movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-14 06:00:33 +03:00
Code Activity

Merge master into staging-next

Browse source
This commit is contained in:
github-actions[bot] 2021-09-13 00:01:41 +00:00 committed by GitHub
commit ac962ee61a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
63 changed files with 1304 additions and 2449 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/module-list.nix
View file

@ -383,6 +383,8 @@
./services/display-managers/greetd.nix
./services/editors/emacs.nix
./services/editors/infinoted.nix
./services/games/crossfire-server.nix
./services/games/deliantra-server.nix
./services/games/factorio.nix
./services/games/freeciv.nix
./services/games/minecraft-server.nix

177
nixos/modules/services/games/crossfire-server.nix Normal file
View file

@ -0,0 +1,177 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.crossfire-server;
serverPort = 13327;
in {
options.services.crossfire-server = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
If enabled, the Crossfire game server will be started at boot.
'';
};
package = mkOption {
type = types.package;
default = pkgs.crossfire-server;
defaultText = "pkgs.crossfire-server";
description = ''
The package to use for the Crossfire server (and map/arch data, if you
don't change dataDir).
'';
};
dataDir = mkOption {
type = types.str;
default = "${cfg.package}/share/crossfire";
defaultText = "\${config.services.crossfire.package}/share/crossfire";
description = ''
Where to load readonly data from -- maps, archetypes, treasure tables,
and the like. If you plan to edit the data on the live server (rather
than overlaying the crossfire-maps and crossfire-arch packages and
nixos-rebuilding), point this somewhere read-write and copy the data
there before starting the server.
'';
};
stateDir = mkOption {
type = types.str;
default = "/var/lib/crossfire";
description = ''
Where to store runtime data (save files, persistent items, etc).
If left at the default, this will be automatically created on server
startup if it does not already exist. If changed, it is the admin's
responsibility to make sure that the directory exists and is writeable
by the `crossfire` user.
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
configFiles = mkOption {
type = types.attrsOf types.str;
description = ''
Text to append to the corresponding configuration files. Note that the
files given in the example are *not* the complete set of files available
to customize; look in /etc/crossfire after enabling the server to see
the available files, and read the comments in each file for detailed
documentation on the format and what settings are available.
Note that the motd, rules, and news files, if configured here, will
overwrite the example files that come with the server, rather than being
appended to them as the other configuration files are.
'';
example = literalExample ''
dm_file = '''
admin:secret_password:localhost
jane:xyzzy:*
''';
ban_file = '''
# Bob is a jerk
bob@*
# So is everyone on 192.168.86.255/24
*@192.168.86.
''';
metaserver2 = '''
metaserver2_notification on
localhostname crossfire.example.net
''';
motd = "Welcome to CrossFire!";
news = "No news yet.";
rules = "Don't be a jerk.";
settings = '''
# be nicer to newbies and harsher to experienced players
balanced_stat_loss true
# don't let players pick up and use admin-created items
real_wiz false
''';
'';
default = {};
};
};
config = mkIf cfg.enable {
users.users.crossfire = {
description = "Crossfire server daemon user";
home = cfg.stateDir;
createHome = false;
isSystemUser = true;
group = "crossfire";
};
users.groups.crossfire = {};
# Merge the cfg.configFiles setting with the default files shipped with
# Crossfire.
# For most files this consists of reading ${crossfire}/etc/crossfire/${name}
# and appending the user setting to it; the motd, news, and rules are handled
# specially, with user-provided values completely replacing the original.
environment.etc = lib.attrsets.mapAttrs'
(name: value: lib.attrsets.nameValuePair "crossfire/${name}" {
mode = "0644";
text =
(optionalString (!elem name ["motd" "news" "rules"])
(fileContents "${cfg.package}/etc/crossfire/${name}"))
+ "\n${value}";
}) ({
ban_file = "";
dm_file = "";
exp_table = "";
forbid = "";
metaserver2 = "";
motd = (fileContents "${cfg.package}/etc/crossfire/motd");
news = (fileContents "${cfg.package}/etc/crossfire/news");
rules = (fileContents "${cfg.package}/etc/crossfire/rules");
settings = "";
stat_bonus = "";
} // cfg.configFiles);
systemd.services.crossfire-server = {
description = "Crossfire Server Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = mkMerge [
{
ExecStart = "${cfg.package}/bin/crossfire-server -conf /etc/crossfire -local '${cfg.stateDir}' -data '${cfg.dataDir}'";
Restart = "always";
User = "crossfire";
Group = "crossfire";
WorkingDirectory = cfg.stateDir;
}
(mkIf (cfg.stateDir == "/var/lib/crossfire") {
StateDirectory = "crossfire";
})
];
# The crossfire server needs access to a bunch of files at runtime that
# are not created automatically at server startup; they're meant to be
# installed in $PREFIX/var/crossfire by `make install`. And those files
# need to be writeable, so we can't just point at the ones in the nix
# store. Instead we take the approach of copying them out of the store
# on first run. If `bookarch` already exists, we assume the rest of the
# files do as well, and copy nothing -- otherwise we risk ovewriting
# server state information every time the server is upgraded.
preStart = ''
if [ ! -e "${cfg.stateDir}"/bookarch ]; then
${pkgs.rsync}/bin/rsync -a --chmod=u=rwX,go=rX \
"${cfg.package}/var/crossfire/" "${cfg.stateDir}/"
fi
'';
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ serverPort ];
};
};
}

170
nixos/modules/services/games/deliantra-server.nix Normal file
View file

@ -0,0 +1,170 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.deliantra-server;
serverPort = 13327;
in {
options.services.deliantra-server = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
If enabled, the Deliantra game server will be started at boot.
'';
};
package = mkOption {
type = types.package;
default = pkgs.deliantra-server;
defaultText = "pkgs.deliantra-server";
description = ''
The package to use for the Deliantra server (and map/arch data, if you
don't change dataDir).
'';
};
dataDir = mkOption {
type = types.str;
default = "${pkgs.deliantra-data}";
defaultText = "\${pkgs.deliantra-data}";
description = ''
Where to store readonly data (maps, archetypes, sprites, etc).
Note that if you plan to use the live map editor (rather than editing
the maps offline and then nixos-rebuilding), THIS MUST BE WRITEABLE --
copy the deliantra-data someplace writeable (say,
/var/lib/deliantra/data) and update this option accordingly.
'';
};
stateDir = mkOption {
type = types.str;
default = "/var/lib/deliantra";
description = ''
Where to store runtime data (save files, persistent items, etc).
If left at the default, this will be automatically created on server
startup if it does not already exist. If changed, it is the admin's
responsibility to make sure that the directory exists and is writeable
by the `crossfire` user.
'';
};
openFirewall = mkOption {
type = types.bool;
default = false;
description = ''
Whether to open ports in the firewall for the server.
'';
};
configFiles = mkOption {
type = types.attrsOf types.str;
description = ''
Contents of the server configuration files. These will be appended to
the example configurations the server comes with and overwrite any
default settings defined therein.
The example here is not comprehensive. See the files in
/etc/deliantra-server after enabling this module for full documentation.
'';
example = literalExample ''
dm_file = '''
admin:secret_password:localhost
jane:xyzzy:*
''';
motd = "Welcome to Deliantra!";
settings = '''
# Settings for game mechanics.
stat_loss_on_death true
armor_max_enchant 7
''';
config = '''
# Settings for the server daemon.
hiscore_url https://deliantra.example.net/scores/
max_map_reset 86400
''';
'';
default = {
motd = "";
};
};
};
config = mkIf cfg.enable {
users.users.deliantra = {
description = "Deliantra server daemon user";
home = cfg.stateDir;
createHome = false;
isSystemUser = true;
group = "deliantra";
};
users.groups.deliantra = {};
# Merge the cfg.configFiles setting with the default files shipped with
# Deliantra.
# For most files this consists of reading
# ${deliantra}/etc/deliantra-server/${name} and appending the user setting
# to it.
environment.etc = lib.attrsets.mapAttrs'
(name: value: lib.attrsets.nameValuePair "deliantra-server/${name}" {
mode = "0644";
text =
# Deliantra doesn't come with a motd file, but respects it if present
# in /etc.
(optionalString (name != "motd")
(fileContents "${cfg.package}/etc/deliantra-server/${name}"))
+ "\n${value}";
}) ({
motd = "";
settings = "";
config = "";
dm_file = "";
} // cfg.configFiles);
systemd.services.deliantra-server = {
description = "Deliantra Server Daemon";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
environment = {
DELIANTRA_DATADIR="${cfg.dataDir}";
DELIANTRA_LOCALDIR="${cfg.stateDir}";
DELIANTRA_CONFDIR="/etc/deliantra-server";
};
serviceConfig = mkMerge [
{
ExecStart = "${cfg.package}/bin/deliantra-server";
Restart = "always";
User = "deliantra";
Group = "deliantra";
WorkingDirectory = cfg.stateDir;
}
(mkIf (cfg.stateDir == "/var/lib/deliantra") {
StateDirectory = "deliantra";
})
];
# The deliantra server needs access to a bunch of files at runtime that
# are not created automatically at server startup; they're meant to be
# installed in $PREFIX/var/deliantra-server by `make install`. And those
# files need to be writeable, so we can't just point at the ones in the
# nix store. Instead we take the approach of copying them out of the store
# on first run. If `bookarch` already exists, we assume the rest of the
# files do as well, and copy nothing -- otherwise we risk ovewriting
# server state information every time the server is upgraded.
preStart = ''
if [ ! -e "${cfg.stateDir}"/bookarch ]; then
${pkgs.rsync}/bin/rsync -a --chmod=u=rwX,go=rX \
"${cfg.package}/var/deliantra-server/" "${cfg.stateDir}/"
fi
'';
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ serverPort ];
};
};
}

6
nixos/modules/services/monitoring/datadog-agent.nix
View file

@ -51,7 +51,7 @@ in {
options.services.datadog-agent = {
enable = mkOption {
description = ''
Whether to enable the datadog-agent v6 monitoring service
Whether to enable the datadog-agent v7 monitoring service
'';
default = false;
type = types.bool;
@ -61,7 +61,7 @@ in {
default = pkgs.datadog-agent;
defaultText = "pkgs.datadog-agent";
description = ''
Which DataDog v6 agent package to use. Note that the provided
Which DataDog v7 agent package to use. Note that the provided
package is expected to have an overridable `pythonPackages`-attribute
which configures the Python environment with the Datadog
checks.
@ -274,7 +274,7 @@ in {
path = [ ];
script = ''
export DD_API_KEY=$(head -n 1 ${cfg.apiKeyFile})
${pkgs.datadog-process-agent}/bin/agent --config /etc/datadog-agent/datadog.yaml
${pkgs.datadog-process-agent}/bin/process-agent --config /etc/datadog-agent/datadog.yaml
'';
});

6
nixos/modules/services/security/privacyidea.nix
View file

@ -228,7 +228,7 @@ in
path = with pkgs; [ openssl ];
environment.PRIVACYIDEA_CONFIGFILE = "${cfg.stateDir}/privacyidea.cfg";
preStart = let
pi-manage = "${pkgs.sudo}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
pi-manage = "${config.security.sudo.package}/bin/sudo -u privacyidea -HE ${penv}/bin/pi-manage";
pgsu = config.services.postgresql.superUser;
psql = config.services.postgresql.package;
in ''
@ -239,8 +239,8 @@ in
-i "${piCfgFile}"
chown ${cfg.user}:${cfg.group} ${cfg.stateDir}/privacyidea.cfg
if ! test -e "${cfg.stateDir}/db-created"; then
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
${pkgs.sudo}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createuser --no-superuser --no-createdb --no-createrole ${cfg.user}
${config.security.sudo.package}/bin/sudo -u ${pgsu} ${psql}/bin/createdb --owner ${cfg.user} privacyidea
${pi-manage} create_enckey
${pi-manage} create_audit_keys
${pi-manage} createdb