diff options
Diffstat (limited to 'nixpkgs/nixos/modules/misc')
-rw-r--r-- | nixpkgs/nixos/modules/misc/assertions.nix | 34 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/crashdump.nix | 75 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/documentation.nix | 207 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/extra-arguments.nix | 7 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/ids.nix | 657 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/label.nix | 72 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/lib.nix | 15 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/locate.nix | 182 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/meta.nix | 61 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/nixops-autoluks.nix | 43 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/nixpkgs.nix | 245 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/passthru.nix | 16 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/misc/version.nix | 105 |
13 files changed, 1719 insertions, 0 deletions
diff --git a/nixpkgs/nixos/modules/misc/assertions.nix b/nixpkgs/nixos/modules/misc/assertions.nix new file mode 100644 index 000000000000..550b3ac97f6a --- /dev/null +++ b/nixpkgs/nixos/modules/misc/assertions.nix @@ -0,0 +1,34 @@ +{ lib, ... }: + +with lib; + +{ + + options = { + + assertions = mkOption { + type = types.listOf types.unspecified; + internal = true; + default = []; + example = [ { assertion = false; message = "you can't enable this for that reason"; } ]; + description = '' + This option allows modules to express conditions that must + hold for the evaluation of the system configuration to + succeed, along with associated error messages for the user. + ''; + }; + + warnings = mkOption { + internal = true; + default = []; + type = types.listOf types.str; + example = [ "The `foo' service is deprecated and will go away soon!" ]; + description = '' + This option allows modules to show warnings to users during + the evaluation of the system configuration. + ''; + }; + + }; + # impl of assertions is in <nixpkgs/nixos/modules/system/activation/top-level.nix> +} diff --git a/nixpkgs/nixos/modules/misc/crashdump.nix b/nixpkgs/nixos/modules/misc/crashdump.nix new file mode 100644 index 000000000000..3c47e79d0512 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/crashdump.nix @@ -0,0 +1,75 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + crashdump = config.boot.crashDump; + + kernelParams = concatStringsSep " " crashdump.kernelParams; + +in +###### interface +{ + options = { + boot = { + crashDump = { + enable = mkOption { + type = types.bool; + default = false; + description = '' + If enabled, NixOS will set up a kernel that will + boot on crash, and leave the user in systemd rescue + to be able to save the crashed kernel dump at + /proc/vmcore. + It also activates the NMI watchdog. + ''; + }; + reservedMemory = mkOption { + default = "128M"; + description = '' + The amount of memory reserved for the crashdump kernel. + If you choose a too high value, dmesg will mention + "crashkernel reservation failed". + ''; + }; + kernelParams = mkOption { + type = types.listOf types.str; + default = [ "1" "boot.shell_on_fail" ]; + description = '' + Parameters that will be passed to the kernel kexec-ed on crash. + ''; + }; + }; + }; + }; + +###### implementation + + config = mkIf crashdump.enable { + boot = { + postBootCommands = '' + echo "loading crashdump kernel..."; + ${pkgs.kexectools}/sbin/kexec -p /run/current-system/kernel \ + --initrd=/run/current-system/initrd \ + --reset-vga --console-vga \ + --command-line="systemConfig=$(readlink -f /run/current-system) init=$(readlink -f /run/current-system/init) irqpoll maxcpus=1 reset_devices ${kernelParams}" + ''; + kernelParams = [ + "crashkernel=${crashdump.reservedMemory}" + "nmi_watchdog=panic" + "softlockup_panic=1" + ]; + kernelPatches = [ { + name = "crashdump-config"; + patch = null; + extraConfig = '' + CRASH_DUMP y + DEBUG_INFO y + PROC_VMCORE y + LOCKUP_DETECTOR y + HARDLOCKUP_DETECTOR y + ''; + } ]; + }; + }; +} diff --git a/nixpkgs/nixos/modules/misc/documentation.nix b/nixpkgs/nixos/modules/misc/documentation.nix new file mode 100644 index 000000000000..deecb005270f --- /dev/null +++ b/nixpkgs/nixos/modules/misc/documentation.nix @@ -0,0 +1,207 @@ +{ config, lib, pkgs, baseModules, extraModules, modules, ... }: + +with lib; + +let + + cfg = config.documentation; + + manualModules = baseModules ++ optionals cfg.nixos.includeAllModules (extraModules ++ modules); + + /* For the purpose of generating docs, evaluate options with each derivation + in `pkgs` (recursively) replaced by a fake with path "\${pkgs.attribute.path}". + It isn't perfect, but it seems to cover a vast majority of use cases. + Caveat: even if the package is reached by a different means, + the path above will be shown and not e.g. `${config.services.foo.package}`. */ + manual = import ../../doc/manual rec { + inherit pkgs config; + version = config.system.nixos.release; + revision = "release-${version}"; + options = + let + scrubbedEval = evalModules { + modules = [ { nixpkgs.localSystem = config.nixpkgs.localSystem; } ] ++ manualModules; + args = (config._module.args) // { modules = [ ]; }; + specialArgs = { pkgs = scrubDerivations "pkgs" pkgs; }; + }; + scrubDerivations = namePrefix: pkgSet: mapAttrs + (name: value: + let wholeName = "${namePrefix}.${name}"; in + if isAttrs value then + scrubDerivations wholeName value + // (optionalAttrs (isDerivation value) { outPath = "\${${wholeName}}"; }) + else value + ) + pkgSet; + in scrubbedEval.options; + }; + + helpScript = pkgs.writeScriptBin "nixos-help" + '' + #! ${pkgs.runtimeShell} -e + # Finds first executable browser in a colon-separated list. + # (see how xdg-open defines BROWSER) + browser="$( + IFS=: ; for b in $BROWSER; do + [ -n "$(type -P "$b" || true)" ] && echo "$b" && break + done + )" + if [ -z "$browser" ]; then + browser="$(type -P xdg-open || true)" + if [ -z "$browser" ]; then + browser="${pkgs.w3m-nographics}/bin/w3m" + fi + fi + exec "$browser" ${manual.manualHTMLIndex} + ''; + + desktopItem = pkgs.makeDesktopItem { + name = "nixos-manual"; + desktopName = "NixOS Manual"; + genericName = "View NixOS documentation in a web browser"; + icon = "nix-snowflake"; + exec = "${helpScript}/bin/nixos-help"; + categories = "System"; + }; + +in + +{ + + options = { + + documentation = { + + enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install documentation of packages from + <option>environment.systemPackages</option> into the generated system path. + + See "Multiple-output packages" chapter in the nixpkgs manual for more info. + ''; + # which is at ../../../doc/multiple-output.xml + }; + + man.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install manual pages and the <command>man</command> command. + This also includes "man" outputs. + ''; + }; + + info.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install info pages and the <command>info</command> command. + This also includes "info" outputs. + ''; + }; + + doc.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install documentation distributed in packages' <literal>/share/doc</literal>. + Usually plain text and/or HTML. + This also includes "doc" outputs. + ''; + }; + + dev.enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to install documentation targeted at developers. + <itemizedlist> + <listitem><para>This includes man pages targeted at developers if <option>man.enable</option> is + set (this also includes "devman" outputs).</para></listitem> + <listitem><para>This includes info pages targeted at developers if <option>info.enable</option> + is set (this also includes "devinfo" outputs).</para></listitem> + <listitem><para>This includes other pages targeted at developers if <option>doc.enable</option> + is set (this also includes "devdoc" outputs).</para></listitem> + </itemizedlist> + ''; + }; + + nixos.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to install NixOS's own documentation. + <itemizedlist> + <listitem><para>This includes man pages like + <citerefentry><refentrytitle>configuration.nix</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> if <option>man.enable</option> is + set.</para></listitem> + <listitem><para>This includes the HTML manual and the <command>nixos-help</command> command if + <option>doc.enable</option> is set.</para></listitem> + </itemizedlist> + ''; + }; + + nixos.includeAllModules = mkOption { + type = types.bool; + default = false; + description = '' + Whether the generated NixOS's documentation should include documentation for all + the options from all the NixOS modules included in the current + <literal>configuration.nix</literal>. Disabling this will make the manual + generator to ignore options defined outside of <literal>baseModules</literal>. + ''; + }; + + }; + + }; + + config = mkIf cfg.enable (mkMerge [ + + (mkIf cfg.man.enable { + environment.systemPackages = [ pkgs.man-db ]; + environment.pathsToLink = [ "/share/man" ]; + environment.extraOutputsToInstall = [ "man" ] ++ optional cfg.dev.enable "devman"; + environment.etc."man.conf".source = "${pkgs.man-db}/etc/man_db.conf"; + }) + + (mkIf cfg.info.enable { + environment.systemPackages = [ pkgs.texinfoInteractive ]; + environment.pathsToLink = [ "/share/info" ]; + environment.extraOutputsToInstall = [ "info" ] ++ optional cfg.dev.enable "devinfo"; + environment.extraSetup = '' + if [ -w $out/share/info ]; then + shopt -s nullglob + for i in $out/share/info/*.info $out/share/info/*.info.gz; do + ${pkgs.buildPackages.texinfo}/bin/install-info $i $out/share/info/dir + done + fi + ''; + }) + + (mkIf cfg.doc.enable { + environment.pathsToLink = [ "/share/doc" ]; + environment.extraOutputsToInstall = [ "doc" ] ++ optional cfg.dev.enable "devdoc"; + }) + + (mkIf cfg.nixos.enable { + system.build.manual = manual; + + environment.systemPackages = [] + ++ optional cfg.man.enable manual.manpages + ++ optionals cfg.doc.enable ([ manual.manualHTML helpScript ] + ++ optionals config.services.xserver.enable [ desktopItem pkgs.nixos-icons ]); + + services.mingetty.helpLine = mkIf cfg.doc.enable ( + "\nRun `nixos-help` " + + optionalString config.services.nixosManual.showManual "or press <Alt-F${toString config.services.nixosManual.ttyNumber}> " + + "for the NixOS manual." + ); + }) + + ]); + +} diff --git a/nixpkgs/nixos/modules/misc/extra-arguments.nix b/nixpkgs/nixos/modules/misc/extra-arguments.nix new file mode 100644 index 000000000000..8716e3d9fef2 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/extra-arguments.nix @@ -0,0 +1,7 @@ +{ pkgs, ... }: + +{ + _module.args = { + utils = import ../../lib/utils.nix pkgs; + }; +} diff --git a/nixpkgs/nixos/modules/misc/ids.nix b/nixpkgs/nixos/modules/misc/ids.nix new file mode 100644 index 000000000000..aed49c10dce4 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/ids.nix @@ -0,0 +1,657 @@ +# This module defines the global list of uids and gids. We keep a +# central list to prevent id collisions. + +# IMPORTANT! +# We only add static uids and gids for services where it is not feasible +# to change uids/gids on service start, for example a service with a lot of +# files. Please also check if the service is applicable for systemd's +# DynamicUser option and does not need a uid/gid allocation at all. +# Systemd can also change ownership of service directories using the +# RuntimeDirectory/StateDirectory options. + +{ lib, ... }: + +{ + options = { + + ids.uids = lib.mkOption { + internal = true; + description = '' + The user IDs used in NixOS. + ''; + }; + + ids.gids = lib.mkOption { + internal = true; + description = '' + The group IDs used in NixOS. + ''; + }; + + }; + + + config = { + + ids.uids = { + root = 0; + #wheel = 1; # unused + #kmem = 2; # unused + #tty = 3; # unused + messagebus = 4; # D-Bus + haldaemon = 5; + #disk = 6; # unused + vsftpd = 7; + ftp = 8; + bitlbee = 9; + #avahi = 10; # removed 2019-05-22 + nagios = 11; + atd = 12; + postfix = 13; + #postdrop = 14; # unused + dovecot = 15; + tomcat = 16; + #audio = 17; # unused + #floppy = 18; # unused + uucp = 19; + #lp = 20; # unused + #proc = 21; # unused + pulseaudio = 22; # must match `pulseaudio' GID + gpsd = 23; + #cdrom = 24; # unused + #tape = 25; # unused + #video = 26; # unused + #dialout = 27; # unused + polkituser = 28; + #utmp = 29; # unused + # ddclient = 30; # converted to DynamicUser = true + davfs2 = 31; + #disnix = 33; # unused + osgi = 34; + tor = 35; + cups = 36; + foldingathome = 37; + sabnzbd = 38; + #kdm = 39; # dropped in 17.03 + #ghostone = 40; # dropped in 18.03 + git = 41; + fourstore = 42; + fourstorehttp = 43; + virtuoso = 44; + rtkit = 45; + dovecot2 = 46; + dovenull2 = 47; + prayer = 49; + mpd = 50; + clamav = 51; + fprot = 52; + bind = 53; + wwwrun = 54; + #adm = 55; # unused + spamd = 56; + #networkmanager = 57; # unused + nslcd = 58; + scanner = 59; + nginx = 60; + chrony = 61; + #systemd-journal = 62; # unused + smtpd = 63; + smtpq = 64; + supybot = 65; + iodined = 66; + #libvirtd = 67; # unused + graphite = 68; + #statsd = 69; # removed 2018-11-14 + transmission = 70; + postgres = 71; + #vboxusers = 72; # unused + #vboxsf = 73; # unused + smbguest = 74; # unused + varnish = 75; + datadog = 76; + lighttpd = 77; + lightdm = 78; + freenet = 79; + ircd = 80; + bacula = 81; + #almir = 82; # removed 2018-03-25, the almir package was removed in 30291227f2411abaca097773eedb49b8f259e297 during 2017-08 + deluge = 83; + mysql = 84; + rabbitmq = 85; + activemq = 86; + gnunet = 87; + oidentd = 88; + quassel = 89; + amule = 90; + minidlna = 91; + elasticsearch = 92; + tcpcryptd = 93; # tcpcryptd uses a hard-coded uid. We patch it in Nixpkgs to match this choice. + firebird = 95; + #keys = 96; # unused + haproxy = 97; + mongodb = 98; + openldap = 99; + #users = 100; # unused + cgminer = 101; + munin = 102; + logcheck = 103; + nix-ssh = 104; + dictd = 105; + couchdb = 106; + searx = 107; + kippo = 108; + jenkins = 109; + systemd-journal-gateway = 110; + #notbit = 111; # unused + aerospike = 111; + ngircd = 112; + #btsync = 113; # unused + minecraft = 114; + vault = 115; + rippled = 116; + murmur = 117; + foundationdb = 118; + newrelic = 119; + starbound = 120; + hydra = 122; + spiped = 123; + teamspeak = 124; + influxdb = 125; + nsd = 126; + gitolite = 127; + znc = 128; + polipo = 129; + mopidy = 130; + #docker = 131; # unused + gdm = 132; + dhcpd = 133; + siproxd = 134; + mlmmj = 135; + neo4j = 136; + riemann = 137; + riemanndash = 138; + radvd = 139; + zookeeper = 140; + dnsmasq = 141; + uhub = 142; + yandexdisk = 143; + mxisd = 144; # was once collectd + consul = 145; + mailpile = 146; + redmine = 147; + seeks = 148; + prosody = 149; + i2pd = 150; + systemd-network = 152; + systemd-resolve = 153; + systemd-timesync = 154; + liquidsoap = 155; + etcd = 156; + hbase = 158; + opentsdb = 159; + scollector = 160; + bosun = 161; + kubernetes = 162; + peerflix = 163; + chronos = 164; + gitlab = 165; + tox-bootstrapd = 166; + cadvisor = 167; + nylon = 168; + apache-kafka = 169; + #panamax = 170; # unused + exim = 172; + #fleet = 173; # unused + #input = 174; # unused + sddm = 175; + tss = 176; + #memcached = 177; removed 2018-01-03 + ntp = 179; + zabbix = 180; + #redis = 181; removed 2018-01-03 + unifi = 183; + uptimed = 184; + zope2 = 185; + ripple-data-api = 186; + mediatomb = 187; + rdnssd = 188; + ihaskell = 189; + i2p = 190; + lambdabot = 191; + asterisk = 192; + plex = 193; + plexpy = 195; + grafana = 196; + skydns = 197; + # ripple-rest = 198; # unused, removed 2017-08-12 + nix-serve = 199; + tvheadend = 200; + uwsgi = 201; + gitit = 202; + riemanntools = 203; + subsonic = 204; + riak = 205; + shout = 206; + gateone = 207; + namecoin = 208; + dnschain = 209; + #lxd = 210; # unused + kibana = 211; + xtreemfs = 212; + calibre-server = 213; + heapster = 214; + bepasty = 215; + # pumpio = 216; # unused, removed 2018-02-24 + nm-openvpn = 217; + mathics = 218; + ejabberd = 219; + postsrsd = 220; + opendkim = 221; + dspam = 222; + gale = 223; + matrix-synapse = 224; + rspamd = 225; + # rmilter = 226; # unused, removed 2019-08-22 + cfdyndns = 227; + gammu-smsd = 228; + pdnsd = 229; + octoprint = 230; + avahi-autoipd = 231; + nntp-proxy = 232; + mjpg-streamer = 233; + radicale = 234; + hydra-queue-runner = 235; + hydra-www = 236; + syncthing = 237; + caddy = 239; + taskd = 240; + # factorio = 241; # DynamicUser = true + # emby = 242; # unusued, removed 2019-05-01 + graylog = 243; + sniproxy = 244; + nzbget = 245; + mosquitto = 246; + toxvpn = 247; + # squeezelite = 248; # DynamicUser = true + turnserver = 249; + smokeping = 250; + gocd-agent = 251; + gocd-server = 252; + terraria = 253; + mattermost = 254; + prometheus = 255; + telegraf = 256; + gitlab-runner = 257; + postgrey = 258; + hound = 259; + leaps = 260; + ipfs = 261; + stanchion = 262; + riak-cs = 263; + infinoted = 264; + sickbeard = 265; + headphones = 266; + couchpotato = 267; + gogs = 268; + pdns-recursor = 269; + kresd = 270; + rpc = 271; + geoip = 272; + fcron = 273; + sonarr = 274; + radarr = 275; + jackett = 276; + aria2 = 277; + clickhouse = 278; + rslsync = 279; + minio = 280; + kanboard = 281; + # pykms = 282; # DynamicUser = true + kodi = 283; + restya-board = 284; + mighttpd2 = 285; + hass = 286; + monero = 287; + ceph = 288; + duplicati = 289; + monetdb = 290; + restic = 291; + openvpn = 292; + meguca = 293; + yarn = 294; + hdfs = 295; + mapred = 296; + hadoop = 297; + hydron = 298; + cfssl = 299; + cassandra = 300; + qemu-libvirtd = 301; + # kvm = 302; # unused + # render = 303; # unused + zeronet = 304; + lirc = 305; + lidarr = 306; + slurm = 307; + kapacitor = 308; + solr = 309; + alerta = 310; + minetest = 311; + rss2email = 312; + cockroachdb = 313; + zoneminder = 314; + paperless = 315; + mailman = 316; + + # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! + + nixbld = 30000; # start of range of uids + nobody = 65534; + }; + + ids.gids = { + root = 0; + wheel = 1; + kmem = 2; + tty = 3; + messagebus = 4; # D-Bus + haldaemon = 5; + disk = 6; + vsftpd = 7; + ftp = 8; + bitlbee = 9; + #avahi = 10; # removed 2019-05-22 + #nagios = 11; # unused + atd = 12; + postfix = 13; + postdrop = 14; + dovecot = 15; + tomcat = 16; + audio = 17; + floppy = 18; + uucp = 19; + lp = 20; + proc = 21; + pulseaudio = 22; # must match `pulseaudio' UID + gpsd = 23; + cdrom = 24; + tape = 25; + video = 26; + dialout = 27; + #polkituser = 28; # currently unused, polkitd doesn't need a group + utmp = 29; + # ddclient = 30; # converted to DynamicUser = true + davfs2 = 31; + disnix = 33; + osgi = 34; + tor = 35; + #cups = 36; # unused + #foldingathome = 37; # unused + #sabnzd = 38; # unused + #kdm = 39; # unused, even before 17.03 + #ghostone = 40; # dropped in 18.03 + git = 41; + fourstore = 42; + fourstorehttp = 43; + virtuoso = 44; + #rtkit = 45; # unused + dovecot2 = 46; + dovenull2 = 47; + prayer = 49; + mpd = 50; + clamav = 51; + fprot = 52; + #bind = 53; # unused + wwwrun = 54; + adm = 55; + spamd = 56; + networkmanager = 57; + nslcd = 58; + scanner = 59; + nginx = 60; + chrony = 61; + systemd-journal = 62; + smtpd = 63; + smtpq = 64; + supybot = 65; + iodined = 66; + libvirtd = 67; + graphite = 68; + #statsd = 69; # removed 2018-11-14 + transmission = 70; + postgres = 71; + vboxusers = 72; + vboxsf = 73; + smbguest = 74; # unused + varnish = 75; + datadog = 76; + lighttpd = 77; + lightdm = 78; + freenet = 79; + ircd = 80; + bacula = 81; + #almir = 82; # removed 2018-03-25, the almir package was removed in 30291227f2411abaca097773eedb49b8f259e297 during 2017-08 + deluge = 83; + mysql = 84; + rabbitmq = 85; + activemq = 86; + gnunet = 87; + oidentd = 88; + quassel = 89; + amule = 90; + minidlna = 91; + elasticsearch = 92; + #tcpcryptd = 93; # unused + firebird = 95; + keys = 96; + haproxy = 97; + #mongodb = 98; # unused + openldap = 99; + munin = 102; + #logcheck = 103; # unused + #nix-ssh = 104; # unused + dictd = 105; + couchdb = 106; + searx = 107; + kippo = 108; + jenkins = 109; + systemd-journal-gateway = 110; + #notbit = 111; # unused + aerospike = 111; + #ngircd = 112; # unused + #btsync = 113; # unused + #minecraft = 114; # unused + vault = 115; + #ripped = 116; # unused + #murmur = 117; # unused + foundationdb = 118; + newrelic = 119; + starbound = 120; + hydra = 122; + spiped = 123; + teamspeak = 124; + influxdb = 125; + nsd = 126; + gitolite = 127; + znc = 128; + polipo = 129; + mopidy = 130; + docker = 131; + gdm = 132; + #dhcpcd = 133; # unused + siproxd = 134; + mlmmj = 135; + #neo4j = 136; # unused + riemann = 137; + riemanndash = 138; + #radvd = 139; # unused + #zookeeper = 140; # unused + #dnsmasq = 141; # unused + uhub = 142; + #yandexdisk = 143; # unused + mxisd = 144; # was once collectd + #consul = 145; # unused + mailpile = 146; + redmine = 147; + seeks = 148; + prosody = 149; + i2pd = 150; + systemd-network = 152; + systemd-resolve = 153; + systemd-timesync = 154; + liquidsoap = 155; + #etcd = 156; # unused + hbase = 158; + opentsdb = 159; + scollector = 160; + bosun = 161; + kubernetes = 162; + #peerflix = 163; # unused + #chronos = 164; # unused + gitlab = 165; + nylon = 168; + #panamax = 170; # unused + exim = 172; + #fleet = 173; # unused + input = 174; + sddm = 175; + tss = 176; + #memcached = 177; # unused, removed 2018-01-03 + #ntp = 179; # unused + zabbix = 180; + #redis = 181; # unused, removed 2018-01-03 + #unifi = 183; # unused + #uptimed = 184; # unused + #zope2 = 185; # unused + #ripple-data-api = 186; #unused + mediatomb = 187; + #rdnssd = 188; # unused + ihaskell = 189; + i2p = 190; + lambdabot = 191; + asterisk = 192; + plex = 193; + sabnzbd = 194; + #grafana = 196; #unused + #skydns = 197; #unused + # ripple-rest = 198; # unused, removed 2017-08-12 + #nix-serve = 199; #unused + #tvheadend = 200; #unused + uwsgi = 201; + gitit = 202; + riemanntools = 203; + subsonic = 204; + riak = 205; + #shout = 206; #unused + gateone = 207; + namecoin = 208; + #dnschain = 209; #unused + lxd = 210; # unused + #kibana = 211; + xtreemfs = 212; + calibre-server = 213; + bepasty = 215; + # pumpio = 216; # unused, removed 2018-02-24 + nm-openvpn = 217; + mathics = 218; + ejabberd = 219; + postsrsd = 220; + opendkim = 221; + dspam = 222; + gale = 223; + matrix-synapse = 224; + rspamd = 225; + # rmilter = 226; # unused, removed 2019-08-22 + cfdyndns = 227; + pdnsd = 229; + octoprint = 230; + radicale = 234; + syncthing = 237; + caddy = 239; + taskd = 240; + # factorio = 241; # unused + # emby = 242; # unused, removed 2019-05-01 + sniproxy = 244; + nzbget = 245; + mosquitto = 246; + #toxvpn = 247; # unused + #squeezelite = 248; #unused + turnserver = 249; + smokeping = 250; + gocd-agent = 251; + gocd-server = 252; + terraria = 253; + mattermost = 254; + prometheus = 255; + #telegraf = 256; # unused + gitlab-runner = 257; + postgrey = 258; + hound = 259; + leaps = 260; + ipfs = 261; + stanchion = 262; + riak-cs = 263; + infinoted = 264; + sickbeard = 265; + headphones = 266; + couchpotato = 267; + gogs = 268; + kresd = 270; + #rpc = 271; # unused + #geoip = 272; # unused + fcron = 273; + sonarr = 274; + radarr = 275; + jackett = 276; + aria2 = 277; + clickhouse = 278; + rslsync = 279; + minio = 280; + kanboard = 281; + # pykms = 282; # DynamicUser = true + kodi = 283; + restya-board = 284; + mighttpd2 = 285; + hass = 286; + monero = 287; + ceph = 288; + duplicati = 289; + monetdb = 290; + restic = 291; + openvpn = 292; + meguca = 293; + yarn = 294; + hdfs = 295; + mapred = 296; + hadoop = 297; + hydron = 298; + cfssl = 299; + cassandra = 300; + qemu-libvirtd = 301; + kvm = 302; # default udev rules from systemd requires these + render = 303; # default udev rules from systemd requires these + zeronet = 304; + lirc = 305; + lidarr = 306; + slurm = 307; + kapacitor = 308; + solr = 309; + alerta = 310; + minetest = 311; + rss2email = 312; + cockroachdb = 313; + zoneminder = 314; + paperless = 315; + mailman = 316; + + # When adding a gid, make sure it doesn't match an existing + # uid. Users and groups with the same name should have equal + # uids and gids. Also, don't use gids above 399! + + users = 100; + nixbld = 30000; + nogroup = 65534; + }; + + }; + +} diff --git a/nixpkgs/nixos/modules/misc/label.nix b/nixpkgs/nixos/modules/misc/label.nix new file mode 100644 index 000000000000..02b91555b3c2 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/label.nix @@ -0,0 +1,72 @@ +{ config, lib, ... }: + +with lib; + +let + cfg = config.system.nixos; +in + +{ + + options.system = { + + nixos.label = mkOption { + type = types.str; + description = '' + NixOS version name to be used in the names of generated + outputs and boot labels. + + If you ever wanted to influence the labels in your GRUB menu, + this is the option for you. + + The default is <option>system.nixos.tags</option> separated by + "-" + "-" + <envar>NIXOS_LABEL_VERSION</envar> environment + variable (defaults to the value of + <option>system.nixos.version</option>). + + Can be overriden by setting <envar>NIXOS_LABEL</envar>. + + Useful for not loosing track of configurations built from different + nixos branches/revisions, e.g.: + + <screen> + #!/bin/sh + today=`date +%Y%m%d` + branch=`(cd nixpkgs ; git branch 2>/dev/null | sed -n '/^\* / { s|^\* ||; p; }')` + revision=`(cd nixpkgs ; git rev-parse HEAD)` + export NIXOS_LABEL_VERSION="$today.$branch-''${revision:0:7}" + nixos-rebuild switch</screen> + ''; + }; + + nixos.tags = mkOption { + type = types.listOf types.str; + default = []; + example = [ "with-xen" ]; + description = '' + Strings to prefix to the default + <option>system.nixos.label</option>. + + Useful for not loosing track of configurations built with + different options, e.g.: + + <screen> + { + system.nixos.tags = [ "with-xen" ]; + virtualisation.xen.enable = true; + } + </screen> + ''; + }; + + }; + + config = { + # This is set here rather than up there so that changing it would + # not rebuild the manual + system.nixos.label = mkDefault (maybeEnv "NIXOS_LABEL" + (concatStringsSep "-" ((sort (x: y: x < y) cfg.tags) + ++ [ (maybeEnv "NIXOS_LABEL_VERSION" cfg.version) ]))); + }; + +} diff --git a/nixpkgs/nixos/modules/misc/lib.nix b/nixpkgs/nixos/modules/misc/lib.nix new file mode 100644 index 000000000000..121f396701ea --- /dev/null +++ b/nixpkgs/nixos/modules/misc/lib.nix @@ -0,0 +1,15 @@ +{ lib, ... }: + +{ + options = { + lib = lib.mkOption { + default = {}; + + type = lib.types.attrsOf lib.types.attrs; + + description = '' + This option allows modules to define helper functions, constants, etc. + ''; + }; + }; +} diff --git a/nixpkgs/nixos/modules/misc/locate.nix b/nixpkgs/nixos/modules/misc/locate.nix new file mode 100644 index 000000000000..449149e4bb65 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/locate.nix @@ -0,0 +1,182 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.services.locate; + isMLocate = hasPrefix "mlocate" cfg.locate.name; + isFindutils = hasPrefix "findutils" cfg.locate.name; +in { + options.services.locate = with types; { + enable = mkOption { + type = bool; + default = false; + description = '' + If enabled, NixOS will periodically update the database of + files used by the <command>locate</command> command. + ''; + }; + + locate = mkOption { + type = package; + default = pkgs.findutils; + defaultText = "pkgs.findutils"; + example = "pkgs.mlocate"; + description = '' + The locate implementation to use + ''; + }; + + interval = mkOption { + type = str; + default = "02:15"; + example = "hourly"; + description = '' + Update the locate database at this interval. Updates by + default at 2:15 AM every day. + + The format is described in + <citerefentry><refentrytitle>systemd.time</refentrytitle> + <manvolnum>7</manvolnum></citerefentry>. + ''; + }; + + extraFlags = mkOption { + type = listOf str; + default = [ ]; + description = '' + Extra flags to pass to <command>updatedb</command>. + ''; + }; + + output = mkOption { + type = path; + default = "/var/cache/locatedb"; + description = '' + The database file to build. + ''; + }; + + localuser = mkOption { + type = nullOr str; + default = "nobody"; + description = '' + The user to search non-network directories as, using + <command>su</command>. + ''; + }; + + pruneFS = mkOption { + type = listOf str; + default = ["afs" "anon_inodefs" "auto" "autofs" "bdev" "binfmt" "binfmt_misc" "cgroup" "cifs" "coda" "configfs" "cramfs" "cpuset" "debugfs" "devfs" "devpts" "devtmpfs" "ecryptfs" "eventpollfs" "exofs" "futexfs" "ftpfs" "fuse" "fusectl" "gfs" "gfs2" "hostfs" "hugetlbfs" "inotifyfs" "iso9660" "jffs2" "lustre" "misc" "mqueue" "ncpfs" "nnpfs" "ocfs" "ocfs2" "pipefs" "proc" "ramfs" "rpc_pipefs" "securityfs" "selinuxfs" "sfs" "shfs" "smbfs" "sockfs" "spufs" "nfs" "NFS" "nfs4" "nfsd" "sshfs" "subfs" "supermount" "sysfs" "tmpfs" "ubifs" "udf" "usbfs" "vboxsf" "vperfctrfs" ]; + description = '' + Which filesystem types to exclude from indexing + ''; + }; + + prunePaths = mkOption { + type = listOf path; + default = ["/tmp" "/var/tmp" "/var/cache" "/var/lock" "/var/run" "/var/spool" "/nix/store"]; + description = '' + Which paths to exclude from indexing + ''; + }; + + pruneNames = mkOption { + type = listOf str; + default = []; + description = '' + Directory components which should exclude paths containing them from indexing + ''; + }; + + pruneBindMounts = mkOption { + type = bool; + default = false; + description = '' + Whether not to index bind mounts + ''; + }; + + }; + + config = mkIf cfg.enable { + users.groups = mkIf isMLocate { mlocate = {}; }; + + security.wrappers = mkIf isMLocate { + locate = { + group = "mlocate"; + owner = "root"; + permissions = "u+rx,g+x,o+x"; + setgid = true; + setuid = false; + source = "${cfg.locate}/bin/locate"; + }; + }; + + nixpkgs.config = { locate.dbfile = cfg.output; }; + + environment.systemPackages = [ cfg.locate ]; + + environment.variables = mkIf (!isMLocate) + { LOCATE_PATH = cfg.output; + }; + + warnings = optional (isMLocate && cfg.localuser != null) "mlocate does not support searching as user other than root" + ++ optional (isFindutils && cfg.pruneNames != []) "findutils locate does not support pruning by directory component" + ++ optional (isFindutils && cfg.pruneBindMounts) "findutils locate does not support skipping bind mounts"; + + # directory creation needs to be separated from main service + # because ReadWritePaths fails when the directory doesn't already exist + systemd.tmpfiles.rules = [ "d ${dirOf cfg.output} 0755 root root -" ]; + + systemd.services.update-locatedb = + { description = "Update Locate Database"; + path = mkIf (!isMLocate) [ pkgs.su ]; + + # mlocate's updatedb takes flags via a configuration file or + # on the command line, but not by environment variable. + script = + if isMLocate + then let toFlags = x: optional (cfg.${x} != []) + "--${lib.toLower x} '${concatStringsSep " " cfg.${x}}'"; + args = concatLists (map toFlags ["pruneFS" "pruneNames" "prunePaths"]); + in '' + exec ${cfg.locate}/bin/updatedb \ + --output ${toString cfg.output} ${concatStringsSep " " args} \ + --prune-bind-mounts ${if cfg.pruneBindMounts then "yes" else "no"} \ + ${concatStringsSep " " cfg.extraFlags} + '' + else '' + exec ${cfg.locate}/bin/updatedb \ + ${optionalString (cfg.localuser != null && ! isMLocate) ''--localuser=${cfg.localuser}''} \ + --output=${toString cfg.output} ${concatStringsSep " " cfg.extraFlags} + ''; + environment = optionalAttrs (!isMLocate) { + PRUNEFS = concatStringsSep " " cfg.pruneFS; + PRUNEPATHS = concatStringsSep " " cfg.prunePaths; + PRUNENAMES = concatStringsSep " " cfg.pruneNames; + PRUNE_BIND_MOUNTS = if cfg.pruneBindMounts then "yes" else "no"; + }; + serviceConfig.Nice = 19; + serviceConfig.IOSchedulingClass = "idle"; + serviceConfig.PrivateTmp = "yes"; + serviceConfig.PrivateNetwork = "yes"; + serviceConfig.NoNewPrivileges = "yes"; + serviceConfig.ReadOnlyPaths = "/"; + # Use dirOf cfg.output because mlocate creates temporary files next to + # the actual database. We could specify and create them as well, + # but that would make this quite brittle when they change something. + # NOTE: If /var/cache does not exist, this leads to the misleading error message: + # update-locatedb.service: Failed at step NAMESPACE spawning …/update-locatedb-start: No such file or directory + serviceConfig.ReadWritePaths = dirOf cfg.output; + }; + + systemd.timers.update-locatedb = + { description = "Update timer for locate database"; + partOf = [ "update-locatedb.service" ]; + wantedBy = [ "timers.target" ]; + timerConfig.OnCalendar = cfg.interval; + }; + }; +} diff --git a/nixpkgs/nixos/modules/misc/meta.nix b/nixpkgs/nixos/modules/misc/meta.nix new file mode 100644 index 000000000000..be3f4cbbcfe4 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/meta.nix @@ -0,0 +1,61 @@ +{ lib, ... }: + +with lib; + +let + maintainer = mkOptionType { + name = "maintainer"; + check = email: elem email (attrValues lib.maintainers); + merge = loc: defs: listToAttrs (singleton (nameValuePair (last defs).file (last defs).value)); + }; + + listOfMaintainers = types.listOf maintainer // { + # Returns list of + # { "module-file" = [ + # "maintainer1 <first@nixos.org>" + # "maintainer2 <second@nixos.org>" ]; + # } + merge = loc: defs: + zipAttrs + (flatten (imap1 (n: def: imap1 (m: def': + maintainer.merge (loc ++ ["[${toString n}-${toString m}]"]) + [{ inherit (def) file; value = def'; }]) def.value) defs)); + }; + + docFile = types.path // { + # Returns tuples of + # { file = "module location"; value = <path/to/doc.xml>; } + merge = loc: defs: defs; + }; +in + +{ + options = { + meta = { + + maintainers = mkOption { + type = listOfMaintainers; + internal = true; + default = []; + example = [ lib.maintainers.all ]; + description = '' + List of maintainers of each module. This option should be defined at + most once per module. + ''; + }; + + doc = mkOption { + type = docFile; + internal = true; + example = "./meta.xml"; + description = '' + Documentation prologe for the set of options of each module. This + option should be defined at most once per module. + ''; + }; + + }; + }; + + meta.maintainers = singleton lib.maintainers.pierron; +} diff --git a/nixpkgs/nixos/modules/misc/nixops-autoluks.nix b/nixpkgs/nixos/modules/misc/nixops-autoluks.nix new file mode 100644 index 000000000000..20c143286afa --- /dev/null +++ b/nixpkgs/nixos/modules/misc/nixops-autoluks.nix @@ -0,0 +1,43 @@ +{ config, options, lib, ... }: +let + path = [ "deployment" "autoLuks" ]; + hasAutoLuksConfig = lib.hasAttrByPath path config && (lib.attrByPath path {} config) != {}; + + inherit (config.nixops) enableDeprecatedAutoLuks; +in { + options.nixops.enableDeprecatedAutoLuks = lib.mkEnableOption "Enable the deprecated NixOps AutoLuks module"; + + config = { + assertions = [ + { + assertion = if hasAutoLuksConfig then hasAutoLuksConfig && enableDeprecatedAutoLuks else true; + message = '' + ⚠️ !!! WARNING !!! ⚠️ + + NixOps autoLuks is deprecated. The feature was never widely used and the maintenance did outgrow the benefit. + If you still want to use the module: + a) Please raise your voice in the issue tracking usage of the module: + https://github.com/NixOS/nixpkgs/issues/62211 + b) make sure you set the `_netdev` option for each of the file + systems referring to block devices provided by the autoLuks module. + + ⚠️ If you do not set the option your system will not boot anymore! ⚠️ + + { + fileSystems."/secret" = { options = [ "_netdev" ]; }; + } + + b) set the option >nixops.enableDeprecatedAutoLuks = true< to remove this error. + + + For more details read through the following resources: + - https://github.com/NixOS/nixops/pull/1156 + - https://github.com/NixOS/nixpkgs/issues/47550 + - https://github.com/NixOS/nixpkgs/issues/62211 + - https://github.com/NixOS/nixpkgs/pull/61321 + ''; + } + ]; + }; + +} diff --git a/nixpkgs/nixos/modules/misc/nixpkgs.nix b/nixpkgs/nixos/modules/misc/nixpkgs.nix new file mode 100644 index 000000000000..afb74581e239 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/nixpkgs.nix @@ -0,0 +1,245 @@ +{ config, options, lib, pkgs, ... }: + +with lib; + +let + cfg = config.nixpkgs; + opt = options.nixpkgs; + + isConfig = x: + builtins.isAttrs x || lib.isFunction x; + + optCall = f: x: + if lib.isFunction f + then f x + else f; + + mergeConfig = lhs_: rhs_: + let + lhs = optCall lhs_ { inherit pkgs; }; + rhs = optCall rhs_ { inherit pkgs; }; + in + recursiveUpdate lhs rhs // + optionalAttrs (lhs ? packageOverrides) { + packageOverrides = pkgs: + optCall lhs.packageOverrides pkgs // + optCall (attrByPath ["packageOverrides"] ({}) rhs) pkgs; + } // + optionalAttrs (lhs ? perlPackageOverrides) { + perlPackageOverrides = pkgs: + optCall lhs.perlPackageOverrides pkgs // + optCall (attrByPath ["perlPackageOverrides"] ({}) rhs) pkgs; + }; + + configType = mkOptionType { + name = "nixpkgs-config"; + description = "nixpkgs config"; + check = x: + let traceXIfNot = c: + if c x then true + else lib.traceSeqN 1 x false; + in traceXIfNot isConfig; + merge = args: fold (def: mergeConfig def.value) {}; + }; + + overlayType = mkOptionType { + name = "nixpkgs-overlay"; + description = "nixpkgs overlay"; + check = lib.isFunction; + merge = lib.mergeOneOption; + }; + + pkgsType = mkOptionType { + name = "nixpkgs"; + description = "An evaluation of Nixpkgs; the top level attribute set of packages"; + check = builtins.isAttrs; + }; + + defaultPkgs = import ../../.. { + inherit (cfg) config overlays localSystem crossSystem; + }; + + finalPkgs = if opt.pkgs.isDefined then cfg.pkgs.appendOverlays cfg.overlays else defaultPkgs; + +in + +{ + options.nixpkgs = { + + pkgs = mkOption { + defaultText = literalExample + ''import "''${nixos}/.." { + inherit (cfg) config overlays localSystem crossSystem; + } + ''; + type = pkgsType; + example = literalExample ''import <nixpkgs> {}''; + description = '' + If set, the pkgs argument to all NixOS modules is the value of + this option, extended with <code>nixpkgs.overlays</code>, if + that is also set. Either <code>nixpkgs.crossSystem</code> or + <code>nixpkgs.localSystem</code> will be used in an assertion + to check that the NixOS and Nixpkgs architectures match. Any + other options in <code>nixpkgs.*</code>, notably <code>config</code>, + will be ignored. + + If unset, the pkgs argument to all NixOS modules is determined + as shown in the default value for this option. + + The default value imports the Nixpkgs source files + relative to the location of this NixOS module, because + NixOS and Nixpkgs are distributed together for consistency, + so the <code>nixos</code> in the default value is in fact a + relative path. The <code>config</code>, <code>overlays</code>, + <code>localSystem</code>, and <code>crossSystem</code> come + from this option's siblings. + + This option can be used by applications like NixOps to increase + the performance of evaluation, or to create packages that depend + on a container that should be built with the exact same evaluation + of Nixpkgs, for example. Applications like this should set + their default value using <code>lib.mkDefault</code>, so + user-provided configuration can override it without using + <code>lib</code>. + + Note that using a distinct version of Nixpkgs with NixOS may + be an unexpected source of problems. Use this option with care. + ''; + }; + + config = mkOption { + default = {}; + example = literalExample + '' + { allowBroken = true; allowUnfree = true; } + ''; + type = configType; + description = '' + The configuration of the Nix Packages collection. (For + details, see the Nixpkgs documentation.) It allows you to set + package configuration options. + + Ignored when <code>nixpkgs.pkgs</code> is set. + ''; + }; + + overlays = mkOption { + default = []; + example = literalExample + '' + [ + (self: super: { + openssh = super.openssh.override { + hpnSupport = true; + kerberos = self.libkrb5; + }; + }) + ] + ''; + type = types.listOf overlayType; + description = '' + List of overlays to use with the Nix Packages collection. + (For details, see the Nixpkgs documentation.) It allows + you to override packages globally. Each function in the list + takes as an argument the <emphasis>original</emphasis> Nixpkgs. + The first argument should be used for finding dependencies, and + the second should be used for overriding recipes. + + If <code>nixpkgs.pkgs</code> is set, overlays specified here + will be applied after the overlays that were already present + in <code>nixpkgs.pkgs</code>. + ''; + }; + + localSystem = mkOption { + type = types.attrs; # TODO utilize lib.systems.parsedPlatform + default = { inherit (cfg) system; }; + example = { system = "aarch64-linux"; config = "aarch64-unknown-linux-gnu"; }; + # Make sure that the final value has all fields for sake of other modules + # referring to this. TODO make `lib.systems` itself use the module system. + apply = lib.systems.elaborate; + defaultText = literalExample + ''(import "''${nixos}/../lib").lib.systems.examples.aarch64-multiplatform''; + description = '' + Specifies the platform on which NixOS should be built. When + <code>nixpkgs.crossSystem</code> is unset, it also specifies + the platform <emphasis>for</emphasis> which NixOS should be + built. If this option is unset, it defaults to the platform + type of the machine where evaluation happens. Specifying this + option is useful when doing distributed multi-platform + deployment, or when building virtual machines. See its + description in the Nixpkgs manual for more details. + + Ignored when <code>nixpkgs.pkgs</code> is set. + ''; + }; + + crossSystem = mkOption { + type = types.nullOr types.attrs; # TODO utilize lib.systems.parsedPlatform + default = null; + example = { system = "aarch64-linux"; config = "aarch64-unknown-linux-gnu"; }; + defaultText = literalExample + ''(import "''${nixos}/../lib").lib.systems.examples.aarch64-multiplatform''; + description = '' + Specifies the platform for which NixOS should be + built. Specify this only if it is different from + <code>nixpkgs.localSystem</code>, the platform + <emphasis>on</emphasis> which NixOS should be built. In other + words, specify this to cross-compile NixOS. Otherwise it + should be set as null, the default. See its description in the + Nixpkgs manual for more details. + + Ignored when <code>nixpkgs.pkgs</code> is set. + ''; + }; + + system = mkOption { + type = types.str; + example = "i686-linux"; + description = '' + Specifies the Nix platform type on which NixOS should be built. + It is better to specify <code>nixpkgs.localSystem</code> instead. + <programlisting> + { + nixpkgs.system = ..; + } + </programlisting> + is the same as + <programlisting> + { + nixpkgs.localSystem.system = ..; + } + </programlisting> + See <code>nixpkgs.localSystem</code> for more information. + + Ignored when <code>nixpkgs.localSystem</code> is set. + Ignored when <code>nixpkgs.pkgs</code> is set. + ''; + }; + }; + + config = { + _module.args = { + pkgs = finalPkgs; + }; + + assertions = [ + ( + let + nixosExpectedSystem = + if config.nixpkgs.crossSystem != null + then config.nixpkgs.crossSystem.system + else config.nixpkgs.localSystem.system; + nixosOption = + if config.nixpkgs.crossSystem != null + then "nixpkgs.crossSystem" + else "nixpkgs.localSystem"; + pkgsSystem = finalPkgs.stdenv.targetPlatform.system; + in { + assertion = nixosExpectedSystem == pkgsSystem; + message = "The NixOS nixpkgs.pkgs option was set to a Nixpkgs invocation that compiles to target system ${pkgsSystem} but NixOS was configured for system ${nixosExpectedSystem} via NixOS option ${nixosOption}. The NixOS system settings must match the Nixpkgs target system."; + } + ) + ]; + }; +} diff --git a/nixpkgs/nixos/modules/misc/passthru.nix b/nixpkgs/nixos/modules/misc/passthru.nix new file mode 100644 index 000000000000..4e99631fdd85 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/passthru.nix @@ -0,0 +1,16 @@ +# This module allows you to export something from configuration +# Use case: export kernel source expression for ease of configuring + +{ lib, ... }: + +{ + options = { + passthru = lib.mkOption { + visible = false; + description = '' + This attribute set will be exported as a system attribute. + You can put whatever you want here. + ''; + }; + }; +} diff --git a/nixpkgs/nixos/modules/misc/version.nix b/nixpkgs/nixos/modules/misc/version.nix new file mode 100644 index 000000000000..3ae60cb79160 --- /dev/null +++ b/nixpkgs/nixos/modules/misc/version.nix @@ -0,0 +1,105 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + cfg = config.system.nixos; + + gitRepo = "${toString pkgs.path}/.git"; + gitCommitId = lib.substring 0 7 (commitIdFromGitRepo gitRepo); +in + +{ + + options.system = { + + nixos.version = mkOption { + internal = true; + type = types.str; + description = "The full NixOS version (e.g. <literal>16.03.1160.f2d4ee1</literal>)."; + }; + + nixos.release = mkOption { + readOnly = true; + type = types.str; + default = trivial.release; + description = "The NixOS release (e.g. <literal>16.03</literal>)."; + }; + + nixos.versionSuffix = mkOption { + internal = true; + type = types.str; + default = trivial.versionSuffix; + description = "The NixOS version suffix (e.g. <literal>1160.f2d4ee1</literal>)."; + }; + + nixos.revision = mkOption { + internal = true; + type = types.str; + default = trivial.revisionWithDefault "master"; + description = "The Git revision from which this NixOS configuration was built."; + }; + + nixos.codeName = mkOption { + readOnly = true; + type = types.str; + default = trivial.codeName; + description = "The NixOS release code name (e.g. <literal>Emu</literal>)."; + }; + + stateVersion = mkOption { + type = types.str; + default = cfg.release; + description = '' + Every once in a while, a new NixOS release may change + configuration defaults in a way incompatible with stateful + data. For instance, if the default version of PostgreSQL + changes, the new version will probably be unable to read your + existing databases. To prevent such breakage, you can set the + value of this option to the NixOS release with which you want + to be compatible. The effect is that NixOS will option + defaults corresponding to the specified release (such as using + an older version of PostgreSQL). + ''; + }; + + defaultChannel = mkOption { + internal = true; + type = types.str; + default = https://nixos.org/channels/nixos-unstable; + description = "Default NixOS channel to which the root user is subscribed."; + }; + + }; + + config = { + + system.nixos = { + # These defaults are set here rather than up there so that + # changing them would not rebuild the manual + version = mkDefault (cfg.release + cfg.versionSuffix); + revision = mkIf (pathIsDirectory gitRepo) (mkDefault gitCommitId); + versionSuffix = mkIf (pathIsDirectory gitRepo) (mkDefault (".git." + gitCommitId)); + }; + + # Generate /etc/os-release. See + # https://www.freedesktop.org/software/systemd/man/os-release.html for the + # format. + environment.etc."os-release".text = + '' + NAME=NixOS + ID=nixos + VERSION="${cfg.version} (${cfg.codeName})" + VERSION_CODENAME=${toLower cfg.codeName} + VERSION_ID="${cfg.version}" + PRETTY_NAME="NixOS ${cfg.version} (${cfg.codeName})" + LOGO="nix-snowflake" + HOME_URL="https://nixos.org/" + DOCUMENTATION_URL="https://nixos.org/nixos/manual/index.html" + SUPPORT_URL="https://nixos.org/nixos/support.html" + BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues" + ''; + + }; + +} |