diff options
Diffstat (limited to 'nixos/modules/services')
11 files changed, 172 insertions, 127 deletions
diff --git a/nixos/modules/services/databases/memcached.nix b/nixos/modules/services/databases/memcached.nix index 84d2c8674f4e..d1dfdb41bf40 100644 --- a/nixos/modules/services/databases/memcached.nix +++ b/nixos/modules/services/databases/memcached.nix @@ -67,6 +67,7 @@ in users.users = optional (cfg.user == "memcached") { name = "memcached"; description = "Memcached server user"; + isSystemUser = true; }; environment.systemPackages = [ memcached ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix b/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix index 7f7adcf26acf..2f83fd653bde 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix +++ b/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix @@ -12,6 +12,12 @@ in { + imports = [ + (mkRemovedOptionModule + ["services" "gnome3" "gnome-settings-daemon" "package"] + "") + ]; + ###### interface options = { @@ -20,13 +26,6 @@ in enable = mkEnableOption "GNOME Settings Daemon"; - # There are many forks of gnome-settings-daemon - package = mkOption { - type = types.package; - default = pkgs.gnome3.gnome-settings-daemon; - description = "Which gnome-settings-daemon package to use."; - }; - }; }; @@ -36,9 +35,39 @@ in config = mkIf cfg.enable { - environment.systemPackages = [ cfg.package ]; - - services.udev.packages = [ cfg.package ]; + environment.systemPackages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + services.udev.packages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + systemd.packages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + systemd.user.targets."gnome-session-initialized".wants = [ + "gsd-color.target" + "gsd-datetime.target" + "gsd-keyboard.target" + "gsd-media-keys.target" + "gsd-print-notifications.target" + "gsd-rfkill.target" + "gsd-screensaver-proxy.target" + "gsd-sharing.target" + "gsd-smartcard.target" + "gsd-sound.target" + "gsd-wacom.target" + "gsd-wwan.target" + "gsd-a11y-settings.target" + "gsd-housekeeping.target" + "gsd-power.target" + ]; + + systemd.user.targets."gnome-session-x11-services".wants = [ + "gsd-xsettings.target" + ]; }; diff --git a/nixos/modules/services/monitoring/thanos.nix b/nixos/modules/services/monitoring/thanos.nix index 215cd43fd864..52dab28cf72f 100644 --- a/nixos/modules/services/monitoring/thanos.nix +++ b/nixos/modules/services/monitoring/thanos.nix @@ -126,6 +126,8 @@ let ''; description = '' Path to YAML file that contains tracing configuration. + + See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/> ''; }; }; @@ -141,6 +143,8 @@ let <option>tracing.config-file</option> will default to its path. If <option>tracing.config-file</option> is set this option has no effect. + + See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/> ''; }; }; @@ -187,6 +191,8 @@ let ''; description = '' Path to YAML file that contains object store configuration. + + See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/> ''; }; }; @@ -202,6 +208,8 @@ let <option>objstore.config-file</option> will default to its path. If <option>objstore.config-file</option> is set this option has no effect. + + See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/> ''; }; }; @@ -276,6 +284,24 @@ let block-sync-concurrency = mkParamDef types.int 20 '' Number of goroutines to use when syncing blocks from object storage. ''; + + min-time = mkParamDef types.str "0000-01-01T00:00:00Z" '' + Start of time range limit to serve. + + Thanos Store serves only metrics, which happened later than this + value. Option can be a constant time in RFC3339 format or time duration + relative to current time, such as -1d or 2h45m. Valid duration units are + ms, s, m, h, d, w, y. + ''; + + max-time = mkParamDef types.str "9999-12-31T23:59:59Z" '' + End of time range limit to serve. + + Thanos Store serves only blocks, which happened eariler than this + value. Option can be a constant time in RFC3339 format or time duration + relative to current time, such as -1d or 2h45m. Valid duration units are + ms, s, m, h, d, w, y. + ''; }; query = params.common cfg.query // { @@ -560,6 +586,14 @@ let ''; }; + downsampling.disable = mkFlagParam '' + Disables downsampling. + + This is not recommended as querying long time ranges without + non-downsampled data is not efficient and useful e.g it is not possible + to render all samples for a human eye anyway + ''; + block-sync-concurrency = mkParamDef types.int 20 '' Number of goroutines to use when syncing block metadata from object storage. ''; diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index fef3a7de48a7..3f1d0727d9bc 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -5,11 +5,25 @@ with lib; let cfg = config.networking.networkmanager; + basePackages = with pkgs; [ + crda + modemmanager + networkmanager + networkmanager-fortisslvpn + networkmanager-iodine + networkmanager-l2tp + networkmanager-openconnect + networkmanager-openvpn + networkmanager-vpnc + ] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant; + dynamicHostsEnabled = cfg.dynamicHosts.enable && cfg.dynamicHosts.hostsDirs != {}; delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != []; + enableIwd = cfg.wifi.backend == "iwd"; + # /var/lib/misc is for dnsmasq.leases. stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc"; @@ -38,6 +52,7 @@ let [device] wifi.scan-rand-mac-address=${if cfg.wifi.scanRandMacAddress then "yes" else "no"} + wifi.backend=${cfg.wifi.backend} ${cfg.extraConfig} ''; @@ -176,25 +191,13 @@ in { ''; }; - # Ugly hack for using the correct gnome3 packageSet - basePackages = mkOption { - type = types.attrsOf types.package; - default = { inherit (pkgs) - networkmanager modemmanager crda - networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-l2tp networkmanager-iodine; } - // optionalAttrs (!delegateWireless) { inherit (pkgs) wpa_supplicant; }; - internal = true; - }; - packages = mkOption { - type = types.listOf types.path; + type = types.listOf types.package; default = [ ]; description = '' Extra packages that provide NetworkManager plugins. ''; - apply = list: (attrValues cfg.basePackages) ++ list; + apply = list: basePackages ++ list; }; dhcp = mkOption { @@ -236,6 +239,15 @@ in { wifi = { macAddress = macAddressOpt; + backend = mkOption { + type = types.enum [ "wpa_supplicant" "iwd" ]; + default = "wpa_supplicant"; + description = '' + Specify the Wi-Fi backend used for the device. + Currently supported are <option>wpa_supplicant</option> or <option>iwd</option> (experimental). + ''; + }; + powersave = mkOption { type = types.nullOr types.bool; default = null; @@ -390,12 +402,12 @@ in { { assertion = !dynamicHostsEnabled || (dynamicHostsEnabled && cfg.dns == "dnsmasq"); message = '' To use networking.networkmanager.dynamicHosts you also need to set - networking.networkmanager.dns = "dnsmasq" + `networking.networkmanager.dns = "dnsmasq"` ''; } ]; - environment.etc = with cfg.basePackages; [ + environment.etc = with pkgs; [ { source = configFile; target = "NetworkManager/NetworkManager.conf"; } @@ -510,6 +522,8 @@ in { wireless.enable = mkDefault false; }) // (mkIf cfg.enableStrongSwan { networkmanager.packages = [ pkgs.networkmanager_strongswan ]; + }) // (mkIf enableIwd { + wireless.iwd.enable = true; }); security.polkit.extraConfig = polkitConf; diff --git a/nixos/modules/services/networking/zeronet.nix b/nixos/modules/services/networking/zeronet.nix index f4988a902685..f354a9d42c79 100644 --- a/nixos/modules/services/networking/zeronet.nix +++ b/nixos/modules/services/networking/zeronet.nix @@ -1,44 +1,39 @@ { config, lib, pkgs, ... }: let + inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types; cfg = config.services.zeronet; - - zConfFile = pkgs.writeTextFile { - name = "zeronet.conf"; - - text = '' - [global] - data_dir = ${cfg.dataDir} - log_dir = ${cfg.logDir} - '' + lib.optionalString (cfg.port != null) '' - ui_port = ${toString cfg.port} - '' + lib.optionalString (cfg.fileserverPort != null) '' - fileserver_port = ${toString cfg.fileserverPort} - '' + lib.optionalString (cfg.torAlways) '' - tor = always - '' + cfg.extraConfig; + dataDir = "/var/lib/zeronet"; + configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings)); + + defaultSettings = { + global = { + data_dir = dataDir; + log_dir = dataDir; + ui_port = cfg.port; + fileserver_port = cfg.fileserverPort; + tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable"; + }; }; in with lib; { options.services.zeronet = { enable = mkEnableOption "zeronet"; - dataDir = mkOption { - type = types.path; - default = "/var/lib/zeronet"; - example = "/home/okina/zeronet"; - description = "Path to the zeronet data directory."; - }; + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); + default = {}; + example = literalExample "global.tor = enable;"; - logDir = mkOption { - type = types.path; - default = "/var/log/zeronet"; - example = "/home/okina/zeronet/log"; - description = "Path to the zeronet log directory."; + description = '' + <filename>zeronet.conf</filename> configuration. Refer to + <link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/> + for details on supported values; + ''; }; port = mkOption { - type = types.nullOr types.int; - default = null; + type = types.int; + default = 43110; example = 43110; description = "Optional zeronet web UI port."; }; @@ -63,22 +58,13 @@ in with lib; { default = false; description = "Use TOR for all zeronet traffic."; }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - - description = '' - Extra configuration. Contents will be added verbatim to the - configuration file at the end. - ''; - }; }; config = mkIf cfg.enable { services.tor = mkIf cfg.tor { enable = true; controlPort = 9051; + extraConfig = '' CacheDirectoryGroupReadable 1 CookieAuthentication 1 @@ -86,37 +72,25 @@ in with lib; { ''; }; - systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}' 750 zeronet zeronet - -" - "d '${cfg.logDir}' 750 zeronet zeronet - -" - ]; - systemd.services.zeronet = { description = "zeronet"; after = [ "network.target" (optionalString cfg.tor "tor.service") ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - PrivateTmp = "yes"; User = "zeronet"; - Group = "zeronet"; - ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}"; - }; - }; - - users = { - groups.zeronet.gid = config.ids.gids.zeronet; - - users.zeronet = { - description = "zeronet service user"; - home = cfg.dataDir; - createHome = true; - group = "zeronet"; - extraGroups = mkIf cfg.tor [ "tor" ]; - uid = config.ids.uids.zeronet; + DynamicUser = true; + StateDirectory = "zeronet"; + SupplementaryGroups = mkIf cfg.tor [ "tor" ]; + ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}"; }; }; }; + imports = [ + (mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet") + (mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet") + ]; + meta.maintainers = with maintainers; [ chiiruno ]; } diff --git a/nixos/modules/services/web-apps/documize.nix b/nixos/modules/services/web-apps/documize.nix index 37359869cb64..1b90299aa23c 100644 --- a/nixos/modules/services/web-apps/documize.nix +++ b/nixos/modules/services/web-apps/documize.nix @@ -14,6 +14,15 @@ in { options.services.documize = { enable = mkEnableOption "Documize Wiki"; + stateDirectoryName = mkOption { + type = types.str; + default = "documize"; + description = '' + The name of the directory below <filename>/var/lib/private</filename> + where documize runs in and stores, for example, backups. + ''; + }; + package = mkOption { type = types.package; default = pkgs.documize-community; @@ -132,6 +141,8 @@ in { ]; Restart = "always"; DynamicUser = "yes"; + StateDirectory = cfg.stateDirectoryName; + WorkingDirectory = "/var/lib/${cfg.stateDirectoryName}"; }; }; }; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 304554e36840..20385c884b5e 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -28,6 +28,8 @@ let (pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n") (defaultPackages ++ cfg.extraGSettingsOverridePackages)} + cp -f ${pkgs.gnome3.gnome-shell}/share/gsettings-schemas/*/glib-2.0/schemas/*.gschema.override $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas + chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF [org.gnome.desktop.background] @@ -209,14 +211,6 @@ in networking.networkmanager.enable = mkDefault true; - # Use the correct gnome3 packageSet - networking.networkmanager.basePackages = { - inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; - }; - services.xserver.updateDbusEnvironment = true; # Needed for themes and backgrounds @@ -238,22 +232,7 @@ in services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true)); services.telepathy.enable = mkDefault true; - systemd.packages = with pkgs.gnome3; [ vino gnome-session gnome-settings-daemon ]; - - # gnome-settings-daemon.nix is shared between several desktop - # environments (eg. mate and pantheon) so specify these gnome-shell specific - # service dependencies here instead. - systemd.user.targets."gnome-session-initialized".wants = [ - "gsd-a11y-settings.target" "gsd-housekeeping.target" "gsd-power.target" - "gsd-color.target" "gsd-keyboard.target" "gsd-print-notifications.target" - "gsd-datetime.target" "gsd-media-keys.target" "gsd-rfkill.target" - "gsd-screensaver-proxy.target" "gsd-sound.target" "gsd-smartcard.target" - "gsd-sharing.target" "gsd-wacom.target" "gsd-wwan.target" - ]; - - systemd.user.targets."gnome-session-x11-services".wants = [ - "gsd-xsettings.target" - ]; + systemd.packages = with pkgs.gnome3; [ vino gnome-session ]; services.avahi.enable = mkDefault true; diff --git a/nixos/modules/services/x11/desktop-managers/mate.nix b/nixos/modules/services/x11/desktop-managers/mate.nix index 4563583e0704..fe63f36cf96a 100644 --- a/nixos/modules/services/x11/desktop-managers/mate.nix +++ b/nixos/modules/services/x11/desktop-managers/mate.nix @@ -85,6 +85,7 @@ in pkgs.gtk3.out pkgs.shared-mime-info pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/ + pkgs.mate.mate-settings-daemon ]; programs.dconf.enable = true; @@ -98,7 +99,7 @@ in services.gnome3.at-spi2-core.enable = true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-settings-daemon.enable = true; - services.gnome3.gnome-settings-daemon.package = pkgs.mate.mate-settings-daemon; + services.udev.packages = [ pkgs.mate.mate-settings-daemon ]; services.gvfs.enable = true; services.upower.enable = config.powerManagement.enable; diff --git a/nixos/modules/services/x11/desktop-managers/pantheon.nix b/nixos/modules/services/x11/desktop-managers/pantheon.nix index d80ea9a53e80..80dab135ee26 100644 --- a/nixos/modules/services/x11/desktop-managers/pantheon.nix +++ b/nixos/modules/services/x11/desktop-managers/pantheon.nix @@ -109,8 +109,9 @@ in services.pantheon.files.enable = mkDefault true; services.tumbler.enable = mkDefault true; services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true)); - services.dbus.packages = [ - pkgs.pantheon.switchboard-plug-power + services.dbus.packages = with pkgs.pantheon; [ + switchboard-plug-power + elementary-default-settings ]; services.pantheon.contractor.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; @@ -119,7 +120,7 @@ in # TODO: gnome-keyring's xdg autostarts will still be in the environment (from elementary-session-settings) if disabled forcefully services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-settings-daemon.enable = true; - services.gnome3.gnome-settings-daemon.package = pkgs.pantheon.elementary-settings-daemon; + services.udev.packages = [ pkgs.pantheon.elementary-settings-daemon ]; services.gvfs.enable = true; services.gnome3.rygel.enable = mkDefault true; services.gsignond.enable = mkDefault true; @@ -154,11 +155,6 @@ in qt5.style = "adwaita"; networking.networkmanager.enable = mkDefault true; - networking.networkmanager.basePackages = - { inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; }; # Override GSettings schemas environment.sessionVariables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas"; diff --git a/nixos/modules/services/x11/desktop-managers/xfce4-14.nix b/nixos/modules/services/x11/desktop-managers/xfce4-14.nix index 130e865a1fb4..ffc99172e795 100644 --- a/nixos/modules/services/x11/desktop-managers/xfce4-14.nix +++ b/nixos/modules/services/x11/desktop-managers/xfce4-14.nix @@ -91,7 +91,11 @@ in ++ optional config.powerManagement.enable xfce4-power-manager ++ optionals config.hardware.pulseaudio.enable [ pavucontrol - xfce4-pulseaudio-plugin + # volume up/down keys support: + # xfce4-pulseaudio-plugin includes all the functionalities of xfce4-volumed-pulse + # but can only be used with xfce4-panel, so for no-desktop usage we still include + # xfce4-volumed-pulse + (if cfg.noDesktop then xfce4-volumed-pulse else xfce4-pulseaudio-plugin) ] ++ optionals cfg.enableXfwm [ xfwm4 xfwm4-themes @@ -108,14 +112,6 @@ in "/share/gtksourceview-4.0" ]; - # Use the correct gnome3 packageSet - networking.networkmanager.basePackages = mkIf config.networking.networkmanager.enable { - inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; - }; - services.xserver.desktopManager.session = [{ name = "xfce4-14"; bgSupport = true; diff --git a/nixos/modules/services/x11/display-managers/gdm.nix b/nixos/modules/services/x11/display-managers/gdm.nix index 9f76bba99808..3b4723ce9fe3 100644 --- a/nixos/modules/services/x11/display-managers/gdm.nix +++ b/nixos/modules/services/x11/display-managers/gdm.nix @@ -152,6 +152,7 @@ in chown -R gdm:gdm /run/gdm/.config '' + optionalString config.services.gnome3.gnome-initial-setup.enable '' # Create stamp file for gnome-initial-setup to prevent run. + mkdir -p /run/gdm/.config cat - > /run/gdm/.config/gnome-initial-setup-done <<- EOF yes EOF @@ -165,9 +166,15 @@ in "systemd-machined.service" "systemd-user-sessions.service" "getty@tty1.service" + "plymouth-quit.service" + "plymouth-start.service" ]; systemd.services.display-manager.conflicts = [ "getty@tty1.service" + "plymouth-quit.service" + ]; + systemd.services.display-manager.onFailure = [ + "plymouth-quit.service" ]; systemd.services.display-manager.serviceConfig = { @@ -177,6 +184,9 @@ in BusName = "org.gnome.DisplayManager"; StandardOutput = "syslog"; StandardError = "inherit"; + ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID"; + KeyringMode = "shared"; + EnvironmentFile = "-/etc/locale.conf"; }; systemd.services.display-manager.path = [ pkgs.gnome3.gnome-session ]; |