Merge master into staging-next

nixos/modules/module-list.nix

@@ -1118,6 +1118,7 @@
   ./services/networking/go-neb.nix
   ./services/networking/go-shadowsocks2.nix
   ./services/networking/gobgpd.nix
+  ./services/networking/gokapi.nix
   ./services/networking/gvpe.nix
   ./services/networking/hans.nix
   ./services/networking/harmonia.nix

nixos/modules/profiles/perlless.nix

@@ -8,7 +8,7 @@
   services.userborn.enable = lib.mkDefault true;
 
   # Random perl remnants
-  system.disableInstallerTools = lib.mkDefault true;
+  system.tools.nixos-generate-config.enable = lib.mkDefault false;
   programs.less.lessopen = lib.mkDefault null;
   programs.command-not-found.enable = lib.mkDefault false;
   boot.enableContainers = lib.mkDefault false;
@@ -20,9 +20,4 @@
   # Check that the system does not contain a Nix store path that contains the
   # string "perl".
   system.forbiddenDependenciesRegexes = [ "perl" ];
-
-  # Re-add nixos-rebuild to the systemPackages that was removed by the
-  # `system.disableInstallerTools` option.
-  environment.systemPackages = [ pkgs.nixos-rebuild ];
-
 }

nixos/modules/services/continuous-integration/hydra/default.nix

@@ -520,7 +520,7 @@ in
             elif [[ $compression == zstd ]]; then
               compressionCmd=(zstd --rm)
             fi
-            find ${baseDir}/build-logs -type f -name "*.drv" -mtime +3 -size +0c -print0 | xargs -0 -r "''${compressionCmd[@]}" --force --quiet
+            find ${baseDir}/build-logs -ignore_readdir_race -type f -name "*.drv" -mtime +3 -size +0c -print0 | xargs -0 -r "''${compressionCmd[@]}" --force --quiet
           '';
         startAt = "Sun 01:45";
         serviceConfig.Slice = "system-hydra.slice";

nixos/modules/services/misc/jackett.nix

@@ -86,7 +86,7 @@ in
         ProtectProc = "invisible";
         ProtectSystem = "strict";
         ReadWritePaths = [
-          "${config.users.users.${cfg.user}.home}"
+          cfg.dataDir
         ];
         RemoveIPC = true;
         RestrictAddressFamilies = [

nixos/modules/services/networking/birdwatcher.nix

@@ -59,7 +59,7 @@ in
           [bird]
           listen = "0.0.0.0:29184"
           config = "/etc/bird/bird.conf"
-          birdc  = "''${pkgs.bird}/bin/birdc"
+          birdc  = "''${pkgs.bird2}/bin/birdc"
           ttl = 5 # time to live (in minutes) for caching of cli output
 
           [parser]

nixos/modules/services/networking/gokapi.nix

@@ -0,0 +1,143 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  cfg = config.services.gokapi;
+  settingsFormat = pkgs.formats.json { };
+  userSettingsFile = settingsFormat.generate "generated-config.json" cfg.settings;
+in
+{
+  options.services.gokapi = {
+    enable = lib.mkEnableOption "Lightweight selfhosted Firefox Send alternative without public upload";
+
+    mutableSettings = lib.mkOption {
+      type = lib.types.bool;
+      default = true;
+      description = ''
+        Allow changes to the program config made by the program to persist between restarts.
+        If disabled all required values must be set using nix, and all changes to config format over application updates must be resolved by user.
+      '';
+    };
+
+    package = lib.mkPackageOption pkgs "gokapi" { };
+
+    environment = lib.mkOption {
+      type = lib.types.submodule {
+        freeformType = lib.types.attrsOf (lib.types.either lib.types.str lib.types.int);
+        options = {
+          GOKAPI_CONFIG_DIR = lib.mkOption {
+            type = lib.types.str;
+            default = "%S/gokapi/config";
+            description = "Sets the directory for the config file.";
+          };
+          GOKAPI_CONFIG_FILE = lib.mkOption {
+            type = lib.types.str;
+            default = "config.json";
+            description = "Sets the filename for the config file.";
+          };
+          GOKAPI_DATA_DIR = lib.mkOption {
+            type = lib.types.str;
+            default = "%S/gokapi/data";
+            description = "Sets the directory for the data.";
+          };
+          GOKAPI_PORT = lib.mkOption {
+            type = lib.types.port;
+            default = 53842;
+            description = "Sets the port of the service.";
+          };
+        };
+      };
+      default = { };
+      description = ''
+        Environment variables to be set for the gokapi service. Can use systemd specifiers.
+        For full list see <https://gokapi.readthedocs.io/en/latest/advanced.html#environment-variables>.
+      '';
+    };
+    settings = lib.mkOption {
+      type = lib.types.submodule {
+        freeformType = settingsFormat.type;
+        options = { };
+      };
+      default = { };
+      description = ''
+        Configuration settings for the generated config json file.
+        See <https://gokapi.readthedocs.io/en/latest/advanced.html#config-json> for more information
+      '';
+    };
+    settingsFile = lib.mkOption {
+      type = lib.types.nullOr lib.types.str;
+      default = null;
+      description = ''
+        Path to config file to parse and append to settings.
+        Largely useful for loading secrets from a file not in the nix store. Can use systemd specifiers.
+        See <https://gokapi.readthedocs.io/en/latest/advanced.html#config-json> for more information
+      '';
+    };
+
+  };
+
+  config = lib.mkIf cfg.enable {
+    systemd.services.gokapi = {
+      wantedBy = [ "default.target" ];
+      wants = [ "network-online.target" ];
+      after = [ "network-online.target" ];
+      environment = lib.mapAttrs (_: value: toString value) cfg.environment;
+      unitConfig = {
+        Description = "gokapi service";
+      };
+      serviceConfig = {
+        ExecStartPre =
+          let
+            updateScript = lib.getExe (
+              pkgs.writeShellApplication {
+                name = "merge-config";
+                runtimeInputs = with pkgs; [ jq ];
+                text = ''
+                  echo "Running merge-config"
+                  mutableSettings="$1"
+                  statefulSettingsFile="$2"
+                  settingsFile="$3"
+                  if [[ "$mutableSettings" == true ]]; then
+                    if [[ -f "$statefulSettingsFile" ]]; then
+                      echo "Updating stateful config file"
+                      merged="$(jq -s '.[0] * .[1]' "$statefulSettingsFile" ${userSettingsFile})"
+                      echo "$merged" > "$statefulSettingsFile"
+                    fi
+                  else
+                    echo "Overwriting stateful config file"
+                    mkdir -p "$(dirname "$statefulSettingsFile")"
+                    cat ${userSettingsFile} > "$statefulSettingsFile"
+                  fi
+                  if [ "$settingsFile" != "null" ]; then
+                    echo "Merging settings file into current stateful settings file"
+                    merged="$(jq -s '.[0] * .[1]' "$statefulSettingsFile" "$settingsFile")"
+                    echo "$merged" > "$statefulSettingsFile"
+                  fi
+                '';
+              }
+            );
+          in
+          lib.strings.concatStringsSep " " [
+            updateScript
+            (lib.boolToString cfg.mutableSettings)
+            "${cfg.environment.GOKAPI_CONFIG_DIR}/${cfg.environment.GOKAPI_CONFIG_FILE}"
+            (if (cfg.settingsFile == null) then "null" else cfg.settingsFile)
+          ];
+        ExecStart = lib.getExe cfg.package;
+        RestartSec = 30;
+        DynamicUser = true;
+        PrivateTmp = true;
+        StateDirectory = "gokapi";
+        CacheDirectory = "gokapi";
+        Restart = "on-failure";
+      };
+    };
+  };
+  meta.maintainers = with lib.maintainers; [
+    delliott
+  ];
+}