diff options
Diffstat (limited to 'nixos/modules')
28 files changed, 280 insertions, 179 deletions
diff --git a/nixos/modules/config/system-environment.nix b/nixos/modules/config/system-environment.nix index 4b663ebf85a4..361c3cfc553d 100644 --- a/nixos/modules/config/system-environment.nix +++ b/nixos/modules/config/system-environment.nix @@ -78,9 +78,7 @@ in # We're trying to use the same syntax for PAM variables and env variables. # That means we need to map the env variables that people might use to their # equivalent PAM variable. - # Note: PAM_USER is a PAM_ITEM, HOME is an environment variable, they have - # different syntax. - replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["\${HOME}" "@{PAM_USER}"]; + replaceEnvVars = replaceStrings ["$HOME" "$USER"] ["@{HOME}" "@{PAM_USER}"]; pamVariable = n: v: ''${n} DEFAULT="${concatStringsSep ":" (map replaceEnvVars (toList v))}"''; diff --git a/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix b/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix index 1578e1547bc1..719ba5ffb127 100644 --- a/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix +++ b/nixos/modules/installer/cd-dvd/installation-cd-graphical-base.nix @@ -25,9 +25,6 @@ with lib; services.xserver = { enable = true; - # Don't start the X server by default. - autorun = mkForce false; - # Automatically login as nixos. displayManager.slim = { enable = true; diff --git a/nixos/modules/installer/cd-dvd/iso-image.nix b/nixos/modules/installer/cd-dvd/iso-image.nix index 93c8ebaa2496..009f1e2c543a 100644 --- a/nixos/modules/installer/cd-dvd/iso-image.nix +++ b/nixos/modules/installer/cd-dvd/iso-image.nix @@ -24,7 +24,7 @@ let # Name appended to menuentry defaults to params if no specific name given. option.name or (if option ? params then "(${option.params})" else "") }' ${if option ? class then " --class ${option.class}" else ""} { - linux ${defaults.image} ${defaults.params} ${ + linux ${defaults.image} \''${isoboot} ${defaults.params} ${ option.params or "" } initrd ${defaults.initrd} @@ -268,6 +268,12 @@ let set timeout=10 ${grubMenuCfg} + # If the parameter iso_path is set, append the findiso parameter to the kernel + # line. We need this to allow the nixos iso to be booted from grub directly. + if [ \''${iso_path} ] ; then + set isoboot="findiso=\''${iso_path}" + fi + # # Menu entries # @@ -284,6 +290,14 @@ let ${buildMenuAdditionalParamsGrub2 config "video=1920x1080@60"} } + # If we boot into a graphical environment where X is autoran + # and always crashes, it makes the media unusable. Allow the user + # to disable this. + submenu "Disable display-manager" --class quirk-disable-displaymanager { + ${grubMenuCfg} + ${buildMenuAdditionalParamsGrub2 config "systemd.mask=display-manager.service"} + } + # Some laptop and convertibles have the panel installed in an # inconvenient way, rotated away from the keyboard. # Those entries makes it easier to use the installer. @@ -616,6 +630,9 @@ in { source = "${efiDir}/EFI"; target = "/EFI"; } + { source = pkgs.writeText "loopback.cfg" "source /EFI/boot/grub.cfg"; + target = "/boot/grub/loopback.cfg"; + } ] ++ optionals (config.boot.loader.grub.memtest86.enable && canx86BiosBoot) [ { source = "${pkgs.memtest86plus}/memtest.bin"; target = "/boot/memtest.bin"; diff --git a/nixos/modules/installer/tools/nixos-generate-config.pl b/nixos/modules/installer/tools/nixos-generate-config.pl index cfdbdaabf5c5..f2ffe61c42cb 100644 --- a/nixos/modules/installer/tools/nixos-generate-config.pl +++ b/nixos/modules/installer/tools/nixos-generate-config.pl @@ -563,6 +563,24 @@ $fsAndSwap ${\join "", (map { " $_\n" } (uniq @attrs))}} EOF +sub generateNetworkingDhcpConfig { + my $config = <<EOF; + # The global useDHCP flag is deprecated, therefore explicitly set to false here. + # Per-interface useDHCP will be mandatory in the future, so this generated config + # replicates the default behaviour. + networking.useDHCP = false; +EOF + + foreach my $path (glob "/sys/class/net/*") { + my $dev = basename($path); + if ($dev ne "lo") { + $config .= " networking.interfaces.$dev.useDHCP = true;\n"; + } + } + + return $config; +} + if ($showHardwareConfig) { print STDOUT $hwConfig; @@ -606,6 +624,8 @@ EOF EOF } + my $networkingDhcpConfig = generateNetworkingDhcpConfig(); + write_file($fn, <<EOF); @configuration@ EOF diff --git a/nixos/modules/installer/tools/nixos-install.sh b/nixos/modules/installer/tools/nixos-install.sh index be3b5c0687a6..8685cb345e1e 100644 --- a/nixos/modules/installer/tools/nixos-install.sh +++ b/nixos/modules/installer/tools/nixos-install.sh @@ -132,9 +132,8 @@ if [[ -z $noBootLoader ]]; then echo "installing the boot loader..." # Grub needs an mtab. ln -sfn /proc/mounts $mountPoint/etc/mtab - export NIXOS_INSTALL_BOOTLOADER=1 + NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot fi -nixos-enter --root "$mountPoint" -- /run/current-system/bin/switch-to-configuration boot # Ask the user to set a root password, but only if the passwd command # exists (i.e. when mutable user accounts are enabled). diff --git a/nixos/modules/installer/tools/tools.nix b/nixos/modules/installer/tools/tools.nix index 05add59117d1..329260059598 100644 --- a/nixos/modules/installer/tools/tools.nix +++ b/nixos/modules/installer/tools/tools.nix @@ -96,6 +96,7 @@ in # networking.hostName = "nixos"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + $networkingDhcpConfig # Configure network proxy if necessary # networking.proxy.default = "http://user:password\@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index ac6af1ce8b77..3e8a5b07a5ed 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -328,7 +328,7 @@ qemu-libvirtd = 301; # kvm = 302; # unused # render = 303; # unused - zeronet = 304; + # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; @@ -629,7 +629,7 @@ qemu-libvirtd = 301; kvm = 302; # default udev rules from systemd requires these render = 303; # default udev rules from systemd requires these - zeronet = 304; + # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index e0197a0da3fe..fb6bc8e1efe6 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -98,7 +98,6 @@ ./programs/autojump.nix ./programs/bash/bash.nix ./programs/bcc.nix - ./programs/blcr.nix ./programs/browserpass.nix ./programs/captive-browser.nix ./programs/ccache.nix diff --git a/nixos/modules/programs/blcr.nix b/nixos/modules/programs/blcr.nix deleted file mode 100644 index 804e1d01f12b..000000000000 --- a/nixos/modules/programs/blcr.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ config, lib, ... }: - -let - inherit (lib) mkOption mkIf; - cfg = config.environment.blcr; - blcrPkg = config.boot.kernelPackages.blcr; -in - -{ - ###### interface - - options = { - environment.blcr.enable = mkOption { - default = false; - description = - "Whether to enable support for the BLCR checkpointing tool."; - }; - }; - - ###### implementation - - config = mkIf cfg.enable { - boot.kernelModules = [ "blcr" "blcr_imports" ]; - boot.extraModulePackages = [ blcrPkg ]; - environment.systemPackages = [ blcrPkg ]; - }; -} diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 802ffcdc94eb..df8ebe505846 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -233,7 +233,6 @@ with lib; (mkRemovedOptionModule [ "services" "mysql" "rootPassword" ] "Use socket authentication or set the password outside of the nix store.") (mkRemovedOptionModule [ "services" "zabbixServer" "dbPassword" ] "Use services.zabbixServer.database.passwordFile instead.") (mkRemovedOptionModule [ "systemd" "generator-packages" ] "Use systemd.packages instead.") - (mkRemovedOptionModule [ "systemd" "coredump" "enable" ] "Enabled by default. Set boot.kernel.sysctl.\"kernel.core_pattern\" = \"core\"; to disable.") # ZSH (mkRenamedOptionModule [ "programs" "zsh" "enableSyntaxHighlighting" ] [ "programs" "zsh" "syntaxHighlighting" "enable" ]) @@ -275,6 +274,9 @@ with lib; (mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ]) (mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ]) + # BLCR + (mkRemovedOptionModule [ "environment.blcr.enable" ] "The BLCR module has been removed") + # Redis (mkRemovedOptionModule [ "services" "redis" "user" ] "The redis module now is hardcoded to the redis user.") (mkRemovedOptionModule [ "services" "redis" "dbpath" ] "The redis module now uses /var/lib/redis as data directory.") diff --git a/nixos/modules/services/databases/memcached.nix b/nixos/modules/services/databases/memcached.nix index 84d2c8674f4e..d1dfdb41bf40 100644 --- a/nixos/modules/services/databases/memcached.nix +++ b/nixos/modules/services/databases/memcached.nix @@ -67,6 +67,7 @@ in users.users = optional (cfg.user == "memcached") { name = "memcached"; description = "Memcached server user"; + isSystemUser = true; }; environment.systemPackages = [ memcached ]; diff --git a/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix b/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix index 7f7adcf26acf..2f83fd653bde 100644 --- a/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix +++ b/nixos/modules/services/desktops/gnome3/gnome-settings-daemon.nix @@ -12,6 +12,12 @@ in { + imports = [ + (mkRemovedOptionModule + ["services" "gnome3" "gnome-settings-daemon" "package"] + "") + ]; + ###### interface options = { @@ -20,13 +26,6 @@ in enable = mkEnableOption "GNOME Settings Daemon"; - # There are many forks of gnome-settings-daemon - package = mkOption { - type = types.package; - default = pkgs.gnome3.gnome-settings-daemon; - description = "Which gnome-settings-daemon package to use."; - }; - }; }; @@ -36,9 +35,39 @@ in config = mkIf cfg.enable { - environment.systemPackages = [ cfg.package ]; - - services.udev.packages = [ cfg.package ]; + environment.systemPackages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + services.udev.packages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + systemd.packages = [ + pkgs.gnome3.gnome-settings-daemon + ]; + + systemd.user.targets."gnome-session-initialized".wants = [ + "gsd-color.target" + "gsd-datetime.target" + "gsd-keyboard.target" + "gsd-media-keys.target" + "gsd-print-notifications.target" + "gsd-rfkill.target" + "gsd-screensaver-proxy.target" + "gsd-sharing.target" + "gsd-smartcard.target" + "gsd-sound.target" + "gsd-wacom.target" + "gsd-wwan.target" + "gsd-a11y-settings.target" + "gsd-housekeeping.target" + "gsd-power.target" + ]; + + systemd.user.targets."gnome-session-x11-services".wants = [ + "gsd-xsettings.target" + ]; }; diff --git a/nixos/modules/services/monitoring/thanos.nix b/nixos/modules/services/monitoring/thanos.nix index 215cd43fd864..52dab28cf72f 100644 --- a/nixos/modules/services/monitoring/thanos.nix +++ b/nixos/modules/services/monitoring/thanos.nix @@ -126,6 +126,8 @@ let ''; description = '' Path to YAML file that contains tracing configuration. + + See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/> ''; }; }; @@ -141,6 +143,8 @@ let <option>tracing.config-file</option> will default to its path. If <option>tracing.config-file</option> is set this option has no effect. + + See format details: <link xlink:href="https://thanos.io/tracing.md/#configuration"/> ''; }; }; @@ -187,6 +191,8 @@ let ''; description = '' Path to YAML file that contains object store configuration. + + See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/> ''; }; }; @@ -202,6 +208,8 @@ let <option>objstore.config-file</option> will default to its path. If <option>objstore.config-file</option> is set this option has no effect. + + See format details: <link xlink:href="https://thanos.io/storage.md/#configuration"/> ''; }; }; @@ -276,6 +284,24 @@ let block-sync-concurrency = mkParamDef types.int 20 '' Number of goroutines to use when syncing blocks from object storage. ''; + + min-time = mkParamDef types.str "0000-01-01T00:00:00Z" '' + Start of time range limit to serve. + + Thanos Store serves only metrics, which happened later than this + value. Option can be a constant time in RFC3339 format or time duration + relative to current time, such as -1d or 2h45m. Valid duration units are + ms, s, m, h, d, w, y. + ''; + + max-time = mkParamDef types.str "9999-12-31T23:59:59Z" '' + End of time range limit to serve. + + Thanos Store serves only blocks, which happened eariler than this + value. Option can be a constant time in RFC3339 format or time duration + relative to current time, such as -1d or 2h45m. Valid duration units are + ms, s, m, h, d, w, y. + ''; }; query = params.common cfg.query // { @@ -560,6 +586,14 @@ let ''; }; + downsampling.disable = mkFlagParam '' + Disables downsampling. + + This is not recommended as querying long time ranges without + non-downsampled data is not efficient and useful e.g it is not possible + to render all samples for a human eye anyway + ''; + block-sync-concurrency = mkParamDef types.int 20 '' Number of goroutines to use when syncing block metadata from object storage. ''; diff --git a/nixos/modules/services/networking/networkmanager.nix b/nixos/modules/services/networking/networkmanager.nix index fef3a7de48a7..3f1d0727d9bc 100644 --- a/nixos/modules/services/networking/networkmanager.nix +++ b/nixos/modules/services/networking/networkmanager.nix @@ -5,11 +5,25 @@ with lib; let cfg = config.networking.networkmanager; + basePackages = with pkgs; [ + crda + modemmanager + networkmanager + networkmanager-fortisslvpn + networkmanager-iodine + networkmanager-l2tp + networkmanager-openconnect + networkmanager-openvpn + networkmanager-vpnc + ] ++ optional (!delegateWireless && !enableIwd) wpa_supplicant; + dynamicHostsEnabled = cfg.dynamicHosts.enable && cfg.dynamicHosts.hostsDirs != {}; delegateWireless = config.networking.wireless.enable == true && cfg.unmanaged != []; + enableIwd = cfg.wifi.backend == "iwd"; + # /var/lib/misc is for dnsmasq.leases. stateDirs = "/var/lib/NetworkManager /var/lib/dhclient /var/lib/misc"; @@ -38,6 +52,7 @@ let [device] wifi.scan-rand-mac-address=${if cfg.wifi.scanRandMacAddress then "yes" else "no"} + wifi.backend=${cfg.wifi.backend} ${cfg.extraConfig} ''; @@ -176,25 +191,13 @@ in { ''; }; - # Ugly hack for using the correct gnome3 packageSet - basePackages = mkOption { - type = types.attrsOf types.package; - default = { inherit (pkgs) - networkmanager modemmanager crda - networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-l2tp networkmanager-iodine; } - // optionalAttrs (!delegateWireless) { inherit (pkgs) wpa_supplicant; }; - internal = true; - }; - packages = mkOption { - type = types.listOf types.path; + type = types.listOf types.package; default = [ ]; description = '' Extra packages that provide NetworkManager plugins. ''; - apply = list: (attrValues cfg.basePackages) ++ list; + apply = list: basePackages ++ list; }; dhcp = mkOption { @@ -236,6 +239,15 @@ in { wifi = { macAddress = macAddressOpt; + backend = mkOption { + type = types.enum [ "wpa_supplicant" "iwd" ]; + default = "wpa_supplicant"; + description = '' + Specify the Wi-Fi backend used for the device. + Currently supported are <option>wpa_supplicant</option> or <option>iwd</option> (experimental). + ''; + }; + powersave = mkOption { type = types.nullOr types.bool; default = null; @@ -390,12 +402,12 @@ in { { assertion = !dynamicHostsEnabled || (dynamicHostsEnabled && cfg.dns == "dnsmasq"); message = '' To use networking.networkmanager.dynamicHosts you also need to set - networking.networkmanager.dns = "dnsmasq" + `networking.networkmanager.dns = "dnsmasq"` ''; } ]; - environment.etc = with cfg.basePackages; [ + environment.etc = with pkgs; [ { source = configFile; target = "NetworkManager/NetworkManager.conf"; } @@ -510,6 +522,8 @@ in { wireless.enable = mkDefault false; }) // (mkIf cfg.enableStrongSwan { networkmanager.packages = [ pkgs.networkmanager_strongswan ]; + }) // (mkIf enableIwd { + wireless.iwd.enable = true; }); security.polkit.extraConfig = polkitConf; diff --git a/nixos/modules/services/networking/zeronet.nix b/nixos/modules/services/networking/zeronet.nix index f4988a902685..f354a9d42c79 100644 --- a/nixos/modules/services/networking/zeronet.nix +++ b/nixos/modules/services/networking/zeronet.nix @@ -1,44 +1,39 @@ { config, lib, pkgs, ... }: let + inherit (lib) generators literalExample mkEnableOption mkIf mkOption recursiveUpdate types; cfg = config.services.zeronet; - - zConfFile = pkgs.writeTextFile { - name = "zeronet.conf"; - - text = '' - [global] - data_dir = ${cfg.dataDir} - log_dir = ${cfg.logDir} - '' + lib.optionalString (cfg.port != null) '' - ui_port = ${toString cfg.port} - '' + lib.optionalString (cfg.fileserverPort != null) '' - fileserver_port = ${toString cfg.fileserverPort} - '' + lib.optionalString (cfg.torAlways) '' - tor = always - '' + cfg.extraConfig; + dataDir = "/var/lib/zeronet"; + configFile = pkgs.writeText "zeronet.conf" (generators.toINI {} (recursiveUpdate defaultSettings cfg.settings)); + + defaultSettings = { + global = { + data_dir = dataDir; + log_dir = dataDir; + ui_port = cfg.port; + fileserver_port = cfg.fileserverPort; + tor = if !cfg.tor then "disable" else if cfg.torAlways then "always" else "enable"; + }; }; in with lib; { options.services.zeronet = { enable = mkEnableOption "zeronet"; - dataDir = mkOption { - type = types.path; - default = "/var/lib/zeronet"; - example = "/home/okina/zeronet"; - description = "Path to the zeronet data directory."; - }; + settings = mkOption { + type = with types; attrsOf (oneOf [ str int bool (listOf str) ]); + default = {}; + example = literalExample "global.tor = enable;"; - logDir = mkOption { - type = types.path; - default = "/var/log/zeronet"; - example = "/home/okina/zeronet/log"; - description = "Path to the zeronet log directory."; + description = '' + <filename>zeronet.conf</filename> configuration. Refer to + <link xlink:href="https://zeronet.readthedocs.io/en/latest/faq/#is-it-possible-to-use-a-configuration-file"/> + for details on supported values; + ''; }; port = mkOption { - type = types.nullOr types.int; - default = null; + type = types.int; + default = 43110; example = 43110; description = "Optional zeronet web UI port."; }; @@ -63,22 +58,13 @@ in with lib; { default = false; description = "Use TOR for all zeronet traffic."; }; - - extraConfig = mkOption { - type = types.lines; - default = ""; - - description = '' - Extra configuration. Contents will be added verbatim to the - configuration file at the end. - ''; - }; }; config = mkIf cfg.enable { services.tor = mkIf cfg.tor { enable = true; controlPort = 9051; + extraConfig = '' CacheDirectoryGroupReadable 1 CookieAuthentication 1 @@ -86,37 +72,25 @@ in with lib; { ''; }; - systemd.tmpfiles.rules = [ - "d '${cfg.dataDir}' 750 zeronet zeronet - -" - "d '${cfg.logDir}' 750 zeronet zeronet - -" - ]; - systemd.services.zeronet = { description = "zeronet"; after = [ "network.target" (optionalString cfg.tor "tor.service") ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - PrivateTmp = "yes"; User = "zeronet"; - Group = "zeronet"; - ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${zConfFile}"; - }; - }; - - users = { - groups.zeronet.gid = config.ids.gids.zeronet; - - users.zeronet = { - description = "zeronet service user"; - home = cfg.dataDir; - createHome = true; - group = "zeronet"; - extraGroups = mkIf cfg.tor [ "tor" ]; - uid = config.ids.uids.zeronet; + DynamicUser = true; + StateDirectory = "zeronet"; + SupplementaryGroups = mkIf cfg.tor [ "tor" ]; + ExecStart = "${pkgs.zeronet}/bin/zeronet --config_file ${configFile}"; }; }; }; + imports = [ + (mkRemovedOptionModule [ "services" "zeronet" "dataDir" ] "Zeronet will store data by default in /var/lib/zeronet") + (mkRemovedOptionModule [ "services" "zeronet" "logDir" ] "Zeronet will log by default in /var/lib/zeronet") + ]; + meta.maintainers = with maintainers; [ chiiruno ]; } diff --git a/nixos/modules/services/web-apps/documize.nix b/nixos/modules/services/web-apps/documize.nix index 37359869cb64..1b90299aa23c 100644 --- a/nixos/modules/services/web-apps/documize.nix +++ b/nixos/modules/services/web-apps/documize.nix @@ -14,6 +14,15 @@ in { options.services.documize = { enable = mkEnableOption "Documize Wiki"; + stateDirectoryName = mkOption { + type = types.str; + default = "documize"; + description = '' + The name of the directory below <filename>/var/lib/private</filename> + where documize runs in and stores, for example, backups. + ''; + }; + package = mkOption { type = types.package; default = pkgs.documize-community; @@ -132,6 +141,8 @@ in { ]; Restart = "always"; DynamicUser = "yes"; + StateDirectory = cfg.stateDirectoryName; + WorkingDirectory = "/var/lib/${cfg.stateDirectoryName}"; }; }; }; diff --git a/nixos/modules/services/x11/desktop-managers/gnome3.nix b/nixos/modules/services/x11/desktop-managers/gnome3.nix index 304554e36840..20385c884b5e 100644 --- a/nixos/modules/services/x11/desktop-managers/gnome3.nix +++ b/nixos/modules/services/x11/desktop-managers/gnome3.nix @@ -28,6 +28,8 @@ let (pkg: "cp -rf ${pkg}/share/gsettings-schemas/*/glib-2.0/schemas/*.xml $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas\n") (defaultPackages ++ cfg.extraGSettingsOverridePackages)} + cp -f ${pkgs.gnome3.gnome-shell}/share/gsettings-schemas/*/glib-2.0/schemas/*.gschema.override $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas + chmod -R a+w $out/share/gsettings-schemas/nixos-gsettings-overrides cat - > $out/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas/nixos-defaults.gschema.override <<- EOF [org.gnome.desktop.background] @@ -209,14 +211,6 @@ in networking.networkmanager.enable = mkDefault true; - # Use the correct gnome3 packageSet - networking.networkmanager.basePackages = { - inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; - }; - services.xserver.updateDbusEnvironment = true; # Needed for themes and backgrounds @@ -238,22 +232,7 @@ in services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true)); services.telepathy.enable = mkDefault true; - systemd.packages = with pkgs.gnome3; [ vino gnome-session gnome-settings-daemon ]; - - # gnome-settings-daemon.nix is shared between several desktop - # environments (eg. mate and pantheon) so specify these gnome-shell specific - # service dependencies here instead. - systemd.user.targets."gnome-session-initialized".wants = [ - "gsd-a11y-settings.target" "gsd-housekeeping.target" "gsd-power.target" - "gsd-color.target" "gsd-keyboard.target" "gsd-print-notifications.target" - "gsd-datetime.target" "gsd-media-keys.target" "gsd-rfkill.target" - "gsd-screensaver-proxy.target" "gsd-sound.target" "gsd-smartcard.target" - "gsd-sharing.target" "gsd-wacom.target" "gsd-wwan.target" - ]; - - systemd.user.targets."gnome-session-x11-services".wants = [ - "gsd-xsettings.target" - ]; + systemd.packages = with pkgs.gnome3; [ vino gnome-session ]; services.avahi.enable = mkDefault true; diff --git a/nixos/modules/services/x11/desktop-managers/mate.nix b/nixos/modules/services/x11/desktop-managers/mate.nix index 4563583e0704..fe63f36cf96a 100644 --- a/nixos/modules/services/x11/desktop-managers/mate.nix +++ b/nixos/modules/services/x11/desktop-managers/mate.nix @@ -85,6 +85,7 @@ in pkgs.gtk3.out pkgs.shared-mime-info pkgs.xdg-user-dirs # Update user dirs as described in https://freedesktop.org/wiki/Software/xdg-user-dirs/ + pkgs.mate.mate-settings-daemon ]; programs.dconf.enable = true; @@ -98,7 +99,7 @@ in services.gnome3.at-spi2-core.enable = true; services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-settings-daemon.enable = true; - services.gnome3.gnome-settings-daemon.package = pkgs.mate.mate-settings-daemon; + services.udev.packages = [ pkgs.mate.mate-settings-daemon ]; services.gvfs.enable = true; services.upower.enable = config.powerManagement.enable; diff --git a/nixos/modules/services/x11/desktop-managers/pantheon.nix b/nixos/modules/services/x11/desktop-managers/pantheon.nix index d80ea9a53e80..80dab135ee26 100644 --- a/nixos/modules/services/x11/desktop-managers/pantheon.nix +++ b/nixos/modules/services/x11/desktop-managers/pantheon.nix @@ -109,8 +109,9 @@ in services.pantheon.files.enable = mkDefault true; services.tumbler.enable = mkDefault true; services.system-config-printer.enable = (mkIf config.services.printing.enable (mkDefault true)); - services.dbus.packages = [ - pkgs.pantheon.switchboard-plug-power + services.dbus.packages = with pkgs.pantheon; [ + switchboard-plug-power + elementary-default-settings ]; services.pantheon.contractor.enable = mkDefault true; services.gnome3.at-spi2-core.enable = true; @@ -119,7 +120,7 @@ in # TODO: gnome-keyring's xdg autostarts will still be in the environment (from elementary-session-settings) if disabled forcefully services.gnome3.gnome-keyring.enable = true; services.gnome3.gnome-settings-daemon.enable = true; - services.gnome3.gnome-settings-daemon.package = pkgs.pantheon.elementary-settings-daemon; + services.udev.packages = [ pkgs.pantheon.elementary-settings-daemon ]; services.gvfs.enable = true; services.gnome3.rygel.enable = mkDefault true; services.gsignond.enable = mkDefault true; @@ -154,11 +155,6 @@ in qt5.style = "adwaita"; networking.networkmanager.enable = mkDefault true; - networking.networkmanager.basePackages = - { inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; }; # Override GSettings schemas environment.sessionVariables.NIX_GSETTINGS_OVERRIDES_DIR = "${nixos-gsettings-desktop-schemas}/share/gsettings-schemas/nixos-gsettings-overrides/glib-2.0/schemas"; diff --git a/nixos/modules/services/x11/desktop-managers/xfce4-14.nix b/nixos/modules/services/x11/desktop-managers/xfce4-14.nix index 130e865a1fb4..ffc99172e795 100644 --- a/nixos/modules/services/x11/desktop-managers/xfce4-14.nix +++ b/nixos/modules/services/x11/desktop-managers/xfce4-14.nix @@ -91,7 +91,11 @@ in ++ optional config.powerManagement.enable xfce4-power-manager ++ optionals config.hardware.pulseaudio.enable [ pavucontrol - xfce4-pulseaudio-plugin + # volume up/down keys support: + # xfce4-pulseaudio-plugin includes all the functionalities of xfce4-volumed-pulse + # but can only be used with xfce4-panel, so for no-desktop usage we still include + # xfce4-volumed-pulse + (if cfg.noDesktop then xfce4-volumed-pulse else xfce4-pulseaudio-plugin) ] ++ optionals cfg.enableXfwm [ xfwm4 xfwm4-themes @@ -108,14 +112,6 @@ in "/share/gtksourceview-4.0" ]; - # Use the correct gnome3 packageSet - networking.networkmanager.basePackages = mkIf config.networking.networkmanager.enable { - inherit (pkgs) networkmanager modemmanager wpa_supplicant crda; - inherit (pkgs.gnome3) networkmanager-openvpn networkmanager-vpnc - networkmanager-openconnect networkmanager-fortisslvpn - networkmanager-iodine networkmanager-l2tp; - }; - services.xserver.desktopManager.session = [{ name = "xfce4-14"; bgSupport = true; diff --git a/nixos/modules/services/x11/display-managers/gdm.nix b/nixos/modules/services/x11/display-managers/gdm.nix index 9f76bba99808..3b4723ce9fe3 100644 --- a/nixos/modules/services/x11/display-managers/gdm.nix +++ b/nixos/modules/services/x11/display-managers/gdm.nix @@ -152,6 +152,7 @@ in chown -R gdm:gdm /run/gdm/.config '' + optionalString config.services.gnome3.gnome-initial-setup.enable '' # Create stamp file for gnome-initial-setup to prevent run. + mkdir -p /run/gdm/.config cat - > /run/gdm/.config/gnome-initial-setup-done <<- EOF yes EOF @@ -165,9 +166,15 @@ in "systemd-machined.service" "systemd-user-sessions.service" "getty@tty1.service" + "plymouth-quit.service" + "plymouth-start.service" ]; systemd.services.display-manager.conflicts = [ "getty@tty1.service" + "plymouth-quit.service" + ]; + systemd.services.display-manager.onFailure = [ + "plymouth-quit.service" ]; systemd.services.display-manager.serviceConfig = { @@ -177,6 +184,9 @@ in BusName = "org.gnome.DisplayManager"; StandardOutput = "syslog"; StandardError = "inherit"; + ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID"; + KeyringMode = "shared"; + EnvironmentFile = "-/etc/locale.conf"; }; systemd.services.display-manager.path = [ pkgs.gnome3.gnome-session ]; diff --git a/nixos/modules/system/activation/activation-script.nix b/nixos/modules/system/activation/activation-script.nix index 2f716f92c62e..ddfd1af4a319 100644 --- a/nixos/modules/system/activation/activation-script.nix +++ b/nixos/modules/system/activation/activation-script.nix @@ -184,14 +184,7 @@ in find /var/empty -mindepth 1 -delete chmod 0555 /var/empty chown root:root /var/empty - - ${ # reasons for not setting immutable flag: - # 1. flag is not changeable inside a container - # 2. systemd-nspawn can not perform chown in case of --private-users-chown - # then the owner is nobody and ssh will not start - optionalString (!config.boot.isContainer) '' ${pkgs.e2fsprogs}/bin/chattr -f +i /var/empty || true - ''} ''; system.activationScripts.usrbinenv = if config.environment.usrbinenv != null diff --git a/nixos/modules/system/boot/stage-1-init.sh b/nixos/modules/system/boot/stage-1-init.sh index b817a45deba3..f520bf54ad1b 100644 --- a/nixos/modules/system/boot/stage-1-init.sh +++ b/nixos/modules/system/boot/stage-1-init.sh @@ -183,6 +183,12 @@ for o in $(cat /proc/cmdline); do copytoram) copytoram=1 ;; + findiso=*) + # if an iso name is supplied, try to find the device where + # the iso resides on + set -- $(IFS==; echo $o) + isoPath=$2 + ;; esac done @@ -442,6 +448,27 @@ if test -e /sys/power/resume -a -e /sys/power/disk; then fi fi +# If we have a path to an iso file, find the iso and link it to /dev/root +if [ -n "$isoPath" ]; then + mkdir -p /findiso + + for delay in 5 10; do + blkid | while read -r line; do + device=$(echo "$line" | sed 's/:.*//') + type=$(echo "$line" | sed 's/.*TYPE="\([^"]*\)".*/\1/') + + mount -t "$type" "$device" /findiso + if [ -e "/findiso$isoPath" ]; then + ln -sf "/findiso$isoPath" /dev/root + break 2 + else + umount /findiso + fi + done + + sleep "$delay" + done +fi # Try to find and mount the root device. mkdir -p $targetRoot diff --git a/nixos/modules/system/boot/systemd.nix b/nixos/modules/system/boot/systemd.nix index 5cf437bfbcbe..669eb6a7056b 100644 --- a/nixos/modules/system/boot/systemd.nix +++ b/nixos/modules/system/boot/systemd.nix @@ -546,6 +546,16 @@ in ''; }; + systemd.coredump.enable = mkOption { + default = true; + type = types.bool; + description = '' + Whether core dumps should be processed by + <command>systemd-coredump</command>. If disabled, core dumps + appear in the current directory of the crashing process. + ''; + }; + systemd.coredump.extraConfig = mkOption { default = ""; type = types.lines; @@ -983,6 +993,10 @@ in # Don't bother with certain units in containers. systemd.services.systemd-remount-fs.unitConfig.ConditionVirtualization = "!container"; systemd.services.systemd-random-seed.unitConfig.ConditionVirtualization = "!container"; + + boot.kernel.sysctl = mkIf (!cfg.coredump.enable) { + "kernel.core_pattern" = "core"; + }; }; # FIXME: Remove these eventually. diff --git a/nixos/modules/tasks/network-interfaces-systemd.nix b/nixos/modules/tasks/network-interfaces-systemd.nix index 7c6604922cf7..863072e33dc3 100644 --- a/nixos/modules/tasks/network-interfaces-systemd.nix +++ b/nixos/modules/tasks/network-interfaces-systemd.nix @@ -38,6 +38,12 @@ in } { assertion = cfg.defaultGateway6 == null || cfg.defaultGateway6.interface == null; message = "networking.defaultGateway6.interface is not supported by networkd."; + } { + assertion = cfg.useDHCP == false; + message = '' + networking.useDHCP is not supported by networkd. + Please use per interface configuration and set the global option to false. + ''; } ] ++ flip mapAttrsToList cfg.bridges (n: { rstp, ... }: { assertion = !rstp; message = "networking.bridges.${n}.rstp is not supported by networkd."; @@ -56,9 +62,7 @@ in genericNetwork = override: let gateway = optional (cfg.defaultGateway != null) cfg.defaultGateway.address ++ optional (cfg.defaultGateway6 != null) cfg.defaultGateway6.address; - in { - DHCP = override (dhcpStr cfg.useDHCP); - } // optionalAttrs (gateway != [ ]) { + in optionalAttrs (gateway != [ ]) { routes = override [ { routeConfig = { @@ -97,7 +101,7 @@ in networks."40-${i.name}" = mkMerge [ (genericNetwork mkDefault) { name = mkDefault i.name; DHCP = mkForce (dhcpStr - (if i.useDHCP != null then i.useDHCP else cfg.useDHCP && interfaceIps i == [ ])); + (if i.useDHCP != null then i.useDHCP else false)); address = forEach (interfaceIps i) (ip: "${ip.address}/${toString ip.prefixLength}"); networkConfig.IPv6PrivacyExtensions = "kernel"; diff --git a/nixos/modules/tasks/network-interfaces.nix b/nixos/modules/tasks/network-interfaces.nix index 3038be6dbab4..31e2ed1cd1ea 100644 --- a/nixos/modules/tasks/network-interfaces.nix +++ b/nixos/modules/tasks/network-interfaces.nix @@ -903,6 +903,11 @@ in Whether to use DHCP to obtain an IP address and other configuration for all network interfaces that are not manually configured. + + Using this option is highly discouraged and also incompatible with + <option>networking.useNetworkd</option>. Please use + <option>networking.interfaces.<name>.useDHCP</option> instead + and set this to false. ''; }; diff --git a/nixos/modules/virtualisation/container-config.nix b/nixos/modules/virtualisation/container-config.nix index adb2f78a0a64..f7a37d8c9f3b 100644 --- a/nixos/modules/virtualisation/container-config.nix +++ b/nixos/modules/virtualisation/container-config.nix @@ -11,7 +11,7 @@ with lib; services.udisks2.enable = mkDefault false; powerManagement.enable = mkDefault false; - networking.useHostResolvConf = mkDefault (!config.services.resolved.enable); + networking.useHostResolvConf = mkDefault true; # Containers should be light-weight, so start sshd on demand. services.openssh.startWhenNeeded = mkDefault true; diff --git a/nixos/modules/virtualisation/containers.nix b/nixos/modules/virtualisation/containers.nix index 9c9f8fc0c215..691ee2c136ec 100644 --- a/nixos/modules/virtualisation/containers.nix +++ b/nixos/modules/virtualisation/containers.nix @@ -824,5 +824,12 @@ in ''; environment.systemPackages = [ pkgs.nixos-container ]; + + boot.kernelModules = [ + "bridge" + "macvlan" + "tap" + "tun" + ]; }); } |