movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

treewide: format all inactive Nix files

Browse source 
After final improvements to the official formatter implementation,
this commit now performs the first treewide reformat of Nix files using it.
This is part of the implementation of RFC 166.

Only "inactive" files are reformatted, meaning only files that
aren't being touched by any PR with activity in the past 2 months.
This is to avoid conflicts for PRs that might soon be merged.
Later we can do a full treewide reformat to get the rest,
which should not cause as many conflicts.

A CI check has already been running for some time to ensure that new and
already-formatted files are formatted, so the files being reformatted here
should also stay formatted.

This commit was automatically created and can be verified using

    nix-build https://github.com/infinisil/treewide-nixpkgs-reformat-script/archive/a08b3a4d199c6124ac5b36a889d9099b4383463f.tar.gz \
      --argstr baseRev b32a094368
    result/bin/apply-formatting $NIXPKGS_PATH
This commit is contained in:
Silvan Mosberger 2024-12-10 20:26:33 +01:00
parent b32a094368
commit 4f0dadbf38
21293 changed files with 701351 additions and 428307 deletions
Download patch file Download diff file Expand all files Collapse all files

1
nixos/modules/config/debug-info.nix
View file

@ -25,7 +25,6 @@
};
config = lib.mkIf config.environment.enableDebugInfo {
# FIXME: currently disabled because /lib is already in

15
nixos/modules/config/fanout.nix
View file

@ -1,9 +1,16 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.fanout;
mknodCmds = n: lib.lists.imap0 (i: s:
"mknod /dev/fanout${builtins.toString i} c $MAJOR ${builtins.toString i}"
) (lib.lists.replicate n "");
mknodCmds =
n:
lib.lists.imap0 (i: s: "mknod /dev/fanout${builtins.toString i} c $MAJOR ${builtins.toString i}") (
lib.lists.replicate n ""
);
in
{
options.services.fanout = {

332
nixos/modules/config/fonts/fontconfig.nix
View file

@ -1,28 +1,31 @@
/*
Configuration files are linked to /etc/fonts/conf.d/
Configuration files are linked to /etc/fonts/conf.d/
This module generates a package containing configuration files and link it in /etc/fonts.
This module generates a package containing configuration files and link it in /etc/fonts.
Fontconfig reads files in folder name / file name order, so the number prepended to the configuration file name decide the order of parsing.
Low number means high priority.
Fontconfig reads files in folder name / file name order, so the number prepended to the configuration file name decide the order of parsing.
Low number means high priority.
NOTE: Please take extreme care when adjusting the default settings of this module.
People care a lot, and I mean A LOT, about their font rendering, and you will be
The Person That Broke It if it changes in a way people don't like.
NOTE: Please take extreme care when adjusting the default settings of this module.
People care a lot, and I mean A LOT, about their font rendering, and you will be
The Person That Broke It if it changes in a way people don't like.
See prior art:
- https://github.com/NixOS/nixpkgs/pull/194594
- https://github.com/NixOS/nixpkgs/pull/222236
- https://github.com/NixOS/nixpkgs/pull/222689
See prior art:
- https://github.com/NixOS/nixpkgs/pull/194594
- https://github.com/NixOS/nixpkgs/pull/222236
- https://github.com/NixOS/nixpkgs/pull/222689
And do not repeat our mistakes.
- @K900, March 2023
And do not repeat our mistakes.
- @K900, March 2023
*/
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.fonts.fontconfig;
@ -31,17 +34,23 @@ let
# configuration file to read fontconfig cache
# priority 0
cacheConf = makeCacheConf {};
cacheConf = makeCacheConf { };
# generate the font cache setting file
# When cross-compiling, we cant generate the cache, so we skip the
# <cachedir> part. fontconfig still works but is a little slower in
# looking things up.
makeCacheConf = { }:
makeCacheConf =
{ }:
let
makeCache = fontconfig: pkgs.makeFontsCache { inherit fontconfig; fontDirectories = config.fonts.packages; };
cache = makeCache pkgs.fontconfig;
cache32 = makeCache pkgs.pkgsi686Linux.fontconfig;
makeCache =
fontconfig:
pkgs.makeFontsCache {
inherit fontconfig;
fontDirectories = config.fonts.packages;
};
cache = makeCache pkgs.fontconfig;
cache32 = makeCache pkgs.pkgsi686Linux.fontconfig;
in
pkgs.writeText "fc-00-nixos-cache.conf" ''
<?xml version='1.0'?>
@ -50,11 +59,11 @@ let
<!-- Font directories -->
${lib.concatStringsSep "\n" (map (font: "<dir>${font}</dir>") config.fonts.packages)}
${lib.optionalString (pkgs.stdenv.hostPlatform == pkgs.stdenv.buildPlatform) ''
<!-- Pre-generated font caches -->
<cachedir>${cache}</cachedir>
${lib.optionalString (pkgs.stdenv.hostPlatform.isx86_64 && cfg.cache32Bit) ''
<cachedir>${cache32}</cachedir>
''}
<!-- Pre-generated font caches -->
<cachedir>${cache}</cachedir>
${lib.optionalString (pkgs.stdenv.hostPlatform.isx86_64 && cfg.cache32Bit) ''
<cachedir>${cache32}</cachedir>
''}
''}
</fontconfig>
'';
@ -85,35 +94,38 @@ let
# default fonts configuration file
# priority 52
defaultFontsConf =
let genDefault = fonts: name:
lib.optionalString (fonts != []) ''
<alias binding="same">
<family>${name}</family>
<prefer>
${lib.concatStringsSep ""
(map (font: ''
<family>${font}</family>
'') fonts)}
</prefer>
</alias>
'';
let
genDefault =
fonts: name:
lib.optionalString (fonts != [ ]) ''
<alias binding="same">
<family>${name}</family>
<prefer>
${lib.concatStringsSep "" (
map (font: ''
<family>${font}</family>
'') fonts
)}
</prefer>
</alias>
'';
in
pkgs.writeText "fc-52-nixos-default-fonts.conf" ''
<?xml version='1.0'?>
<!DOCTYPE fontconfig SYSTEM 'urn:fontconfig:fonts.dtd'>
<fontconfig>
<?xml version='1.0'?>
<!DOCTYPE fontconfig SYSTEM 'urn:fontconfig:fonts.dtd'>
<fontconfig>
<!-- Default fonts -->
${genDefault cfg.defaultFonts.sansSerif "sans-serif"}
<!-- Default fonts -->
${genDefault cfg.defaultFonts.sansSerif "sans-serif"}
${genDefault cfg.defaultFonts.serif "serif"}
${genDefault cfg.defaultFonts.serif "serif"}
${genDefault cfg.defaultFonts.monospace "monospace"}
${genDefault cfg.defaultFonts.monospace "monospace"}
${genDefault cfg.defaultFonts.emoji "emoji"}
${genDefault cfg.defaultFonts.emoji "emoji"}
</fontconfig>
'';
</fontconfig>
'';
# bitmap font options
# priority 53
@ -123,14 +135,14 @@ let
<fontconfig>
${lib.optionalString (!cfg.allowBitmaps) ''
<!-- Reject bitmap fonts -->
<selectfont>
<rejectfont>
<pattern>
<patelt name="scalable"><bool>false</bool></patelt>
</pattern>
</rejectfont>
</selectfont>
<!-- Reject bitmap fonts -->
<selectfont>
<rejectfont>
<pattern>
<patelt name="scalable"><bool>false</bool></patelt>
</pattern>
</rejectfont>
</selectfont>
''}
<!-- Use embedded bitmaps in fonts like Calibri? -->
@ -170,76 +182,75 @@ let
'';
# fontconfig configuration package
confPkg = pkgs.runCommand "fontconfig-conf" {
preferLocalBuild = true;
} ''
dst=$out/etc/fonts/conf.d
mkdir -p $dst
confPkg =
pkgs.runCommand "fontconfig-conf"
{
preferLocalBuild = true;
}
''
dst=$out/etc/fonts/conf.d
mkdir -p $dst
# fonts.conf
ln -s ${pkg.out}/etc/fonts/fonts.conf \
$dst/../fonts.conf
# TODO: remove this legacy symlink once people stop using packages built before #95358 was merged
mkdir -p $out/etc/fonts/2.11
ln -s /etc/fonts/fonts.conf \
$out/etc/fonts/2.11/fonts.conf
# fonts.conf
ln -s ${pkg.out}/etc/fonts/fonts.conf \
$dst/../fonts.conf
# TODO: remove this legacy symlink once people stop using packages built before #95358 was merged
mkdir -p $out/etc/fonts/2.11
ln -s /etc/fonts/fonts.conf \
$out/etc/fonts/2.11/fonts.conf
# fontconfig default config files
ln -s ${pkg.out}/etc/fonts/conf.d/*.conf \
$dst/
# fontconfig default config files
ln -s ${pkg.out}/etc/fonts/conf.d/*.conf \
$dst/
${lib.optionalString (!cfg.antialias)
(replaceDefaultConfig "10-yes-antialias.conf"
"10-no-antialias.conf")
}
${lib.optionalString (!cfg.antialias) (
replaceDefaultConfig "10-yes-antialias.conf" "10-no-antialias.conf"
)}
${lib.optionalString (cfg.hinting.style != "slight")
(replaceDefaultConfig "10-hinting-slight.conf"
"10-hinting-${cfg.hinting.style}.conf")
}
${lib.optionalString (cfg.hinting.style != "slight") (
replaceDefaultConfig "10-hinting-slight.conf" "10-hinting-${cfg.hinting.style}.conf"
)}
${lib.optionalString (cfg.subpixel.rgba != "none")
(replaceDefaultConfig "10-sub-pixel-none.conf"
"10-sub-pixel-${cfg.subpixel.rgba}.conf")
}
${lib.optionalString (cfg.subpixel.rgba != "none") (
replaceDefaultConfig "10-sub-pixel-none.conf" "10-sub-pixel-${cfg.subpixel.rgba}.conf"
)}
${lib.optionalString (cfg.subpixel.lcdfilter != "default")
(replaceDefaultConfig "11-lcdfilter-default.conf"
"11-lcdfilter-${cfg.subpixel.lcdfilter}.conf")
}
${lib.optionalString (cfg.subpixel.lcdfilter != "default") (
replaceDefaultConfig "11-lcdfilter-default.conf" "11-lcdfilter-${cfg.subpixel.lcdfilter}.conf"
)}
# 00-nixos-cache.conf
ln -s ${cacheConf} $dst/00-nixos-cache.conf
# 00-nixos-cache.conf
ln -s ${cacheConf} $dst/00-nixos-cache.conf
# 10-nixos-rendering.conf
ln -s ${renderConf} $dst/10-nixos-rendering.conf
# 10-nixos-rendering.conf
ln -s ${renderConf} $dst/10-nixos-rendering.conf
# 50-user.conf
${lib.optionalString (!cfg.includeUserConf) ''
rm $dst/50-user.conf
''}
# 50-user.conf
${lib.optionalString (!cfg.includeUserConf) ''
rm $dst/50-user.conf
''}
# local.conf (indirect priority 51)
${lib.optionalString (cfg.localConf != "") ''
ln -s ${localConf} $dst/../local.conf
''}
# local.conf (indirect priority 51)
${lib.optionalString (cfg.localConf != "") ''
ln -s ${localConf} $dst/../local.conf
''}
# 52-nixos-default-fonts.conf
ln -s ${defaultFontsConf} $dst/52-nixos-default-fonts.conf
# 52-nixos-default-fonts.conf
ln -s ${defaultFontsConf} $dst/52-nixos-default-fonts.conf
# 53-no-bitmaps.conf
ln -s ${rejectBitmaps} $dst/53-no-bitmaps.conf
# 53-no-bitmaps.conf
ln -s ${rejectBitmaps} $dst/53-no-bitmaps.conf
${lib.optionalString (!cfg.allowType1) ''
# 53-nixos-reject-type1.conf
ln -s ${rejectType1} $dst/53-nixos-reject-type1.conf
''}
'';
${lib.optionalString (!cfg.allowType1) ''
# 53-nixos-reject-type1.conf
ln -s ${rejectType1} $dst/53-nixos-reject-type1.conf
''}
'';
# Package with configuration files
# this merge all the packages in the fonts.fontconfig.confPackages list
fontconfigEtc = pkgs.buildEnv {
name = "fontconfig-etc";
name = "fontconfig-etc";
paths = cfg.confPackages;
ignoreCollisions = true;
};
@ -247,25 +258,44 @@ let
fontconfigNote = "Consider manually configuring fonts.fontconfig according to personal preference.";
in
{
imports = [
(lib.mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "allowBitmaps" ] [ "fonts" "fontconfig" "allowBitmaps" ])
(lib.mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "allowType1" ] [ "fonts" "fontconfig" "allowType1" ])
(lib.mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "useEmbeddedBitmaps" ] [ "fonts" "fontconfig" "useEmbeddedBitmaps" ])
(lib.mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "forceAutohint" ] [ "fonts" "fontconfig" "forceAutohint" ])
(lib.mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "renderMonoTTFAsBitmap" ] [ "fonts" "fontconfig" "renderMonoTTFAsBitmap" ])
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "forceAutohint" ] "")
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "renderMonoTTFAsBitmap" ] "")
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "dpi" ] "Use display server-specific options")
(lib.mkRemovedOptionModule [ "hardware" "video" "hidpi" "enable" ] fontconfigNote)
(lib.mkRemovedOptionModule [ "fonts" "optimizeForVeryHighDPI" ] fontconfigNote)
] ++ lib.forEach [ "enable" "substitutions" "preset" ]
(opt: lib.mkRemovedOptionModule [ "fonts" "fontconfig" "ultimate" "${opt}" ] ''
The fonts.fontconfig.ultimate module and configuration is obsolete.
The repository has since been archived and activity has ceased.
https://github.com/bohoomil/fontconfig-ultimate/issues/171.
No action should be needed for font configuration, as the fonts.fontconfig
module is already used by default.
'');
imports =
[
(lib.mkRenamedOptionModule
[ "fonts" "fontconfig" "ultimate" "allowBitmaps" ]
[ "fonts" "fontconfig" "allowBitmaps" ]
)
(lib.mkRenamedOptionModule
[ "fonts" "fontconfig" "ultimate" "allowType1" ]
[ "fonts" "fontconfig" "allowType1" ]
)
(lib.mkRenamedOptionModule
[ "fonts" "fontconfig" "ultimate" "useEmbeddedBitmaps" ]
[ "fonts" "fontconfig" "useEmbeddedBitmaps" ]
)
(lib.mkRenamedOptionModule
[ "fonts" "fontconfig" "ultimate" "forceAutohint" ]
[ "fonts" "fontconfig" "forceAutohint" ]
)
(lib.mkRenamedOptionModule
[ "fonts" "fontconfig" "ultimate" "renderMonoTTFAsBitmap" ]
[ "fonts" "fontconfig" "renderMonoTTFAsBitmap" ]
)
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "forceAutohint" ] "")
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "renderMonoTTFAsBitmap" ] "")
(lib.mkRemovedOptionModule [ "fonts" "fontconfig" "dpi" ] "Use display server-specific options")
(lib.mkRemovedOptionModule [ "hardware" "video" "hidpi" "enable" ] fontconfigNote)
(lib.mkRemovedOptionModule [ "fonts" "optimizeForVeryHighDPI" ] fontconfigNote)
]
++ lib.forEach [ "enable" "substitutions" "preset" ] (
opt:
lib.mkRemovedOptionModule [ "fonts" "fontconfig" "ultimate" "${opt}" ] ''
The fonts.fontconfig.ultimate module and configuration is obsolete.
The repository has since been archived and activity has ceased.
https://github.com/bohoomil/fontconfig-ultimate/issues/171.
No action should be needed for font configuration, as the fonts.fontconfig
module is already used by default.
''
);
options = {
@ -286,8 +316,8 @@ in
confPackages = lib.mkOption {
internal = true;
type = with lib.types; listOf path;
default = [ ];
type = with lib.types; listOf path;
default = [ ];
description = ''
Fontconfig configuration packages.
'';
@ -315,7 +345,7 @@ in
defaultFonts = {
monospace = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["DejaVu Sans Mono"];
default = [ "DejaVu Sans Mono" ];
description = ''
System-wide default monospace font(s). Multiple fonts may be
listed in case multiple languages must be supported.
@ -324,7 +354,7 @@ in
sansSerif = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["DejaVu Sans"];
default = [ "DejaVu Sans" ];
description = ''
System-wide default sans serif font(s). Multiple fonts may be
listed in case multiple languages must be supported.
@ -333,7 +363,7 @@ in
serif = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["DejaVu Serif"];
default = [ "DejaVu Serif" ];
description = ''
System-wide default serif font(s). Multiple fonts may be listed
in case multiple languages must be supported.
@ -342,7 +372,7 @@ in
emoji = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = ["Noto Color Emoji"];
default = [ "Noto Color Emoji" ];
description = ''
System-wide default emoji font(s). Multiple fonts may be listed
in case a font does not support all emoji.
@ -379,7 +409,12 @@ in
};
style = lib.mkOption {
type = lib.types.enum ["none" "slight" "medium" "full"];
type = lib.types.enum [
"none"
"slight"
"medium"
"full"
];
default = "slight";
description = ''
Hintstyle is the amount of font reshaping done to line up
@ -415,7 +450,13 @@ in
rgba = lib.mkOption {
default = "none";
type = lib.types.enum ["rgb" "bgr" "vrgb" "vbgr" "none"];
type = lib.types.enum [
"rgb"
"bgr"
"vrgb"
"vbgr"
"none"
];
description = ''
Subpixel order. The overwhelming majority of displays are
`rgb` in their normal orientation. Select
@ -431,7 +472,12 @@ in
lcdfilter = lib.mkOption {
default = "default";
type = lib.types.enum ["none" "default" "light" "legacy"];
type = lib.types.enum [
"none"
"default"
"light"
"legacy"
];
description = ''
FreeType LCD filter. At high resolution (> 200 DPI), LCD filtering
has no visible effect; users of such displays may want to select
@ -480,8 +526,8 @@ in
};
config = lib.mkMerge [
(lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.fontconfig ];
environment.etc.fonts.source = "${fontconfigEtc}/etc/fonts/";
environment.systemPackages = [ pkgs.fontconfig ];
environment.etc.fonts.source = "${fontconfigEtc}/etc/fonts/";
security.apparmor.includes."abstractions/fonts" = ''
# fonts.conf
r ${pkg.out}/etc/fonts/fonts.conf,
@ -497,12 +543,12 @@ in
# 50-user.conf
${lib.optionalString cfg.includeUserConf ''
r ${pkg.out}/etc/fonts/conf.d.bak/50-user.conf,
r ${pkg.out}/etc/fonts/conf.d.bak/50-user.conf,
''}
# local.conf (indirect priority 51)
${lib.optionalString (cfg.localConf != "") ''
r ${localConf},
r ${localConf},
''}
# 52-nixos-default-fonts.conf
@ -512,8 +558,8 @@ in
r ${rejectBitmaps},
${lib.optionalString (!cfg.allowType1) ''
# 53-nixos-reject-type1.conf
r ${rejectType1},
# 53-nixos-reject-type1.conf
r ${rejectType1},
''}
'';
})

7
nixos/modules/config/fonts/fontdir.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.fonts.fontDir;

7
nixos/modules/config/fonts/ghostscript.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
options = {
fonts.enableGhostscriptFonts = lib.mkOption {

33
nixos/modules/config/fonts/packages.nix
View file

@ -1,11 +1,19 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.fonts;
in
{
imports = [
(lib.mkRemovedOptionModule [ "fonts" "enableCoreFonts" ] "Use fonts.packages = [ pkgs.corefonts ]; instead.")
(lib.mkRemovedOptionModule [
"fonts"
"enableCoreFonts"
] "Use fonts.packages = [ pkgs.corefonts ]; instead.")
(lib.mkRenamedOptionModule [ "fonts" "enableDefaultFonts" ] [ "fonts" "enableDefaultPackages" ])
(lib.mkRenamedOptionModule [ "fonts" "fonts" ] [ "fonts" "packages" ])
];
@ -14,7 +22,7 @@ in
fonts = {
packages = lib.mkOption {
type = with lib.types; listOf path;
default = [];
default = [ ];
example = lib.literalExpression "[ pkgs.dejavu_fonts ]";
description = "List of primary font packages.";
};
@ -31,13 +39,16 @@ in
};
config = {
fonts.packages = lib.mkIf cfg.enableDefaultPackages (with pkgs; [
dejavu_fonts
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
liberation_ttf
unifont
noto-fonts-color-emoji
]);
fonts.packages = lib.mkIf cfg.enableDefaultPackages (
with pkgs;
[
dejavu_fonts
freefont_ttf
gyre-fonts # TrueType substitutes for standard PostScript fonts
liberation_ttf
unifont
noto-fonts-color-emoji
]
);
};
}

7
nixos/modules/config/gtk/gtk-icon-cache.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
options = {
gtk.iconCache.enable = lib.mkOption {

7
nixos/modules/config/iproute2.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.networking.iproute2;
in

60
nixos/modules/config/ldap.nix
View file

@ -1,7 +1,19 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf mkMerge mkOption mkRenamedOptionModule types;
inherit (lib)
mkEnableOption
mkIf
mkMerge
mkOption
mkRenamedOptionModule
types
;
cfg = config.users.ldap;
@ -21,7 +33,7 @@ let
${lib.optionalString (config.users.ldap.bind.distinguishedName != "") ''
binddn ${config.users.ldap.bind.distinguishedName}
''}
${lib.optionalString (cfg.extraConfig != "") cfg.extraConfig }
${lib.optionalString (cfg.extraConfig != "") cfg.extraConfig}
'';
};
@ -30,11 +42,9 @@ let
base ${cfg.base}
timelimit ${toString cfg.timeLimit}
bind_timelimit ${toString cfg.bind.timeLimit}
${lib.optionalString (cfg.bind.distinguishedName != "")
"binddn ${cfg.bind.distinguishedName}" }
${lib.optionalString (cfg.daemon.rootpwmoddn != "")
"rootpwmoddn ${cfg.daemon.rootpwmoddn}" }
${lib.optionalString (cfg.daemon.extraConfig != "") cfg.daemon.extraConfig }
${lib.optionalString (cfg.bind.distinguishedName != "") "binddn ${cfg.bind.distinguishedName}"}
${lib.optionalString (cfg.daemon.rootpwmoddn != "") "rootpwmoddn ${cfg.daemon.rootpwmoddn}"}
${lib.optionalString (cfg.daemon.extraConfig != "") cfg.daemon.extraConfig}
'';
# nslcd normally reads configuration from /etc/nslcd.conf.
@ -121,13 +131,13 @@ in
};
extraConfig = mkOption {
default = "";
default = "";
type = types.lines;
description = ''
description = ''
Extra configuration options that will be added verbatim at
the end of the nslcd configuration file (`nslcd.conf(5)`).
'';
} ;
};
rootpwmoddn = mkOption {
default = "";
@ -183,7 +193,11 @@ in
policy = mkOption {
default = "hard_open";
type = types.enum [ "hard_open" "hard_init" "soft" ];
type = types.enum [
"hard_open"
"hard_init"
"soft"
];
description = ''
Specifies the policy to use for reconnecting to an unavailable
LDAP server. The default is `hard_open`, which
@ -203,7 +217,7 @@ in
extraConfig = mkOption {
default = "";
type = types.lines;
description = ''
description = ''
Extra configuration options that will be added verbatim at
the end of the ldap configuration file (`ldap.conf(5)`).
If {option}`users.ldap.daemon` is enabled, this
@ -224,9 +238,9 @@ in
"ldap.conf" = ldapConfig;
};
system.nssModules = mkIf cfg.nsswitch (lib.singleton (
if cfg.daemon.enable then pkgs.nss_pam_ldapd else pkgs.nss_ldap
));
system.nssModules = mkIf cfg.nsswitch (
lib.singleton (if cfg.daemon.enable then pkgs.nss_pam_ldapd else pkgs.nss_ldap)
);
system.nssDatabases.group = lib.optional cfg.nsswitch "ldap";
system.nssDatabases.passwd = lib.optional cfg.nsswitch "ldap";
@ -248,7 +262,10 @@ in
(mkIf (!cfg.daemon.enable) {
ldap-password = {
wantedBy = [ "sysinit.target" ];
before = [ "sysinit.target" "shutdown.target" ];
before = [
"sysinit.target"
"shutdown.target"
];
conflicts = [ "shutdown.target" ];
unitConfig.DefaultDependencies = false;
serviceConfig.Type = "oneshot";
@ -304,7 +321,10 @@ in
};
imports =
[ (mkRenamedOptionModule [ "users" "ldap" "bind" "password"] [ "users" "ldap" "bind" "passwordFile"])
];
imports = [
(mkRenamedOptionModule
[ "users" "ldap" "bind" "password" ]
[ "users" "ldap" "bind" "passwordFile" ]
)
];
}

63
nixos/modules/config/ldso.nix
View file

@ -1,15 +1,29 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) last splitString mkOption types optionals;
inherit (lib)
last
splitString
mkOption
types
optionals
;
libDir = pkgs.stdenv.hostPlatform.libDir;
ldsoBasename = builtins.unsafeDiscardStringContext (last (splitString "/" pkgs.stdenv.cc.bintools.dynamicLinker));
ldsoBasename = builtins.unsafeDiscardStringContext (
last (splitString "/" pkgs.stdenv.cc.bintools.dynamicLinker)
);
# Hard-code to avoid creating another instance of nixpkgs. Also avoids eval errors in some cases.
libDir32 = "lib"; # pkgs.pkgsi686Linux.stdenv.hostPlatform.libDir
ldsoBasename32 = "ld-linux.so.2"; # last (splitString "/" pkgs.pkgsi686Linux.stdenv.cc.bintools.dynamicLinker)
in {
in
{
options = {
environment.ldso = mkOption {
type = types.nullOr types.path;
@ -32,26 +46,35 @@ in {
config = {
assertions = [
{ assertion = isNull config.environment.ldso32 || pkgs.stdenv.hostPlatform.isx86_64;
{
assertion = isNull config.environment.ldso32 || pkgs.stdenv.hostPlatform.isx86_64;
message = "Option environment.ldso32 currently only works on x86_64.";
}
];
systemd.tmpfiles.rules = (
if isNull config.environment.ldso then [
"r /${libDir}/${ldsoBasename} - - - - -"
] else [
"d /${libDir} 0755 root root - -"
"L+ /${libDir}/${ldsoBasename} - - - - ${config.environment.ldso}"
]
) ++ optionals pkgs.stdenv.hostPlatform.isx86_64 (
if isNull config.environment.ldso32 then [
"r /${libDir32}/${ldsoBasename32} - - - - -"
] else [
"d /${libDir32} 0755 root root - -"
"L+ /${libDir32}/${ldsoBasename32} - - - - ${config.environment.ldso32}"
]
);
systemd.tmpfiles.rules =
(
if isNull config.environment.ldso then
[
"r /${libDir}/${ldsoBasename} - - - - -"
]
else
[
"d /${libDir} 0755 root root - -"
"L+ /${libDir}/${ldsoBasename} - - - - ${config.environment.ldso}"
]
)
++ optionals pkgs.stdenv.hostPlatform.isx86_64 (
if isNull config.environment.ldso32 then
[
"r /${libDir32}/${ldsoBasename32} - - - - -"
]
else
[
"d /${libDir32} 0755 root root - -"
"L+ /${libDir32}/${ldsoBasename32} - - - - ${config.environment.ldso32}"
]
);
};
meta.maintainers = with lib.maintainers; [ tejing ];

31
nixos/modules/config/locale.nix
View file

@ -1,10 +1,16 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
tzdir = "${pkgs.tzdata}/share/zoneinfo";
nospace = str: lib.filter (c: c == " ") (lib.stringToCharacters str) == [];
timezone = lib.types.nullOr (lib.types.addCheck lib.types.str nospace)
// { description = "null or string without spaces"; };
nospace = str: lib.filter (c: c == " ") (lib.stringToCharacters str) == [ ];
timezone = lib.types.nullOr (lib.types.addCheck lib.types.str nospace) // {
description = "null or string without spaces";
};
lcfg = config.location;
@ -57,7 +63,10 @@ in
};
provider = lib.mkOption {
type = lib.types.enum [ "manual" "geoclue2" ];
type = lib.types.enum [
"manual"
"geoclue2"
];
default = "manual";
description = ''
The location provider to use for determining your location. If set to
@ -77,11 +86,15 @@ in
# This way services are restarted when tzdata changes.
systemd.globalEnvironment.TZDIR = tzdir;
systemd.services.systemd-timedated.environment = lib.optionalAttrs (config.time.timeZone != null) { NIXOS_STATIC_TIMEZONE = "1"; };
systemd.services.systemd-timedated.environment = lib.optionalAttrs (config.time.timeZone != null) {
NIXOS_STATIC_TIMEZONE = "1";
};
environment.etc = {
zoneinfo.source = tzdir;
} // lib.optionalAttrs (config.time.timeZone != null) {
environment.etc =
{
zoneinfo.source = tzdir;
}
// lib.optionalAttrs (config.time.timeZone != null) {
localtime.source = "/etc/zoneinfo/${config.time.timeZone}";
localtime.mode = "direct-symlink";
};

78
nixos/modules/config/malloc.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.environment.memoryAllocator;
@ -35,21 +40,25 @@ let
'';
};
scudo = let
platformMap = {
aarch64-linux = "aarch64";
x86_64-linux = "x86_64";
};
scudo =
let
platformMap = {
aarch64-linux = "aarch64";
x86_64-linux = "x86_64";
};
systemPlatform = platformMap.${pkgs.stdenv.hostPlatform.system} or (throw "scudo not supported on ${pkgs.stdenv.hostPlatform.system}");
in {
libPath = "${pkgs.llvmPackages_14.compiler-rt}/lib/linux/libclang_rt.scudo-${systemPlatform}.so";
description = ''
A user-mode allocator based on LLVM Sanitizers CombinedAllocator,
which aims at providing additional mitigations against heap based
vulnerabilities, while maintaining good performance.
'';
};
systemPlatform =
platformMap.${pkgs.stdenv.hostPlatform.system}
or (throw "scudo not supported on ${pkgs.stdenv.hostPlatform.system}");
in
{
libPath = "${pkgs.llvmPackages_14.compiler-rt}/lib/linux/libclang_rt.scudo-${systemPlatform}.so";
description = ''
A user-mode allocator based on LLVM Sanitizers CombinedAllocator,
which aims at providing additional mitigations against heap based
vulnerabilities, while maintaining good performance.
'';
};
mimalloc = {
libPath = "${pkgs.mimalloc}/lib/libmimalloc.so";
@ -65,17 +74,18 @@ let
# An output that contains only the shared library, to avoid
# needlessly bloating the system closure
mallocLib = pkgs.runCommand "malloc-provider-${cfg.provider}"
rec {
preferLocalBuild = true;
allowSubstitutes = false;
origLibPath = providerConf.libPath;
libName = baseNameOf origLibPath;
}
''
mkdir -p $out/lib
cp -L $origLibPath $out/lib/$libName
'';
mallocLib =
pkgs.runCommand "malloc-provider-${cfg.provider}"
rec {
preferLocalBuild = true;
allowSubstitutes = false;
origLibPath = providerConf.libPath;
libName = baseNameOf origLibPath;
}
''
mkdir -p $out/lib
cp -L $origLibPath $out/lib/$libName
'';
# The full path to the selected provider shlib.
providerLibPath = "${mallocLib}/lib/${mallocLib.libName}";
@ -96,9 +106,11 @@ in
Briefly, the system-wide memory allocator providers are:
- `libc`: the standard allocator provided by libc
${lib.concatStringsSep "\n" (lib.mapAttrsToList
(name: value: "- `${name}`: ${lib.replaceStrings [ "\n" ] [ " " ] value.description}")
providers)}
${lib.concatStringsSep "\n" (
lib.mapAttrsToList (
name: value: "- `${name}`: ${lib.replaceStrings [ "\n" ] [ " " ] value.description}"
) providers
)}
::: {.warning}
Selecting an alternative allocator (i.e., anything other than
@ -117,10 +129,12 @@ in
"abstractions/base" = ''
r /etc/ld-nix.so.preload,
r ${config.environment.etc."ld-nix.so.preload".source},
include "${pkgs.apparmorRulesFromClosure {
include "${
pkgs.apparmorRulesFromClosure {
name = "mallocLib";
baseRules = ["mr $path/lib/**.so*"];
} [ mallocLib ] }"
baseRules = [ "mr $path/lib/**.so*" ];
} [ mallocLib ]
}"
'';
};
};

167
nixos/modules/config/mysql.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.users.mysql;
in
@ -79,16 +84,26 @@ in
passwordCrypt = lib.mkOption {
example = "2";
type = lib.types.enum [
"0" "plain"
"1" "Y"
"2" "mysql"
"3" "md5"
"4" "sha1"
"5" "drupal7"
"6" "joomla15"
"7" "ssha"
"8" "sha512"
"9" "sha256"
"0"
"plain"
"1"
"Y"
"2"
"mysql"
"3"
"md5"
"4"
"sha1"
"5"
"drupal7"
"6"
"joomla15"
"7"
"ssha"
"8"
"sha512"
"9"
"sha256"
];
description = ''
The method to encrypt the user's password:
@ -119,7 +134,14 @@ in
'';
};
cryptDefault = lib.mkOption {
type = lib.types.nullOr (lib.types.enum [ "md5" "sha256" "sha512" "blowfish" ]);
type = lib.types.nullOr (
lib.types.enum [
"md5"
"sha256"
"sha512"
"blowfish"
]
);
default = null;
example = "blowfish";
description = "The default encryption method to use for `passwordCrypt = 1`.";
@ -358,64 +380,81 @@ in
group = "root";
mode = "0600";
# password will be added from password file in systemd oneshot
text = ''
users.host=${cfg.host}
users.db_user=${cfg.user}
users.database=${cfg.database}
users.table=${cfg.pam.table}
users.user_column=${cfg.pam.userColumn}
users.password_column=${cfg.pam.passwordColumn}
users.password_crypt=${cfg.pam.passwordCrypt}
users.disconnect_every_operation=${if cfg.pam.disconnectEveryOperation then "1" else "0"}
verbose=${if cfg.pam.verbose then "1" else "0"}
'' + lib.optionalString (cfg.pam.cryptDefault != null) ''
users.use_${cfg.pam.cryptDefault}=1
'' + lib.optionalString (cfg.pam.where != null) ''
users.where_clause=${cfg.pam.where}
'' + lib.optionalString (cfg.pam.statusColumn != null) ''
users.status_column=${cfg.pam.statusColumn}
'' + lib.optionalString (cfg.pam.updateTable != null) ''
users.update_table=${cfg.pam.updateTable}
'' + lib.optionalString cfg.pam.logging.enable ''
log.enabled=true
log.table=${cfg.pam.logging.table}
log.message_column=${cfg.pam.logging.msgColumn}
log.pid_column=${cfg.pam.logging.pidColumn}
log.user_column=${cfg.pam.logging.userColumn}
log.host_column=${cfg.pam.logging.hostColumn}
log.rhost_column=${cfg.pam.logging.rHostColumn}
log.time_column=${cfg.pam.logging.timeColumn}
'';
text =
''
users.host=${cfg.host}
users.db_user=${cfg.user}
users.database=${cfg.database}
users.table=${cfg.pam.table}
users.user_column=${cfg.pam.userColumn}
users.password_column=${cfg.pam.passwordColumn}
users.password_crypt=${cfg.pam.passwordCrypt}
users.disconnect_every_operation=${if cfg.pam.disconnectEveryOperation then "1" else "0"}
verbose=${if cfg.pam.verbose then "1" else "0"}
''
+ lib.optionalString (cfg.pam.cryptDefault != null) ''
users.use_${cfg.pam.cryptDefault}=1
''
+ lib.optionalString (cfg.pam.where != null) ''
users.where_clause=${cfg.pam.where}
''
+ lib.optionalString (cfg.pam.statusColumn != null) ''
users.status_column=${cfg.pam.statusColumn}
''
+ lib.optionalString (cfg.pam.updateTable != null) ''
users.update_table=${cfg.pam.updateTable}
''
+ lib.optionalString cfg.pam.logging.enable ''
log.enabled=true
log.table=${cfg.pam.logging.table}
log.message_column=${cfg.pam.logging.msgColumn}
log.pid_column=${cfg.pam.logging.pidColumn}
log.user_column=${cfg.pam.logging.userColumn}
log.host_column=${cfg.pam.logging.hostColumn}
log.rhost_column=${cfg.pam.logging.rHostColumn}
log.time_column=${cfg.pam.logging.timeColumn}
'';
};
environment.etc."libnss-mysql.cfg" = {
mode = "0600";
user = config.services.nscd.user;
group = config.services.nscd.group;
text = lib.optionalString (cfg.nss.getpwnam != null) ''
getpwnam ${cfg.nss.getpwnam}
'' + lib.optionalString (cfg.nss.getpwuid != null) ''
getpwuid ${cfg.nss.getpwuid}
'' + lib.optionalString (cfg.nss.getspnam != null) ''
getspnam ${cfg.nss.getspnam}
'' + lib.optionalString (cfg.nss.getpwent != null) ''
getpwent ${cfg.nss.getpwent}
'' + lib.optionalString (cfg.nss.getspent != null) ''
getspent ${cfg.nss.getspent}
'' + lib.optionalString (cfg.nss.getgrnam != null) ''
getgrnam ${cfg.nss.getgrnam}
'' + lib.optionalString (cfg.nss.getgrgid != null) ''
getgrgid ${cfg.nss.getgrgid}
'' + lib.optionalString (cfg.nss.getgrent != null) ''
getgrent ${cfg.nss.getgrent}
'' + lib.optionalString (cfg.nss.memsbygid != null) ''
memsbygid ${cfg.nss.memsbygid}
'' + lib.optionalString (cfg.nss.gidsbymem != null) ''
gidsbymem ${cfg.nss.gidsbymem}
'' + ''
host ${cfg.host}
database ${cfg.database}
'';
text =
lib.optionalString (cfg.nss.getpwnam != null) ''
getpwnam ${cfg.nss.getpwnam}
''
+ lib.optionalString (cfg.nss.getpwuid != null) ''
getpwuid ${cfg.nss.getpwuid}
''
+ lib.optionalString (cfg.nss.getspnam != null) ''
getspnam ${cfg.nss.getspnam}
''
+ lib.optionalString (cfg.nss.getpwent != null) ''
getpwent ${cfg.nss.getpwent}
''
+ lib.optionalString (cfg.nss.getspent != null) ''
getspent ${cfg.nss.getspent}
''
+ lib.optionalString (cfg.nss.getgrnam != null) ''
getgrnam ${cfg.nss.getgrnam}
''
+ lib.optionalString (cfg.nss.getgrgid != null) ''
getgrgid ${cfg.nss.getgrgid}
''
+ lib.optionalString (cfg.nss.getgrent != null) ''
getgrent ${cfg.nss.getgrent}
''
+ lib.optionalString (cfg.nss.memsbygid != null) ''
memsbygid ${cfg.nss.memsbygid}
''
+ lib.optionalString (cfg.nss.gidsbymem != null) ''
gidsbymem ${cfg.nss.gidsbymem}
''
+ ''
host ${cfg.host}
database ${cfg.database}
'';
};
environment.etc."libnss-mysql-root.cfg" = {

121
nixos/modules/config/nix-flakes.nix
View file

@ -4,7 +4,7 @@
See also
- ./nix.nix
- ./nix-channel.nix
*/
*/
{ config, lib, ... }:
let
inherit (lib)
@ -24,60 +24,75 @@ in
options = {
nix = {
registry = mkOption {
type = types.attrsOf (types.submodule (
let
referenceAttrs = with types; attrsOf (oneOf [
str
int
bool
path
package
]);
in
{ config, name, ... }:
{
options = {
from = mkOption {
type = referenceAttrs;
example = { type = "indirect"; id = "nixpkgs"; };
description = "The flake reference to be rewritten.";
type = types.attrsOf (
types.submodule (
let
referenceAttrs =
with types;
attrsOf (oneOf [
str
int
bool
path
package
]);
in
{ config, name, ... }:
{
options = {
from = mkOption {
type = referenceAttrs;
example = {
type = "indirect";
id = "nixpkgs";
};
description = "The flake reference to be rewritten.";
};
to = mkOption {
type = referenceAttrs;
example = {
type = "github";
owner = "my-org";
repo = "my-nixpkgs";
};
description = "The flake reference {option}`from` is rewritten to.";
};
flake = mkOption {
type = types.nullOr types.attrs;
default = null;
example = literalExpression "nixpkgs";
description = ''
The flake input {option}`from` is rewritten to.
'';
};
exact = mkOption {
type = types.bool;
default = true;
description = ''
Whether the {option}`from` reference needs to match exactly. If set,
a {option}`from` reference like `nixpkgs` does not
match with a reference like `nixpkgs/nixos-20.03`.
'';
};
};
to = mkOption {
type = referenceAttrs;
example = { type = "github"; owner = "my-org"; repo = "my-nixpkgs"; };
description = "The flake reference {option}`from` is rewritten to.";
config = {
from = mkDefault {
type = "indirect";
id = name;
};
to = mkIf (config.flake != null) (
mkDefault (
{
type = "path";
path = config.flake.outPath;
}
// filterAttrs (n: _: n == "lastModified" || n == "rev" || n == "narHash") config.flake
)
);
};
flake = mkOption {
type = types.nullOr types.attrs;
default = null;
example = literalExpression "nixpkgs";
description = ''
The flake input {option}`from` is rewritten to.
'';
};
exact = mkOption {
type = types.bool;
default = true;
description = ''
Whether the {option}`from` reference needs to match exactly. If set,
a {option}`from` reference like `nixpkgs` does not
match with a reference like `nixpkgs/nixos-20.03`.
'';
};
};
config = {
from = mkDefault { type = "indirect"; id = name; };
to = mkIf (config.flake != null) (mkDefault (
{
type = "path";
path = config.flake.outPath;
} // filterAttrs
(n: _: n == "lastModified" || n == "rev" || n == "narHash")
config.flake
));
};
}
));
}
)
);
default = { };
description = ''
A system-wide flake registry.

327
nixos/modules/config/nix-remote-build.nix
View file

@ -4,7 +4,7 @@
See also
- ./nix.nix
- nixos/modules/services/system/nix-daemon.nix
*/
*/
{ config, lib, ... }:
let
@ -29,150 +29,181 @@ let
isNixAtLeast = versionAtLeast (getVersion nixPackage);
buildMachinesText =
concatMapStrings
(machine:
(concatStringsSep " " ([
"${optionalString (machine.protocol != null) "${machine.protocol}://"}${optionalString (machine.sshUser != null) "${machine.sshUser}@"}${machine.hostName}"
(if machine.system != null then machine.system else if machine.systems != [ ] then concatStringsSep "," machine.systems else "-")
(if machine.sshKey != null then machine.sshKey else "-")
(toString machine.maxJobs)
(toString machine.speedFactor)
(let res = (machine.supportedFeatures ++ machine.mandatoryFeatures);
in if (res == []) then "-" else (concatStringsSep "," res))
(let res = machine.mandatoryFeatures;
in if (res == []) then "-" else (concatStringsSep "," machine.mandatoryFeatures))
]
++ optional (isNixAtLeast "2.4pre") (if machine.publicHostKey != null then machine.publicHostKey else "-")))
+ "\n"
buildMachinesText = concatMapStrings (
machine:
(concatStringsSep " " (
[
"${optionalString (machine.protocol != null) "${machine.protocol}://"}${
optionalString (machine.sshUser != null) "${machine.sshUser}@"
}${machine.hostName}"
(
if machine.system != null then
machine.system
else if machine.systems != [ ] then
concatStringsSep "," machine.systems
else
"-"
)
(if machine.sshKey != null then machine.sshKey else "-")
(toString machine.maxJobs)
(toString machine.speedFactor)
(
let
res = (machine.supportedFeatures ++ machine.mandatoryFeatures);
in
if (res == [ ]) then "-" else (concatStringsSep "," res)
)
(
let
res = machine.mandatoryFeatures;
in
if (res == [ ]) then "-" else (concatStringsSep "," machine.mandatoryFeatures)
)
]
++ optional (isNixAtLeast "2.4pre") (
if machine.publicHostKey != null then machine.publicHostKey else "-"
)
cfg.buildMachines;
))
+ "\n"
) cfg.buildMachines;
in
{
options = {
nix = {
buildMachines = mkOption {
type = types.listOf (types.submodule {
options = {
hostName = mkOption {
type = types.str;
example = "nixbuilder.example.org";
description = ''
The hostname of the build machine.
'';
};
protocol = mkOption {
type = types.enum [ null "ssh" "ssh-ng" ];
default = "ssh";
example = "ssh-ng";
description = ''
The protocol used for communicating with the build machine.
Use `ssh-ng` if your remote builder and your
local Nix version support that improved protocol.
type = types.listOf (
types.submodule {
options = {
hostName = mkOption {
type = types.str;
example = "nixbuilder.example.org";
description = ''
The hostname of the build machine.
'';
};
protocol = mkOption {
type = types.enum [
null
"ssh"
"ssh-ng"
];
default = "ssh";
example = "ssh-ng";
description = ''
The protocol used for communicating with the build machine.
Use `ssh-ng` if your remote builder and your
local Nix version support that improved protocol.
Use `null` when trying to change the special localhost builder
without a protocol which is for example used by hydra.
'';
};
system = mkOption {
type = types.nullOr types.str;
default = null;
example = "x86_64-linux";
description = ''
The system type the build machine can execute derivations on.
Either this attribute or {var}`systems` must be
present, where {var}`system` takes precedence if
both are set.
'';
};
systems = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "x86_64-linux" "aarch64-linux" ];
description = ''
The system types the build machine can execute derivations on.
Either this attribute or {var}`system` must be
present, where {var}`system` takes precedence if
both are set.
'';
};
sshUser = mkOption {
type = types.nullOr types.str;
default = null;
example = "builder";
description = ''
The username to log in as on the remote host. This user must be
able to log in and run nix commands non-interactively. It must
also be privileged to build derivations, so must be included in
{option}`nix.settings.trusted-users`.
'';
};
sshKey = mkOption {
type = types.nullOr types.str;
default = null;
example = "/root/.ssh/id_buildhost_builduser";
description = ''
The path to the SSH private key with which to authenticate on
the build machine. The private key must not have a passphrase.
If null, the building user (root on NixOS machines) must have an
appropriate ssh configuration to log in non-interactively.
Use `null` when trying to change the special localhost builder
without a protocol which is for example used by hydra.
'';
};
system = mkOption {
type = types.nullOr types.str;
default = null;
example = "x86_64-linux";
description = ''
The system type the build machine can execute derivations on.
Either this attribute or {var}`systems` must be
present, where {var}`system` takes precedence if
both are set.
'';
};
systems = mkOption {
type = types.listOf types.str;
default = [ ];
example = [
"x86_64-linux"
"aarch64-linux"
];
description = ''
The system types the build machine can execute derivations on.
Either this attribute or {var}`system` must be
present, where {var}`system` takes precedence if
both are set.
'';
};
sshUser = mkOption {
type = types.nullOr types.str;
default = null;
example = "builder";
description = ''
The username to log in as on the remote host. This user must be
able to log in and run nix commands non-interactively. It must
also be privileged to build derivations, so must be included in
{option}`nix.settings.trusted-users`.
'';
};
sshKey = mkOption {
type = types.nullOr types.str;
default = null;
example = "/root/.ssh/id_buildhost_builduser";
description = ''
The path to the SSH private key with which to authenticate on
the build machine. The private key must not have a passphrase.
If null, the building user (root on NixOS machines) must have an
appropriate ssh configuration to log in non-interactively.
Note that for security reasons, this path must point to a file
in the local filesystem, *not* to the nix store.
'';
Note that for security reasons, this path must point to a file
in the local filesystem, *not* to the nix store.
'';
};
maxJobs = mkOption {
type = types.int;
default = 1;
description = ''
The number of concurrent jobs the build machine supports. The
build machine will enforce its own limits, but this allows hydra
to schedule better since there is no work-stealing between build
machines.
'';
};
speedFactor = mkOption {
type = types.int;
default = 1;
description = ''
The relative speed of this builder. This is an arbitrary integer
that indicates the speed of this builder, relative to other
builders. Higher is faster.
'';
};
mandatoryFeatures = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "big-parallel" ];
description = ''
A list of features mandatory for this builder. The builder will
be ignored for derivations that don't require all features in
this list. All mandatory features are automatically included in
{var}`supportedFeatures`.
'';
};
supportedFeatures = mkOption {
type = types.listOf types.str;
default = [ ];
example = [
"kvm"
"big-parallel"
];
description = ''
A list of features supported by this builder. The builder will
be ignored for derivations that require features not in this
list.
'';
};
publicHostKey = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The (base64-encoded) public host key of this builder. The field
is calculated via {command}`base64 -w0 /etc/ssh/ssh_host_type_key.pub`.
If null, SSH will use its regular known-hosts file when connecting.
'';
};
};
maxJobs = mkOption {
type = types.int;
default = 1;
description = ''
The number of concurrent jobs the build machine supports. The
build machine will enforce its own limits, but this allows hydra
to schedule better since there is no work-stealing between build
machines.
'';
};
speedFactor = mkOption {
type = types.int;
default = 1;
description = ''
The relative speed of this builder. This is an arbitrary integer
that indicates the speed of this builder, relative to other
builders. Higher is faster.
'';
};
mandatoryFeatures = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "big-parallel" ];
description = ''
A list of features mandatory for this builder. The builder will
be ignored for derivations that don't require all features in
this list. All mandatory features are automatically included in
{var}`supportedFeatures`.
'';
};
supportedFeatures = mkOption {
type = types.listOf types.str;
default = [ ];
example = [ "kvm" "big-parallel" ];
description = ''
A list of features supported by this builder. The builder will
be ignored for derivations that require features not in this
list.
'';
};
publicHostKey = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The (base64-encoded) public host key of this builder. The field
is calculated via {command}`base64 -w0 /etc/ssh/ssh_host_type_key.pub`.
If null, SSH will use its regular known-hosts file when connecting.
'';
};
};
});
}
);
default = [ ];
description = ''
This option lists the machines to be used if distributed builds are
@ -198,27 +229,27 @@ in
# override that nix option.
config = mkIf cfg.enable {
assertions =
let badMachine = m: m.system == null && m.systems == [ ];
let
badMachine = m: m.system == null && m.systems == [ ];
in
[
{
assertion = !(any badMachine cfg.buildMachines);
message = ''
At least one system type (via <varname>system</varname> or
<varname>systems</varname>) must be set for every build machine.
Invalid machine specifications:
'' + " " +
(concatStringsSep "\n "
(map (m: m.hostName)
(filter (badMachine) cfg.buildMachines)));
message =
''
At least one system type (via <varname>system</varname> or
<varname>systems</varname>) must be set for every build machine.
Invalid machine specifications:
''
+ " "
+ (concatStringsSep "\n " (map (m: m.hostName) (filter (badMachine) cfg.buildMachines)));
}
];
# List of machines for distributed Nix builds
environment.etc."nix/machines" =
mkIf (cfg.buildMachines != [ ]) {
text = buildMachinesText;
};
environment.etc."nix/machines" = mkIf (cfg.buildMachines != [ ]) {
text = buildMachinesText;
};
# Legacy configuration conversion.
nix.settings = mkIf (!cfg.distributedBuilds) { builders = null; };

16
nixos/modules/config/nsswitch.nix
View file

@ -1,5 +1,10 @@
# Configuration for the Name Service Switch (/etc/nsswitch.conf).
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
options = {
@ -14,11 +19,10 @@
several DNS resolution methods to be specified via
{file}`/etc/nsswitch.conf`.
'';
apply = list:
{
inherit list;
path = lib.makeLibraryPath list;
};
apply = list: {
inherit list;
path = lib.makeLibraryPath list;
};
};
system.nssDatabases = {

68
nixos/modules/config/power-management.nix
View file

@ -17,9 +17,9 @@ in
type = lib.types.bool;
default = true;
description = ''
Whether to enable power management. This includes support
for suspend-to-RAM and powersave features on laptops.
'';
Whether to enable power management. This includes support
for suspend-to-RAM and powersave features on laptops.
'';
};
resumeCommands = lib.mkOption {
@ -35,10 +35,10 @@ in
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
'';
description = ''
Commands executed when the machine powers up. That is,
they're executed both when the system first boots and when
it resumes from suspend or hibernation.
'';
Commands executed when the machine powers up. That is,
they're executed both when the system first boots and when
it resumes from suspend or hibernation.
'';
};
powerDownCommands = lib.mkOption {
@ -48,17 +48,16 @@ in
"''${pkgs.hdparm}/sbin/hdparm -B 255 /dev/sda"
'';
description = ''
Commands executed when the machine powers down. That is,
they're executed both when the system shuts down and when
it goes to suspend or hibernation.
'';
Commands executed when the machine powers down. That is,
they're executed both when the system shuts down and when
it goes to suspend or hibernation.
'';
};
};
};
###### implementation
config = lib.mkIf cfg.enable {
@ -72,28 +71,31 @@ in
};
# Service executed before suspending/hibernating.
systemd.services.pre-sleep =
{ description = "Pre-Sleep Actions";
wantedBy = [ "sleep.target" ];
before = [ "sleep.target" ];
script =
''
${cfg.powerDownCommands}
'';
serviceConfig.Type = "oneshot";
};
systemd.services.pre-sleep = {
description = "Pre-Sleep Actions";
wantedBy = [ "sleep.target" ];
before = [ "sleep.target" ];
script = ''
${cfg.powerDownCommands}
'';
serviceConfig.Type = "oneshot";
};
systemd.services.post-resume =
{ description = "Post-Resume Actions";
after = [ "suspend.target" "hibernate.target" "hybrid-sleep.target" "suspend-then-hibernate.target" ];
script =
''
/run/current-system/systemd/bin/systemctl try-restart --no-block post-resume.target
${cfg.resumeCommands}
${cfg.powerUpCommands}
'';
serviceConfig.Type = "oneshot";
};
systemd.services.post-resume = {
description = "Post-Resume Actions";
after = [
"suspend.target"
"hibernate.target"
"hybrid-sleep.target"
"suspend-then-hibernate.target"
];
script = ''
/run/current-system/systemd/bin/systemctl try-restart --no-block post-resume.target
${cfg.resumeCommands}
${cfg.powerUpCommands}
'';
serviceConfig.Type = "oneshot";
};
};

246
nixos/modules/config/pulseaudio.nix
View file

@ -1,34 +1,51 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.pulseaudio;
hasZeroconf = let z = cfg.zeroconf; in z.publish.enable || z.discovery.enable;
hasZeroconf =
let
z = cfg.zeroconf;
in
z.publish.enable || z.discovery.enable;
overriddenPackage = cfg.package.override
(lib.optionalAttrs hasZeroconf { zeroconfSupport = true; });
overriddenPackage = cfg.package.override (
lib.optionalAttrs hasZeroconf { zeroconfSupport = true; }
);
binary = "${lib.getBin overriddenPackage}/bin/pulseaudio";
binaryNoDaemon = "${binary} --daemonize=no";
# Forces 32bit pulseaudio and alsa-plugins to be built/supported for apps
# using 32bit alsa on 64bit linux.
enable32BitAlsaPlugins = cfg.support32Bit && pkgs.stdenv.hostPlatform.isx86_64 && (pkgs.pkgsi686Linux.alsa-lib != null && pkgs.pkgsi686Linux.libpulseaudio != null);
enable32BitAlsaPlugins =
cfg.support32Bit
&& pkgs.stdenv.hostPlatform.isx86_64
&& (pkgs.pkgsi686Linux.alsa-lib != null && pkgs.pkgsi686Linux.libpulseaudio != null);
myConfigFile =
let
addModuleIf = cond: mod: lib.optionalString cond "load-module ${mod}";
allAnon = lib.optional cfg.tcp.anonymousClients.allowAll "auth-anonymous=1";
ipAnon = let a = cfg.tcp.anonymousClients.allowedIpRanges;
in lib.optional (a != []) ''auth-ip-acl=${lib.concatStringsSep ";" a}'';
in pkgs.writeTextFile {
ipAnon =
let
a = cfg.tcp.anonymousClients.allowedIpRanges;
in
lib.optional (a != [ ]) ''auth-ip-acl=${lib.concatStringsSep ";" a}'';
in
pkgs.writeTextFile {
name = "default.pa";
text = ''
text = ''
.include ${cfg.configFile}
${addModuleIf cfg.zeroconf.publish.enable "module-zeroconf-publish"}
${addModuleIf cfg.zeroconf.discovery.enable "module-zeroconf-discover"}
${addModuleIf cfg.tcp.enable (lib.concatStringsSep " "
([ "module-native-protocol-tcp" ] ++ allAnon ++ ipAnon))}
${addModuleIf cfg.tcp.enable (
lib.concatStringsSep " " ([ "module-native-protocol-tcp" ] ++ allAnon ++ ipAnon)
)}
${addModuleIf config.services.jack.jackd.enable "module-jack-sink"}
${addModuleIf config.services.jack.jackd.enable "module-jack-source"}
${cfg.extraConfig}
@ -56,8 +73,7 @@ let
alsaConf = ''
pcm_type.pulse {
libs.native = ${pkgs.alsa-plugins}/lib/alsa-lib/libasound_module_pcm_pulse.so ;
${lib.optionalString enable32BitAlsaPlugins
"libs.32Bit = ${pkgs.pkgsi686Linux.alsa-plugins}/lib/alsa-lib/libasound_module_pcm_pulse.so ;"}
${lib.optionalString enable32BitAlsaPlugins "libs.32Bit = ${pkgs.pkgsi686Linux.alsa-plugins}/lib/alsa-lib/libasound_module_pcm_pulse.so ;"}
}
pcm.!default {
type pulse
@ -65,15 +81,15 @@ let
}
ctl_type.pulse {
libs.native = ${pkgs.alsa-plugins}/lib/alsa-lib/libasound_module_ctl_pulse.so ;
${lib.optionalString enable32BitAlsaPlugins
"libs.32Bit = ${pkgs.pkgsi686Linux.alsa-plugins}/lib/alsa-lib/libasound_module_ctl_pulse.so ;"}
${lib.optionalString enable32BitAlsaPlugins "libs.32Bit = ${pkgs.pkgsi686Linux.alsa-plugins}/lib/alsa-lib/libasound_module_ctl_pulse.so ;"}
}
ctl.!default {
type pulse
}
'';
in {
in
{
options = {
@ -138,9 +154,7 @@ in {
package = lib.mkOption {
type = lib.types.package;
default = if config.services.jack.jackd.enable
then pkgs.pulseaudioFull
else pkgs.pulseaudio;
default = if config.services.jack.jackd.enable then pkgs.pulseaudioFull else pkgs.pulseaudio;
defaultText = lib.literalExpression "pkgs.pulseaudio";
example = lib.literalExpression "pkgs.pulseaudioFull";
description = ''
@ -152,7 +166,7 @@ in {
extraModules = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
default = [ ];
example = lib.literalExpression "[ pkgs.pulseaudio-modules-bt ]";
description = ''
Extra pulseaudio modules to use. This is intended for out-of-tree
@ -174,17 +188,15 @@ in {
config = lib.mkOption {
type = lib.types.attrsOf lib.types.unspecified;
default = {};
default = { };
description = "Config of the pulse daemon. See `man pulse-daemon.conf`.";
example = lib.literalExpression ''{ realtime-scheduling = "yes"; }'';
};
};
zeroconf = {
discovery.enable =
lib.mkEnableOption "discovery of pulseaudio sinks in the local network";
publish.enable =
lib.mkEnableOption "publishing the pulseaudio sink in the local network";
discovery.enable = lib.mkEnableOption "discovery of pulseaudio sinks in the local network";
publish.enable = lib.mkEnableOption "publishing the pulseaudio sink in the local network";
};
# TODO: enable by default?
@ -195,7 +207,7 @@ in {
allowAll = lib.mkEnableOption "all anonymous clients to stream to the server";
allowedIpRanges = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
default = [ ];
example = lib.literalExpression ''[ "127.0.0.1" "192.168.1.0/24" ]'';
description = ''
A list of IP subnets that are allowed to stream to the server.
@ -208,112 +220,120 @@ in {
};
config = lib.mkIf cfg.enable (
lib.mkMerge [
{
environment.etc."pulse/client.conf".source = clientConf;
config = lib.mkIf cfg.enable (lib.mkMerge [
{
environment.etc."pulse/client.conf".source = clientConf;
environment.systemPackages = [ overriddenPackage ];
environment.systemPackages = [ overriddenPackage ];
environment.etc = {
"alsa/conf.d/99-pulseaudio.conf".text = alsaConf;
environment.etc = {
"alsa/conf.d/99-pulseaudio.conf".text = alsaConf;
"pulse/daemon.conf".source = pkgs.writeText "daemon.conf" (
lib.generators.toKeyValue { } cfg.daemon.config
);
"pulse/daemon.conf".source = pkgs.writeText "daemon.conf"
(lib.generators.toKeyValue {} cfg.daemon.config);
"openal/alsoft.conf".source = pkgs.writeText "alsoft.conf" "drivers=pulse";
"openal/alsoft.conf".source = pkgs.writeText "alsoft.conf" "drivers=pulse";
"libao.conf".source = pkgs.writeText "libao.conf" "default_driver=pulse";
};
"libao.conf".source = pkgs.writeText "libao.conf" "default_driver=pulse";
};
hardware.pulseaudio.configFile = lib.mkDefault "${lib.getBin overriddenPackage}/etc/pulse/default.pa";
hardware.pulseaudio.configFile = lib.mkDefault "${lib.getBin overriddenPackage}/etc/pulse/default.pa";
# Disable flat volumes to enable relative ones
hardware.pulseaudio.daemon.config.flat-volumes = lib.mkDefault "no";
# Disable flat volumes to enable relative ones
hardware.pulseaudio.daemon.config.flat-volumes = lib.mkDefault "no";
# Upstream defaults to speex-float-1 which results in audible artifacts
hardware.pulseaudio.daemon.config.resample-method = lib.mkDefault "speex-float-5";
# Upstream defaults to speex-float-1 which results in audible artifacts
hardware.pulseaudio.daemon.config.resample-method = lib.mkDefault "speex-float-5";
# Allow PulseAudio to get realtime priority using rtkit.
security.rtkit.enable = true;
# Allow PulseAudio to get realtime priority using rtkit.
security.rtkit.enable = true;
systemd.packages = [ overriddenPackage ];
systemd.packages = [ overriddenPackage ];
# PulseAudio is packaged with udev rules to handle various audio device quirks
services.udev.packages = [ overriddenPackage ];
}
# PulseAudio is packaged with udev rules to handle various audio device quirks
services.udev.packages = [ overriddenPackage ];
}
(lib.mkIf (cfg.extraModules != [ ]) {
hardware.pulseaudio.daemon.config.dl-search-path =
let
overriddenModules = builtins.map (
drv: drv.override { pulseaudio = overriddenPackage; }
) cfg.extraModules;
modulePaths =
builtins.map (drv: "${drv}/lib/pulseaudio/modules")
# User-provided extra modules take precedence
(overriddenModules ++ [ overriddenPackage ]);
in
lib.concatStringsSep ":" modulePaths;
})
(lib.mkIf (cfg.extraModules != []) {
hardware.pulseaudio.daemon.config.dl-search-path = let
overriddenModules = builtins.map
(drv: drv.override { pulseaudio = overriddenPackage; })
cfg.extraModules;
modulePaths = builtins.map
(drv: "${drv}/lib/pulseaudio/modules")
# User-provided extra modules take precedence
(overriddenModules ++ [ overriddenPackage ]);
in lib.concatStringsSep ":" modulePaths;
})
(lib.mkIf hasZeroconf {
services.avahi.enable = true;
})
(lib.mkIf cfg.zeroconf.publish.enable {
services.avahi.publish.enable = true;
services.avahi.publish.userServices = true;
})
(lib.mkIf hasZeroconf {
services.avahi.enable = true;
})
(lib.mkIf cfg.zeroconf.publish.enable {
services.avahi.publish.enable = true;
services.avahi.publish.userServices = true;
})
(lib.mkIf (!cfg.systemWide) {
environment.etc = {
"pulse/default.pa".source = myConfigFile;
};
systemd.user = {
services.pulseaudio = {
restartIfChanged = true;
serviceConfig = {
RestartSec = "500ms";
PassEnvironment = "DISPLAY";
(lib.mkIf (!cfg.systemWide) {
environment.etc = {
"pulse/default.pa".source = myConfigFile;
};
systemd.user = {
services.pulseaudio =
{
restartIfChanged = true;
serviceConfig = {
RestartSec = "500ms";
PassEnvironment = "DISPLAY";
};
}
// lib.optionalAttrs config.services.jack.jackd.enable {
environment.JACK_PROMISCUOUS_SERVER = "jackaudio";
};
sockets.pulseaudio = {
wantedBy = [ "sockets.target" ];
};
} // lib.optionalAttrs config.services.jack.jackd.enable {
environment.JACK_PROMISCUOUS_SERVER = "jackaudio";
};
sockets.pulseaudio = {
wantedBy = [ "sockets.target" ];
})
(lib.mkIf cfg.systemWide {
users.users.pulse = {
# For some reason, PulseAudio wants UID == GID.
uid =
assert uid == gid;
uid;
group = "pulse";
extraGroups = [ "audio" ];
description = "PulseAudio system service user";
home = stateDir;
homeMode = "755";
createHome = true;
isSystemUser = true;
};
};
})
(lib.mkIf cfg.systemWide {
users.users.pulse = {
# For some reason, PulseAudio wants UID == GID.
uid = assert uid == gid; uid;
group = "pulse";
extraGroups = [ "audio" ];
description = "PulseAudio system service user";
home = stateDir;
homeMode = "755";
createHome = true;
isSystemUser = true;
};
users.groups.pulse.gid = gid;
users.groups.pulse-access = { };
users.groups.pulse.gid = gid;
users.groups.pulse-access = {};
systemd.services.pulseaudio = {
description = "PulseAudio System-Wide Server";
wantedBy = [ "sound.target" ];
before = [ "sound.target" ];
environment.PULSE_RUNTIME_PATH = stateDir;
serviceConfig = {
Type = "notify";
ExecStart = "${binaryNoDaemon} --log-level=${cfg.daemon.logLevel} --system -n --file=${myConfigFile}";
Restart = "on-failure";
RestartSec = "500ms";
systemd.services.pulseaudio = {
description = "PulseAudio System-Wide Server";
wantedBy = [ "sound.target" ];
before = [ "sound.target" ];
environment.PULSE_RUNTIME_PATH = stateDir;
serviceConfig = {
Type = "notify";
ExecStart = "${binaryNoDaemon} --log-level=${cfg.daemon.logLevel} --system -n --file=${myConfigFile}";
Restart = "on-failure";
RestartSec = "500ms";
};
};
};
environment.variables.PULSE_COOKIE = "${stateDir}/.config/pulse/cookie";
})
]);
environment.variables.PULSE_COOKIE = "${stateDir}/.config/pulse/cookie";
})
]
);
}

137
nixos/modules/config/qt.nix
View file

@ -1,14 +1,34 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.qt;
platformPackages = with pkgs; {
gnome = [ qgnomeplatform qgnomeplatform-qt6 ];
gtk2 = [ libsForQt5.qtstyleplugins qt6Packages.qt6gtk2 ];
kde = [ libsForQt5.plasma-integration libsForQt5.systemsettings ];
lxqt = [ lxqt.lxqt-qtplugin lxqt.lxqt-config ];
qt5ct = [ libsForQt5.qt5ct qt6Packages.qt6ct ];
gnome = [
qgnomeplatform
qgnomeplatform-qt6
];
gtk2 = [
libsForQt5.qtstyleplugins
qt6Packages.qt6gtk2
];
kde = [
libsForQt5.plasma-integration
libsForQt5.systemsettings
];
lxqt = [
lxqt.lxqt-qtplugin
lxqt.lxqt-config
];
qt5ct = [
libsForQt5.qt5ct
qt6Packages.qt6ct
];
};
stylePackages = with pkgs; {
@ -16,22 +36,43 @@ let
bb10dark = [ libsForQt5.qtstyleplugins ];
cde = [ libsForQt5.qtstyleplugins ];
cleanlooks = [ libsForQt5.qtstyleplugins ];
gtk2 = [ libsForQt5.qtstyleplugins qt6Packages.qt6gtk2 ];
gtk2 = [
libsForQt5.qtstyleplugins
qt6Packages.qt6gtk2
];
motif = [ libsForQt5.qtstyleplugins ];
plastique = [ libsForQt5.qtstyleplugins ];
adwaita = [ adwaita-qt adwaita-qt6 ];
adwaita-dark = [ adwaita-qt adwaita-qt6 ];
adwaita-highcontrast = [ adwaita-qt adwaita-qt6 ];
adwaita-highcontrastinverse = [ adwaita-qt adwaita-qt6 ];
adwaita = [
adwaita-qt
adwaita-qt6
];
adwaita-dark = [
adwaita-qt
adwaita-qt6
];
adwaita-highcontrast = [
adwaita-qt
adwaita-qt6
];
adwaita-highcontrastinverse = [
adwaita-qt
adwaita-qt6
];
breeze = [ libsForQt5.breeze-qt5 ];
kvantum = [ libsForQt5.qtstyleplugin-kvantum qt6Packages.qtstyleplugin-kvantum ];
kvantum = [
libsForQt5.qtstyleplugin-kvantum
qt6Packages.qtstyleplugin-kvantum
];
};
in
{
meta.maintainers = with lib.maintainers; [ romildo thiagokokada ];
meta.maintainers = with lib.maintainers; [
romildo
thiagokokada
];
imports = [
(lib.mkRenamedOptionModule [ "qt5" "enable" ] [ "qt" "enable" ])
@ -57,14 +98,38 @@ in
relatedPackages = [
"qgnomeplatform"
"qgnomeplatform-qt6"
[ "libsForQt5" "plasma-integration" ]
[ "libsForQt5" "qt5ct" ]
[ "libsForQt5" "qtstyleplugins" ]
[ "libsForQt5" "systemsettings" ]
[ "lxqt" "lxqt-config" ]
[ "lxqt" "lxqt-qtplugin" ]
[ "qt6Packages" "qt6ct" ]
[ "qt6Packages" "qt6gtk2" ]
[
"libsForQt5"
"plasma-integration"
]
[
"libsForQt5"
"qt5ct"
]
[
"libsForQt5"
"qtstyleplugins"
]
[
"libsForQt5"
"systemsettings"
]
[
"lxqt"
"lxqt-config"
]
[
"lxqt"
"lxqt-qtplugin"
]
[
"qt6Packages"
"qt6ct"
]
[
"qt6Packages"
"qt6gtk2"
]
];
description = ''
Selects the platform theme to use for Qt applications.
@ -87,11 +152,26 @@ in
relatedPackages = [
"adwaita-qt"
"adwaita-qt6"
[ "libsForQt5" "breeze-qt5" ]
[ "libsForQt5" "qtstyleplugin-kvantum" ]
[ "libsForQt5" "qtstyleplugins" ]
[ "qt6Packages" "qt6gtk2" ]
[ "qt6Packages" "qtstyleplugin-kvantum" ]
[
"libsForQt5"
"breeze-qt5"
]
[
"libsForQt5"
"qtstyleplugin-kvantum"
]
[
"libsForQt5"
"qtstyleplugins"
]
[
"qt6Packages"
"qt6gtk2"
]
[
"qt6Packages"
"qtstyleplugin-kvantum"
]
];
description = ''
Selects the style to use for Qt applications.
@ -140,7 +220,10 @@ in
environment.profileRelativeSessionVariables =
let
qtVersions = with pkgs; [ qt5 qt6 ];
qtVersions = with pkgs; [
qt5
qt6
];
in
{
QT_PLUGIN_PATH = map (qt: "/${qt.qtbase.qtPluginPrefix}") qtVersions;

62
nixos/modules/config/resolvconf.nix
View file

@ -1,10 +1,16 @@
# /etc files related to networking, such as /etc/services.
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.networking.resolvconf;
resolvconfOptions = cfg.extraOptions
resolvconfOptions =
cfg.extraOptions
++ lib.optional cfg.dnsSingleRequest "single-request"
++ lib.optional cfg.dnsExtensionMechanism "edns0"
++ lib.optional cfg.useLocalResolver "trust-ad";
@ -15,27 +21,47 @@ let
# a collision with an apparently unrelated environment
# variable with the same name exported by dhcpcd.
interface_order='lo lo[0-9]*'
'' + lib.optionalString config.services.nscd.enable ''
''
+ lib.optionalString config.services.nscd.enable ''
# Invalidate the nscd cache whenever resolv.conf is
# regenerated.
libc_restart='/run/current-system/systemd/bin/systemctl try-restart --no-block nscd.service 2> /dev/null'
'' + lib.optionalString (lib.length resolvconfOptions > 0) ''
''
+ lib.optionalString (lib.length resolvconfOptions > 0) ''
# Options as described in resolv.conf(5)
resolv_conf_options='${lib.concatStringsSep " " resolvconfOptions}'
'' + lib.optionalString cfg.useLocalResolver ''
''
+ lib.optionalString cfg.useLocalResolver ''
# This hosts runs a full-blown DNS resolver.
name_servers='127.0.0.1${lib.optionalString config.networking.enableIPv6 " ::1"}'
'' + cfg.extraConfig;
''
+ cfg.extraConfig;
in
{
imports = [
(lib.mkRenamedOptionModule [ "networking" "dnsSingleRequest" ] [ "networking" "resolvconf" "dnsSingleRequest" ])
(lib.mkRenamedOptionModule [ "networking" "dnsExtensionMechanism" ] [ "networking" "resolvconf" "dnsExtensionMechanism" ])
(lib.mkRenamedOptionModule [ "networking" "extraResolvconfConf" ] [ "networking" "resolvconf" "extraConfig" ])
(lib.mkRenamedOptionModule [ "networking" "resolvconfOptions" ] [ "networking" "resolvconf" "extraOptions" ])
(lib.mkRemovedOptionModule [ "networking" "resolvconf" "useHostResolvConf" ] "This option was never used for anything anyways")
(lib.mkRenamedOptionModule
[ "networking" "dnsSingleRequest" ]
[ "networking" "resolvconf" "dnsSingleRequest" ]
)
(lib.mkRenamedOptionModule
[ "networking" "dnsExtensionMechanism" ]
[ "networking" "resolvconf" "dnsExtensionMechanism" ]
)
(lib.mkRenamedOptionModule
[ "networking" "extraResolvconfConf" ]
[ "networking" "resolvconf" "extraConfig" ]
)
(lib.mkRenamedOptionModule
[ "networking" "resolvconfOptions" ]
[ "networking" "resolvconf" "extraOptions" ]
)
(lib.mkRemovedOptionModule [
"networking"
"resolvconf"
"useHostResolvConf"
] "This option was never used for anything anyways")
];
options = {
@ -99,8 +125,11 @@ in
extraOptions = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
example = [ "ndots:1" "rotate" ];
default = [ ];
example = [
"ndots:1"
"rotate"
];
description = ''
Set the options in {file}`/etc/resolv.conf`.
'';
@ -116,7 +145,7 @@ in
subscriberFiles = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
default = [ ];
description = ''
Files written by resolvconf updates
'';
@ -137,11 +166,12 @@ in
echo "$0 $*" >&2
exit 1
''
else configText;
else
configText;
}
(lib.mkIf cfg.enable {
users.groups.resolvconf = {};
users.groups.resolvconf = { };
networking.resolvconf.subscriberFiles = [ "/etc/resolv.conf" ];

52
nixos/modules/config/stub-ld.nix
View file

@ -1,7 +1,18 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) optionalString mkOption types mkIf mkDefault;
inherit (lib)
optionalString
mkOption
types
mkIf
mkDefault
;
cfg = config.environment.stub-ld;
@ -11,27 +22,32 @@ let
https://nix.dev/permalink/stub-ld
'';
stub-ld-for = pkgsArg: messageArg: pkgsArg.pkgsStatic.runCommandCC "stub-ld" {
nativeBuildInputs = [ pkgsArg.unixtools.xxd ];
inherit messageArg;
} ''
printf "%s" "$messageArg" | xxd -i -n message >main.c
cat <<EOF >>main.c
#include <stdio.h>
int main(int argc, char * argv[]) {
fprintf(stderr, "Could not start dynamically linked executable: %s\n", argv[0]);
fwrite(message, sizeof(unsigned char), message_len, stderr);
return 127; // matches behavior of bash and zsh without a loader. fish uses 139
}
EOF
$CC -Os main.c -o $out
'';
stub-ld-for =
pkgsArg: messageArg:
pkgsArg.pkgsStatic.runCommandCC "stub-ld"
{
nativeBuildInputs = [ pkgsArg.unixtools.xxd ];
inherit messageArg;
}
''
printf "%s" "$messageArg" | xxd -i -n message >main.c
cat <<EOF >>main.c
#include <stdio.h>
int main(int argc, char * argv[]) {
fprintf(stderr, "Could not start dynamically linked executable: %s\n", argv[0]);
fwrite(message, sizeof(unsigned char), message_len, stderr);
return 127; // matches behavior of bash and zsh without a loader. fish uses 139
}
EOF
$CC -Os main.c -o $out
'';
pkgs32 = pkgs.pkgsi686Linux;
stub-ld = stub-ld-for pkgs message;
stub-ld32 = stub-ld-for pkgs32 message;
in {
in
{
options = {
environment.stub-ld = {
enable = mkOption {

64
nixos/modules/config/sysctl.nix
View file

@ -3,11 +3,12 @@ let
sysctlOption = lib.mkOptionType {
name = "sysctl option value";
check = val:
check =
val:
let
checkType = x: lib.isBool x || lib.isString x || lib.isInt x || x == null;
in
checkType val || (val._type or "" == "override" && checkType val.content);
checkType val || (val._type or "" == "override" && checkType val.content);
merge = loc: defs: lib.mergeOneOption loc (lib.filterOverrides defs);
};
@ -18,31 +19,31 @@ in
options = {
boot.kernel.sysctl = lib.mkOption {
type = let
highestValueType = lib.types.ints.unsigned // {
merge = loc: defs:
lib.foldl
(a: b: if b.value == null then null else lib.max a b.value)
0
(lib.filterOverrides defs);
};
in lib.types.submodule {
freeformType = lib.types.attrsOf sysctlOption;
options = {
"net.core.rmem_max" = lib.mkOption {
type = lib.types.nullOr highestValueType;
default = null;
description = "The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used.";
type =
let
highestValueType = lib.types.ints.unsigned // {
merge =
loc: defs:
lib.foldl (a: b: if b.value == null then null else lib.max a b.value) 0 (lib.filterOverrides defs);
};
in
lib.types.submodule {
freeformType = lib.types.attrsOf sysctlOption;
options = {
"net.core.rmem_max" = lib.mkOption {
type = lib.types.nullOr highestValueType;
default = null;
description = "The maximum receive socket buffer size in bytes. In case of conflicting values, the highest will be used.";
};
"net.core.wmem_max" = lib.mkOption {
type = lib.types.nullOr highestValueType;
default = null;
description = "The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used.";
"net.core.wmem_max" = lib.mkOption {
type = lib.types.nullOr highestValueType;
default = null;
description = "The maximum send socket buffer size in bytes. In case of conflicting values, the highest will be used.";
};
};
};
};
default = {};
default = { };
example = lib.literalExpression ''
{ "net.ipv4.tcp_syncookies" = false; "vm.swappiness" = 60; }
'';
@ -62,15 +63,16 @@ in
config = {
environment.etc."sysctl.d/60-nixos.conf".text =
lib.concatStrings (lib.mapAttrsToList (n: v:
lib.optionalString (v != null) "${n}=${if v == false then "0" else toString v}\n"
) config.boot.kernel.sysctl);
environment.etc."sysctl.d/60-nixos.conf".text = lib.concatStrings (
lib.mapAttrsToList (
n: v: lib.optionalString (v != null) "${n}=${if v == false then "0" else toString v}\n"
) config.boot.kernel.sysctl
);
systemd.services.systemd-sysctl =
{ wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."sysctl.d/60-nixos.conf".source ];
};
systemd.services.systemd-sysctl = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."sysctl.d/60-nixos.conf".source ];
};
# Hide kernel pointers (e.g. in /proc/modules) for unprivileged
# users as these make it easier to exploit kernel vulnerabilities.

164
nixos/modules/config/system-path.nix
View file

@ -1,52 +1,62 @@
# This module defines the packages that appear in
# /run/current-system/sw.
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
requiredPackages = map (pkg: lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
[ pkgs.acl
pkgs.attr
pkgs.bashInteractive # bash with ncurses support
pkgs.bzip2
pkgs.coreutils-full
pkgs.cpio
pkgs.curl
pkgs.diffutils
pkgs.findutils
pkgs.gawk
pkgs.stdenv.cc.libc
pkgs.getent
pkgs.getconf
pkgs.gnugrep
pkgs.gnupatch
pkgs.gnused
pkgs.gnutar
pkgs.gzip
pkgs.xz
pkgs.less
pkgs.libcap
pkgs.ncurses
pkgs.netcat
config.programs.ssh.package
pkgs.mkpasswd
pkgs.procps
pkgs.su
pkgs.time
pkgs.util-linux
pkgs.which
pkgs.zstd
];
requiredPackages =
map (pkg: lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
[
pkgs.acl
pkgs.attr
pkgs.bashInteractive # bash with ncurses support
pkgs.bzip2
pkgs.coreutils-full
pkgs.cpio
pkgs.curl
pkgs.diffutils
pkgs.findutils
pkgs.gawk
pkgs.stdenv.cc.libc
pkgs.getent
pkgs.getconf
pkgs.gnugrep
pkgs.gnupatch
pkgs.gnused
pkgs.gnutar
pkgs.gzip
pkgs.xz
pkgs.less
pkgs.libcap
pkgs.ncurses
pkgs.netcat
config.programs.ssh.package
pkgs.mkpasswd
pkgs.procps
pkgs.su
pkgs.time
pkgs.util-linux
pkgs.which
pkgs.zstd
];
defaultPackageNames =
[ "perl"
"rsync"
"strace"
];
defaultPackages =
map
(n: let pkg = pkgs.${n};in lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg)
defaultPackageNames;
defaultPackagesText = "[ ${lib.concatMapStringsSep " " (n: "pkgs.${n}") defaultPackageNames } ]";
defaultPackageNames = [
"perl"
"rsync"
"strace"
];
defaultPackages = map (
n:
let
pkg = pkgs.${n};
in
lib.setPrio ((pkg.meta.priority or lib.meta.defaultPriority) + 3) pkg
) defaultPackageNames;
defaultPackagesText = "[ ${lib.concatMapStringsSep " " (n: "pkgs.${n}") defaultPackageNames} ]";
in
@ -57,7 +67,7 @@ in
systemPackages = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
default = [ ];
example = lib.literalExpression "[ pkgs.firefox pkgs.thunderbird ]";
description = ''
The set of packages that appear in
@ -79,7 +89,7 @@ in
${defaultPackagesText}
'';
example = [];
example = [ ];
description = ''
Set of default packages that aren't strictly necessary
for a running system, entries can be removed for a more
@ -97,15 +107,18 @@ in
type = lib.types.listOf lib.types.str;
# Note: We need `/lib' to be among `pathsToLink' for NSS modules
# to work.
default = [];
example = ["/"];
default = [ ];
example = [ "/" ];
description = "List of directories to be symlinked in {file}`/run/current-system/sw`.";
};
extraOutputsToInstall = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [ "dev" "info" ];
example = [
"dev"
"info"
];
description = ''
Entries listed here will be appended to the `meta.outputsToInstall` attribute for each package in `environment.systemPackages`, and the files from the corresponding derivation outputs symlinked into {file}`/run/current-system/sw`.
@ -140,24 +153,24 @@ in
environment.systemPackages = requiredPackages ++ config.environment.defaultPackages;
environment.pathsToLink =
[ "/bin"
"/etc/xdg"
"/etc/gtk-2.0"
"/etc/gtk-3.0"
"/lib" # FIXME: remove and update debug-info.nix
"/sbin"
"/share/emacs"
"/share/hunspell"
"/share/org"
"/share/themes"
"/share/vulkan"
"/share/kservices5"
"/share/kservicetypes5"
"/share/kxmlgui5"
"/share/systemd"
"/share/thumbnailers"
];
environment.pathsToLink = [
"/bin"
"/etc/xdg"
"/etc/gtk-2.0"
"/etc/gtk-3.0"
"/lib" # FIXME: remove and update debug-info.nix
"/sbin"
"/share/emacs"
"/share/hunspell"
"/share/org"
"/share/themes"
"/share/vulkan"
"/share/kservices5"
"/share/kservicetypes5"
"/share/kxmlgui5"
"/share/systemd"
"/share/thumbnailers"
];
system.path = pkgs.buildEnv {
name = "system-path";
@ -166,17 +179,16 @@ in
ignoreCollisions = true;
# !!! Hacky, should modularise.
# outputs TODO: note that the tools will often not be linked by default
postBuild =
''
# Remove wrapped binaries, they shouldn't be accessible via PATH.
find $out/bin -maxdepth 1 -name ".*-wrapped" -type l -delete
postBuild = ''
# Remove wrapped binaries, they shouldn't be accessible via PATH.
find $out/bin -maxdepth 1 -name ".*-wrapped" -type l -delete
if [ -x $out/bin/glib-compile-schemas -a -w $out/share/glib-2.0/schemas ]; then
$out/bin/glib-compile-schemas $out/share/glib-2.0/schemas
fi
if [ -x $out/bin/glib-compile-schemas -a -w $out/share/glib-2.0/schemas ]; then
$out/bin/glib-compile-schemas $out/share/glib-2.0/schemas
fi
${config.environment.extraSetup}
'';
${config.environment.extraSetup}
'';
};
};

7
nixos/modules/config/terminfo.nix
View file

@ -1,6 +1,11 @@
# This module manages the terminfo database
# and its integration in the system.
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
options = with lib; {

11
nixos/modules/config/unix-odbc-drivers.nix
View file

@ -9,13 +9,14 @@ let
Driver = ${pkg}/${pkg.driver}
'';
in {
in
{
###### interface
options = {
environment.unixODBCDrivers = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
default = [ ];
example = lib.literalExpression "with pkgs.unixODBCDrivers; [ sqlite psql ]";
description = ''
Specifies Unix ODBC drivers to be registered in
@ -28,8 +29,10 @@ in {
###### implementation
config = lib.mkIf (config.environment.unixODBCDrivers != []) {
environment.etc."odbcinst.ini".text = lib.concatMapStringsSep "\n" iniDescription config.environment.unixODBCDrivers;
config = lib.mkIf (config.environment.unixODBCDrivers != [ ]) {
environment.etc."odbcinst.ini".text =
lib.concatMapStringsSep "\n" iniDescription
config.environment.unixODBCDrivers;
};
}

7
nixos/modules/config/vte.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
vteInitSnippet = ''

39
nixos/modules/config/xdg/icons.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
meta = {
maintainers = lib.teams.freedesktop.members;
@ -15,7 +20,7 @@
};
xdg.icons.fallbackCursorThemes = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
default = [ ];
description = ''
Names of the fallback cursor themes, in order of preference, to be used when no other icon source can be found.
Set to `[]` to disable the fallback entirely.
@ -29,20 +34,22 @@
"/share/pixmaps"
];
environment.systemPackages = [
# Empty icon theme that contains index.theme file describing directories
# where toolkits should look for icons installed by apps.
pkgs.hicolor-icon-theme
] ++ lib.optionals (config.xdg.icons.fallbackCursorThemes != []) [
(pkgs.writeTextFile {
name = "fallback-cursor-theme";
text = ''
[Icon Theme]
Inherits=${lib.concatStringsSep "," config.xdg.icons.fallbackCursorThemes}
'';
destination = "/share/icons/default/index.theme";
})
];
environment.systemPackages =
[
# Empty icon theme that contains index.theme file describing directories
# where toolkits should look for icons installed by apps.
pkgs.hicolor-icon-theme
]
++ lib.optionals (config.xdg.icons.fallbackCursorThemes != [ ]) [
(pkgs.writeTextFile {
name = "fallback-cursor-theme";
text = ''
[Icon Theme]
Inherits=${lib.concatStringsSep "," config.xdg.icons.fallbackCursorThemes}
'';
destination = "/share/icons/default/index.theme";
})
];
# libXcursor looks for cursors in XCURSOR_PATH
# it mostly follows the spec for icons

47
nixos/modules/config/xdg/portal.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
inherit (lib)
@ -8,17 +13,22 @@ let
mkRenamedOptionModule
mkRemovedOptionModule
teams
types;
types
;
associationOptions = with types; attrsOf (
coercedTo (either (listOf str) str) (x: lib.concatStringsSep ";" (lib.toList x)) str
);
associationOptions =
with types;
attrsOf (coercedTo (either (listOf str) str) (x: lib.concatStringsSep ";" (lib.toList x)) str);
in
{
imports = [
(mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ])
(mkRemovedOptionModule [ "xdg" "portal" "gtkUsePortal" ] "This option has been removed due to being unsupported and discouraged by the GTK developers.")
(mkRemovedOptionModule [
"xdg"
"portal"
"gtkUsePortal"
] "This option has been removed due to being unsupported and discouraged by the GTK developers.")
];
meta = {
@ -27,7 +37,8 @@ in
options.xdg.portal = {
enable =
mkEnableOption ''[xdg desktop integration](https://github.com/flatpak/xdg-desktop-portal)'' // {
mkEnableOption ''[xdg desktop integration](https://github.com/flatpak/xdg-desktop-portal)''
// {
default = false;
};
@ -60,10 +71,16 @@ in
default = { };
example = {
x-cinnamon = {
default = [ "xapp" "gtk" ];
default = [
"xapp"
"gtk"
];
};
pantheon = {
default = [ "pantheon" "gtk" ];
default = [
"pantheon"
"gtk"
];
"org.freedesktop.impl.portal.Secret" = [ "gnome-keyring" ];
};
common = {
@ -136,11 +153,15 @@ in
NIX_XDG_DESKTOP_PORTAL_DIR = "/run/current-system/sw/share/xdg-desktop-portal/portals";
};
etc = lib.concatMapAttrs
(desktop: conf: lib.optionalAttrs (conf != { }) {
"xdg/xdg-desktop-portal/${lib.optionalString (desktop != "common") "${desktop}-"}portals.conf".text =
etc = lib.concatMapAttrs (
desktop: conf:
lib.optionalAttrs (conf != { }) {
"xdg/xdg-desktop-portal/${
lib.optionalString (desktop != "common") "${desktop}-"
}portals.conf".text =
lib.generators.toINI { } { preferred = conf; };
}) cfg.config;
}
) cfg.config;
};
};
}

20
nixos/modules/config/xdg/portals/lxqt.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.xdg.portal.lxqt;
@ -19,12 +24,13 @@ in
styles = lib.mkOption {
type = lib.types.listOf lib.types.package;
default = [];
example = lib.literalExpression ''[
pkgs.libsForQt5.qtstyleplugin-kvantum
pkgs.breeze-qt5
pkgs.qtcurve
];
default = [ ];
example = lib.literalExpression ''
[
pkgs.libsForQt5.qtstyleplugin-kvantum
pkgs.breeze-qt5
pkgs.qtcurve
];
'';
description = ''
Extra Qt styles that will be available to the

7
nixos/modules/config/xdg/portals/wlr.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.xdg.portal.wlr;
package = pkgs.xdg-desktop-portal-wlr;

7
nixos/modules/config/xdg/sounds.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
meta = {
maintainers = lib.teams.freedesktop.members;

13
nixos/modules/config/xdg/terminal-exec.nix
View file

@ -7,7 +7,13 @@
let
cfg = config.xdg.terminal-exec;
inherit (lib) mkIf mkEnableOption mkOption mkPackageOption types;
inherit (lib)
mkIf
mkEnableOption
mkOption
mkPackageOption
types
;
in
{
meta.maintainers = with lib.maintainers; [ Cryolitia ];
@ -30,7 +36,10 @@ in
'';
example = {
default = [ "kitty.desktop" ];
GNOME = [ "com.raggesilver.BlackBox.desktop" "org.gnome.Terminal.desktop" ];
GNOME = [
"com.raggesilver.BlackBox.desktop"
"org.gnome.Terminal.desktop"
];
};
};
};

7
nixos/modules/hardware/acpilight.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.acpilight;
in

118
nixos/modules/hardware/all-firmware.nix
View file

@ -1,14 +1,35 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware;
in {
in
{
imports = [
(lib.mkRenamedOptionModule [ "networking" "enableRT73Firmware" ] [ "hardware" "enableRedistributableFirmware" ])
(lib.mkRenamedOptionModule [ "networking" "enableIntel3945ABGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
(lib.mkRenamedOptionModule [ "networking" "enableIntel2100BGFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
(lib.mkRenamedOptionModule [ "networking" "enableRalinkFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
(lib.mkRenamedOptionModule [ "networking" "enableRTL8192cFirmware" ] [ "hardware" "enableRedistributableFirmware" ])
(lib.mkRenamedOptionModule
[ "networking" "enableRT73Firmware" ]
[ "hardware" "enableRedistributableFirmware" ]
)
(lib.mkRenamedOptionModule
[ "networking" "enableIntel3945ABGFirmware" ]
[ "hardware" "enableRedistributableFirmware" ]
)
(lib.mkRenamedOptionModule
[ "networking" "enableIntel2100BGFirmware" ]
[ "hardware" "enableRedistributableFirmware" ]
)
(lib.mkRenamedOptionModule
[ "networking" "enableRalinkFirmware" ]
[ "hardware" "enableRedistributableFirmware" ]
)
(lib.mkRenamedOptionModule
[ "networking" "enableRTL8192cFirmware" ]
[ "hardware" "enableRedistributableFirmware" ]
)
];
###### interface
@ -17,53 +38,64 @@ in {
hardware.enableAllFirmware = lib.mkEnableOption "all firmware regardless of license";
hardware.enableRedistributableFirmware = lib.mkEnableOption "firmware with a license allowing redistribution" // {
default = config.hardware.enableAllFirmware;
defaultText = lib.literalExpression "config.hardware.enableAllFirmware";
};
hardware.enableRedistributableFirmware =
lib.mkEnableOption "firmware with a license allowing redistribution"
// {
default = config.hardware.enableAllFirmware;
defaultText = lib.literalExpression "config.hardware.enableAllFirmware";
};
hardware.wirelessRegulatoryDatabase = lib.mkEnableOption "loading the wireless regulatory database at boot" // {
default = cfg.enableRedistributableFirmware || cfg.enableAllFirmware;
defaultText = lib.literalMD "Enabled if proprietary firmware is allowed via {option}`enableRedistributableFirmware` or {option}`enableAllFirmware`.";
};
hardware.wirelessRegulatoryDatabase =
lib.mkEnableOption "loading the wireless regulatory database at boot"
// {
default = cfg.enableRedistributableFirmware || cfg.enableAllFirmware;
defaultText = lib.literalMD "Enabled if proprietary firmware is allowed via {option}`enableRedistributableFirmware` or {option}`enableAllFirmware`.";
};
};
###### implementation
config = lib.mkMerge [
(lib.mkIf (cfg.enableAllFirmware || cfg.enableRedistributableFirmware) {
hardware.firmware = with pkgs; [
linux-firmware
intel2200BGFirmware
rtl8192su-firmware
rt5677-firmware
rtl8761b-firmware
zd1211fw
alsa-firmware
sof-firmware
libreelec-dvb-firmware
] ++ lib.optional pkgs.stdenv.hostPlatform.isAarch raspberrypiWirelessFirmware;
hardware.firmware =
with pkgs;
[
linux-firmware
intel2200BGFirmware
rtl8192su-firmware
rt5677-firmware
rtl8761b-firmware
zd1211fw
alsa-firmware
sof-firmware
libreelec-dvb-firmware
]
++ lib.optional pkgs.stdenv.hostPlatform.isAarch raspberrypiWirelessFirmware;
})
(lib.mkIf cfg.enableAllFirmware {
assertions = [{
assertion = !cfg.enableAllFirmware || pkgs.config.allowUnfree;
message = ''
the list of hardware.enableAllFirmware contains non-redistributable licensed firmware files.
This requires nixpkgs.config.allowUnfree to be true.
An alternative is to use the hardware.enableRedistributableFirmware option.
'';
}];
hardware.firmware = with pkgs; [
broadcom-bt-firmware
b43Firmware_5_1_138
b43Firmware_6_30_163_46
xow_dongle-firmware
] ++ lib.optionals pkgs.stdenv.hostPlatform.isx86 [
facetimehd-calibration
facetimehd-firmware
assertions = [
{
assertion = !cfg.enableAllFirmware || pkgs.config.allowUnfree;
message = ''
the list of hardware.enableAllFirmware contains non-redistributable licensed firmware files.
This requires nixpkgs.config.allowUnfree to be true.
An alternative is to use the hardware.enableRedistributableFirmware option.
'';
}
];
hardware.firmware =
with pkgs;
[
broadcom-bt-firmware
b43Firmware_5_1_138
b43Firmware_6_30_163_46
xow_dongle-firmware
]
++ lib.optionals pkgs.stdenv.hostPlatform.isx86 [
facetimehd-calibration
facetimehd-firmware
];
})
(lib.mkIf cfg.wirelessRegulatoryDatabase {
hardware.firmware = [ pkgs.wireless-regdb ];

9
nixos/modules/hardware/bladeRF.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.bladeRF;
@ -20,6 +25,6 @@ in
config = lib.mkIf cfg.enable {
services.udev.packages = [ pkgs.libbladeRF ];
users.groups.bladerf = {};
users.groups.bladerf = { };
};
}

7
nixos/modules/hardware/brillo.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.brillo;
in

69
nixos/modules/hardware/ckb-next.nix
View file

@ -1,43 +1,50 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.ckb-next;
in
{
imports = [
(lib.mkRenamedOptionModule [ "hardware" "ckb" "enable" ] [ "hardware" "ckb-next" "enable" ])
(lib.mkRenamedOptionModule [ "hardware" "ckb" "package" ] [ "hardware" "ckb-next" "package" ])
];
{
imports = [
(lib.mkRenamedOptionModule [ "hardware" "ckb" "enable" ] [ "hardware" "ckb-next" "enable" ])
(lib.mkRenamedOptionModule [ "hardware" "ckb" "package" ] [ "hardware" "ckb-next" "package" ])
];
options.hardware.ckb-next = {
enable = lib.mkEnableOption "the Corsair keyboard/mouse driver";
options.hardware.ckb-next = {
enable = lib.mkEnableOption "the Corsair keyboard/mouse driver";
gid = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 100;
description = ''
Limit access to the ckb daemon to a particular group.
'';
};
package = lib.mkPackageOption pkgs "ckb-next" { };
gid = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
example = 100;
description = ''
Limit access to the ckb daemon to a particular group.
'';
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
package = lib.mkPackageOption pkgs "ckb-next" { };
};
systemd.services.ckb-next = {
description = "Corsair Keyboards and Mice Daemon";
wantedBy = ["multi-user.target"];
serviceConfig = {
ExecStart = "${cfg.package}/bin/ckb-next-daemon ${lib.optionalString (cfg.gid != null) "--gid=${builtins.toString cfg.gid}"}";
Restart = "on-failure";
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.services.ckb-next = {
description = "Corsair Keyboards and Mice Daemon";
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${cfg.package}/bin/ckb-next-daemon ${
lib.optionalString (cfg.gid != null) "--gid=${builtins.toString cfg.gid}"
}";
Restart = "on-failure";
};
};
};
meta = {
maintainers = [ ];
};
}
meta = {
maintainers = [ ];
};
}

7
nixos/modules/hardware/cpu/amd-microcode.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
###### interface
options = {

18
nixos/modules/hardware/cpu/amd-ryzen-smu.nix
View file

@ -1,6 +1,7 @@
{ config
, lib
, ...
{
config,
lib,
...
}:
let
inherit (lib) mkEnableOption mkIf;
@ -10,10 +11,10 @@ in
{
options.hardware.cpu.amd.ryzen-smu = {
enable = mkEnableOption ''
ryzen_smu, a linux kernel driver that exposes access to the SMU (System Management Unit) for certain AMD Ryzen Processors.
ryzen_smu, a linux kernel driver that exposes access to the SMU (System Management Unit) for certain AMD Ryzen Processors.
WARNING: Damage cause by use of your AMD processor outside of official AMD specifications or outside of factory settings are not covered under any AMD product warranty and may not be covered by your board or system manufacturer's warranty
'';
WARNING: Damage cause by use of your AMD processor outside of official AMD specifications or outside of factory settings are not covered under any AMD product warranty and may not be covered by your board or system manufacturer's warranty
'';
};
config = mkIf cfg.enable {
@ -22,5 +23,8 @@ in
environment.systemPackages = [ ryzen-smu ];
};
meta.maintainers = with lib.maintainers; [ Cryolitia phdyellow ];
meta.maintainers = with lib.maintainers; [
Cryolitia
phdyellow
];
}

26
nixos/modules/hardware/cpu/amd-sev.nix
View file

@ -1,4 +1,9 @@
{ config, options, lib, ... }:
{
config,
options,
lib,
...
}:
let
cfgSev = config.hardware.cpu.amd.sev;
cfgSevGuest = config.hardware.cpu.amd.sevGuest;
@ -22,7 +27,8 @@ let
};
};
in
with lib; {
with lib;
{
options.hardware.cpu.amd.sev = optionsFor "SEV" "sev";
options.hardware.cpu.amd.sevGuest = optionsFor "SEV guest" "sev-guest";
@ -36,7 +42,9 @@ with lib; {
message = "Given user does not exist";
}
{
assertion = (cfgSev.group == options.hardware.cpu.amd.sev.group.default) || (lib.hasAttr cfgSev.group config.users.groups);
assertion =
(cfgSev.group == options.hardware.cpu.amd.sev.group.default)
|| (lib.hasAttr cfgSev.group config.users.groups);
message = "Given group does not exist";
}
];
@ -62,14 +70,18 @@ with lib; {
message = "Given user does not exist";
}
{
assertion = (cfgSevGuest.group == options.hardware.cpu.amd.sevGuest.group.default) || (lib.hasAttr cfgSevGuest.group config.users.groups);
assertion =
(cfgSevGuest.group == options.hardware.cpu.amd.sevGuest.group.default)
|| (lib.hasAttr cfgSevGuest.group config.users.groups);
message = "Given group does not exist";
}
];
users.groups = lib.optionalAttrs (cfgSevGuest.group == options.hardware.cpu.amd.sevGuest.group.default) {
"${cfgSevGuest.group}" = { };
};
users.groups =
lib.optionalAttrs (cfgSevGuest.group == options.hardware.cpu.amd.sevGuest.group.default)
{
"${cfgSevGuest.group}" = { };
};
services.udev.extraRules = with cfgSevGuest; ''
KERNEL=="sev-guest", OWNER="${user}", GROUP="${group}", MODE="${mode}"

7
nixos/modules/hardware/cpu/intel-microcode.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
###### interface
options = {

3
nixos/modules/hardware/cpu/intel-sgx.nix
View file

@ -45,7 +45,8 @@ in
message = "Given user does not exist";
}
{
assertion = (cfg.provision.group == defaultPrvGroup) || (lib.hasAttr cfg.provision.group config.users.groups);
assertion =
(cfg.provision.group == defaultPrvGroup) || (lib.hasAttr cfg.provision.group config.users.groups);
message = "Given group does not exist";
}
];

108
nixos/modules/hardware/cpu/x86-msr.nix
View file

@ -1,7 +1,8 @@
{ lib
, config
, options
, ...
{
lib,
config,
options,
...
}:
let
inherit (builtins) hasAttr;
@ -15,51 +16,70 @@ let
# Generates `foo=bar` parameters to pass to the kernel.
# If `module = baz` is passed, generates `baz.foo=bar`.
# Adds double quotes on demand to handle `foo="bar baz"`.
kernelParam = { module ? null }: name: value:
assert lib.asserts.assertMsg (!lib.strings.hasInfix "=" name) "kernel parameter cannot have '=' in name";
kernelParam =
{
module ? null,
}:
name: value:
assert lib.asserts.assertMsg (
!lib.strings.hasInfix "=" name
) "kernel parameter cannot have '=' in name";
let
key = (if module == null then "" else module + ".") + name;
valueString = lib.generators.mkValueStringDefault {} value;
quotedValueString = if lib.strings.hasInfix " " valueString
then lib.strings.escape ["\""] valueString
else valueString;
in "${key}=${quotedValueString}";
valueString = lib.generators.mkValueStringDefault { } value;
quotedValueString =
if lib.strings.hasInfix " " valueString then
lib.strings.escape [ "\"" ] valueString
else
valueString;
in
"${key}=${quotedValueString}";
msrKernelParam = kernelParam { module = "msr"; };
in
{
options.hardware.cpu.x86.msr = with lib.options; with lib.types; {
enable = mkEnableOption "the `msr` (Model-Specific Registers) kernel module and configure `udev` rules for its devices (usually `/dev/cpu/*/msr`)";
owner = mkOption {
type = str;
default = "root";
example = "nobody";
description = "Owner ${set}";
};
group = mkOption {
type = str;
default = defaultGroup;
example = "nobody";
description = "Group ${set}";
};
mode = mkOption {
type = str;
default = "0640";
example = "0660";
description = "Mode ${set}";
};
settings = mkOption {
type = submodule {
freeformType = attrsOf (oneOf [ bool int str ]);
options.allow-writes = mkOption {
type = nullOr (enum ["on" "off"]);
default = null;
description = "Whether to allow writes to MSRs (`\"on\"`) or not (`\"off\"`).";
};
options.hardware.cpu.x86.msr =
with lib.options;
with lib.types;
{
enable = mkEnableOption "the `msr` (Model-Specific Registers) kernel module and configure `udev` rules for its devices (usually `/dev/cpu/*/msr`)";
owner = mkOption {
type = str;
default = "root";
example = "nobody";
description = "Owner ${set}";
};
group = mkOption {
type = str;
default = defaultGroup;
example = "nobody";
description = "Group ${set}";
};
mode = mkOption {
type = str;
default = "0640";
example = "0660";
description = "Mode ${set}";
};
settings = mkOption {
type = submodule {
freeformType = attrsOf (oneOf [
bool
int
str
]);
options.allow-writes = mkOption {
type = nullOr (enum [
"on"
"off"
]);
default = null;
description = "Whether to allow writes to MSRs (`\"on\"`) or not (`\"off\"`).";
};
};
default = { };
description = "Parameters for the `msr` kernel module.";
};
default = {};
description = "Parameters for the `msr` kernel module.";
};
};
config = mkIf cfg.enable {
assertions = [
@ -75,7 +95,9 @@ in
boot = {
kernelModules = [ "msr" ];
kernelParams = lib.attrsets.mapAttrsToList msrKernelParam (lib.attrsets.filterAttrs (_: value: value != null) cfg.settings);
kernelParams = lib.attrsets.mapAttrsToList msrKernelParam (
lib.attrsets.filterAttrs (_: value: value != null) cfg.settings
);
};
users.groups.${cfg.group} = mkIf isDefaultGroup { };

12
nixos/modules/hardware/decklink.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.decklink;
@ -10,7 +15,10 @@ in
config = lib.mkIf cfg.enable {
# snd_blackmagic-io can cause issues with pipewire,
# so we do not enable it by default
boot.kernelModules = [ "blackmagic" "blackmagic-io" ];
boot.kernelModules = [
"blackmagic"
"blackmagic-io"
];
boot.extraModulePackages = [ kernelPackages.decklink ];
systemd.packages = [ pkgs.blackmagic-desktop-video ];
systemd.services.DesktopVideoHelper.wantedBy = [ "multi-user.target" ];

7
nixos/modules/hardware/digitalbitbox.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.digitalbitbox;
in

7
nixos/modules/hardware/flipperzero.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.flipperzero;

7
nixos/modules/hardware/flirc.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.flirc;
in

7
nixos/modules/hardware/glasgow.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.glasgow;

12
nixos/modules/hardware/gpgsmartcards.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
# gnupg's manual describes how to setup ccid udev rules:
# https://www.gnupg.org/howtos/card-howto/en/ch02s03.html
@ -17,14 +22,15 @@ let
# per debian's udev deb hook (https://man7.org/linux/man-pages/man1/dh_installudev.1.html)
destination = "60-scdaemon.rules";
scdaemonUdevRulesPkg = pkgs.runCommand "scdaemon-udev-rules" {} ''
scdaemonUdevRulesPkg = pkgs.runCommand "scdaemon-udev-rules" { } ''
loc="$out/lib/udev/rules.d/"
mkdir -p "''${loc}"
cp "${scdaemonRules}" "''${loc}/${destination}"
'';
cfg = config.hardware.gpgSmartcards;
in {
in
{
options.hardware.gpgSmartcards = {
enable = lib.mkEnableOption "udev rules for gnupg smart cards";
};

7
nixos/modules/hardware/hackrf.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.hackrf;

15
nixos/modules/hardware/i2c.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.i2c;
in
@ -28,14 +33,16 @@ in
i2c = { };
};
services.udev.packages = lib.singleton (pkgs.writeTextFile
{ name = "i2c-udev-rules";
services.udev.packages = lib.singleton (
pkgs.writeTextFile {
name = "i2c-udev-rules";
text = ''
# allow group ${cfg.group} and users with a seat use of i2c devices
ACTION=="add", KERNEL=="i2c-[0-9]*", TAG+="uaccess", GROUP="${cfg.group}", MODE="660"
'';
destination = "/etc/udev/rules.d/70-i2c.rules";
});
}
);
};

70
nixos/modules/hardware/infiniband.nix
View file

@ -1,28 +1,37 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.infiniband;
opensm-services = {
"opensm@" = {
enable = true;
description = "Starts OpenSM Infiniband fabric Subnet Managers";
before = [ "network.target"];
unitConfig = {
ConditionPathExists = "/sys/class/infiniband_mad/abi_version";
opensm-services =
{
"opensm@" = {
enable = true;
description = "Starts OpenSM Infiniband fabric Subnet Managers";
before = [ "network.target" ];
unitConfig = {
ConditionPathExists = "/sys/class/infiniband_mad/abi_version";
};
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.opensm}/bin/opensm --guid %I --log_file /var/log/opensm.%I.log";
};
};
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.opensm}/bin/opensm --guid %I --log_file /var/log/opensm.%I.log";
};
};
} // (builtins.listToAttrs (map (guid: {
name = "opensm@${guid}";
value = {
enable = true;
wantedBy = [ "machines.target" ];
overrideStrategy = "asDropin";
};
} ) cfg.guids));
}
// (builtins.listToAttrs (
map (guid: {
name = "opensm@${guid}";
value = {
enable = true;
wantedBy = [ "machines.target" ];
overrideStrategy = "asDropin";
};
}) cfg.guids
));
in
@ -31,7 +40,7 @@ in
enable = lib.mkEnableOption "Infiniband support";
guids = lib.mkOption {
type = with lib.types; listOf str;
default = [];
default = [ ];
example = [ "0xe8ebd30000eee2e1" ];
description = ''
A list of infiniband port guids on the system. This is discoverable using `ibstat -p`
@ -41,14 +50,23 @@ in
config = lib.mkIf cfg.enable {
boot.initrd.kernelModules = [
"mlx5_core" "mlx5_ib" "ib_cm"
"rdma_cm" "rdma_ucm" "rpcrdma"
"ib_ipoib" "ib_isert" "ib_umad" "ib_uverbs"
"mlx5_core"
"mlx5_ib"
"ib_cm"
"rdma_cm"
"rdma_ucm"
"rpcrdma"
"ib_ipoib"
"ib_isert"
"ib_umad"
"ib_uverbs"
];
# rdma-core exposes ibstat, mstflint exposes mstconfig (which can be needed for
# setting link configurations), qperf needed to affirm link speeds
environment.systemPackages = with pkgs; [
rdma-core mstflint qperf
rdma-core
mstflint
qperf
];
systemd.services = opensm-services;
};

9
nixos/modules/hardware/keyboard/qmk.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.keyboard.qmk;
@ -12,6 +17,6 @@ in
config = mkIf cfg.enable {
services.udev.packages = [ pkgs.qmk-udev-rules ];
users.groups.plugdev = {};
users.groups.plugdev = { };
};
}

7
nixos/modules/hardware/keyboard/teck.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.keyboard.teck;

7
nixos/modules/hardware/keyboard/uhk.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.keyboard.uhk;

7
nixos/modules/hardware/keyboard/zsa.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.keyboard.zsa;

5
nixos/modules/hardware/ksm.nix
View file

@ -2,7 +2,8 @@
let
cfg = config.hardware.ksm;
in {
in
{
imports = [
(lib.mkRenamedOptionModule [ "hardware" "enableKSM" ] [ "hardware" "ksm" "enable" ])
];
@ -26,8 +27,8 @@ in {
script =
''
echo 1 > /sys/kernel/mm/ksm/run
'' + lib.optionalString (cfg.sleep != null)
''
+ lib.optionalString (cfg.sleep != null) ''
echo ${toString cfg.sleep} > /sys/kernel/mm/ksm/sleep_millisecs
'';
};

10
nixos/modules/hardware/ledger.nix
View file

@ -1,8 +1,14 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.ledger;
in {
in
{
options.hardware.ledger.enable = lib.mkEnableOption "udev rules for Ledger devices";
config = lib.mkIf cfg.enable {

49
nixos/modules/hardware/logitech.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.logitech;
@ -9,8 +14,14 @@ let
in
{
imports = [
(lib.mkRenamedOptionModule [ "hardware" "logitech" "enable" ] [ "hardware" "logitech" "wireless" "enable" ])
(lib.mkRenamedOptionModule [ "hardware" "logitech" "enableGraphical" ] [ "hardware" "logitech" "wireless" "enableGraphical" ])
(lib.mkRenamedOptionModule
[ "hardware" "logitech" "enable" ]
[ "hardware" "logitech" "wireless" "enable" ]
)
(lib.mkRenamedOptionModule
[ "hardware" "logitech" "enableGraphical" ]
[ "hardware" "logitech" "wireless" "enableGraphical" ]
)
];
options.hardware.logitech = {
@ -28,7 +39,13 @@ in
devices = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "0a07" "c222" "c225" "c227" "c251" ];
default = [
"0a07"
"c222"
"c225"
"c227"
"c251"
];
description = ''
List of USB device ids supported by g15daemon.
@ -49,7 +66,8 @@ in
};
config = lib.mkIf (cfg.wireless.enable || cfg.lcd.enable) {
environment.systemPackages = []
environment.systemPackages =
[ ]
++ lib.optional cfg.wireless.enable pkgs.ltunify
++ lib.optional cfg.wireless.enableGraphical pkgs.solaar;
@ -57,22 +75,25 @@ in
# ltunifi and solaar both provide udev rules but the most up-to-date have been split
# out into a dedicated derivation
packages = []
++ lib.optional cfg.wireless.enable pkgs.logitech-udev-rules
++ lib.optional cfg.lcd.enable pkgs.g15daemon;
packages =
[ ]
++ lib.optional cfg.wireless.enable pkgs.logitech-udev-rules
++ lib.optional cfg.lcd.enable pkgs.g15daemon;
extraRules = ''
# nixos: hardware.logitech.lcd
'' + lib.concatMapStringsSep "\n" (
dev:
extraRules =
''
# nixos: hardware.logitech.lcd
''
+ lib.concatMapStringsSep "\n" (
dev:
''ACTION=="add", SUBSYSTEMS=="usb", ATTRS{idVendor}=="${vendor}", ATTRS{idProduct}=="${dev}", TAG+="systemd", ENV{SYSTEMD_WANTS}+="${daemon}.service"''
) cfg.lcd.devices;
) cfg.lcd.devices;
};
systemd.services."${daemon}" = lib.mkIf cfg.lcd.enable {
description = "Logitech LCD Support Daemon";
documentation = [ "man:g15daemon(1)" ];
wantedBy = lib.mkIf (! cfg.lcd.startWhenNeeded) "multi-user.target";
wantedBy = lib.mkIf (!cfg.lcd.startWhenNeeded) "multi-user.target";
serviceConfig = {
Type = "forking";

7
nixos/modules/hardware/mcelog.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
meta.maintainers = with lib.maintainers; [ grahamc ];
options = {

7
nixos/modules/hardware/network/ath-user-regd.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
kernelVersion = config.boot.kernelPackages.kernel.version;
linuxKernelMinVersion = "5.8";

12
nixos/modules/hardware/network/b43.nix
View file

@ -1,5 +1,12 @@
{ config, lib, pkgs, ... }:
let kernelVersion = config.boot.kernelPackages.kernel.version; in
{
config,
lib,
pkgs,
...
}:
let
kernelVersion = config.boot.kernelPackages.kernel.version;
in
{
@ -17,7 +24,6 @@ let kernelVersion = config.boot.kernelPackages.kernel.version; in
};
###### implementation
config = lib.mkIf config.networking.enableB43Firmware {

8
nixos/modules/hardware/network/intel-2200bg.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
{
@ -18,7 +23,6 @@
};
###### implementation
config = lib.mkIf config.networking.enableIntel2200BGFirmware {

2
nixos/modules/hardware/network/smc-2632w/default.nix
View file

@ -1,4 +1,4 @@
{lib, ...}:
{ lib, ... }:
{
hardware = {

2
nixos/modules/hardware/network/zydas-zd1211.nix
View file

@ -1,4 +1,4 @@
{pkgs, ...}:
{ pkgs, ... }:
{
hardware.firmware = [ pkgs.zd1211fw ];

10
nixos/modules/hardware/new-lg4ff.nix
View file

@ -1,8 +1,14 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let
cfg = config.hardware.new-lg4ff;
kernelPackages = config.boot.kernelPackages;
in {
in
{
options.hardware.new-lg4ff = {
enable = lib.mkOption {
type = lib.types.bool;

7
nixos/modules/hardware/nitrokey.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.nitrokey;

1
nixos/modules/hardware/onlykey/default.nix
View file

@ -26,5 +26,4 @@
services.udev.extraRules = builtins.readFile ./onlykey.udev;
};
}

16
nixos/modules/hardware/openrazer.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.hardware.openrazer;
kernelPackages = config.boot.kernelPackages;
@ -81,7 +86,7 @@ in
description = ''
Settings for device battery notifications.
'';
default = {};
default = { };
type = lib.types.submodule {
options = {
enable = lib.mkOption {
@ -123,7 +128,7 @@ in
users = lib.mkOption {
type = with lib.types; listOf str;
default = [];
default = [ ];
description = ''
Usernames to be added to the "openrazer" group, so that they
can start and interact with the OpenRazer userspace daemon.
@ -133,7 +138,10 @@ in
};
imports = [
(lib.mkRenamedOptionModule [ "hardware" "openrazer" "mouseBatteryNotifier" ] [ "hardware" "openrazer" "batteryNotifier" "enable" ])
(lib.mkRenamedOptionModule
[ "hardware" "openrazer" "mouseBatteryNotifier" ]
[ "hardware" "openrazer" "batteryNotifier" "enable" ]
)
];
config = lib.mkIf cfg.enable {

32
nixos/modules/hardware/opentabletdriver.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.opentabletdriver;
in
@ -18,7 +23,10 @@ in
blacklistedKernelModules = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "hid-uclogic" "wacom" ];
default = [
"hid-uclogic"
"wacom"
];
description = ''
Blacklist of kernel modules known to conflict with OpenTabletDriver.
'';
@ -45,16 +53,18 @@ in
boot.blacklistedKernelModules = cfg.blacklistedKernelModules;
systemd.user.services.opentabletdriver = with pkgs; lib.mkIf cfg.daemon.enable {
description = "Open source, cross-platform, user-mode tablet driver";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
systemd.user.services.opentabletdriver =
with pkgs;
lib.mkIf cfg.daemon.enable {
description = "Open source, cross-platform, user-mode tablet driver";
wantedBy = [ "graphical-session.target" ];
partOf = [ "graphical-session.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${cfg.package}/bin/otd-daemon";
Restart = "on-failure";
serviceConfig = {
Type = "simple";
ExecStart = "${cfg.package}/bin/otd-daemon";
Restart = "on-failure";
};
};
};
};
}

9
nixos/modules/hardware/pcmcia.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
pcmciaUtils = pkgs.pcmciaUtils.passthru.function {
inherit (config.hardware.pcmcia) firmware config;
@ -20,7 +25,7 @@ in
firmware = lib.mkOption {
type = lib.types.listOf lib.types.path;
default = [];
default = [ ];
description = ''
List of firmware used to handle specific PCMCIA card.
'';

188
nixos/modules/hardware/printers.nix
View file

@ -1,22 +1,35 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.printers;
ensurePrinter = p: let
args = lib.cli.toGNUCommandLineShell {} ({
p = p.name;
v = p.deviceUri;
m = p.model;
} // lib.optionalAttrs (p.location != null) {
L = p.location;
} // lib.optionalAttrs (p.description != null) {
D = p.description;
} // lib.optionalAttrs (p.ppdOptions != {}) {
o = lib.mapAttrsToList (name: value: "${name}=${value}") p.ppdOptions;
});
in ''
${pkgs.cups}/bin/lpadmin ${args} -E
'';
ensurePrinter =
p:
let
args = lib.cli.toGNUCommandLineShell { } (
{
p = p.name;
v = p.deviceUri;
m = p.model;
}
// lib.optionalAttrs (p.location != null) {
L = p.location;
}
// lib.optionalAttrs (p.description != null) {
D = p.description;
}
// lib.optionalAttrs (p.ppdOptions != { }) {
o = lib.mapAttrsToList (name: value: "${name}=${value}") p.ppdOptions;
}
);
in
''
${pkgs.cups}/bin/lpadmin ${args} -E
'';
ensureDefaultPrinter = name: ''
${pkgs.cups}/bin/lpadmin -d '${name}'
@ -24,11 +37,12 @@ let
# "graph but not # or /" can't be implemented as regex alone due to missing lookahead support
noInvalidChars = str: lib.all (c: c != "#" && c != "/") (lib.stringToCharacters str);
printerName = (lib.types.addCheck (lib.types.strMatching "[[:graph:]]+") noInvalidChars)
// { description = "printable string without spaces, # and /"; };
printerName = (lib.types.addCheck (lib.types.strMatching "[[:graph:]]+") noInvalidChars) // {
description = "printable string without spaces, # and /";
};
in {
in
{
options = {
hardware.printers = {
ensureDefaultPrinter = lib.mkOption {
@ -47,73 +61,75 @@ in {
and remove printers with {command}`lpadmin -x <printer-name>`.
Printers not listed here can still be manually configured.
'';
default = [];
type = lib.types.listOf (lib.types.submodule {
options = {
name = lib.mkOption {
type = printerName;
example = "BrotherHL_Workroom";
description = ''
Name of the printer / printer queue.
May contain any printable characters except "/", "#", and space.
'';
};
location = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "Workroom";
description = ''
Optional human-readable location.
'';
};
description = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "Brother HL-5140";
description = ''
Optional human-readable description.
'';
};
deviceUri = lib.mkOption {
type = lib.types.str;
example = lib.literalExpression ''
"ipp://printserver.local/printers/BrotherHL_Workroom"
"usb://HP/DESKJET%20940C?serial=CN16E6C364BH"
'';
description = ''
How to reach the printer.
{command}`lpinfo -v` shows a list of supported device URIs and schemes.
'';
};
model = lib.mkOption {
type = lib.types.str;
example = lib.literalExpression ''
"gutenprint.''${lib.versions.majorMinor (lib.getVersion pkgs.gutenprint)}://brother-hl-5140/expert"
'';
description = ''
Location of the ppd driver file for the printer.
{command}`lpinfo -m` shows a list of supported models.
'';
};
ppdOptions = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
example = {
PageSize = "A4";
Duplex = "DuplexNoTumble";
default = [ ];
type = lib.types.listOf (
lib.types.submodule {
options = {
name = lib.mkOption {
type = printerName;
example = "BrotherHL_Workroom";
description = ''
Name of the printer / printer queue.
May contain any printable characters except "/", "#", and space.
'';
};
location = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "Workroom";
description = ''
Optional human-readable location.
'';
};
description = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
example = "Brother HL-5140";
description = ''
Optional human-readable description.
'';
};
deviceUri = lib.mkOption {
type = lib.types.str;
example = lib.literalExpression ''
"ipp://printserver.local/printers/BrotherHL_Workroom"
"usb://HP/DESKJET%20940C?serial=CN16E6C364BH"
'';
description = ''
How to reach the printer.
{command}`lpinfo -v` shows a list of supported device URIs and schemes.
'';
};
model = lib.mkOption {
type = lib.types.str;
example = lib.literalExpression ''
"gutenprint.''${lib.versions.majorMinor (lib.getVersion pkgs.gutenprint)}://brother-hl-5140/expert"
'';
description = ''
Location of the ppd driver file for the printer.
{command}`lpinfo -m` shows a list of supported models.
'';
};
ppdOptions = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
example = {
PageSize = "A4";
Duplex = "DuplexNoTumble";
};
default = { };
description = ''
Sets PPD options for the printer.
{command}`lpoptions [-p printername] -l` shows supported PPD options for the given printer.
'';
};
default = {};
description = ''
Sets PPD options for the printer.
{command}`lpoptions [-p printername] -l` shows supported PPD options for the given printer.
'';
};
};
});
}
);
};
};
};
config = lib.mkIf (cfg.ensurePrinters != [] && config.services.printing.enable) {
config = lib.mkIf (cfg.ensurePrinters != [ ] && config.services.printing.enable) {
systemd.services.ensure-printers = {
description = "Ensure NixOS-configured CUPS printers";
wantedBy = [ "multi-user.target" ];
@ -127,12 +143,14 @@ in {
script = lib.concatStringsSep "\n" [
(lib.concatMapStrings ensurePrinter cfg.ensurePrinters)
(lib.optionalString (cfg.ensureDefaultPrinter != null)
(ensureDefaultPrinter cfg.ensureDefaultPrinter))
(lib.optionalString (cfg.ensureDefaultPrinter != null) (
ensureDefaultPrinter cfg.ensureDefaultPrinter
))
# Note: if cupsd is "stateless" the service can't be stopped,
# otherwise the configuration will be wiped on the next start.
(lib.optionalString (with config.services.printing; startWhenNeeded && !stateless)
"systemctl stop cups.service")
(lib.optionalString (
with config.services.printing; startWhenNeeded && !stateless
) "systemctl stop cups.service")
];
};
};

12
nixos/modules/hardware/raid/hpsa.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
hpssacli = pkgs.stdenv.mkDerivation rec {
pname = "hpssacli";
@ -40,7 +45,8 @@ let
maintainers = [ ];
};
};
in {
in
{
###### interface
options = {
@ -53,7 +59,7 @@ in {
config = lib.mkIf config.hardware.raid.HPSmartArray.enable {
boot.initrd.kernelModules = [ "sg" ]; /* hpssacli wants it */
boot.initrd.kernelModules = [ "sg" ]; # hpssacli wants it
boot.initrd.availableKernelModules = [ "hpsa" ];
environment.systemPackages = [ hpssacli ];

20
nixos/modules/hardware/rtl-sdr.nix
View file

@ -1,9 +1,15 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.rtl-sdr;
in {
in
{
options.hardware.rtl-sdr = {
enable = lib.mkOption {
type = lib.types.bool;
@ -11,13 +17,17 @@ in {
description = ''
Enables rtl-sdr udev rules, ensures 'plugdev' group exists, and blacklists DVB kernel modules.
This is a prerequisite to using devices supported by rtl-sdr without being root, since rtl-sdr USB descriptors will be owned by plugdev through udev.
'';
'';
};
};
config = lib.mkIf cfg.enable {
boot.blacklistedKernelModules = [ "dvb_usb_rtl28xxu" "e4000" "rtl2832" ];
boot.blacklistedKernelModules = [
"dvb_usb_rtl28xxu"
"e4000"
"rtl2832"
];
services.udev.packages = [ pkgs.rtl-sdr ];
users.groups.plugdev = {};
users.groups.plugdev = { };
};
}

7
nixos/modules/hardware/saleae-logic.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.saleae-logic;

61
nixos/modules/hardware/sata.nix
View file

@ -1,10 +1,21 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkEnableOption mkIf mkOption types;
inherit (lib)
mkEnableOption
mkIf
mkOption
types
;
cfg = config.hardware.sata.timeout;
buildRule = d:
buildRule =
d:
lib.concatStringsSep ", " [
''ACTION=="add"''
''SUBSYSTEM=="block"''
@ -13,23 +24,20 @@ let
''ENV{SYSTEMD_WANTS}="${unitName d}"''
];
devicePath = device:
"/dev/disk/by-${device.idBy}/${device.name}";
devicePath = device: "/dev/disk/by-${device.idBy}/${device.name}";
unitName = device:
"sata-timeout-${lib.strings.sanitizeDerivationName device.name}";
unitName = device: "sata-timeout-${lib.strings.sanitizeDerivationName device.name}";
startScript =
pkgs.writeShellScript "sata-timeout.sh" ''
set -eEuo pipefail
startScript = pkgs.writeShellScript "sata-timeout.sh" ''
set -eEuo pipefail
device="$1"
device="$1"
${pkgs.smartmontools}/bin/smartctl \
-l scterc,${toString cfg.deciSeconds},${toString cfg.deciSeconds} \
--quietmode errorsonly \
"$device"
'';
${pkgs.smartmontools}/bin/smartctl \
-l scterc,${toString cfg.deciSeconds},${toString cfg.deciSeconds} \
--quietmode errorsonly \
"$device"
'';
in
{
@ -54,8 +62,8 @@ in
drives = mkOption {
description = "List of drives for which to configure the timeout.";
type = types.listOf
(types.submodule {
type = types.listOf (
types.submodule {
options = {
name = mkOption {
description = "Drive name without the full path.";
@ -64,19 +72,24 @@ in
idBy = mkOption {
description = "The method to identify the drive.";
type = types.enum [ "path" "wwn" ];
type = types.enum [
"path"
"wwn"
];
default = "path";
};
};
});
}
);
};
};
config = mkIf cfg.enable {
services.udev.extraRules = lib.concatMapStringsSep "\n" buildRule cfg.drives;
systemd.services = lib.listToAttrs (map
(e:
systemd.services = lib.listToAttrs (
map (
e:
lib.nameValuePair (unitName e) {
description = "SATA timeout for ${e.name}";
wantedBy = [ "sata-timeout.target" ];
@ -89,8 +102,8 @@ in
ProtectSystem = "strict";
};
}
)
cfg.drives);
) cfg.drives
);
systemd.targets.sata-timeout = {
description = "SATA timeout";

12
nixos/modules/hardware/sensor/hddtemp.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkIf mkOption types;
@ -44,7 +49,10 @@ in
unit = mkOption {
description = "Celsius or Fahrenheit";
type = types.enum [ "C" "F" ];
type = types.enum [
"C"
"F"
];
default = "C";
};

7
nixos/modules/hardware/sensor/iio.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
###### interface

33
nixos/modules/hardware/system-76.nix
View file

@ -1,12 +1,30 @@
{ config, lib, options, pkgs, ... }:
{
config,
lib,
options,
pkgs,
...
}:
let
inherit (lib) literalExpression mkOption mkEnableOption types mkIf mkMerge optional versionOlder;
inherit (lib)
literalExpression
mkOption
mkEnableOption
types
mkIf
mkMerge
optional
versionOlder
;
cfg = config.hardware.system76;
opt = options.hardware.system76;
kpkgs = config.boot.kernelPackages;
modules = [ "system76" "system76-io" ] ++ (optional (versionOlder kpkgs.kernel.version "5.5") "system76-acpi");
modules = [
"system76"
"system76-io"
] ++ (optional (versionOlder kpkgs.kernel.version "5.5") "system76-acpi");
modulePackages = map (m: kpkgs.${m}) modules;
moduleConfig = mkIf cfg.kernel-modules.enable {
boot.extraModulePackages = modulePackages;
@ -54,7 +72,8 @@ let
wantedBy = [ "multi-user.target" ];
};
};
in {
in
{
options = {
hardware.system76 = {
enableAll = mkEnableOption "all recommended configuration for system76 systems";
@ -85,5 +104,9 @@ in {
};
};
config = mkMerge [ moduleConfig firmwareConfig powerConfig ];
config = mkMerge [
moduleConfig
firmwareConfig
powerConfig
];
}

12
nixos/modules/hardware/ubertooth.nix
View file

@ -1,11 +1,17 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.ubertooth;
ubertoothPkg = pkgs.ubertooth.override {
udevGroup = cfg.group;
};
in {
in
{
options.hardware.ubertooth = {
enable = lib.mkEnableOption "Ubertooth software and its udev rules";
@ -21,6 +27,6 @@ in {
environment.systemPackages = [ ubertoothPkg ];
services.udev.packages = [ ubertoothPkg ];
users.groups.${cfg.group} = {};
users.groups.${cfg.group} = { };
};
}

129
nixos/modules/hardware/uni-sync.nix
View file

@ -1,9 +1,11 @@
{ config
, lib
, pkgs
, ...
{
config,
lib,
pkgs,
...
}:
with lib; let
with lib;
let
cfg = config.hardware.uni-sync;
in
{
@ -51,65 +53,74 @@ in
]
'';
description = "List of controllers with their configurations.";
type = types.listOf (types.submodule {
options = {
device_id = mkOption {
type = types.str;
example = "VID:1111/PID:11111/SN:1111111111";
description = "Unique device ID displayed at each startup.";
type = types.listOf (
types.submodule {
options = {
device_id = mkOption {
type = types.str;
example = "VID:1111/PID:11111/SN:1111111111";
description = "Unique device ID displayed at each startup.";
};
sync_rgb = mkOption {
type = types.bool;
default = false;
example = true;
description = "Enable ARGB header sync.";
};
channels = mkOption {
default = [ ];
example = literalExpression ''
[
{
mode = "PWM";
}
{
mode = "Manual";
speed = 100;
}
{
mode = "Manual";
speed = 54;
}
{
mode = "Manual";
speed = 0;
}
]
'';
description = "List of channels connected to the controller.";
type = types.listOf (
types.submodule {
options = {
mode = mkOption {
type = types.enum [
"Manual"
"PWM"
];
default = "Manual";
example = "PWM";
description = "\"PWM\" to enable PWM sync. \"Manual\" to set speed.";
};
speed = mkOption {
type = types.int;
default = "50";
example = "100";
description = "Fan speed as percentage (clamped between 0 and 100).";
};
};
}
);
};
};
sync_rgb = mkOption {
type = types.bool;
default = false;
example = true;
description = "Enable ARGB header sync.";
};
channels = mkOption {
default = [ ];
example = literalExpression ''
[
{
mode = "PWM";
}
{
mode = "Manual";
speed = 100;
}
{
mode = "Manual";
speed = 54;
}
{
mode = "Manual";
speed = 0;
}
]
'';
description = "List of channels connected to the controller.";
type = types.listOf (types.submodule {
options = {
mode = mkOption {
type = types.enum [ "Manual" "PWM" ];
default = "Manual";
example = "PWM";
description = "\"PWM\" to enable PWM sync. \"Manual\" to set speed.";
};
speed = mkOption {
type = types.int;
default = "50";
example = "100";
description = "Fan speed as percentage (clamped between 0 and 100).";
};
};
});
};
};
});
}
);
};
};
config = mkIf cfg.enable {
environment.etc."uni-sync/uni-sync.json".text = mkIf (cfg.devices != [ ]) (builtins.toJSON { configs = cfg.devices; });
environment.etc."uni-sync/uni-sync.json".text = mkIf (cfg.devices != [ ]) (
builtins.toJSON { configs = cfg.devices; }
);
environment.systemPackages = [ cfg.package ];
services.udev.packages = [ cfg.package ];

9
nixos/modules/hardware/usb-modeswitch.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
###### interface
@ -21,7 +26,7 @@
###### implementation
imports = [
(lib.mkRenamedOptionModule ["hardware" "usbWwan" ] ["hardware" "usb-modeswitch" ])
(lib.mkRenamedOptionModule [ "hardware" "usbWwan" ] [ "hardware" "usb-modeswitch" ])
];
config = lib.mkIf config.hardware.usb-modeswitch.enable {

14
nixos/modules/hardware/usb-storage.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
{
options.hardware.usbStorage.manageShutdown = lib.mkOption {
@ -17,5 +22,10 @@
'';
};
imports = [(lib.mkRenamedOptionModule [ "hardware" "usbStorage" "manageStartStop" ] [ "hardware" "usbStorage" "manageShutdown" ])];
imports = [
(lib.mkRenamedOptionModule
[ "hardware" "usbStorage" "manageStartStop" ]
[ "hardware" "usbStorage" "manageShutdown" ]
)
];
}

34
nixos/modules/hardware/video/bumblebee.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.bumblebee;
@ -55,7 +60,10 @@ in
driver = lib.mkOption {
default = "nvidia";
type = lib.types.enum [ "nvidia" "nouveau" ];
type = lib.types.enum [
"nvidia"
"nouveau"
];
description = ''
Set driver used by bumblebeed. Supported are nouveau and nvidia.
'';
@ -63,7 +71,12 @@ in
pmMethod = lib.mkOption {
default = "auto";
type = lib.types.enum [ "auto" "bbswitch" "switcheroo" "none" ];
type = lib.types.enum [
"auto"
"bbswitch"
"switcheroo"
"none"
];
description = ''
Set preferred power management method for unused card.
'';
@ -73,11 +86,20 @@ in
};
config = lib.mkIf cfg.enable {
boot.blacklistedKernelModules = [ "nvidia-drm" "nvidia" "nouveau" ];
boot.blacklistedKernelModules = [
"nvidia-drm"
"nvidia"
"nouveau"
];
boot.kernelModules = lib.optional useBbswitch "bbswitch";
boot.extraModulePackages = lib.optional useBbswitch kernel.bbswitch ++ lib.optional useNvidia kernel.nvidia_x11.bin;
boot.extraModulePackages =
lib.optional useBbswitch kernel.bbswitch
++ lib.optional useNvidia kernel.nvidia_x11.bin;
environment.systemPackages = [ bumblebee primus ];
environment.systemPackages = [
bumblebee
primus
];
systemd.services.bumblebeed = {
description = "Bumblebee Hybrid Graphics Switcher";

7
nixos/modules/hardware/video/displaylink.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
enabled = lib.elem "displaylink" config.services.xserver.videoDrivers;

7
nixos/modules/hardware/video/intel-gpu-tools.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.intel-gpu-tools;

10
nixos/modules/hardware/video/switcheroo-control.nix
View file

@ -1,8 +1,14 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.services.switcherooControl;
in {
in
{
options.services.switcherooControl = {
enable = lib.mkEnableOption "switcheroo-control, a D-Bus service to check the availability of dual-GPU";
package = lib.mkPackageOption pkgs "switcheroo-control" { };

17
nixos/modules/hardware/video/uvcvideo/default.nix
View file

@ -1,12 +1,19 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.uvcvideo;
uvcdynctrl-udev-rules = packages: pkgs.callPackage ./uvcdynctrl-udev-rules.nix {
drivers = packages;
udevDebug = false;
};
uvcdynctrl-udev-rules =
packages:
pkgs.callPackage ./uvcdynctrl-udev-rules.nix {
drivers = packages;
udevDebug = false;
};
in

58
nixos/modules/hardware/video/uvcvideo/uvcdynctrl-udev-rules.nix
View file

@ -1,9 +1,10 @@
{ buildEnv
, libwebcam
, makeWrapper
, runCommand
, drivers ? []
, udevDebug ? false
{
buildEnv,
libwebcam,
makeWrapper,
runCommand,
drivers ? [ ],
udevDebug ? false,
}:
let
@ -21,27 +22,26 @@ let
in
runCommand "uvcdynctrl-udev-rules-${version}"
{
inherit dataPath;
nativeBuildInputs = [
makeWrapper
];
buildInputs = [
libwebcam
];
dontPatchELF = true;
dontStrip = true;
preferLocalBuild = true;
}
''
mkdir -p "$out/lib/udev"
makeWrapper "${libwebcam}/lib/udev/uvcdynctrl" "$out/lib/udev/uvcdynctrl" \
--set NIX_UVCDYNCTRL_DATA_DIR "${dataDir}" \
--set NIX_UVCDYNCTRL_UDEV_DEBUG "${udevDebugVarValue}"
mkdir -p "$out/lib/udev/rules.d"
cat "${libwebcam}/lib/udev/rules.d/80-uvcdynctrl.rules" | \
sed -r "s#RUN\+\=\"([^\"]+)\"#RUN\+\=\"$out/lib/udev/uvcdynctrl\"#g" > \
"$out/lib/udev/rules.d/80-uvcdynctrl.rules"
''
{
inherit dataPath;
nativeBuildInputs = [
makeWrapper
];
buildInputs = [
libwebcam
];
dontPatchELF = true;
dontStrip = true;
preferLocalBuild = true;
}
''
mkdir -p "$out/lib/udev"
makeWrapper "${libwebcam}/lib/udev/uvcdynctrl" "$out/lib/udev/uvcdynctrl" \
--set NIX_UVCDYNCTRL_DATA_DIR "${dataDir}" \
--set NIX_UVCDYNCTRL_UDEV_DEBUG "${udevDebugVarValue}"
mkdir -p "$out/lib/udev/rules.d"
cat "${libwebcam}/lib/udev/rules.d/80-uvcdynctrl.rules" | \
sed -r "s#RUN\+\=\"([^\"]+)\"#RUN\+\=\"$out/lib/udev/uvcdynctrl\"#g" > \
"$out/lib/udev/rules.d/80-uvcdynctrl.rules"
''

7
nixos/modules/hardware/video/virtualbox.nix
View file

@ -2,6 +2,9 @@
let
inherit (config.boot) kernelPackages;
inherit (config.services.xserver) videoDrivers;
in {
boot.extraModulePackages = lib.mkIf (lib.elem "virtualbox" videoDrivers) [ kernelPackages.virtualboxGuestAdditions ];
in
{
boot.extraModulePackages = lib.mkIf (lib.elem "virtualbox" videoDrivers) [
kernelPackages.virtualboxGuestAdditions
];
}

12
nixos/modules/hardware/video/webcam/facetimehd.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.facetimehd;
@ -31,8 +36,9 @@ in
boot.extraModulePackages = [ kernelPackages.facetimehd ];
hardware.firmware = [ pkgs.facetimehd-firmware ]
++ lib.optional cfg.withCalibration pkgs.facetimehd-calibration;
hardware.firmware = [
pkgs.facetimehd-firmware
] ++ lib.optional cfg.withCalibration pkgs.facetimehd-calibration;
# unload module during suspend/hibernate as it crashes the whole system
powerManagement.powerDownCommands = ''

26
nixos/modules/hardware/video/webcam/ipu6.nix
View file

@ -1,7 +1,19 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
inherit (lib) mkDefault mkEnableOption mkIf mkOption optional types;
inherit (lib)
mkDefault
mkEnableOption
mkIf
mkOption
optional
types
;
cfg = config.hardware.ipu6;
@ -13,7 +25,11 @@ in
enable = mkEnableOption "support for Intel IPU6/MIPI cameras";
platform = mkOption {
type = types.enum [ "ipu6" "ipu6ep" "ipu6epmtl" ];
type = types.enum [
"ipu6"
"ipu6ep"
"ipu6epmtl"
];
description = ''
Choose the version for your hardware platform.
@ -44,7 +60,9 @@ in
cardLabel = mkDefault "Intel MIPI Camera";
extraPackages = with pkgs.gst_all_1; [ ]
extraPackages =
with pkgs.gst_all_1;
[ ]
++ optional (cfg.platform == "ipu6") icamerasrc-ipu6
++ optional (cfg.platform == "ipu6ep") icamerasrc-ipu6ep
++ optional (cfg.platform == "ipu6epmtl") icamerasrc-ipu6epmtl;

12
nixos/modules/hardware/xone.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
cfg = config.hardware.xone;
in
@ -9,7 +14,10 @@ in
config = lib.mkIf cfg.enable {
boot = {
blacklistedKernelModules = [ "xpad" "mt76x2u" ];
blacklistedKernelModules = [
"xpad"
"mt76x2u"
];
extraModulePackages = with config.boot.kernelPackages; [ xone ];
};
hardware.firmware = [ pkgs.xow_dongle-firmware ];

9
nixos/modules/hardware/xpadneo.nix
View file

@ -11,11 +11,10 @@ in
boot = {
# Must disable Enhanced Retransmission Mode to support bluetooth pairing
# https://wiki.archlinux.org/index.php/Gamepad#Connect_Xbox_Wireless_Controller_with_Bluetooth
extraModprobeConfig =
lib.mkIf
(config.hardware.bluetooth.enable &&
(lib.versionOlder config.boot.kernelPackages.kernel.version "5.12"))
"options bluetooth disable_ertm=1";
extraModprobeConfig = lib.mkIf (
config.hardware.bluetooth.enable
&& (lib.versionOlder config.boot.kernelPackages.kernel.version "5.12")
) "options bluetooth disable_ertm=1";
extraModulePackages = with config.boot.kernelPackages; [ xpadneo ];
kernelModules = [ "hid_xpadneo" ];

80
nixos/modules/i18n/input-method/default.nix
View file

@ -1,28 +1,50 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
cfg = config.i18n.inputMethod;
allowedTypes = lib.types.enum [ "ibus" "fcitx5" "nabi" "uim" "hime" "kime" ];
allowedTypes = lib.types.enum [
"ibus"
"fcitx5"
"nabi"
"uim"
"hime"
"kime"
];
gtk2_cache = pkgs.runCommand "gtk2-immodule.cache"
{ preferLocalBuild = true;
allowSubstitutes = false;
buildInputs = [ pkgs.gtk2 cfg.package ];
}
''
mkdir -p $out/etc/gtk-2.0/
GTK_PATH=${cfg.package}/lib/gtk-2.0/ gtk-query-immodules-2.0 > $out/etc/gtk-2.0/immodules.cache
'';
gtk2_cache =
pkgs.runCommand "gtk2-immodule.cache"
{
preferLocalBuild = true;
allowSubstitutes = false;
buildInputs = [
pkgs.gtk2
cfg.package
];
}
''
mkdir -p $out/etc/gtk-2.0/
GTK_PATH=${cfg.package}/lib/gtk-2.0/ gtk-query-immodules-2.0 > $out/etc/gtk-2.0/immodules.cache
'';
gtk3_cache = pkgs.runCommand "gtk3-immodule.cache"
{ preferLocalBuild = true;
allowSubstitutes = false;
buildInputs = [ pkgs.gtk3 cfg.package ];
}
''
mkdir -p $out/etc/gtk-3.0/
GTK_PATH=${cfg.package}/lib/gtk-3.0/ gtk-query-immodules-3.0 > $out/etc/gtk-3.0/immodules.cache
'';
gtk3_cache =
pkgs.runCommand "gtk3-immodule.cache"
{
preferLocalBuild = true;
allowSubstitutes = false;
buildInputs = [
pkgs.gtk3
cfg.package
];
}
''
mkdir -p $out/etc/gtk-3.0/
GTK_PATH=${cfg.package}/lib/gtk-3.0/ gtk-query-immodules-3.0 > $out/etc/gtk-3.0/immodules.cache
'';
in
{
@ -34,14 +56,14 @@ in
};
enabled = lib.mkOption {
type = lib.types.nullOr allowedTypes;
type = lib.types.nullOr allowedTypes;
default = null;
example = "fcitx5";
description = "Deprecated - use `type` and `enable = true` instead";
};
type = lib.mkOption {
type = lib.types.nullOr allowedTypes;
type = lib.types.nullOr allowedTypes;
default = cfg.enabled;
defaultText = lib.literalMD "The value of the deprecated option `enabled`, defaulting to null";
example = "fcitx5";
@ -63,8 +85,8 @@ in
package = lib.mkOption {
internal = true;
type = lib.types.nullOr lib.types.path;
default = null;
type = lib.types.nullOr lib.types.path;
default = null;
description = ''
The input method method package.
'';
@ -73,8 +95,14 @@ in
};
config = lib.mkIf cfg.enable {
warnings = lib.optional (cfg.enabled != null) "i18n.inputMethod.enabled will be removed in a future release. Please use .type, and .enable = true instead";
environment.systemPackages = [ cfg.package gtk2_cache gtk3_cache ];
warnings =
lib.optional (cfg.enabled != null)
"i18n.inputMethod.enabled will be removed in a future release. Please use .type, and .enable = true instead";
environment.systemPackages = [
cfg.package
gtk2_cache
gtk3_cache
];
};
meta = {

11
nixos/modules/i18n/input-method/hime.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
imcfg = config.i18n.inputMethod;
in
@ -7,8 +12,8 @@ in
i18n.inputMethod.package = pkgs.hime;
environment.variables = {
GTK_IM_MODULE = "hime";
QT_IM_MODULE = "hime";
XMODIFIERS = "@im=hime";
QT_IM_MODULE = "hime";
XMODIFIERS = "@im=hime";
};
services.xserver.displayManager.sessionCommands = "${pkgs.hime}/bin/hime &";
};

60
nixos/modules/i18n/input-method/kime.nix
View file

@ -1,22 +1,50 @@
{ config, pkgs, lib, generators, ... }:
{
config,
pkgs,
lib,
generators,
...
}:
let
imcfg = config.i18n.inputMethod;
in {
in
{
imports = [
(lib.mkRemovedOptionModule [ "i18n" "inputMethod" "kime" "config" ] "Use i18n.inputMethod.kime.* instead")
(lib.mkRemovedOptionModule [
"i18n"
"inputMethod"
"kime"
"config"
] "Use i18n.inputMethod.kime.* instead")
];
options.i18n.inputMethod.kime = {
daemonModules = lib.mkOption {
type = lib.types.listOf (lib.types.enum [ "Xim" "Wayland" "Indicator" ]);
default = [ "Xim" "Wayland" "Indicator" ];
example = [ "Xim" "Indicator" ];
type = lib.types.listOf (
lib.types.enum [
"Xim"
"Wayland"
"Indicator"
]
);
default = [
"Xim"
"Wayland"
"Indicator"
];
example = [
"Xim"
"Indicator"
];
description = ''
List of enabled daemon modules
'';
};
iconColor = lib.mkOption {
type = lib.types.enum [ "Black" "White" ];
type = lib.types.enum [
"Black"
"White"
];
default = "Black";
example = "White";
description = ''
@ -37,16 +65,18 @@ in {
environment.variables = {
GTK_IM_MODULE = "kime";
QT_IM_MODULE = "kime";
XMODIFIERS = "@im=kime";
QT_IM_MODULE = "kime";
XMODIFIERS = "@im=kime";
};
environment.etc."xdg/kime/config.yaml".text = ''
daemon:
modules: [${lib.concatStringsSep "," imcfg.kime.daemonModules}]
indicator:
icon_color: ${imcfg.kime.iconColor}
'' + imcfg.kime.extraConfig;
environment.etc."xdg/kime/config.yaml".text =
''
daemon:
modules: [${lib.concatStringsSep "," imcfg.kime.daemonModules}]
indicator:
icon_color: ${imcfg.kime.iconColor}
''
+ imcfg.kime.extraConfig;
};
# uses attributes of the linked package

11
nixos/modules/i18n/input-method/nabi.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
imcfg = config.i18n.inputMethod;
in
@ -8,8 +13,8 @@ in
environment.variables = {
GTK_IM_MODULE = "nabi";
QT_IM_MODULE = "nabi";
XMODIFIERS = "@im=nabi";
QT_IM_MODULE = "nabi";
XMODIFIERS = "@im=nabi";
};
services.xserver.displayManager.sessionCommands = "${pkgs.nabi}/bin/nabi &";

19
nixos/modules/i18n/input-method/uim.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }:
{
config,
pkgs,
lib,
...
}:
let
imcfg = config.i18n.inputMethod;
cfg = imcfg.uim;
@ -8,7 +13,13 @@ in
i18n.inputMethod.uim = {
toolbar = lib.mkOption {
type = lib.types.enum [ "gtk" "gtk3" "gtk-systray" "gtk3-systray" "qt5" ];
type = lib.types.enum [
"gtk"
"gtk3"
"gtk-systray"
"gtk3-systray"
"qt5"
];
default = "gtk";
example = "gtk-systray";
description = ''
@ -24,8 +35,8 @@ in
environment.variables = {
GTK_IM_MODULE = "uim";
QT_IM_MODULE = "uim";
XMODIFIERS = "@im=uim";
QT_IM_MODULE = "uim";
XMODIFIERS = "@im=uim";
};
services.xserver.displayManager.sessionCommands = ''
${pkgs.uim}/bin/uim-xim &

9
nixos/modules/image/repart-verity-store.nix
View file

@ -34,9 +34,12 @@ let
flakeIgnore = [ "E501" ]; # ignores PEP8's line length limit of 79 (black defaults to 88 characters)
}
(
builtins.replaceStrings [ "@NIX_STORE_VERITY@" ] [
partitionTypes.usr-verity
] (builtins.readFile ./assert_uki_repart_match.py)
builtins.replaceStrings
[ "@NIX_STORE_VERITY@" ]
[
partitionTypes.usr-verity
]
(builtins.readFile ./assert_uki_repart_match.py)
);
in
{

Some files were not shown because too many files have changed in this diff Show more