diff options
Diffstat (limited to 'nixos/modules')
13 files changed, 275 insertions, 72 deletions
diff --git a/nixos/modules/misc/nixpkgs.nix b/nixos/modules/misc/nixpkgs.nix index e0c192246c0c..afb74581e239 100644 --- a/nixos/modules/misc/nixpkgs.nix +++ b/nixos/modules/misc/nixpkgs.nix @@ -19,7 +19,7 @@ let lhs = optCall lhs_ { inherit pkgs; }; rhs = optCall rhs_ { inherit pkgs; }; in - lhs // rhs // + recursiveUpdate lhs rhs // optionalAttrs (lhs ? packageOverrides) { packageOverrides = pkgs: optCall lhs.packageOverrides pkgs // diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index df453aac9fef..c775345ba4c0 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -106,9 +106,14 @@ ./programs/digitalbitbox/default.nix ./programs/dmrconfig.nix ./programs/environment.nix + ./programs/evince.nix + ./programs/file-roller.nix ./programs/firejail.nix ./programs/fish.nix ./programs/freetds.nix + ./programs/gnome-disks.nix + ./programs/gnome-documents.nix + ./programs/gpaste.nix ./programs/gnupg.nix ./programs/gphoto2.nix ./programs/iftop.nix @@ -209,6 +214,7 @@ ./services/backup/duplicity.nix ./services/backup/mysql-backup.nix ./services/backup/postgresql-backup.nix + ./services/backup/postgresql-wal-receiver.nix ./services/backup/restic.nix ./services/backup/restic-rest-server.nix ./services/backup/rsnapshot.nix @@ -280,12 +286,8 @@ ./services/desktops/pipewire.nix ./services/desktops/gnome3/at-spi2-core.nix ./services/desktops/gnome3/chrome-gnome-shell.nix - ./services/desktops/gnome3/evince.nix ./services/desktops/gnome3/evolution-data-server.nix - ./services/desktops/gnome3/file-roller.nix ./services/desktops/gnome3/glib-networking.nix - ./services/desktops/gnome3/gnome-disks.nix - ./services/desktops/gnome3/gnome-documents.nix ./services/desktops/gnome3/gnome-keyring.nix ./services/desktops/gnome3/gnome-online-accounts.nix ./services/desktops/gnome3/gnome-remote-desktop.nix @@ -293,7 +295,6 @@ ./services/desktops/gnome3/gnome-settings-daemon.nix ./services/desktops/gnome3/gnome-terminal-server.nix ./services/desktops/gnome3/gnome-user-share.nix - ./services/desktops/gnome3/gpaste.nix ./services/desktops/gnome3/gvfs.nix ./services/desktops/gnome3/rygel.nix ./services/desktops/gnome3/seahorse.nix diff --git a/nixos/modules/services/desktops/gnome3/evince.nix b/nixos/modules/programs/evince.nix index 5f040a16f067..473fddb09d02 100644 --- a/nixos/modules/services/desktops/gnome3/evince.nix +++ b/nixos/modules/programs/evince.nix @@ -6,14 +6,21 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "evince" "enable" ] + [ "programs" "evince" "enable" ]) + ]; + ###### interface options = { - services.gnome3.evince = { + programs.evince = { enable = mkEnableOption - "systemd and dbus services for Evince, the GNOME document viewer"; + "Evince, the GNOME document viewer"; }; @@ -22,7 +29,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.evince.enable { + config = mkIf config.programs.evince.enable { environment.systemPackages = [ pkgs.evince ]; diff --git a/nixos/modules/services/desktops/gnome3/file-roller.nix b/nixos/modules/programs/file-roller.nix index 7fb558a98953..64f6a94e7641 100644 --- a/nixos/modules/services/desktops/gnome3/file-roller.nix +++ b/nixos/modules/programs/file-roller.nix @@ -6,11 +6,18 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "file-roller" "enable" ] + [ "programs" "file-roller" "enable" ]) + ]; + ###### interface options = { - services.gnome3.file-roller = { + programs.file-roller = { enable = mkEnableOption "File Roller, an archive manager for GNOME"; @@ -21,7 +28,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.file-roller.enable { + config = mkIf config.programs.file-roller.enable { environment.systemPackages = [ pkgs.gnome3.file-roller ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-disks.nix b/nixos/modules/programs/gnome-disks.nix index 139534cdb892..1cf839a6ddb0 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-disks.nix +++ b/nixos/modules/programs/gnome-disks.nix @@ -1,4 +1,4 @@ -# GNOME Disks daemon. +# GNOME Disks. { config, pkgs, lib, ... }: @@ -6,17 +6,24 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-disks" "enable" ] + [ "programs" "gnome-disks" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gnome-disks = { + programs.gnome-disks = { enable = mkOption { type = types.bool; default = false; description = '' - Whether to enable GNOME Disks daemon, a service designed to + Whether to enable GNOME Disks daemon, a program designed to be a UDisks2 graphical front-end. ''; }; @@ -28,7 +35,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.gnome-disks.enable { + config = mkIf config.programs.gnome-disks.enable { environment.systemPackages = [ pkgs.gnome3.gnome-disk-utility ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-documents.nix b/nixos/modules/programs/gnome-documents.nix index f6efb6684240..bfa3d409ee30 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-documents.nix +++ b/nixos/modules/programs/gnome-documents.nix @@ -1,4 +1,4 @@ -# GNOME Documents daemon. +# GNOME Documents. { config, pkgs, lib, ... }: @@ -6,17 +6,24 @@ with lib; { + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gnome-documents" "enable" ] + [ "programs" "gnome-documents" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gnome-documents = { + programs.gnome-documents = { enable = mkOption { type = types.bool; default = false; description = '' - Whether to enable GNOME Documents services, a document + Whether to enable GNOME Documents, a document manager application for GNOME. ''; }; @@ -28,7 +35,7 @@ with lib; ###### implementation - config = mkIf config.services.gnome3.gnome-documents.enable { + config = mkIf config.programs.gnome-documents.enable { environment.systemPackages = [ pkgs.gnome3.gnome-documents ]; diff --git a/nixos/modules/services/desktops/gnome3/gpaste.nix b/nixos/modules/programs/gpaste.nix index 5a8258775e0a..4f6deb77e5eb 100644 --- a/nixos/modules/services/desktops/gnome3/gpaste.nix +++ b/nixos/modules/programs/gpaste.nix @@ -1,12 +1,20 @@ -# GPaste daemon. +# GPaste. { config, lib, pkgs, ... }: with lib; { + + # Added 2019-08-09 + imports = [ + (mkRenamedOptionModule + [ "services" "gnome3" "gpaste" "enable" ] + [ "programs" "gpaste" "enable" ]) + ]; + ###### interface options = { - services.gnome3.gpaste = { + programs.gpaste = { enable = mkOption { type = types.bool; default = false; @@ -18,10 +26,9 @@ with lib; }; ###### implementation - config = mkIf config.services.gnome3.gpaste.enable { + config = mkIf config.programs.gpaste.enable { environment.systemPackages = [ pkgs.gnome3.gpaste ]; services.dbus.packages = [ pkgs.gnome3.gpaste ]; - services.xserver.desktopManager.gnome3.sessionPath = [ pkgs.gnome3.gpaste ]; systemd.packages = [ pkgs.gnome3.gpaste ]; }; } diff --git a/nixos/modules/programs/nylas-mail.nix b/nixos/modules/programs/nylas-mail.nix deleted file mode 100644 index 08a6cd0a6049..000000000000 --- a/nixos/modules/programs/nylas-mail.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.nylas-mail; -in { - ###### interface - options = { - services.nylas-mail = { - - enable = mkEnableOption '' - nylas-mail - Open-source mail client built on the modern web with Electron, React, and Flux - ''; - - gnome3-keyring = mkOption { - type = types.bool; - default = true; - description = "Enable gnome3 keyring for nylas-mail."; - }; - }; - }; - - - ###### implementation - - config = mkIf cfg.enable { - - environment.systemPackages = [ pkgs.nylas-mail-bin ]; - - services.gnome3.gnome-keyring = mkIf cfg.gnome3-keyring { - enable = true; - }; - - }; -} diff --git a/nixos/modules/services/backup/postgresql-wal-receiver.nix b/nixos/modules/services/backup/postgresql-wal-receiver.nix new file mode 100644 index 000000000000..d9a37037992e --- /dev/null +++ b/nixos/modules/services/backup/postgresql-wal-receiver.nix @@ -0,0 +1,203 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + receiverSubmodule = { + options = { + postgresqlPackage = mkOption { + type = types.package; + example = literalExample "pkgs.postgresql_11"; + description = '' + PostgreSQL package to use. + ''; + }; + + directory = mkOption { + type = types.path; + example = literalExample "/mnt/pg_wal/main/"; + description = '' + Directory to write the output to. + ''; + }; + + statusInterval = mkOption { + type = types.int; + default = 10; + description = '' + Specifies the number of seconds between status packets sent back to the server. + This allows for easier monitoring of the progress from server. + A value of zero disables the periodic status updates completely, + although an update will still be sent when requested by the server, to avoid timeout disconnect. + ''; + }; + + slot = mkOption { + type = types.str; + default = ""; + example = "some_slot_name"; + description = '' + Require <command>pg_receivewal</command> to use an existing replication slot (see + <link xlink:href="https://www.postgresql.org/docs/current/warm-standby.html#STREAMING-REPLICATION-SLOTS">Section 26.2.6 of the PostgreSQL manual</link>). + When this option is used, <command>pg_receivewal</command> will report a flush position to the server, + indicating when each segment has been synchronized to disk so that the server can remove that segment if it is not otherwise needed. + + When the replication client of <command>pg_receivewal</command> is configured on the server as a synchronous standby, + then using a replication slot will report the flush position to the server, but only when a WAL file is closed. + Therefore, that configuration will cause transactions on the primary to wait for a long time and effectively not work satisfactorily. + The option <option>synchronous</option> must be specified in addition to make this work correctly. + ''; + }; + + synchronous = mkOption { + type = types.bool; + default = false; + description = '' + Flush the WAL data to disk immediately after it has been received. + Also send a status packet back to the server immediately after flushing, regardless of <option>statusInterval</option>. + + This option should be specified if the replication client of <command>pg_receivewal</command> is configured on the server as a synchronous standby, + to ensure that timely feedback is sent to the server. + ''; + }; + + compress = mkOption { + type = types.ints.between 0 9; + default = 0; + description = '' + Enables gzip compression of write-ahead logs, and specifies the compression level + (<literal>0</literal> through <literal>9</literal>, <literal>0</literal> being no compression and <literal>9</literal> being best compression). + The suffix <literal>.gz</literal> will automatically be added to all filenames. + + This option requires PostgreSQL >= 10. + ''; + }; + + connection = mkOption { + type = types.str; + example = "postgresql://user@somehost"; + description = '' + Specifies parameters used to connect to the server, as a connection string. + See <link xlink:href="https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING">Section 34.1.1 of the PostgreSQL manual</link> for more information. + + Because <command>pg_receivewal</command> doesn't connect to any particular database in the cluster, + database name in the connection string will be ignored. + ''; + }; + + extraArgs = mkOption { + type = with types; listOf str; + default = [ ]; + example = literalExample '' + [ + "--no-sync" + ] + ''; + description = '' + A list of extra arguments to pass to the <command>pg_receivewal</command> command. + ''; + }; + + environment = mkOption { + type = with types; attrsOf str; + default = { }; + example = literalExample '' + { + PGPASSFILE = "/private/passfile"; + PGSSLMODE = "require"; + } + ''; + description = '' + Environment variables passed to the service. + Usable parameters are listed in <link xlink:href="https://www.postgresql.org/docs/current/libpq-envars.html">Section 34.14 of the PostgreSQL manual</link>. + ''; + }; + }; + }; + +in { + options = { + services.postgresqlWalReceiver = { + receivers = mkOption { + type = with types; attrsOf (submodule receiverSubmodule); + default = { }; + example = literalExample '' + { + main = { + postgresqlPackage = pkgs.postgresql_11; + directory = /mnt/pg_wal/main/; + slot = "main_wal_receiver"; + connection = "postgresql://user@somehost"; + }; + } + ''; + description = '' + PostgreSQL WAL receivers. + Stream write-ahead logs from a PostgreSQL server using <command>pg_receivewal</command> (formerly <command>pg_receivexlog</command>). + See <link xlink:href="https://www.postgresql.org/docs/current/app-pgreceivewal.html">the man page</link> for more information. + ''; + }; + }; + }; + + config = let + receivers = config.services.postgresqlWalReceiver.receivers; + in mkIf (receivers != { }) { + users = { + users.postgres = { + uid = config.ids.uids.postgres; + group = "postgres"; + description = "PostgreSQL server user"; + }; + + groups.postgres = { + gid = config.ids.gids.postgres; + }; + }; + + assertions = concatLists (attrsets.mapAttrsToList (name: config: [ + { + assertion = config.compress > 0 -> versionAtLeast config.postgresqlPackage.version "10"; + message = "Invalid configuration for WAL receiver \"${name}\": compress requires PostgreSQL version >= 10."; + } + ]) receivers); + + systemd.tmpfiles.rules = mapAttrsToList (name: config: '' + d ${escapeShellArg config.directory} 0750 postgres postgres - - + '') receivers; + + systemd.services = with attrsets; mapAttrs' (name: config: nameValuePair "postgresql-wal-receiver-${name}" { + description = "PostgreSQL WAL receiver (${name})"; + wantedBy = [ "multi-user.target" ]; + + serviceConfig = { + User = "postgres"; + Group = "postgres"; + KillSignal = "SIGINT"; + Restart = "always"; + RestartSec = 30; + }; + + inherit (config) environment; + + script = let + receiverCommand = postgresqlPackage: + if (versionAtLeast postgresqlPackage.version "10") + then "${postgresqlPackage}/bin/pg_receivewal" + else "${postgresqlPackage}/bin/pg_receivexlog"; + in '' + ${receiverCommand config.postgresqlPackage} \ + --no-password \ + --directory=${escapeShellArg config.directory} \ + --status-interval=${toString config.statusInterval} \ + --dbname=${escapeShellArg config.connection} \ + ${optionalString (config.compress > 0) "--compress=${toString config.compress}"} \ + ${optionalString (config.slot != "") "--slot=${escapeShellArg config.slot}"} \ + ${optionalString config.synchronous "--synchronous"} \ + ${concatStringsSep " " config.extraArgs} + ''; + }) receivers; + }; + + meta.maintainers = with maintainers; [ pacien ]; +} diff --git a/nixos/modules/services/databases/couchdb.nix b/nixos/modules/services/databases/couchdb.nix index 5ddf8ba4bfbd..77e404116c8a 100644 --- a/nixos/modules/services/databases/couchdb.nix +++ b/nixos/modules/services/databases/couchdb.nix @@ -160,7 +160,7 @@ in { systemd.tmpfiles.rules = [ "d '${dirOf cfg.uriFile}' - ${cfg.user} ${cfg.group} - -" - "d '${dirOf cfg.logFile}' - ${cfg.user} ${cfg.group} - -" + "f '${cfg.logFile}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.databaseDir}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.viewIndexDir}' - ${cfg.user} ${cfg.group} - -" ]; @@ -169,11 +169,9 @@ in { description = "CouchDB Server"; wantedBy = [ "multi-user.target" ]; - preStart = - '' + preStart = '' touch ${cfg.configFile} - touch -a ${cfg.logFile} - ''; + ''; environment = mkIf useVersion2 { # we are actually specifying 4 configuration files: diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 7ff899970ccd..10250bb5193a 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -330,13 +330,13 @@ in fi '' + optionalString (cfg.ensureDatabases != []) '' ${concatMapStrings (database: '' - $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc "CREATE DATABASE ${database}" + $PSQL -tAc "SELECT 1 FROM pg_database WHERE datname = '${database}'" | grep -q 1 || $PSQL -tAc 'CREATE DATABASE "${database}"' '') cfg.ensureDatabases} '' + '' ${concatMapStrings (user: '' $PSQL -tAc "SELECT 1 FROM pg_roles WHERE rolname='${user.name}'" | grep -q 1 || $PSQL -tAc "CREATE USER ${user.name}" ${concatStringsSep "\n" (mapAttrsToList (database: permission: '' - $PSQL -tAc "GRANT ${permission} ON ${database} TO ${user.name}" + $PSQL -tAc 'GRANT ${permission} ON ${database} TO ${user.name}' '') user.ensurePermissions)} '') cfg.ensureUsers} ''; diff --git a/nixos/modules/services/monitoring/grafana.nix b/nixos/modules/services/monitoring/grafana.nix index c2f6b585d493..bf1084eecc3a 100644 --- a/nixos/modules/services/monitoring/grafana.nix +++ b/nixos/modules/services/monitoring/grafana.nix @@ -503,12 +503,12 @@ in { message = "Cannot set both adminPassword and adminPasswordFile"; } { - assertion = cfg.security.secretKeyFile != opt.security.secretKeyFile.default -> cfg.security.secretKeyFile == null; + assertion = cfg.security.secretKey != opt.security.secretKey.default -> cfg.security.secretKeyFile == null; message = "Cannot set both secretKey and secretKeyFile"; } { assertion = cfg.smtp.password != opt.smtp.password.default -> cfg.smtp.passwordFile == null; - message = "Cannot set both password and secretKeyFile"; + message = "Cannot set both password and passwordFile"; } ]; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index cd7502421255..5e1e652a5089 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -123,12 +123,8 @@ in { services.dleyna-renderer.enable = mkDefault true; services.dleyna-server.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; - services.gnome3.evince.enable = mkDefault true; services.gnome3.evolution-data-server.enable = true; - services.gnome3.file-roller.enable = mkDefault true; services.gnome3.glib-networking.enable = true; - services.gnome3.gnome-disks.enable = mkDefault true; - services.gnome3.gnome-documents.enable = mkDefault true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-online-accounts.enable = mkDefault true; services.gnome3.gnome-remote-desktop.enable = mkDefault true; @@ -157,6 +153,12 @@ in { xdg.portal.enable = true; xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + # Enable default programs + programs.evince.enable = mkDefault true; + programs.file-roller.enable = mkDefault true; + programs.gnome-disks.enable = mkDefault true; + programs.gnome-documents.enable = mkDefault true; + # If gnome3 is installed, build vim for gtk3 too. nixpkgs.config.vim.gui = "gtk3"; |