movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 13:40:28 +03:00
Code Activity

Merge remote-tracking branch 'nixpkgs/master' into staging-next

Browse source
This commit is contained in:
Alyssa Ross 2021-09-01 07:47:01 +00:00
commit c13cf1e76f
No known key found for this signature in database
GPG key ID: F9DBED4859B271C0
105 changed files with 1558 additions and 1114 deletions
Download patch file Download diff file Expand all files Collapse all files

12
nixos/modules/hardware/video/nvidia.nix
View file

@ -143,6 +143,15 @@ in
'';
};
hardware.nvidia.nvidiaSettings = mkOption {
default = true;
type = types.bool;
description = ''
Whether to add nvidia-settings, NVIDIA's GUI configuration tool, to
systemPackages.
'';
};
hardware.nvidia.nvidiaPersistenced = mkOption {
default = false;
type = types.bool;
@ -279,7 +288,8 @@ in
hardware.opengl.extraPackages = optional offloadCfg.enable nvidia_x11.out;
hardware.opengl.extraPackages32 = optional offloadCfg.enable nvidia_x11.lib32;
environment.systemPackages = [ nvidia_x11.bin nvidia_x11.settings ]
environment.systemPackages = [ nvidia_x11.bin ]
++ optionals nvidiaSettings [ nvidia_x11.settings ]
++ optionals nvidiaPersistencedEnabled [ nvidia_x11.persistenced ];
systemd.packages = optional cfg.powerManagement.enable nvidia_x11.out;

14
nixos/modules/services/audio/roon-bridge.nix
View file

@ -14,9 +14,6 @@ in {
default = false;
description = ''
Open ports in the firewall for the bridge.
UDP: 9003
TCP: 9100 - 9200
'';
};
user = mkOption {
@ -54,10 +51,15 @@ in {
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
];
allowedTCPPortRanges = [{ from = 9100; to = 9200; }];
allowedUDPPorts = [ 9003 ];
extraCommands = ''
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
};

14
nixos/modules/services/audio/roon-server.nix
View file

@ -14,9 +14,6 @@ in {
default = false;
description = ''
Open ports in the firewall for the server.
UDP: 9003
TCP: 9100 - 9200
'';
};
user = mkOption {
@ -54,10 +51,15 @@ in {
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPortRanges = [
{ from = 9100; to = 9200; }
];
allowedTCPPortRanges = [{ from = 9100; to = 9200; }];
allowedUDPPorts = [ 9003 ];
extraCommands = ''
iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
iptables -A INPUT -s 240.0.0.0/5 -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
'';
};

110
nixos/modules/services/network-filesystems/ipfs.nix
View file

@ -5,36 +5,41 @@ let
opt = options.services.ipfs;
ipfsFlags = toString ([
(optionalString cfg.autoMount "--mount")
(optionalString cfg.enableGC "--enable-gc")
(optionalString (cfg.serviceFdlimit != null) "--manage-fdlimit=false")
(optionalString (cfg.defaultMode == "offline") "--offline")
(optionalString cfg.autoMount "--mount")
(optionalString cfg.enableGC "--enable-gc")
(optionalString (cfg.serviceFdlimit != null) "--manage-fdlimit=false")
(optionalString (cfg.defaultMode == "offline") "--offline")
(optionalString (cfg.defaultMode == "norouting") "--routing=none")
] ++ cfg.extraFlags);
splitMulitaddr = addrRaw: lib.tail (lib.splitString "/" addrRaw);
multiaddrToListenStream = addrRaw: let
multiaddrToListenStream = addrRaw:
let
addr = splitMulitaddr addrRaw;
s = builtins.elemAt addr;
in if s 0 == "ip4" && s 2 == "tcp"
then "${s 1}:${s 3}"
in
if s 0 == "ip4" && s 2 == "tcp"
then "${s 1}:${s 3}"
else if s 0 == "ip6" && s 2 == "tcp"
then "[${s 1}]:${s 3}"
then "[${s 1}]:${s 3}"
else if s 0 == "unix"
then "/${lib.concatStringsSep "/" (lib.tail addr)}"
then "/${lib.concatStringsSep "/" (lib.tail addr)}"
else null; # not valid for listen stream, skip
multiaddrToListenDatagram = addrRaw: let
multiaddrToListenDatagram = addrRaw:
let
addr = splitMulitaddr addrRaw;
s = builtins.elemAt addr;
in if s 0 == "ip4" && s 2 == "udp"
then "${s 1}:${s 3}"
in
if s 0 == "ip4" && s 2 == "udp"
then "${s 1}:${s 3}"
else if s 0 == "ip6" && s 2 == "udp"
then "[${s 1}]:${s 3}"
then "[${s 1}]:${s 3}"
else null; # not valid for listen datagram, skip
in {
in
{
###### interface
@ -65,9 +70,10 @@ in {
dataDir = mkOption {
type = types.str;
default = if versionAtLeast config.system.stateVersion "17.09"
then "/var/lib/ipfs"
else "/var/lib/ipfs/.ipfs";
default =
if versionAtLeast config.system.stateVersion "17.09"
then "/var/lib/ipfs"
else "/var/lib/ipfs/.ipfs";
description = "The data dir for IPFS";
};
@ -83,6 +89,12 @@ in {
description = "Whether IPFS should try to mount /ipfs and /ipns at startup.";
};
autoMigrate = mkOption {
type = types.bool;
default = true;
description = "Whether IPFS should try to run the fs-repo-migration at startup.";
};
ipfsMountDir = mkOption {
type = types.str;
default = "/ipfs";
@ -137,7 +149,7 @@ in {
These are applied last, so may override configuration set by other options in this module.
Keep in mind that this configuration is stateful; i.e., unsetting anything in here does not reset the value to the default!
'';
default = {};
default = { };
example = {
Datastore.StorageMax = "100GB";
Discovery.MDNS.Enabled = false;
@ -153,7 +165,7 @@ in {
extraFlags = mkOption {
type = types.listOf types.str;
description = "Extra flags passed to the IPFS daemon";
default = [];
default = [ ];
};
localDiscovery = mkOption {
@ -168,7 +180,7 @@ in {
type = types.nullOr types.int;
default = null;
description = "The fdlimit for the IPFS systemd unit or <literal>null</literal> to have the daemon attempt to manage it";
example = 64*1024;
example = 64 * 1024;
};
startWhenNeeded = mkOption {
@ -186,6 +198,9 @@ in {
environment.systemPackages = [ cfg.package ];
environment.variables.IPFS_PATH = cfg.dataDir;
# https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size
boot.kernel.sysctl."net.core.rmem_max" = mkDefault 2500000;
programs.fuse = mkIf cfg.autoMount {
userAllowOther = true;
};
@ -234,25 +249,28 @@ in {
ipfs --offline config Mounts.FuseAllowOther --json true
ipfs --offline config Mounts.IPFS ${cfg.ipfsMountDir}
ipfs --offline config Mounts.IPNS ${cfg.ipnsMountDir}
'' + optionalString cfg.autoMigrate ''
${pkgs.ipfs-migrator}/bin/fs-repo-migrations -y
'' + concatStringsSep "\n" (collect
isString
(mapAttrsRecursive
(path: value:
# Using heredoc below so that the value is never improperly quoted
''
read value <<EOF
${builtins.toJSON value}
EOF
ipfs --offline config --json "${concatStringsSep "." path}" "$value"
'')
({ Addresses.API = cfg.apiAddress;
Addresses.Gateway = cfg.gatewayAddress;
Addresses.Swarm = cfg.swarmAddress;
} //
cfg.extraConfig))
);
isString
(mapAttrsRecursive
(path: value:
# Using heredoc below so that the value is never improperly quoted
''
read value <<EOF
${builtins.toJSON value}
EOF
ipfs --offline config --json "${concatStringsSep "." path}" "$value"
'')
({
Addresses.API = cfg.apiAddress;
Addresses.Gateway = cfg.gatewayAddress;
Addresses.Swarm = cfg.swarmAddress;
} //
cfg.extraConfig))
);
serviceConfig = {
ExecStart = ["" "${cfg.package}/bin/ipfs daemon ${ipfsFlags}"];
ExecStart = [ "" "${cfg.package}/bin/ipfs daemon ${ipfsFlags}" ];
User = cfg.user;
Group = cfg.group;
} // optionalAttrs (cfg.serviceFdlimit != null) { LimitNOFILE = cfg.serviceFdlimit; };
@ -263,12 +281,16 @@ in {
systemd.sockets.ipfs-gateway = {
wantedBy = [ "sockets.target" ];
socketConfig = {
ListenStream = let
ListenStream =
let
fromCfg = multiaddrToListenStream cfg.gatewayAddress;
in [ "" ] ++ lib.optional (fromCfg != null) fromCfg;
ListenDatagram = let
in
[ "" ] ++ lib.optional (fromCfg != null) fromCfg;
ListenDatagram =
let
fromCfg = multiaddrToListenDatagram cfg.gatewayAddress;
in [ "" ] ++ lib.optional (fromCfg != null) fromCfg;
in
[ "" ] ++ lib.optional (fromCfg != null) fromCfg;
};
};
@ -276,9 +298,11 @@ in {
wantedBy = [ "sockets.target" ];
# We also include "%t/ipfs.sock" because there is no way to put the "%t"
# in the multiaddr.
socketConfig.ListenStream = let
socketConfig.ListenStream =
let
fromCfg = multiaddrToListenStream cfg.apiAddress;
in [ "" "%t/ipfs.sock" ] ++ lib.optional (fromCfg != null) fromCfg;
in
[ "" "%t/ipfs.sock" ] ++ lib.optional (fromCfg != null) fromCfg;
};
};

2
nixos/modules/services/networking/syncthing.nix
View file

@ -37,7 +37,7 @@ let
do sleep 1; done
curl() {
${pkgs.curl}/bin/curl -sS -H "X-API-Key: $api_key" \
${pkgs.curl}/bin/curl -sSLk -H "X-API-Key: $api_key" \
--retry 1000 --retry-delay 1 --retry-all-errors \
"$@"
}

124
nixos/modules/services/web-apps/nextcloud.xml
View file

@ -84,47 +84,93 @@
</para>
</section>
<section xml:id="module-services-nextcloud-pitfalls-during-upgrade">
<title>Pitfalls</title>
<title>Common problems</title>
<itemizedlist>
<listitem>
<formalpara>
<title>General notes</title>
<para>
Unfortunately Nextcloud appears to be very stateful when it comes to
managing its own configuration. The config file lives in the home directory
of the <literal>nextcloud</literal> user (by default
<literal>/var/lib/nextcloud/config/config.php</literal>) and is also used to
track several states of the application (e.g., whether installed or not).
</para>
</formalpara>
<para>
All configuration parameters are also stored in
<filename>/var/lib/nextcloud/config/override.config.php</filename> which is generated by
the module and linked from the store to ensure that all values from
<filename>config.php</filename> can be modified by the module.
However <filename>config.php</filename> manages the application's state and shouldn't be
touched manually because of that.
</para>
<warning>
<para>Don't delete <filename>config.php</filename>! This file
tracks the application's state and a deletion can cause unwanted
side-effects!</para>
</warning>
<para>
Unfortunately Nextcloud appears to be very stateful when it comes to
managing its own configuration. The config file lives in the home directory
of the <literal>nextcloud</literal> user (by default
<literal>/var/lib/nextcloud/config/config.php</literal>) and is also used to
track several states of the application (e.g. whether installed or not).
</para>
<para>
All configuration parameters are also stored in
<literal>/var/lib/nextcloud/config/override.config.php</literal> which is generated by
the module and linked from the store to ensure that all values from <literal>config.php</literal>
can be modified by the module.
However <literal>config.php</literal> manages the application's state and shouldn't be touched
manually because of that.
</para>
<warning>
<para>Don't delete <literal>config.php</literal>! This file
tracks the application's state and a deletion can cause unwanted
side-effects!</para>
</warning>
<warning>
<para>Don't rerun <literal>nextcloud-occ
maintenance:install</literal>! This command tries to install the application
and can cause unwanted side-effects!</para>
</warning>
<para>
Nextcloud doesn't allow to move more than one major-version forward. If you're e.g. on
<literal>v16</literal>, you cannot upgrade to <literal>v18</literal>, you need to upgrade to
<literal>v17</literal> first. This is ensured automatically as long as the
<link linkend="opt-system.stateVersion">stateVersion</link> is declared properly. In that case
the oldest version available (one major behind the one from the previous NixOS
release) will be selected by default and the module will generate a warning that reminds
the user to upgrade to latest Nextcloud <emphasis>after</emphasis> that deploy.
</para>
<warning>
<para>Don't rerun <literal>nextcloud-occ
maintenance:install</literal>! This command tries to install the application
and can cause unwanted side-effects!</para>
</warning>
</listitem>
<listitem>
<formalpara>
<title>Multiple version upgrades</title>
<para>
Nextcloud doesn't allow to move more than one major-version forward. E.g., if you're on
<literal>v16</literal>, you cannot upgrade to <literal>v18</literal>, you need to upgrade to
<literal>v17</literal> first. This is ensured automatically as long as the
<link linkend="opt-system.stateVersion">stateVersion</link> is declared properly. In that case
the oldest version available (one major behind the one from the previous NixOS
release) will be selected by default and the module will generate a warning that reminds
the user to upgrade to latest Nextcloud <emphasis>after</emphasis> that deploy.
</para>
</formalpara>
</listitem>
<listitem>
<formalpara>
<title><literal>Error: Command "upgrade" is not defined.</literal></title>
<para>
This error usually occurs if the initial installation
(<command>nextcloud-occ maintenance:install</command>) has failed. After that, the application
is not installed, but the upgrade is attempted to be executed. Further context can
be found in <link xlink:href="https://github.com/NixOS/nixpkgs/issues/111175">NixOS/nixpkgs#111175</link>.
</para>
</formalpara>
<para>
First of all, it makes sense to find out what went wrong by looking at the logs
of the installation via <command>journalctl -u nextcloud-setup</command> and try to fix
the underlying issue.
</para>
<itemizedlist>
<listitem>
<para>
If this occurs on an <emphasis>existing</emphasis> setup, this is most likely because
the maintenance mode is active. It can be deactivated by running
<command>nextcloud-occ maintenance:mode --off</command>. It's advisable though to
check the logs first on why the maintenance mode was activated.
</para>
</listitem>
<listitem>
<warning><para>Only perform the following measures on
<emphasis>freshly installed instances!</emphasis></para></warning>
<para>
A re-run of the installer can be forced by <emphasis>deleting</emphasis>
<filename>/var/lib/nextcloud/config/config.php</filename>. This is the only time
advisable because the fresh install doesn't have any state that can be lost.
In case that doesn't help, an entire re-creation can be forced via
<command>rm -rf ~nextcloud/</command>.
</para>
</listitem>
</itemizedlist>
</listitem>
</itemizedlist>
</section>
<section xml:id="module-services-nextcloud-httpd">