diff options
Diffstat (limited to 'nixpkgs/nixos/modules/config')
-rw-r--r-- | nixpkgs/nixos/modules/config/ldap.nix | 101 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/nix-channel.nix | 1 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/no-x-libs.nix | 4 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/pulseaudio.nix | 22 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/swap.nix | 3 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/config/sysctl.nix | 20 |
6 files changed, 79 insertions, 72 deletions
diff --git a/nixpkgs/nixos/modules/config/ldap.nix b/nixpkgs/nixos/modules/config/ldap.nix index d2f01fb87d32..e374e4a7a27e 100644 --- a/nixpkgs/nixos/modules/config/ldap.nix +++ b/nixpkgs/nixos/modules/config/ldap.nix @@ -226,18 +226,6 @@ in "ldap.conf" = ldapConfig; }; - system.activationScripts = mkIf (!cfg.daemon.enable) { - ldap = stringAfter [ "etc" "groups" "users" ] '' - if test -f "${cfg.bind.passwordFile}" ; then - umask 0077 - conf="$(mktemp)" - printf 'bindpw %s\n' "$(cat ${cfg.bind.passwordFile})" | - cat ${ldapConfig.source} - >"$conf" - mv -fT "$conf" /etc/ldap.conf - fi - ''; - }; - system.nssModules = mkIf cfg.nsswitch (singleton ( if cfg.daemon.enable then nss_pam_ldapd else nss_ldap )); @@ -258,42 +246,63 @@ in }; }; - systemd.services = mkIf cfg.daemon.enable { - nslcd = { - wantedBy = [ "multi-user.target" ]; - - preStart = '' - umask 0077 - conf="$(mktemp)" - { - cat ${nslcdConfig} - test -z '${cfg.bind.distinguishedName}' -o ! -f '${cfg.bind.passwordFile}' || - printf 'bindpw %s\n' "$(cat '${cfg.bind.passwordFile}')" - test -z '${cfg.daemon.rootpwmoddn}' -o ! -f '${cfg.daemon.rootpwmodpwFile}' || - printf 'rootpwmodpw %s\n' "$(cat '${cfg.daemon.rootpwmodpwFile}')" - } >"$conf" - mv -fT "$conf" /run/nslcd/nslcd.conf - ''; - - restartTriggers = [ - nslcdConfig - cfg.bind.passwordFile - cfg.daemon.rootpwmodpwFile - ]; - - serviceConfig = { - ExecStart = "${nslcdWrapped}/bin/nslcd"; - Type = "forking"; - Restart = "always"; - User = "nslcd"; - Group = "nslcd"; - RuntimeDirectory = [ "nslcd" ]; - PIDFile = "/run/nslcd/nslcd.pid"; - AmbientCapabilities = "CAP_SYS_RESOURCE"; + systemd.services = mkMerge [ + (mkIf (!cfg.daemon.enable) { + ldap-password = { + wantedBy = [ "sysinit.target" ]; + before = [ "sysinit.target" "shutdown.target" ]; + conflicts = [ "shutdown.target" ]; + unitConfig.DefaultDependencies = false; + serviceConfig.Type = "oneshot"; + serviceConfig.RemainAfterExit = true; + script = '' + if test -f "${cfg.bind.passwordFile}" ; then + umask 0077 + conf="$(mktemp)" + printf 'bindpw %s\n' "$(cat ${cfg.bind.passwordFile})" | + cat ${ldapConfig.source} - >"$conf" + mv -fT "$conf" /etc/ldap.conf + fi + ''; }; - }; + }) + + (mkIf cfg.daemon.enable { + nslcd = { + wantedBy = [ "multi-user.target" ]; + + preStart = '' + umask 0077 + conf="$(mktemp)" + { + cat ${nslcdConfig} + test -z '${cfg.bind.distinguishedName}' -o ! -f '${cfg.bind.passwordFile}' || + printf 'bindpw %s\n' "$(cat '${cfg.bind.passwordFile}')" + test -z '${cfg.daemon.rootpwmoddn}' -o ! -f '${cfg.daemon.rootpwmodpwFile}' || + printf 'rootpwmodpw %s\n' "$(cat '${cfg.daemon.rootpwmodpwFile}')" + } >"$conf" + mv -fT "$conf" /run/nslcd/nslcd.conf + ''; - }; + restartTriggers = [ + nslcdConfig + cfg.bind.passwordFile + cfg.daemon.rootpwmodpwFile + ]; + + serviceConfig = { + ExecStart = "${nslcdWrapped}/bin/nslcd"; + Type = "forking"; + Restart = "always"; + User = "nslcd"; + Group = "nslcd"; + RuntimeDirectory = [ "nslcd" ]; + PIDFile = "/run/nslcd/nslcd.pid"; + AmbientCapabilities = "CAP_SYS_RESOURCE"; + }; + }; + }) + ]; }; diff --git a/nixpkgs/nixos/modules/config/nix-channel.nix b/nixpkgs/nixos/modules/config/nix-channel.nix index a7ca7a5c74a4..dd97cb730ae4 100644 --- a/nixpkgs/nixos/modules/config/nix-channel.nix +++ b/nixpkgs/nixos/modules/config/nix-channel.nix @@ -12,7 +12,6 @@ let mkDefault mkIf mkOption - stringAfter types ; diff --git a/nixpkgs/nixos/modules/config/no-x-libs.nix b/nixpkgs/nixos/modules/config/no-x-libs.nix index ec26d4b12eff..0f5888f5ea3b 100644 --- a/nixpkgs/nixos/modules/config/no-x-libs.nix +++ b/nixpkgs/nixos/modules/config/no-x-libs.nix @@ -34,6 +34,7 @@ with lib; ffmpeg_5 = super.ffmpeg_5.override { ffmpegVariant = "headless"; }; # dep of graphviz, libXpm is optional for Xpm support gd = super.gd.override { withXorg = false; }; + ghostscript = super.ghostscript.override { cupsSupport = false; x11Support = false; }; gobject-introspection = super.gobject-introspection.override { x11Support = false; }; gpsd = super.gpsd.override { guiSupport = false; }; graphviz = super.graphviz-nox; @@ -44,6 +45,7 @@ with lib; }; imagemagick = super.imagemagick.override { libX11Support = false; libXtSupport = false; }; imagemagickBig = super.imagemagickBig.override { libX11Support = false; libXtSupport = false; }; + intel-vaapi-driver = super.intel-vaapi-driver.override { enableGui = false; }; libdevil = super.libdevil-nox; libextractor = super.libextractor.override { gtkSupport = false; }; libva = super.libva-minimal; @@ -72,7 +74,7 @@ with lib; qemu = super.qemu.override { gtkSupport = false; spiceSupport = false; sdlSupport = false; }; qrencode = super.qrencode.overrideAttrs (_: { doCheck = false; }); qt5 = super.qt5.overrideScope (const (super': { - qtbase = super'.qtbase.override { withGtk3 = false; }; + qtbase = super'.qtbase.override { withGtk3 = false; withQttranslation = false; }; })); stoken = super.stoken.override { withGTK3 = false; }; # translateManpages -> perlPackages.po4a -> texlive-combined-basic -> texlive-core-big -> libX11 diff --git a/nixpkgs/nixos/modules/config/pulseaudio.nix b/nixpkgs/nixos/modules/config/pulseaudio.nix index b10edeb75604..662959bf0071 100644 --- a/nixpkgs/nixos/modules/config/pulseaudio.nix +++ b/nixpkgs/nixos/modules/config/pulseaudio.nix @@ -8,8 +8,6 @@ let cfg = config.hardware.pulseaudio; alsaCfg = config.sound; - systemWide = cfg.enable && cfg.systemWide; - nonSystemWide = cfg.enable && !cfg.systemWide; hasZeroconf = let z = cfg.zeroconf; in z.publish.enable || z.discovery.enable; overriddenPackage = cfg.package.override @@ -217,16 +215,10 @@ in { }; - config = mkMerge [ + config = lib.mkIf cfg.enable (mkMerge [ { - environment.etc = { - "pulse/client.conf".source = clientConf; - }; - - hardware.pulseaudio.configFile = mkDefault "${getBin overriddenPackage}/etc/pulse/default.pa"; - } + environment.etc."pulse/client.conf".source = clientConf; - (mkIf cfg.enable { environment.systemPackages = [ overriddenPackage ]; sound.enable = true; @@ -242,6 +234,8 @@ in { "libao.conf".source = writeText "libao.conf" "default_driver=pulse"; }; + hardware.pulseaudio.configFile = mkDefault "${getBin overriddenPackage}/etc/pulse/default.pa"; + # Disable flat volumes to enable relative ones hardware.pulseaudio.daemon.config.flat-volumes = mkDefault "no"; @@ -255,7 +249,7 @@ in { # PulseAudio is packaged with udev rules to handle various audio device quirks services.udev.packages = [ overriddenPackage ]; - }) + } (mkIf (cfg.extraModules != []) { hardware.pulseaudio.daemon.config.dl-search-path = let @@ -277,7 +271,7 @@ in { services.avahi.publish.userServices = true; }) - (mkIf nonSystemWide { + (mkIf (!cfg.systemWide) { environment.etc = { "pulse/default.pa".source = myConfigFile; }; @@ -297,7 +291,7 @@ in { }; }) - (mkIf systemWide { + (mkIf cfg.systemWide { users.users.pulse = { # For some reason, PulseAudio wants UID == GID. uid = assert uid == gid; uid; @@ -328,6 +322,6 @@ in { environment.variables.PULSE_COOKIE = "${stateDir}/.config/pulse/cookie"; }) - ]; + ]); } diff --git a/nixpkgs/nixos/modules/config/swap.nix b/nixpkgs/nixos/modules/config/swap.nix index 8989a6408264..21046d6f1697 100644 --- a/nixpkgs/nixos/modules/config/swap.nix +++ b/nixpkgs/nixos/modules/config/swap.nix @@ -258,7 +258,8 @@ in # avoid this race condition. after = [ "systemd-modules-load.service" ]; wantedBy = [ "${realDevice'}.swap" ]; - before = [ "${realDevice'}.swap" ]; + before = [ "${realDevice'}.swap" "shutdown.target"]; + conflicts = [ "shutdown.target" ]; path = [ pkgs.util-linux pkgs.e2fsprogs ] ++ optional sw.randomEncryption.enable pkgs.cryptsetup; diff --git a/nixpkgs/nixos/modules/config/sysctl.nix b/nixpkgs/nixos/modules/config/sysctl.nix index b779f12aca30..bedba984a3c2 100644 --- a/nixpkgs/nixos/modules/config/sysctl.nix +++ b/nixpkgs/nixos/modules/config/sysctl.nix @@ -31,16 +31,18 @@ in }; in types.submodule { freeformType = types.attrsOf sysctlOption; - options."net.core.rmem_max" = mkOption { - type = types.nullOr highestValueType; - default = null; - description = lib.mdDoc "The maximum socket receive buffer size. In case of conflicting values, the highest will be used."; - }; + options = { + "net.core.rmem_max" = mkOption { + type = types.nullOr highestValueType; + default = null; + description = lib.mdDoc "The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used."; + }; - options."net.core.wmem_max" = mkOption { - type = types.nullOr highestValueType; - default = null; - description = lib.mdDoc "The maximum socket send buffer size. In case of conflicting values, the highest will be used."; + "net.core.wmem_max" = mkOption { + type = types.nullOr highestValueType; + default = null; + description = lib.mdDoc "The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used."; + }; }; }; default = {}; |