movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Merge master into staging

Browse source
This commit is contained in:
Frederik Rietdijk 2018-04-09 15:12:32 +02:00
commit 0aa59a08d6
165 changed files with 3784 additions and 2183 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/misc/ids.nix
View file

@ -305,6 +305,7 @@
hass = 286;
monero = 287;
ceph = 288;
duplicati = 289;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -578,6 +579,7 @@
hass = 286;
monero = 287;
ceph = 288;
duplicati = 289;
# When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal

2
nixos/modules/module-list.nix
View file

@ -86,6 +86,7 @@
./programs/freetds.nix
./programs/gnupg.nix
./programs/gphoto2.nix
./programs/iftop.nix
./programs/java.nix
./programs/kbdlight.nix
./programs/less.nix
@ -159,6 +160,7 @@
./services/audio/ympd.nix
./services/backup/bacula.nix
./services/backup/borgbackup.nix
./services/backup/duplicati.nix
./services/backup/crashplan.nix
./services/backup/crashplan-small-business.nix
./services/backup/mysql-backup.nix

18
nixos/modules/programs/iftop.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.programs.iftop;
in {
options = {
programs.iftop.enable = mkEnableOption "iftop + setcap wrapper";
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.iftop ];
security.wrappers.iftop = {
source = "${pkgs.iftop}/bin/iftop";
capabilities = "cap_net_raw+p";
};
};
}

17
nixos/modules/programs/less.nix
View file

@ -6,7 +6,7 @@ let
cfg = config.programs.less;
configFile = ''
configText = if (cfg.configFile != null) then (builtins.readFile cfg.configFile) else ''
#command
${concatStringsSep "\n"
(mapAttrsToList (command: action: "${command} ${action}") cfg.commands)
@ -25,7 +25,7 @@ let
'';
lessKey = pkgs.runCommand "lesskey"
{ src = pkgs.writeText "lessconfig" configFile; }
{ src = pkgs.writeText "lessconfig" configText; }
"${pkgs.less}/bin/lesskey -o $out $src";
in
@ -37,6 +37,19 @@ in
enable = mkEnableOption "less";
configFile = mkOption {
type = types.nullOr types.path;
default = null;
example = literalExample "$${pkgs.my-configs}/lesskey";
description = ''
Path to lesskey configuration file.
<option>configFile</option> takes precedence over <option>commands</option>,
<option>clearDefaultCommands</option>, <option>lineEditingKeys</option>, and
<option>envVariables</option>.
'';
};
commands = mkOption {
type = types.attrsOf types.str;
default = {};

2
nixos/modules/security/pam.nix
View file

@ -386,7 +386,7 @@ let
${optionalString (cfg.enableGnomeKeyring)
"session optional ${pkgs.gnome3.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start"}
${optionalString (config.virtualisation.lxc.lxcfs.enable)
"session optional ${pkgs.lxcfs}/lib/security/pam_cgfs.so -c freezer,memory,name=systemd,unified,cpuset"}
"session optional ${pkgs.lxc}/lib/security/pam_cgfs.so -c all"}
'');
};

40
nixos/modules/services/backup/duplicati.nix Normal file
View file

@ -0,0 +1,40 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.duplicati;
in
{
options = {
services.duplicati = {
enable = mkEnableOption "Duplicati";
};
};
config = mkIf cfg.enable {
environment.systemPackages = [ pkgs.duplicati ];
systemd.services.duplicati = {
description = "Duplicati backup";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "duplicati";
Group = "duplicati";
ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=any --webservice-port=8200 --server-datafolder=/var/lib/duplicati";
Restart = "on-failure";
};
};
users.extraUsers.duplicati = {
uid = config.ids.uids.duplicati;
home = "/var/lib/duplicati";
createHome = true;
group = "duplicati";
};
users.extraGroups.duplicati.gid = config.ids.gids.duplicati;
};
}

9
nixos/modules/services/web-servers/nginx/default.nix
View file

@ -9,15 +9,16 @@ let
serverName = if vhostConfig.serverName != null
then vhostConfig.serverName
else vhostName;
acmeDirectory = config.security.acme.directory;
in
vhostConfig // {
inherit serverName;
} // (optionalAttrs vhostConfig.enableACME {
sslCertificate = "/var/lib/acme/${serverName}/fullchain.pem";
sslCertificateKey = "/var/lib/acme/${serverName}/key.pem";
sslCertificate = "${acmeDirectory}/${serverName}/fullchain.pem";
sslCertificateKey = "${acmeDirectory}/${serverName}/key.pem";
}) // (optionalAttrs (vhostConfig.useACMEHost != null) {
sslCertificate = "/var/lib/acme/${vhostConfig.useACMEHost}/fullchain.pem";
sslCertificateKey = "/var/lib/acme/${vhostConfig.useACMEHost}/key.pem";
sslCertificate = "${acmeDirectory}/${vhostConfig.useACMEHost}/fullchain.pem";
sslCertificateKey = "${acmeDirectory}/${vhostConfig.useACMEHost}/key.pem";
})
) cfg.virtualHosts;
enableIPv6 = config.networking.enableIPv6;

4
nixos/modules/tasks/network-interfaces-scripted.nix
View file

@ -191,7 +191,7 @@ let
if out=$(ip addr add "${cidr}" dev "${i.name}" 2>&1); then
echo "done"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
echo "failed"
echo "'ip addr add "${cidr}" dev "${i.name}"' failed: $out"
exit 1
fi
''
@ -212,7 +212,7 @@ let
if out=$(ip route add "${cidr}" ${options} ${via} dev "${i.name}" 2>&1); then
echo "done"
elif ! echo "$out" | grep "File exists" >/dev/null 2>&1; then
echo "failed"
echo "'ip route add "${cidr}" ${options} ${via} dev "${i.name}"' failed: $out"
exit 1
fi
''