diff options
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/programs/sway-beta.nix | 33 | ||||
-rw-r--r-- | nixos/modules/services/mail/rspamd.nix | 79 | ||||
-rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/networking/consul.nix | 7 |
4 files changed, 114 insertions, 12 deletions
diff --git a/nixos/modules/programs/sway-beta.nix b/nixos/modules/programs/sway-beta.nix index 04f2e0662b86..e651ea4cca33 100644 --- a/nixos/modules/programs/sway-beta.nix +++ b/nixos/modules/programs/sway-beta.nix @@ -5,6 +5,15 @@ with lib; let cfg = config.programs.sway-beta; swayPackage = cfg.package; + + swayWrapped = pkgs.writeShellScriptBin "sway" '' + ${cfg.extraSessionCommands} + exec ${pkgs.dbus.dbus-launch} --exit-with-session ${swayPackage}/bin/sway + ''; + swayJoined = pkgs.symlinkJoin { + name = "sway-joined"; + paths = [ swayWrapped swayPackage ]; + }; in { options.programs.sway-beta = { enable = mkEnableOption '' @@ -20,13 +29,30 @@ in { ''; }; + extraSessionCommands = mkOption { + type = types.lines; + default = ""; + example = '' + export SDL_VIDEODRIVER=wayland + # needs qt5.qtwayland in systemPackages + export QT_QPA_PLATFORM=wayland + export QT_WAYLAND_DISABLE_WINDOWDECORATION="1" + # Fix for some Java AWT applications (e.g. Android Studio), + # use this if they aren't displayed properly: + export _JAVA_AWT_WM_NONREPARENTING=1 + ''; + description = '' + Shell commands executed just before Sway is started. + ''; + }; + extraPackages = mkOption { type = with types; listOf package; default = with pkgs; [ - xwayland dmenu + xwayland rxvt_unicode dmenu ]; defaultText = literalExample '' - with pkgs; [ xwayland dmenu ]; + with pkgs; [ xwayland rxvt_unicode dmenu ]; ''; example = literalExample '' with pkgs; [ @@ -42,7 +68,7 @@ in { }; config = mkIf cfg.enable { - environment.systemPackages = [ swayPackage ] ++ cfg.extraPackages; + environment.systemPackages = [ swayJoined ] ++ cfg.extraPackages; security.pam.services.swaylock = {}; hardware.opengl.enable = mkDefault true; fonts.enableDefaultFonts = mkDefault true; @@ -51,4 +77,3 @@ in { meta.maintainers = with lib.maintainers; [ gnidorah primeos colemickens ]; } - diff --git a/nixos/modules/services/mail/rspamd.nix b/nixos/modules/services/mail/rspamd.nix index ff01a5dee53d..d83d6f1f750c 100644 --- a/nixos/modules/services/mail/rspamd.nix +++ b/nixos/modules/services/mail/rspamd.nix @@ -127,11 +127,15 @@ let options { pidfile = "$RUNDIR/rspamd.pid"; .include "$CONFDIR/options.inc" + .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/options.inc" + .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/options.inc" } logging { type = "syslog"; .include "$CONFDIR/logging.inc" + .include(try=true; priority=1,duplicate=merge) "$LOCAL_CONFDIR/local.d/logging.inc" + .include(try=true; priority=10) "$LOCAL_CONFDIR/override.d/logging.inc" } ${concatStringsSep "\n" (mapAttrsToList (name: value: '' @@ -149,6 +153,41 @@ let ${cfg.extraConfig} ''; + rspamdDir = pkgs.linkFarm "etc-rspamd-dir" ( + (mapAttrsToList (name: file: { name = "local.d/${name}"; path = file.source; }) cfg.locals) ++ + (mapAttrsToList (name: file: { name = "override.d/${name}"; path = file.source; }) cfg.overrides) ++ + (optional (cfg.localLuaRules != null) { name = "rspamd.local.lua"; path = cfg.localLuaRules; }) ++ + [ { name = "rspamd.conf"; path = rspamdConfFile; } ] + ); + + configFileModule = prefix: { name, config, ... }: { + options = { + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether this file ${prefix} should be generated. This + option allows specific ${prefix} files to be disabled. + ''; + }; + + text = mkOption { + default = null; + type = types.nullOr types.lines; + description = "Text of the file."; + }; + + source = mkOption { + type = types.path; + description = "Path of the source file."; + }; + }; + config = { + source = mkIf (config.text != null) ( + let name' = "rspamd-${prefix}-" + baseNameOf name; + in mkDefault (pkgs.writeText name' config.text)); + }; + }; in { @@ -167,6 +206,41 @@ in description = "Whether to run the rspamd daemon in debug mode."; }; + locals = mkOption { + type = with types; loaOf (submodule (configFileModule "locals")); + default = {}; + description = '' + Local configuration files, written into <filename>/etc/rspamd/local.d/{name}</filename>. + ''; + example = literalExample '' + { "redis.conf".source = "/nix/store/.../etc/dir/redis.conf"; + "arc.conf".text = "allow_envfrom_empty = true;"; + } + ''; + }; + + overrides = mkOption { + type = with types; loaOf (submodule (configFileModule "overrides")); + default = {}; + description = '' + Overridden configuration files, written into <filename>/etc/rspamd/override.d/{name}</filename>. + ''; + example = literalExample '' + { "redis.conf".source = "/nix/store/.../etc/dir/redis.conf"; + "arc.conf".text = "allow_envfrom_empty = true;"; + } + ''; + }; + + localLuaRules = mkOption { + default = null; + type = types.nullOr types.path; + description = '' + Path of file to link to <filename>/etc/rspamd/rspamd.local.lua</filename> for local + rules written in Lua + ''; + }; + workers = mkOption { type = with types; attrsOf (submodule workerOpts); description = '' @@ -242,16 +316,17 @@ in gid = config.ids.gids.rspamd; }; - environment.etc."rspamd.conf".source = rspamdConfFile; + environment.etc."rspamd".source = rspamdDir; systemd.services.rspamd = { description = "Rspamd Service"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; + restartTriggers = [ rspamdDir ]; serviceConfig = { - ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -c ${rspamdConfFile} -f"; + ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -c /etc/rspamd/rspamd.conf -f"; Restart = "always"; RuntimeDirectory = "rspamd"; PrivateTmp = true; diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index ce1cb6ad37f2..aa72cda70453 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -552,10 +552,9 @@ in { gnupg ]; preStart = '' - ${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/config/gitlab_shell_secret - cp -rf ${cfg.packages.gitlab}/share/gitlab/db/* ${cfg.statePath}/db - cp -rf ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config + rm -rf ${cfg.statePath}/config + mkdir ${cfg.statePath}/config if [ -e ${cfg.statePath}/lib ]; then rm ${cfg.statePath}/lib fi @@ -569,6 +568,8 @@ in { ln -sf ${smtpSettings} ${cfg.statePath}/config/initializers/smtp_settings.rb ''} cp ${cfg.packages.gitlab}/share/gitlab/VERSION ${cfg.statePath}/VERSION + cp -rf ${cfg.packages.gitlab}/share/gitlab/config.dist/* ${cfg.statePath}/config + ${pkgs.openssl}/bin/openssl rand -hex 32 > ${cfg.statePath}/config/gitlab_shell_secret # JSON is a subset of YAML ln -sf ${pkgs.writeText "gitlab.yml" (builtins.toJSON gitlabConfig)} ${cfg.statePath}/config/gitlab.yml diff --git a/nixos/modules/services/networking/consul.nix b/nixos/modules/services/networking/consul.nix index ab3f81037681..0e90fed788b9 100644 --- a/nixos/modules/services/networking/consul.nix +++ b/nixos/modules/services/networking/consul.nix @@ -6,9 +6,10 @@ let dataDir = "/var/lib/consul"; cfg = config.services.consul; - configOptions = { data_dir = dataDir; } // - (if cfg.webUi then { ui_dir = "${cfg.package.ui}"; } else { }) // - cfg.extraConfig; + configOptions = { + data_dir = dataDir; + ui = cfg.webUi; + } // cfg.extraConfig; configFiles = [ "/etc/consul.json" "/etc/consul-addrs.json" ] ++ cfg.extraConfigFiles; |