movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Merge branch 'master' into staging-next

Browse source
This commit is contained in:
K900 2024-05-01 09:37:47 +03:00
commit a9c7210d0b
245 changed files with 10758 additions and 3158 deletions
Download patch file Download diff file Expand all files Collapse all files

3
nixos/modules/config/no-x-libs.nix
View file

@ -31,8 +31,11 @@ with lib;
cairo = super.cairo.override { x11Support = false; };
dbus = super.dbus.override { x11Support = false; };
fastfetch = super.fastfetch.override { vulkanSupport = false; waylandSupport = false; x11Support = false; };
ffmpeg = super.ffmpeg.override { ffmpegVariant = "headless"; };
ffmpeg_4 = super.ffmpeg_4.override { ffmpegVariant = "headless"; };
ffmpeg_5 = super.ffmpeg_5.override { ffmpegVariant = "headless"; };
ffmpeg_6 = super.ffmpeg_6.override { ffmpegVariant = "headless"; };
ffmpeg_7 = super.ffmpeg_7.override { ffmpegVariant = "headless"; };
# dep of graphviz, libXpm is optional for Xpm support
gd = super.gd.override { withXorg = false; };
ghostscript = super.ghostscript.override { cupsSupport = false; x11Support = false; };

120
nixos/modules/services/networking/adguardhome.nix
View file

@ -4,6 +4,7 @@ with lib;
let
cfg = config.services.adguardhome;
settingsFormat = pkgs.formats.yaml { };
args = concatStringsSep " " ([
"--no-check-update"
@ -12,27 +13,33 @@ let
"--config /var/lib/AdGuardHome/AdGuardHome.yaml"
] ++ cfg.extraArgs);
configFile = pkgs.writeTextFile {
name = "AdGuardHome.yaml";
text = builtins.toJSON cfg.settings;
checkPhase = "${pkgs.adguardhome}/bin/adguardhome -c $out --check-config";
};
defaultBindPort = 3000;
in
{
imports =
let cfgPath = [ "services" "adguardhome" ];
in
[
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "host" ]; to = cfgPath ++ [ "settings" "bind_host" ]; })
(mkRenamedOptionModuleWith { sinceRelease = 2211; from = cfgPath ++ [ "port" ]; to = cfgPath ++ [ "settings" "bind_port" ]; })
];
settings = if (cfg.settings != null) then
cfg.settings // (if cfg.settings.schema_version < 23 then {
bind_host = cfg.host;
bind_port = cfg.port;
} else {
http.address = "${cfg.host}:${toString cfg.port}";
})
else
null;
configFile =
(settingsFormat.generate "AdGuardHome.yaml" settings).overrideAttrs (_: {
checkPhase = "${cfg.package}/bin/adguardhome -c $out --check-config";
});
in {
options.services.adguardhome = with types; {
enable = mkEnableOption "AdGuard Home network-wide ad blocker";
package = mkOption {
type = package;
default = pkgs.adguardhome;
defaultText = literalExpression "pkgs.adguardhome";
description = ''
The package that runs adguardhome.
'';
};
openFirewall = mkOption {
default = false;
type = bool;
@ -43,8 +50,8 @@ in
};
allowDHCP = mkOption {
default = cfg.settings.dhcp.enabled or false;
defaultText = literalExpression ''config.services.adguardhome.settings.dhcp.enabled or false'';
default = settings.dhcp.enabled or false;
defaultText = literalExpression "config.services.adguardhome.settings.dhcp.enabled or false";
type = bool;
description = ''
Allows AdGuard Home to open raw sockets (`CAP_NET_RAW`), which is
@ -65,32 +72,34 @@ in
'';
};
host = mkOption {
default = "0.0.0.0";
type = str;
description = ''
Host address to bind HTTP server to.
'';
};
port = mkOption {
default = 3000;
type = port;
description = ''
Port to serve HTTP pages on.
'';
};
settings = mkOption {
default = null;
type = nullOr (submodule {
freeformType = (pkgs.formats.yaml { }).type;
freeformType = settingsFormat.type;
options = {
schema_version = mkOption {
default = pkgs.adguardhome.schema_version;
defaultText = literalExpression "pkgs.adguardhome.schema_version";
default = cfg.package.schema_version;
defaultText = literalExpression "cfg.package.schema_version";
type = int;
description = ''
Schema version for the configuration.
Defaults to the `schema_version` supplied by `pkgs.adguardhome`.
'';
};
bind_host = mkOption {
default = "0.0.0.0";
type = str;
description = ''
Host address to bind HTTP server to.
'';
};
bind_port = mkOption {
default = defaultBindPort;
type = port;
description = ''
Port to serve HTTP pages on.
Defaults to the `schema_version` supplied by `cfg.package`.
'';
};
};
@ -107,7 +116,7 @@ in
Set this to `null` (default) for a non-declarative configuration without any
Nix-supplied values.
Declarative configurations are supplied with a default `schema_version`, `bind_host`, and `bind_port`.
Declarative configurations are supplied with a default `schema_version`, and `http.address`.
:::
'';
};
@ -124,17 +133,25 @@ in
config = mkIf cfg.enable {
assertions = [
{
assertion = cfg.settings != null -> cfg.mutableSettings
|| (hasAttrByPath [ "dns" "bind_host" ] cfg.settings)
|| (hasAttrByPath [ "dns" "bind_hosts" ] cfg.settings);
message =
"AdGuard setting dns.bind_host or dns.bind_hosts needs to be configured for a minimal working configuration";
assertion = cfg.settings != null
-> !(hasAttrByPath [ "bind_host" ] cfg.settings);
message = "AdGuard option `settings.bind_host' has been superseded by `services.adguardhome.host'";
}
{
assertion = cfg.settings != null -> cfg.mutableSettings
|| hasAttrByPath [ "dns" "bootstrap_dns" ] cfg.settings;
message =
"AdGuard setting dns.bootstrap_dns needs to be configured for a minimal working configuration";
assertion = cfg.settings != null
-> !(hasAttrByPath [ "bind_port" ] cfg.settings);
message = "AdGuard option `settings.bind_host' has been superseded by `services.adguardhome.port'";
}
{
assertion = settings != null -> cfg.mutableSettings
|| hasAttrByPath [ "dns" "bootstrap_dns" ] settings;
message = "AdGuard setting dns.bootstrap_dns needs to be configured for a minimal working configuration";
}
{
assertion = settings != null -> cfg.mutableSettings
|| hasAttrByPath [ "dns" "bootstrap_dns" ] settings
&& isList settings.dns.bootstrap_dns;
message = "AdGuard setting dns.bootstrap_dns needs to be a list";
}
];
@ -147,7 +164,7 @@ in
StartLimitBurst = 10;
};
preStart = optionalString (cfg.settings != null) ''
preStart = optionalString (settings != null) ''
if [ -e "$STATE_DIRECTORY/AdGuardHome.yaml" ] \
&& [ "${toString cfg.mutableSettings}" = "1" ]; then
# Writing directly to AdGuardHome.yaml results in empty file
@ -161,8 +178,9 @@ in
serviceConfig = {
DynamicUser = true;
ExecStart = "${pkgs.adguardhome}/bin/adguardhome ${args}";
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ] ++ optionals cfg.allowDHCP [ "CAP_NET_RAW" ];
ExecStart = "${cfg.package}/bin/adguardhome ${args}";
AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]
++ optionals cfg.allowDHCP [ "CAP_NET_RAW" ];
Restart = "always";
RestartSec = 10;
RuntimeDirectory = "AdGuardHome";
@ -170,6 +188,6 @@ in
};
};
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.settings.bind_port or defaultBindPort ];
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ cfg.port ];
};
}

4
nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix
View file

@ -10,7 +10,9 @@ let
# We check the source code in a derivation that does not depend on the
# system configuration so that most users don't have to redo the check and require
# the necessary dependencies.
checkedSource = pkgs.runCommand "systemd-boot" { } ''
checkedSource = pkgs.runCommand "systemd-boot" {
preferLocalBuild = true;
} ''
install -m755 -D ${./systemd-boot-builder.py} $out
${lib.getExe pkgs.buildPackages.mypy} \
--no-implicit-optional \