From 56a53ff458d470e6d2ccf1c2712af0ff594e25c4 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Tue, 29 Dec 2015 10:21:38 +0000 Subject: wpa_supplicant module: add networks option --- nixos/doc/manual/configuration/wireless.xml | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml index 373a9168cc87..13e4283d241c 100644 --- a/nixos/doc/manual/configuration/wireless.xml +++ b/nixos/doc/manual/configuration/wireless.xml @@ -18,8 +18,18 @@ NixOS will start wpa_supplicant for you if you enable this setting: networking.wireless.enable = true; -NixOS currently does not generate wpa_supplicant's -configuration file, /etc/wpa_supplicant.conf. You should edit this file +NixOS lets you specify networks for wpa_supplicant declaratively: + +networking.wireless.networks = { + echelon = { + psk = "abcdefgh"; + }; + "free.wifi" = {}; +} + + +When no networks are set it will default to using a configuration file at +/etc/wpa_supplicant.conf. You should edit this file yourself to define wireless networks, WPA keys and so on (see wpa_supplicant.conf(5)). -- cgit 1.4.1 From 448a2af041e940642d70271c17175edf6aea69a0 Mon Sep 17 00:00:00 2001 From: Rickard Nilsson Date: Wed, 23 Dec 2015 12:22:16 +0100 Subject: nixos-rebuild: Document --build-host and --target-host options --- nixos/doc/manual/man-nixos-rebuild.xml | 52 ++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/man-nixos-rebuild.xml b/nixos/doc/manual/man-nixos-rebuild.xml index c529737c3bf3..a8d20c0f6579 100644 --- a/nixos/doc/manual/man-nixos-rebuild.xml +++ b/nixos/doc/manual/man-nixos-rebuild.xml @@ -281,6 +281,51 @@ $ nixos-rebuild switch -p test -I nixos-config=./test.nix + + + + Instead of building the new configuration locally, use the + specified host to perform the build. The host needs to be accessible + with ssh, and must be able to perform Nix builds. If the option + is not set, the build will be copied back + to the local machine when done. + + Note that, if is not specified, + Nix will be built both locally and remotely. This is because the + configuration will always be evaluated locally even though the building + might be performed remotely. + + You can include a remote user name in + the host name (user@host). You can also set + ssh options by defining the NIX_SSHOPTS environment + variable. + + + + + + + Specifies the NixOS target host. By setting this to something other + than localhost, the system activation will + happen on the remote host instead of the local machine. The remote host + needs to be accessible over ssh, and for the commands + , and + you need root access. + + If is not explicitly + specified, will implicitly be set to the + same value as . So, if you only specify + both building and activation will take + place remotely (and no build artifacts will be copied to the local + machine). + + You can include a remote user name in + the host name (user@host). You can also set + ssh options by defining the NIX_SSHOPTS environment + variable. + + + In addition, nixos-rebuild accepts various @@ -305,6 +350,13 @@ the Nix manual for details. + NIX_SSHOPTS + + Additional options to be passed to + ssh on the command line. + + + -- cgit 1.4.1 From 49d18bdfcbd97f813336fab148f05ef35e832654 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Tue, 5 Jan 2016 19:32:41 +0100 Subject: Revert "Basic Declaritive Network Configuration in wpa_supplicant Service" --- nixos/doc/manual/configuration/wireless.xml | 14 +- .../modules/services/networking/wpa_supplicant.nix | 160 +++++++++++---------- 2 files changed, 87 insertions(+), 87 deletions(-) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml index 13e4283d241c..373a9168cc87 100644 --- a/nixos/doc/manual/configuration/wireless.xml +++ b/nixos/doc/manual/configuration/wireless.xml @@ -18,18 +18,8 @@ NixOS will start wpa_supplicant for you if you enable this setting: networking.wireless.enable = true; -NixOS lets you specify networks for wpa_supplicant declaratively: - -networking.wireless.networks = { - echelon = { - psk = "abcdefgh"; - }; - "free.wifi" = {}; -} - - -When no networks are set it will default to using a configuration file at -/etc/wpa_supplicant.conf. You should edit this file +NixOS currently does not generate wpa_supplicant's +configuration file, /etc/wpa_supplicant.conf. You should edit this file yourself to define wireless networks, WPA keys and so on (see wpa_supplicant.conf(5)). diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index 397811f96266..9e04bd401906 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -3,30 +3,51 @@ with lib; let + cfg = config.networking.wireless; - configFile = if cfg.networks != {} then pkgs.writeText "wpa_supplicant.conf" '' - ${optionalString cfg.userControlled.enable '' - ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group} - update_config=1''} - ${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: '' - network={ - ssid="${ssid}" - ${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''} - ${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''} - } - '') cfg.networks)} - '' else "/etc/wpa_supplicant.conf"; -in { + configFile = "/etc/wpa_supplicant.conf"; + + ifaces = + cfg.interfaces ++ + optional (config.networking.WLANInterface != "") config.networking.WLANInterface; + +in + +{ + + ###### interface + options = { + + networking.WLANInterface = mkOption { + default = ""; + description = "Obsolete. Use instead."; + }; + networking.wireless = { - enable = mkEnableOption "wpa_supplicant"; + enable = mkOption { + type = types.bool; + default = false; + description = '' + Whether to start wpa_supplicant to scan for + and associate with wireless networks. Note: NixOS currently + does not manage wpa_supplicant's + configuration file, ${configFile}. You + should edit this file yourself to define wireless networks, + WPA keys and so on (see + wpa_supplicant.conf + 5), or use + networking.wireless.userControlled.* to allow users to add entries + through wpa_cli and wpa_gui. + ''; + }; interfaces = mkOption { type = types.listOf types.str; default = []; example = [ "wlan0" "wlan1" ]; description = '' - The interfaces wpa_supplicant will use. If empty, it will + The interfaces wpa_supplicant will use. If empty, it will automatically use all wireless interfaces. ''; }; @@ -37,34 +58,6 @@ in { description = "Force a specific wpa_supplicant driver."; }; - networks = mkOption { - type = types.attrsOf (types.submodule { - options = { - psk = mkOption { - type = types.nullOr types.str; - default = null; - description = '' - The network's pre-shared key in plaintext defaulting - to being a network without any authentication. - ''; - }; - }; - }); - description = '' - The network definitions to automatically connect to when - wpa_supplicant is running. If this - parameter is left empty wpa_supplicant will use - /etc/wpa_supplicant.conf as the configuration file. - ''; - default = {}; - example = literalExample '' - echelon = { - psk = "abcdefgh"; - }; - "free.wifi" = {}; - ''; - }; - userControlled = { enable = mkOption { type = types.bool; @@ -75,8 +68,10 @@ in { to depend on a large package such as NetworkManager just to pick nearby access points. - When using a declarative network specification you cannot persist any - settings via wpa_gui or wpa_cli. + When you want to use this, make sure ${configFile} doesn't exist. + It will be created for you. + + Currently it is also necessary to explicitly specify networking.wireless.interfaces. ''; }; @@ -90,49 +85,64 @@ in { }; }; - config = mkMerge [ - (mkIf cfg.enable { - environment.systemPackages = [ pkgs.wpa_supplicant ]; - services.dbus.packages = [ pkgs.wpa_supplicant ]; + ###### implementation + + config = mkIf cfg.enable { + + environment.systemPackages = [ pkgs.wpa_supplicant ]; + + services.dbus.packages = [ pkgs.wpa_supplicant ]; - # FIXME: start a separate wpa_supplicant instance per interface. - systemd.services.wpa_supplicant = let - ifaces = cfg.interfaces; - in { - description = "WPA Supplicant"; + # FIXME: start a separate wpa_supplicant instance per interface. + jobs.wpa_supplicant = + { description = "WPA Supplicant"; wantedBy = [ "network.target" ]; path = [ pkgs.wpa_supplicant ]; - script = '' - ${if ifaces == [] then '' - for i in $(cd /sys/class/net && echo *); do - DEVTYPE= - source /sys/class/net/$i/uevent - if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then - ifaces="$ifaces''${ifaces:+ -N} -i$i" - fi - done - '' else '' - ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}" - ''} - exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces + preStart = '' + touch -a ${configFile} + chmod 600 ${configFile} + '' + optionalString cfg.userControlled.enable '' + if [ ! -s ${configFile} ]; then + echo "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group}" >> ${configFile} + echo "update_config=1" >> ${configFile} + fi ''; + + script = + '' + ${if ifaces == [] then '' + for i in $(cd /sys/class/net && echo *); do + DEVTYPE= + source /sys/class/net/$i/uevent + if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then + ifaces="$ifaces''${ifaces:+ -N} -i$i" + fi + done + '' else '' + ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}" + ''} + exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces + ''; }; - powerManagement.resumeCommands = '' + powerManagement.resumeCommands = + '' ${config.systemd.package}/bin/systemctl try-restart wpa_supplicant ''; - # Restart wpa_supplicant when a wlan device appears or disappears. - services.udev.extraRules = '' + assertions = [{ assertion = !cfg.userControlled.enable || cfg.interfaces != []; + message = "user controlled wpa_supplicant needs explicit networking.wireless.interfaces";}]; + + # Restart wpa_supplicant when a wlan device appears or disappears. + services.udev.extraRules = + '' ACTION=="add|remove", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", RUN+="${config.systemd.package}/bin/systemctl try-restart wpa_supplicant.service" ''; - }) - { - meta.maintainers = with lib.maintainers; [ globin ]; - } - ]; + + }; + } -- cgit 1.4.1 From d03b35f881941f57d5159ae0a58b10f7c3142682 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Tue, 29 Dec 2015 10:21:38 +0000 Subject: wpa_supplicant module: add networks option --- nixos/doc/manual/configuration/wireless.xml | 14 ++++- .../modules/services/networking/wpa_supplicant.nix | 66 ++++++++++++++-------- 2 files changed, 56 insertions(+), 24 deletions(-) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml index 373a9168cc87..13e4283d241c 100644 --- a/nixos/doc/manual/configuration/wireless.xml +++ b/nixos/doc/manual/configuration/wireless.xml @@ -18,8 +18,18 @@ NixOS will start wpa_supplicant for you if you enable this setting: networking.wireless.enable = true; -NixOS currently does not generate wpa_supplicant's -configuration file, /etc/wpa_supplicant.conf. You should edit this file +NixOS lets you specify networks for wpa_supplicant declaratively: + +networking.wireless.networks = { + echelon = { + psk = "abcdefgh"; + }; + "free.wifi" = {}; +} + + +When no networks are set it will default to using a configuration file at +/etc/wpa_supplicant.conf. You should edit this file yourself to define wireless networks, WPA keys and so on (see wpa_supplicant.conf(5)). diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index 5979ab7fbe33..1292ca7f08e0 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -4,33 +4,29 @@ with lib; let cfg = config.networking.wireless; - configFile = "/etc/wpa_supplicant.conf"; + configFile = if cfg.networks != {} then pkgs.writeText "wpa_supplicant.conf" '' + ${optionalString cfg.userControlled.enable '' + ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=${cfg.userControlled.group} + update_config=1''} + ${concatStringsSep "\n" (mapAttrsToList (ssid: networkConfig: '' + network={ + ssid="${ssid}" + ${optionalString (networkConfig.psk != null) ''psk="${networkConfig.psk}"''} + ${optionalString (networkConfig.psk == null) ''key_mgmt=NONE''} + } + '') cfg.networks)} + '' else "/etc/wpa_supplicant.conf"; in { options = { networking.wireless = { - enable = mkOption { - type = types.bool; - default = false; - description = '' - Whether to start wpa_supplicant to scan for - and associate with wireless networks. Note: NixOS currently - does not manage wpa_supplicant's - configuration file, ${configFile}. You - should edit this file yourself to define wireless networks, - WPA keys and so on (see - wpa_supplicant.conf - 5), or use - networking.wireless.userControlled.* to allow users to add entries - through wpa_cli and wpa_gui. - ''; - }; + enable = mkEnableOption "wpa_supplicant"; interfaces = mkOption { type = types.listOf types.str; default = []; example = [ "wlan0" "wlan1" ]; description = '' - The interfaces wpa_supplicant will use. If empty, it will + The interfaces wpa_supplicant will use. If empty, it will automatically use all wireless interfaces. ''; }; @@ -41,6 +37,34 @@ in { description = "Force a specific wpa_supplicant driver."; }; + networks = mkOption { + type = types.attrsOf (types.submodule { + options = { + psk = mkOption { + type = types.nullOr types.str; + default = null; + description = '' + The network's pre-shared key in plaintext defaulting + to being a network without any authentication. + ''; + }; + }; + }); + description = '' + The network definitions to automatically connect to when + wpa_supplicant is running. If this + parameter is left empty wpa_supplicant will use + /etc/wpa_supplicant.conf as the configuration file. + ''; + default = {}; + example = literalExample '' + echelon = { + psk = "abcdefgh"; + }; + "free.wifi" = {}; + ''; + }; + userControlled = { enable = mkOption { type = types.bool; @@ -51,10 +75,8 @@ in { to depend on a large package such as NetworkManager just to pick nearby access points. - When you want to use this, make sure ${configFile} doesn't exist. - It will be created for you. - - Currently it is also necessary to explicitly specify networking.wireless.interfaces. + When using a declarative network specification you cannot persist any + settings via wpa_gui or wpa_cli. ''; }; -- cgit 1.4.1 From 246f0e91cda1357ef31708e414d4b697ec9a15a7 Mon Sep 17 00:00:00 2001 From: Robin Gloster Date: Wed, 6 Jan 2016 03:57:25 +0000 Subject: wpa_supplicant service: Warn about plaintext keys in docs --- nixos/doc/manual/configuration/wireless.xml | 4 +++- nixos/modules/services/networking/wpa_supplicant.nix | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/configuration/wireless.xml b/nixos/doc/manual/configuration/wireless.xml index 13e4283d241c..e4560f2da36b 100644 --- a/nixos/doc/manual/configuration/wireless.xml +++ b/nixos/doc/manual/configuration/wireless.xml @@ -28,7 +28,9 @@ networking.wireless.networks = { } -When no networks are set it will default to using a configuration file at +Be aware that keys will be written to the nix store in plaintext! + +When no networks are set, it will default to using a configuration file at /etc/wpa_supplicant.conf. You should edit this file yourself to define wireless networks, WPA keys and so on (see wpa_supplicant.conf(5)). diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index 397811f96266..1b655af6c82d 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -46,6 +46,9 @@ in { description = '' The network's pre-shared key in plaintext defaulting to being a network without any authentication. + + Be aware that these will be written to the nix store + in plaintext! ''; }; }; -- cgit 1.4.1 From 22184c4cfa6456fef1dafed33df7abad48b93d2a Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Sun, 10 Jan 2016 10:14:40 +0100 Subject: release-notes: document $NIX_AUTO_RUN from #12000 --- nixos/doc/manual/release-notes/rl-unstable.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/release-notes/rl-unstable.xml b/nixos/doc/manual/release-notes/rl-unstable.xml index f74fff83b48b..9853e7f9d703 100644 --- a/nixos/doc/manual/release-notes/rl-unstable.xml +++ b/nixos/doc/manual/release-notes/rl-unstable.xml @@ -130,4 +130,17 @@ nginx.override { + +Other notable improvements: + + + The command-not-found hook was extended. + Apart from $NIX_AUTO_INSTALL variable, + it newly also checks for $NIX_AUTO_RUN + which causes it to directly run the missing commands via + nix-shell (without installing anything). + + + + -- cgit 1.4.1 From 8525936f807620e3d98fe4865033bdcd6932a362 Mon Sep 17 00:00:00 2001 From: Domen Kožar Date: Thu, 14 Jan 2016 13:07:56 +0100 Subject: nixos: Document "jobs" option removal --- nixos/doc/manual/release-notes/rl-unstable.xml | 6 ++++++ nixos/modules/rename.nix | 1 + 2 files changed, 7 insertions(+) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/release-notes/rl-unstable.xml b/nixos/doc/manual/release-notes/rl-unstable.xml index 9853e7f9d703..48771d8c2251 100644 --- a/nixos/doc/manual/release-notes/rl-unstable.xml +++ b/nixos/doc/manual/release-notes/rl-unstable.xml @@ -47,6 +47,12 @@ following incompatible changes: + + jobs NixOS option has been removed. It served as + compatibility layer between Upstart jobs and SystemD services. All services + have been rewritten to use systemd.services + + wmiimenu is removed, as it has been removed by the developers upstream. Use wimenu diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 491e6fa7d0cd..010d44c40d19 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -26,6 +26,7 @@ with lib; (mkRenamedOptionModule [ "services" "sslh" "host" ] [ "services" "sslh" "listenAddress" ]) (mkRenamedOptionModule [ "services" "statsd" "host" ] [ "services" "statsd" "listenAddress" ]) (mkRenamedOptionModule [ "services" "subsonic" "host" ] [ "services" "subsonic" "listenAddress" ]) + (mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ]) # Old Grub-related options. (mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ]) -- cgit 1.4.1 From 5fe68602cccb1e40cf6bc0c404d58b184491c828 Mon Sep 17 00:00:00 2001 From: Vladimír Čunát Date: Fri, 15 Jan 2016 08:34:26 +0100 Subject: release notes: document renames of firefox-like browsers --- nixos/doc/manual/release-notes/rl-unstable.xml | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'nixos/doc') diff --git a/nixos/doc/manual/release-notes/rl-unstable.xml b/nixos/doc/manual/release-notes/rl-unstable.xml index 9853e7f9d703..45c107597f97 100644 --- a/nixos/doc/manual/release-notes/rl-unstable.xml +++ b/nixos/doc/manual/release-notes/rl-unstable.xml @@ -24,6 +24,17 @@ nixos.path = ./nixpkgs-unstable-2015-12-06/nixos; + + Firefox and similar browsers are now wrapped by default. + The package and attribute names are plain firefox + or midori, etc. Backward-compatibility attributes were set up, + but note that nix-env -u will not update + your current firefox-with-plugins; + you have to uninstall it and install firefox instead. + More discussion is + on the PR. + + The following new services were added since the last release: -- cgit 1.4.1