From b339e6e13fb0869f5ac5ba13e8c38ab535549231 Mon Sep 17 00:00:00 2001 From: Bjørn Forsman Date: Sat, 15 Jul 2017 13:55:49 +0200 Subject: nixos/lighttpd: update list of allowed module names * mod_dirlisting is auto-loaded by lighttpd and should not be explicitly loaded in the configuration file. * The rest comes from looking at "ls -1 $lighttpd/lib/*.so" when lighttpd is built with "enableMagnet" and "enableMysql". --- nixos/modules/services/web-servers/lighttpd/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'nixos') diff --git a/nixos/modules/services/web-servers/lighttpd/default.nix b/nixos/modules/services/web-servers/lighttpd/default.nix index 8c3f7b219acf..151b5ee15203 100644 --- a/nixos/modules/services/web-servers/lighttpd/default.nix +++ b/nixos/modules/services/web-servers/lighttpd/default.nix @@ -37,8 +37,10 @@ let "mod_rrdtool" "mod_accesslog" # Remaining list of modules, order assumed to be unimportant. + "mod_authn_file" + "mod_authn_mysql" "mod_cml" - "mod_dirlisting" + "mod_deflate" "mod_evasive" "mod_extforward" "mod_flv_streaming" @@ -47,6 +49,7 @@ let "mod_scgi" "mod_setenv" "mod_trigger_b4_dl" + "mod_uploadprogress" "mod_webdav" ]; -- cgit 1.4.1 From aff0725a7d5171a99ff3baafc04b7cb2aa3722f6 Mon Sep 17 00:00:00 2001 From: Bjørn Forsman Date: Sat, 15 Jul 2017 14:08:13 +0200 Subject: nixos/lighttpd: add enableUpstreamMimeTypes option enableUpstreamMimeTypes controls whether to include the list of mime types bundled with lighttpd (upstream). This option is enabled by default and gives a much more complete mime type list than we currently have. If you disable this, no mime types will be added by NixOS and you will have to add your own mime types in services.lighttpd.extraConfig. --- .../services/web-servers/lighttpd/default.nix | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/services/web-servers/lighttpd/default.nix b/nixos/modules/services/web-servers/lighttpd/default.nix index 151b5ee15203..45a65965112a 100644 --- a/nixos/modules/services/web-servers/lighttpd/default.nix +++ b/nixos/modules/services/web-servers/lighttpd/default.nix @@ -89,14 +89,9 @@ let accesslog.use-syslog = "enable" server.errorlog-use-syslog = "enable" - mimetype.assign = ( - ".html" => "text/html", - ".htm" => "text/html", - ".txt" => "text/plain", - ".jpg" => "image/jpeg", - ".png" => "image/png", - ".css" => "text/css" - ) + ${lib.optionalString cfg.enableUpstreamMimeTypes '' + include "${pkgs.lighttpd}/share/lighttpd/doc/config/conf.d/mime.conf" + ''} static-file.exclude-extensions = ( ".fcgi", ".php", ".rb", "~", ".inc" ) index-file.names = ( "index.html" ) @@ -168,6 +163,17 @@ in ''; }; + enableUpstreamMimeTypes = mkOption { + type = types.bool; + default = true; + description = '' + Whether to include the list of mime types bundled with lighttpd + (upstream). If you disable this, no mime types will be added by + NixOS and you will have to add your own mime types in + . + ''; + }; + mod_status = mkOption { default = false; type = types.bool; -- cgit 1.4.1 From 1d72474df7fa361d72a04d2a3ec4589b286ab6f2 Mon Sep 17 00:00:00 2001 From: Tuomas Tynkkynen Date: Sat, 29 Jul 2017 22:03:43 +0300 Subject: make-ext4-fs: Fix modification timestamps in image Use '-f' to make timestamp calls to always return the same time. Also Nix uses the timestamp of '1' instead of epoch directly. --- nixos/lib/make-ext4-fs.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/lib/make-ext4-fs.nix b/nixos/lib/make-ext4-fs.nix index 23839ea487db..f06649e1991a 100644 --- a/nixos/lib/make-ext4-fs.nix +++ b/nixos/lib/make-ext4-fs.nix @@ -33,7 +33,7 @@ pkgs.stdenv.mkDerivation { echo "Creating an EXT4 image of $bytes bytes (numInodes=$numInodes, numDataBlocks=$numDataBlocks)" truncate -s $bytes $out - faketime "1970-01-01 00:00:00" mkfs.ext4 -L ${volumeLabel} -U 44444444-4444-4444-8888-888888888888 $out + faketime -f "1970-01-01 00:00:01" mkfs.ext4 -L ${volumeLabel} -U 44444444-4444-4444-8888-888888888888 $out # Populate the image contents by piping a bunch of commands to the `debugfs` tool from e2fsprogs. # For example, to copy /nix/store/abcd...efg-coreutils-8.23/bin/sleep: @@ -76,7 +76,7 @@ pkgs.stdenv.mkDerivation { echo sif $file gid 30000 # chgrp to nixbld done - ) | faketime "1970-01-01 00:00:00" debugfs -w $out -f /dev/stdin > errorlog 2>&1 + ) | faketime -f "1970-01-01 00:00:01" debugfs -w $out -f /dev/stdin > errorlog 2>&1 # The debugfs tool doesn't terminate on error nor exit with a non-zero status. Check manually. if egrep -q 'Could not allocate|File not found' errorlog; then -- cgit 1.4.1 From 3e69c650abf8bc1c0bcc2a60d97802c70c06c68e Mon Sep 17 00:00:00 2001 From: Florian Jacob Date: Thu, 27 Jul 2017 19:49:56 +0200 Subject: nixos/systemd-networkd: allow [Link] section in .network files --- nixos/modules/system/boot/networkd.nix | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'nixos') diff --git a/nixos/modules/system/boot/networkd.nix b/nixos/modules/system/boot/networkd.nix index b151b5688928..9d2cea3ad165 100644 --- a/nixos/modules/system/boot/networkd.nix +++ b/nixos/modules/system/boot/networkd.nix @@ -142,6 +142,18 @@ let (assertValueOneOf "EmitTimezone" boolValues) ]; + # .network files have a [Link] section with different options than in .netlink files + checkNetworkLink = checkUnitConfig "Link" [ + (assertOnlyFields [ + "MACAddress" "MTUBytes" "ARP" "Unmanaged" + ]) + (assertMacAddress "MACAddress") + (assertByteFormat "MTUBytes") + (assertValueOneOf "ARP" boolValues) + (assertValueOneOf "Unmanaged" boolValues) + ]; + + commonNetworkOptions = { enable = mkOption { @@ -371,6 +383,18 @@ let ''; }; + linkConfig = mkOption { + default = {}; + example = { Unmanaged = true; }; + type = types.addCheck (types.attrsOf unitOption) checkNetworkLink; + description = '' + Each attribute in this set specifies an option in the + [Link] section of the unit. See + systemd.network + 5 for details. + ''; + }; + name = mkOption { type = types.nullOr types.str; default = null; @@ -581,6 +605,12 @@ let { inherit (def) enable; text = commonMatchText def + '' + ${optionalString (def.linkConfig != { }) '' + [Link] + ${attrsToSection def.linkConfig} + + ''} + [Network] ${attrsToSection def.networkConfig} ${concatStringsSep "\n" (map (s: "Address=${s}") def.address)} -- cgit 1.4.1 From eaa2d27b907e30e42f456573218c72479d198f74 Mon Sep 17 00:00:00 2001 From: volth Date: Wed, 26 Jul 2017 14:46:24 +0000 Subject: nixos/tinc: remove restartTriggers ```restartTriggers``` pointed to the constant files in ```/nix/store/``` and had to effect. --- nixos/modules/services/networking/tinc.nix | 2 -- 1 file changed, 2 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/services/networking/tinc.nix b/nixos/modules/services/networking/tinc.nix index 31a588318f6a..be5bfaebf7d2 100644 --- a/nixos/modules/services/networking/tinc.nix +++ b/nixos/modules/services/networking/tinc.nix @@ -164,8 +164,6 @@ in wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; path = [ data.package ]; - restartTriggers = [ config.environment.etc."tinc/${network}/tinc.conf".source ] - ++ mapAttrsToList (host: _ : config.environment.etc."tinc/${network}/hosts/${host}".source) data.hosts; serviceConfig = { Type = "simple"; PIDFile = "/run/tinc.${network}.pid"; -- cgit 1.4.1 From faac018630b8d3f89c633c1235ae649498c938e8 Mon Sep 17 00:00:00 2001 From: Volth Date: Fri, 21 Jul 2017 14:41:19 +0000 Subject: environment.etc: add user/group option fixes #27546 --- nixos/modules/config/users-groups.nix | 2 +- nixos/modules/system/etc/etc.nix | 26 +++++++++++++++++++++++--- nixos/modules/system/etc/make-etc.sh | 10 +++++----- nixos/modules/system/etc/setup-etc.pl | 2 ++ 4 files changed, 31 insertions(+), 9 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/config/users-groups.nix b/nixos/modules/config/users-groups.nix index 0e7ffbd3c2e1..a4715175cc95 100644 --- a/nixos/modules/config/users-groups.nix +++ b/nixos/modules/config/users-groups.nix @@ -527,7 +527,7 @@ in { input.gid = ids.gids.input; }; - system.activationScripts.users = stringAfter [ "etc" ] + system.activationScripts.users = stringAfter [ "stdio" ] '' ${pkgs.perl}/bin/perl -w \ -I${pkgs.perlPackages.FileSlurp}/lib/perl5/site_perl \ diff --git a/nixos/modules/system/etc/etc.nix b/nixos/modules/system/etc/etc.nix index fd6e58cd5b43..7d43ba07ca57 100644 --- a/nixos/modules/system/etc/etc.nix +++ b/nixos/modules/system/etc/etc.nix @@ -20,8 +20,8 @@ let sources = map (x: x.source) etc'; targets = map (x: x.target) etc'; modes = map (x: x.mode) etc'; - uids = map (x: x.uid) etc'; - gids = map (x: x.gid) etc'; + users = map (x: x.user) etc'; + groups = map (x: x.group) etc'; }; in @@ -108,6 +108,26 @@ in ''; }; + user = mkOption { + default = "+${toString config.uid}"; + type = types.str; + description = '' + User name of created file. + Only takes affect when the file is copied (that is, the mode is not 'symlink'). + Changing this option takes precedence over uid. + ''; + }; + + group = mkOption { + default = "+${toString config.gid}"; + type = types.str; + description = '' + Group name of created file. + Only takes affect when the file is copied (that is, the mode is not 'symlink'). + Changing this option takes precedence over gid. + ''; + }; + }; config = { @@ -130,7 +150,7 @@ in system.build.etc = etc; - system.activationScripts.etc = stringAfter [ "stdio" ] + system.activationScripts.etc = stringAfter [ "users" "groups" ] '' # Set up the statically computed bits of /etc. echo "setting up /etc..." diff --git a/nixos/modules/system/etc/make-etc.sh b/nixos/modules/system/etc/make-etc.sh index 60d4ba1301a3..1ca4c3046f0e 100644 --- a/nixos/modules/system/etc/make-etc.sh +++ b/nixos/modules/system/etc/make-etc.sh @@ -6,8 +6,8 @@ set -f sources_=($sources) targets_=($targets) modes_=($modes) -uids_=($uids) -gids_=($gids) +users_=($users) +groups_=($groups) set +f for ((i = 0; i < ${#targets_[@]}; i++)); do @@ -36,9 +36,9 @@ for ((i = 0; i < ${#targets_[@]}; i++)); do fi if test "${modes_[$i]}" != symlink; then - echo "${modes_[$i]}" > $out/etc/$target.mode - echo "${uids_[$i]}" > $out/etc/$target.uid - echo "${gids_[$i]}" > $out/etc/$target.gid + echo "${modes_[$i]}" > $out/etc/$target.mode + echo "${users_[$i]}" > $out/etc/$target.uid + echo "${groups_[$i]}" > $out/etc/$target.gid fi fi diff --git a/nixos/modules/system/etc/setup-etc.pl b/nixos/modules/system/etc/setup-etc.pl index efda74161ff8..eed20065087f 100644 --- a/nixos/modules/system/etc/setup-etc.pl +++ b/nixos/modules/system/etc/setup-etc.pl @@ -108,6 +108,8 @@ sub link { my $uid = read_file("$_.uid"); chomp $uid; my $gid = read_file("$_.gid"); chomp $gid; copy "$static/$fn", "$target.tmp" or warn; + $uid = getpwnam $uid unless $uid =~ /^\+/; + $gid = getgrnam $gid unless $gid =~ /^\+/; chown int($uid), int($gid), "$target.tmp" or warn; chmod oct($mode), "$target.tmp" or warn; rename "$target.tmp", $target or warn; -- cgit 1.4.1