r--r-- | nixos/modules/services/x11/desktop-managers/xfce.nix | 8 |
10 files changed, 61 insertions, 21 deletions
diff --git a/nixos/modules/services/desktops/bamf.nix b/nixos/modules/services/desktops/bamf.nix new file mode 100644 index 000000000000..0928ee81a648 --- /dev/null +++ b/nixos/modules/services/desktops/bamf.nix @@ -0,0 +1,23 @@ +# Bamf + +{ config, lib, pkgs, ... }: + +with lib; + +{ + ###### interface + + options = { + services.bamf = { + enable = mkEnableOption "bamf"; + }; + }; + + ###### implementation + + config = mkIf config.services.bamf.enable { + services.dbus.packages = [ pkgs.bamf ]; + + systemd.packages = [ pkgs.bamf ]; + }; +} diff --git a/nixos/modules/services/hardware/udisks2.nix b/nixos/modules/services/hardware/udisks2.nix index ad5dc8e8a49b..ed8703be921c 100644 --- a/nixos/modules/services/hardware/udisks2.nix +++ b/nixos/modules/services/hardware/udisks2.nix @@ -40,15 +40,8 @@ with lib; ''; services.udev.packages = [ pkgs.udisks2 ]; - - systemd.services.udisks2 = { - description = "Udisks2 service"; - serviceConfig = { - Type = "dbus"; - BusName = "org.freedesktop.UDisks2"; - ExecStart = "${pkgs.udisks2}/libexec/udisks2/udisksd --no-debug"; - }; - }; + + systemd.packages = [ pkgs.udisks2 ]; }; } diff --git a/nixos/modules/services/logging/journalwatch.nix b/nixos/modules/services/logging/journalwatch.nix index adabc6459148..2c9bc18c8c3c 100644 --- a/nixos/modules/services/logging/journalwatch.nix +++ b/nixos/modules/services/logging/journalwatch.nix @@ -241,6 +241,6 @@ in { }; meta = { - maintainers = with stdenv.lib.maintainers; [ florianjacob ]; + maintainers = with lib.maintainers; [ florianjacob ]; }; } diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 8b04fac089ef..7b2d1920f0f1 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -198,6 +198,10 @@ in [ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; } { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; } ]; + example = + [ { type = "rsa"; bits = 4096; path = "/etc/ssh/ssh_host_rsa_key"; rounds = 100; openSSHFormat = true; } + { type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; rounds = 100; comment = "key comment"; } + ]; description = '' NixOS can automatically generate SSH host keys. This option specifies the path, type and size of each key. See @@ -358,7 +362,14 @@ in ${flip concatMapStrings cfg.hostKeys (k: '' if ! [ -f "${k.path}" ]; then - ssh-keygen -t "${k.type}" ${if k ? bits then "-b ${toString k.bits}" else ""} -f "${k.path}" -N "" + ssh-keygen \ + -t "${k.type}" \ + ${if k ? bits then "-b ${toString k.bits}" else ""} \ + ${if k ? rounds then "-a ${toString k.rounds}" else ""} \ + ${if k ? comment then "-C '${k.comment}'" else ""} \ + ${if k ? openSSHFormat && k.openSSHFormat then "-o" else ""} \ + -f "${k.path}" \ + -N "" fi '')} ''; @@ -404,6 +415,9 @@ in unixAuth = cfg.passwordAuthentication; }; + # These values are merged with the ones defined externally, see: + # https://github.com/NixOS/nixpkgs/pull/10155 + # https://github.com/NixOS/nixpkgs/pull/41745 services.openssh.authorizedKeysFiles = [ ".ssh/authorized_keys" ".ssh/authorized_keys2" "/etc/ssh/authorized_keys.d/%u" ]; diff --git a/nixos/modules/services/networking/znc.nix b/nixos/modules/services/networking/znc.nix index 76e4899c85ee..6f477e3b1460 100644 --- a/nixos/modules/services/networking/znc.nix +++ b/nixos/modules/services/networking/znc.nix @@ -36,6 +36,7 @@ let IPv4 = true IPv6 = true SSL = ${boolToString confOpts.useSSL} + ${lib.optionalString (confOpts.uriPrefix != null) "URIPrefix = ${confOpts.uriPrefix}"} </Listener> <User ${confOpts.userName}> @@ -310,6 +311,16 @@ in ''; }; + uriPrefix = mkOption { + type = types.nullOr types.str; + default = null; + example = "/znc/"; + description = '' + An optional URI prefix for the ZNC web interface. Can be + used to make ZNC available behind a reverse proxy. + ''; + }; + extraZncConf = mkOption { default = ""; type = types.lines; diff --git a/nixos/modules/services/web-apps/matomo.nix b/nixos/modules/services/web-apps/matomo.nix index ed38eb9ce1e9..42affb06b51f 100644 --- a/nixos/modules/services/web-apps/matomo.nix +++ b/nixos/modules/services/web-apps/matomo.nix @@ -241,6 +241,6 @@ in { meta = { doc = ./matomo-doc.xml; - maintainers = with stdenv.lib.maintainers; [ florianjacob ]; + maintainers = with lib.maintainers; [ florianjacob ]; }; } diff --git a/nixos/modules/services/web-apps/nexus.nix b/nixos/modules/services/web-apps/nexus.nix index 30876889cf25..050f8757fa5f 100644 --- a/nixos/modules/services/web-apps/nexus.nix +++ b/nixos/modules/services/web-apps/nexus.nix @@ -130,5 +130,5 @@ in }; }; - meta.maintainers = with stdenv.lib.maintainers; [ ironpinguin ]; + meta.maintainers = with lib.maintainers; [ ironpinguin ]; } diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix index b71ff0531cc8..eb8ee9b5cf46 100644 --- a/nixos/modules/services/web-servers/apache-httpd/default.nix +++ b/nixos/modules/services/web-servers/apache-httpd/default.nix @@ -656,7 +656,7 @@ in message = "SSL is enabled for httpd, but sslServerCert and/or sslServerKey haven't been specified."; } ]; - warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port}";}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts); + warnings = map (cfg: ''apache-httpd's port option is deprecated. Use listen = [{/*ip = "*"; */ port = ${toString cfg.port};}]; instead'' ) (lib.filter (cfg: cfg.port != 0) allHosts); users.users = optionalAttrs (mainCfg.user == "wwwrun") (singleton { name = "wwwrun"; diff --git a/nixos/modules/services/x11/desktop-managers/plasma5.nix b/nixos/modules/services/x11/desktop-managers/plasma5.nix index 91d091d7d7e2..4b9e561d53c8 100644 --- a/nixos/modules/services/x11/desktop-managers/plasma5.nix +++ b/nixos/modules/services/x11/desktop-managers/plasma5.nix @@ -221,6 +221,11 @@ in security.pam.services.sddm.enableKwallet = true; security.pam.services.slim.enableKwallet = true; + # Update the start menu for each user that has `isNormalUser` set. + system.activationScripts.plasmaSetup = stringAfter [ "users" "groups" ] + (concatStringsSep "\n" + (mapAttrsToList (name: value: "${pkgs.su}/bin/su ${name} -c kbuildsycoca5") + (filterAttrs (n: v: v.isNormalUser) config.users.users))); }) ]; diff --git a/nixos/modules/services/x11/desktop-managers/xfce.nix b/nixos/modules/services/x11/desktop-managers/xfce.nix index 7dcc600d2664..ae155470419d 100644 --- a/nixos/modules/services/x11/desktop-managers/xfce.nix +++ b/nixos/modules/services/x11/desktop-managers/xfce.nix @@ -43,12 +43,6 @@ in default = true; description = "Enable the XFWM (default) window manager."; }; - - screenLock = mkOption { - type = types.enum [ "xscreensaver" "xlockmore" "slock" ]; - default = "xlockmore"; - description = "Application used by XFCE to lock the screen."; - }; }; }; @@ -92,7 +86,7 @@ in thunar-volman # TODO: drop ] ++ (if config.hardware.pulseaudio.enable then [ xfce4-mixer-pulse xfce4-volumed-pulse ] - else [ xfce4-mixer xfce4-volumed ]) + else [ xfce4-mixer xfce4-volumed ]) # TODO: NetworkManager doesn't belong here ++ optionals config.networking.networkmanager.enable [ networkmanagerapplet ] ++ optionals config.powerManagement.enable [ xfce4-power-manager ] |