movefasta/nixpkgs
1
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-06-25 10:36:36 +03:00
Code Activity

Merge staging-next into staging

Browse source
This commit is contained in:
github-actions[bot] 2024-12-20 12:06:14 +00:00 committed by GitHub
commit f970ef5718
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
55 changed files with 1588 additions and 7090 deletions
Download patch file Download diff file Expand all files Collapse all files

6
nixos/doc/manual/release-notes/rl-2505.section.md
View file

@ -31,6 +31,8 @@
- [Bazecor](https://github.com/Dygmalab/Bazecor), the graphical configurator for Dygma Products.
- [Bonsai](https://git.sr.ht/~stacyharper/bonsai), a general-purpose event mapper/state machine primarily used to create complex key shortcuts, and as part of the [SXMO](https://sxmo.org/) desktop environment. Available as [services.bonsaid](#opt-services.bonsaid.enable).
- [scanservjs](https://github.com/sbs20/scanservjs/), a web UI for SANE scanners. Available at [services.scanservjs](#opt-services.scanservjs.enable).
- [Kimai](https://www.kimai.org/), a web-based multi-user time-tracking application. Available as [services.kimai](options.html#opt-services.kimai).
@ -39,6 +41,8 @@
- [MaryTTS](https://github.com/marytts/marytts), an open-source, multilingual text-to-speech synthesis system written in pure Java. Available as [services.marytts](options.html#opt-services.marytts).
- [networking.modemmanager](options.html#opt-networking.modemmanager) has been split out of [networking.networkmanager](options.html#opt-networking.networkmanager). NetworkManager still enables ModemManager by default, but options exist now to run NetworkManager without ModemManager.
- [Conduwuit](https://conduwuit.puppyirl.gay/), a federated chat server implementing the Matrix protocol, forked from Conduit. Available as [services.conduwuit](#opt-services.conduwuit.enable).
- [Traccar](https://www.traccar.org/), a modern GPS Tracking Platform. Available as [services.traccar](#opt-services.traccar.enable).
@ -61,6 +65,8 @@
- [nvidia-gpu](https://github.com/utkuozdemir/nvidia_gpu_exporter), a Prometheus exporter that scrapes `nvidia-smi` for GPU metrics. Available as [services.prometheus.exporters.nvidia-gpu](#opt-services.prometheus.exporters.nvidia-gpu.enable).
- [InputPlumber](https://github.com/ShadowBlip/InputPlumber/), an open source input router and remapper daemon for Linux. Available as [services.inputplumber](#opt-services.inputplumber.enable).
- [Buffyboard](https://gitlab.postmarketos.org/postmarketOS/buffybox/-/tree/master/buffyboard), a framebuffer on-screen keyboard. Available as [services.buffyboard](option.html#opt-services.buffyboard).
- [KanBoard](https://github.com/kanboard/kanboard), a project management tool that focuses on the Kanban methodology. Available as [services.kanboard](#opt-services.kanboard.enable).

3
nixos/modules/module-list.nix
View file

@ -509,6 +509,7 @@
./services/desktops/ayatana-indicators.nix
./services/desktops/bamf.nix
./services/desktops/blueman.nix
./services/desktops/bonsaid.nix
./services/desktops/cpupower-gui.nix
./services/desktops/deepin/deepin-anything.nix
./services/desktops/deepin/dde-api.nix
@ -604,6 +605,7 @@
./services/hardware/handheld-daemon.nix
./services/hardware/hddfancontrol.nix
./services/hardware/illum.nix
./services/hardware/inputplumber.nix
./services/hardware/interception-tools.nix
./services/hardware/iptsd.nix
./services/hardware/irqbalance.nix
@ -1135,6 +1137,7 @@
./services/networking/miredo.nix
./services/networking/mjpg-streamer.nix
./services/networking/mmsd.nix
./services/networking/modemmanager.nix
./services/networking/monero.nix
./services/networking/morty.nix
./services/networking/mosquitto.nix

32
nixos/modules/programs/autoenv.nix Normal file
View file

@ -0,0 +1,32 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.programs.autoenv;
in
{
options = {
programs.autoenv = {
enable = lib.mkEnableOption "autoenv";
package = lib.mkPackageOption pkgs "autoenv" { };
};
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.autoenv ];
programs = {
zsh.interactiveShellInit = ''
source ${cfg.package}/share/autoenv/activate.sh
'';
bash.interactiveShellInit = ''
source ${cfg.package}/share/autoenv/activate.sh
'';
};
};
}

168
nixos/modules/services/desktops/bonsaid.nix Normal file
View file

@ -0,0 +1,168 @@
{
config,
lib,
pkgs,
...
}:
let
json = pkgs.formats.json { };
transitionType = lib.types.submodule {
freeformType = json.type;
options.type = lib.mkOption {
type = lib.types.enum [
"delay"
"event"
"exec"
];
description = ''
Type of transition. Determines how bonsaid interprets the other options in this transition.
'';
};
options.command = lib.mkOption {
type = lib.types.nullOr (lib.types.listOf lib.types.str);
default = null;
description = ''
Command to run when this transition is taken.
This is executed inline by `bonsaid` and blocks handling of any other events until completion.
To perform the command asynchronously, specify it like `[ "setsid" "-f" "my-command" ]`.
Only effects transitions with `type = "exec"`.
'';
};
options.delay_duration = lib.mkOption {
type = lib.types.nullOr lib.types.int;
default = null;
description = ''
Nanoseconds to wait after the previous state change before performing this transition.
This can be placed at the same level as a `type = "event"` transition to achieve a
timeout mechanism.
Only effects transitions with `type = "delay"`.
'';
};
options.event_name = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
description = ''
Name of the event which should trigger this transition when received by `bonsaid`.
Events are sent to `bonsaid` by running `bonsaictl -e <event_name>`.
Only effects transitions with `type = "event"`.
'';
};
options.transitions = lib.mkOption {
type = lib.types.listOf transitionType;
default = [ ];
description = ''
List of transitions out of this state.
If left empty, then this state is considered a terminal state and entering it will
trigger an immediate transition back to the root state (after processing side effects).
'';
visible = "shallow";
};
};
cfg = config.services.bonsaid;
in
{
meta.maintainers = [ lib.maintainers.colinsane ];
options.services.bonsaid = {
enable = lib.mkEnableOption "bonsaid";
package = lib.mkPackageOption pkgs "bonsai" { };
extraFlags = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = ''
Extra flags to pass to `bonsaid`, such as `[ "-v" ]` to enable verbose logging.
'';
};
settings = lib.mkOption {
type = lib.types.listOf transitionType;
description = ''
State transition definitions. See the upstream [README](https://git.sr.ht/~stacyharper/bonsai)
for extended documentation and a more complete example.
'';
example = [
{
type = "event";
event_name = "power_button_pressed";
transitions = [
{
# Hold power button for 600ms to trigger a command
type = "delay";
delay_duration = 600000000;
transitions = [
{
type = "exec";
command = [
"swaymsg"
"--"
"output"
"*"
"power"
"off"
];
# `transitions = []` marks this as a terminal state,
# so bonsai will return to the root state immediately after executing the above command.
transitions = [ ];
}
];
}
{
# If the power button is released before the 600ms elapses, return to the root state.
type = "event";
event_name = "power_button_released";
transitions = [ ];
}
];
}
];
};
configFile = lib.mkOption {
type = lib.types.path;
description = ''
Path to a .json file specifying the state transitions.
You don't need to set this unless you prefer to provide the json file
yourself instead of using the `settings` option.
'';
};
};
config = lib.mkIf cfg.enable {
services.bonsaid.configFile =
let
filterNulls =
v:
if lib.isAttrs v then
lib.mapAttrs (_: filterNulls) (lib.filterAttrs (_: a: a != null) v)
else if lib.isList v then
lib.map filterNulls (lib.filter (a: a != null) v)
else
v;
in
lib.mkDefault (json.generate "bonsai_tree.json" (filterNulls cfg.settings));
# bonsaid is controlled by bonsaictl, so place the latter in the environment by default.
# bonsaictl is typically invoked by scripts or a DE so this isn't strictly necesssary,
# but it's helpful while administering the service generally.
environment.systemPackages = [ cfg.package ];
systemd.user.services.bonsaid = {
description = "Bonsai Finite State Machine daemon";
documentation = [ "https://git.sr.ht/~stacyharper/bonsai" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = lib.escapeShellArgs (
[
(lib.getExe' cfg.package "bonsaid")
"-t"
cfg.configFile
]
++ cfg.extraFlags
);
Restart = "on-failure";
RestartSec = "5s";
};
};
};
}

37
nixos/modules/services/hardware/inputplumber.nix Normal file
View file

@ -0,0 +1,37 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.services.inputplumber;
in
{
options.services.inputplumber = {
enable = lib.mkEnableOption "InputPlumber";
package = lib.mkPackageOption pkgs "inputplumber" { };
};
config = lib.mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
systemd.services.inputplumber = {
description = "InputPlumber Service";
wantedBy = [ "multi-user.target" ];
environment = {
XDG_DATA_DIRS = "/run/current-system/sw/share";
};
restartIfChanged = true;
serviceConfig = {
ExecStart = "${lib.getExe cfg.package}";
Restart = "on-failure";
RestartSec = "5";
};
};
};
meta.maintainers = with lib.maintainers; [ shadowapex ];
}

97
nixos/modules/services/networking/modemmanager.nix Normal file
View file

@ -0,0 +1,97 @@
{
config,
lib,
pkgs,
...
}:
let
cfg = config.networking.modemmanager;
in
{
meta = {
maintainers = lib.teams.freedesktop.members;
};
options = with lib; {
networking.modemmanager = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to use ModemManager to manage modem devices.
This is usually used by some higher layer manager such as NetworkManager
but can be used standalone especially if using a modem for non-IP
connectivity (e.g. GPS).
'';
};
package = mkPackageOption pkgs "modemmanager" { };
fccUnlockScripts = mkOption {
type = types.listOf (
types.submodule {
options = {
id = mkOption {
type = types.str;
description = "vid:pid of either the PCI or USB vendor and product ID";
};
path = mkOption {
type = types.path;
description = "Path to the unlock script";
};
};
}
);
default = [ ];
example = literalExpression ''[{ id = "03f0:4e1d"; path = "''${pkgs.modemmanager}/share/ModemManager/fcc-unlock.available.d/03f0:4e1d"; }]'';
description = ''
List of FCC unlock scripts to enable on the system, behaving as described in
https://modemmanager.org/docs/modemmanager/fcc-unlock/#integration-with-third-party-fcc-unlock-tools.
'';
};
};
};
config = lib.mkIf cfg.enable {
environment.etc = builtins.listToAttrs (
map (
e:
lib.nameValuePair "ModemManager/fcc-unlock.d/${e.id}" {
source = e.path;
}
) cfg.fccUnlockScripts
);
systemd.services.ModemManager = {
aliases = [ "dbus-org.freedesktop.ModemManager1.service" ];
path = lib.optionals (cfg.fccUnlockScripts != [ ]) [
pkgs.libqmi
pkgs.libmbim
];
};
/*
[modem-manager]
Identity=unix-group:networkmanager
Action=org.freedesktop.ModemManager*
ResultAny=yes
ResultInactive=no
ResultActive=yes
*/
security.polkit.enable = true;
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (
subject.isInGroup("networkmanager")
&& action.id.indexOf("org.freedesktop.ModemManager") == 0
)
{ return polkit.Result.YES; }
});
'';
environment.systemPackages = [ cfg.package ];
systemd.packages = [ cfg.package ];
services.dbus.packages = [ cfg.package ];
services.udev.packages = [ cfg.package ];
};
}

411
nixos/modules/services/networking/networkmanager.nix
View file

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
with lib;
@ -15,14 +20,10 @@ let
plugins = "keyfile";
inherit (cfg) dhcp dns;
# If resolvconf is disabled that means that resolv.conf is managed by some other module.
rc-manager =
if config.networking.resolvconf.enable then "resolvconf"
else "unmanaged";
rc-manager = if config.networking.resolvconf.enable then "resolvconf" else "unmanaged";
};
keyfile = {
unmanaged-devices =
if cfg.unmanaged == [ ] then null
else lib.concatStringsSep ";" cfg.unmanaged;
unmanaged-devices = if cfg.unmanaged == [ ] then null else lib.concatStringsSep ";" cfg.unmanaged;
};
logging = {
audit = config.security.audit.enable;
@ -30,8 +31,8 @@ let
};
connection = cfg.connectionConfig;
device = {
"wifi.scan-rand-mac-address" = cfg.wifi.scanRandMacAddress;
"wifi.backend" = cfg.wifi.backend;
"wifi.scan-rand-mac-address" = cfg.wifi.scanRandMacAddress;
"wifi.backend" = cfg.wifi.backend;
};
} cfg.settings;
configFile = ini.generate "NetworkManager.conf" configAttrs;
@ -43,32 +44,29 @@ let
ResultAny=yes
ResultInactive=no
ResultActive=yes
[modem-manager]
Identity=unix-group:networkmanager
Action=org.freedesktop.ModemManager*
ResultAny=yes
ResultInactive=no
ResultActive=yes
*/
polkitConf = ''
polkit.addRule(function(action, subject) {
if (
subject.isInGroup("networkmanager")
&& (action.id.indexOf("org.freedesktop.NetworkManager.") == 0
|| action.id.indexOf("org.freedesktop.ModemManager") == 0
))
&& action.id.indexOf("org.freedesktop.NetworkManager.") == 0
)
{ return polkit.Result.YES; }
});
'';
ns = xs: pkgs.writeText "nameservers" (
concatStrings (map (s: "nameserver ${s}\n") xs)
);
ns = xs: pkgs.writeText "nameservers" (concatStrings (map (s: "nameserver ${s}\n") xs));
overrideNameserversScript = pkgs.writeScript "02overridedns" ''
#!/bin/sh
PATH=${with pkgs; makeBinPath [ gnused gnugrep coreutils ]}
PATH=${
with pkgs;
makeBinPath [
gnused
gnugrep
coreutils
]
}
tmp=$(mktemp)
sed '/nameserver /d' /etc/resolv.conf > $tmp
grep 'nameserver ' /etc/resolv.conf | \
@ -84,7 +82,15 @@ let
};
macAddressOptWifi = mkOption {
type = types.either types.str (types.enum [ "permanent" "preserve" "random" "stable" "stable-ssid" ]);
type = types.either types.str (
types.enum [
"permanent"
"preserve"
"random"
"stable"
"stable-ssid"
]
);
default = "preserve";
example = "00:11:22:33:44:55";
description = ''
@ -100,7 +106,14 @@ let
};
macAddressOptEth = mkOption {
type = types.either types.str (types.enum [ "permanent" "preserve" "random" "stable" ]);
type = types.either types.str (
types.enum [
"permanent"
"preserve"
"random"
"stable"
]
);
default = "preserve";
example = "00:11:22:33:44:55";
description = ''
@ -114,14 +127,14 @@ let
'';
};
packages = [
pkgs.modemmanager
pkgs.networkmanager
]
++ cfg.plugins
++ lib.optionals (!delegateWireless && !enableIwd) [
pkgs.wpa_supplicant
];
packages =
[
cfg.package
]
++ cfg.plugins
++ lib.optionals (!delegateWireless && !enableIwd) [
pkgs.wpa_supplicant
];
in
{
@ -148,12 +161,18 @@ in
'';
};
package = mkPackageOption pkgs "networkmanager" { };
connectionConfig = mkOption {
type = with types; attrsOf (nullOr (oneOf [
bool
int
str
]));
type =
with types;
attrsOf (
nullOr (oneOf [
bool
int
str
])
);
default = { };
description = ''
Configuration for the [connection] section of NetworkManager.conf.
@ -169,7 +188,7 @@ in
settings = mkOption {
type = ini.type;
default = {};
default = { };
description = ''
Configuration added to the generated NetworkManager.conf, note that you can overwrite settings with this.
Refer to
@ -205,9 +224,7 @@ in
check =
p:
lib.assertMsg
(types.package.check p
&& p ? networkManagerPlugin
&& lib.isString p.networkManagerPlugin)
(types.package.check p && p ? networkManagerPlugin && lib.isString p.networkManagerPlugin)
''
Package ${p.name}, is not a NetworkManager plug-in.
Those need to have a networkManagerPlugin attribute.
@ -223,7 +240,10 @@ in
};
dhcp = mkOption {
type = types.enum [ "dhcpcd" "internal" ];
type = types.enum [
"dhcpcd"
"internal"
];
default = "internal";
description = ''
Which program (or internal library) should be used for DHCP.
@ -231,7 +251,14 @@ in
};
logLevel = mkOption {
type = types.enum [ "OFF" "ERR" "WARN" "INFO" "DEBUG" "TRACE" ];
type = types.enum [
"OFF"
"ERR"
"WARN"
"INFO"
"DEBUG"
"TRACE"
];
default = "WARN";
description = ''
Set the default logging verbosity level.
@ -262,7 +289,10 @@ in
macAddress = macAddressOptWifi;
backend = mkOption {
type = types.enum [ "wpa_supplicant" "iwd" ];
type = types.enum [
"wpa_supplicant"
"iwd"
];
default = "wpa_supplicant";
description = ''
Specify the Wi-Fi backend used for the device.
@ -289,7 +319,12 @@ in
};
dns = mkOption {
type = types.enum [ "default" "dnsmasq" "systemd-resolved" "none" ];
type = types.enum [
"default"
"dnsmasq"
"systemd-resolved"
"none"
];
default = "default";
description = ''
Set the DNS (`resolv.conf`) processing mode.
@ -304,27 +339,29 @@ in
};
dispatcherScripts = mkOption {
type = types.listOf (types.submodule {
options = {
source = mkOption {
type = types.path;
description = ''
Path to the hook script.
'';
};
type = types.listOf (
types.submodule {
options = {
source = mkOption {
type = types.path;
description = ''
Path to the hook script.
'';
};
type = mkOption {
type = types.enum (attrNames dispatcherTypesSubdirMap);
default = "basic";
description = ''
Dispatcher hook type. Look up the hooks described at
[https://developer.gnome.org/NetworkManager/stable/NetworkManager.html](https://developer.gnome.org/NetworkManager/stable/NetworkManager.html)
and choose the type depending on the output folder.
You should then filter the event type (e.g., "up"/"down") from within your script.
'';
type = mkOption {
type = types.enum (attrNames dispatcherTypesSubdirMap);
default = "basic";
description = ''
Dispatcher hook type. Look up the hooks described at
[https://developer.gnome.org/NetworkManager/stable/NetworkManager.html](https://developer.gnome.org/NetworkManager/stable/NetworkManager.html)
and choose the type depending on the output folder.
You should then filter the event type (e.g., "up"/"down") from within your script.
'';
};
};
};
});
}
);
default = [ ];
example = literalExpression ''
[ {
@ -358,87 +395,69 @@ in
'';
};
fccUnlockScripts = mkOption {
type = types.listOf (types.submodule {
options = {
id = mkOption {
type = types.str;
description = "vid:pid of either the PCI or USB vendor and product ID";
};
path = mkOption {
type = types.path;
description = "Path to the unlock script";
};
};
});
default = [ ];
example = literalExpression ''[{ id = "03f0:4e1d"; path = "''${pkgs.modemmanager}/share/ModemManager/fcc-unlock.available.d/03f0:4e1d"; }]'';
description = ''
List of FCC unlock scripts to enable on the system, behaving as described in
https://modemmanager.org/docs/modemmanager/fcc-unlock/#integration-with-third-party-fcc-unlock-tools.
'';
};
ensureProfiles = {
profiles = with lib.types; mkOption {
type = attrsOf (submodule {
freeformType = ini.type;
profiles =
with lib.types;
mkOption {
type = attrsOf (submodule {
freeformType = ini.type;
options = {
connection = {
id = lib.mkOption {
type = str;
description = "This is the name that will be displayed by NetworkManager and GUIs.";
options = {
connection = {
id = lib.mkOption {
type = str;
description = "This is the name that will be displayed by NetworkManager and GUIs.";
};
type = lib.mkOption {
type = str;
description = "The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.";
example = "vpn";
};
};
type = lib.mkOption {
type = str;
description = "The connection type defines the connection kind, like vpn, wireguard, gsm, wifi and more.";
example = "vpn";
};
});
apply = (lib.filterAttrsRecursive (n: v: v != { }));
default = { };
example = {
home-wifi = {
connection = {
id = "home-wifi";
type = "wifi";
permissions = "";
};
wifi = {
mac-address-blacklist = "";
mode = "infrastructure";
ssid = "Home Wi-Fi";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HOME_WIFI_PASSWORD";
};
ipv4 = {
dns-search = "";
method = "auto";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
dns-search = "";
method = "auto";
};
};
};
});
apply = (lib.filterAttrsRecursive (n: v: v != { }));
default = { };
example = {
home-wifi = {
connection = {
id = "home-wifi";
type = "wifi";
permissions = "";
};
wifi = {
mac-address-blacklist = "";
mode = "infrastructure";
ssid = "Home Wi-Fi";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-psk";
psk = "$HOME_WIFI_PASSWORD";
};
ipv4 = {
dns-search = "";
method = "auto";
};
ipv6 = {
addr-gen-mode = "stable-privacy";
dns-search = "";
method = "auto";
};
};
description = ''
Declaratively define NetworkManager profiles. You can find information about the generated file format [here](https://networkmanager.dev/docs/api/latest/nm-settings-keyfile.html) and [here](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/assembly_networkmanager-connection-profiles-in-keyfile-format_configuring-and-managing-networking).
You current profiles which are most likely stored in `/etc/NetworkManager/system-connections` and there is [a tool](https://github.com/janik-haag/nm2nix) to convert them to the needed nix code.
If you add a new ad-hoc connection via a GUI or nmtui or anything similar it should just work together with the declarative ones.
And if you edit a declarative profile NetworkManager will move it to the persistent storage and treat it like a ad-hoc one,
but there will be two profiles as soon as the systemd unit from this option runs again which can be confusing since NetworkManager tools will start displaying two profiles with the same name and probably a bit different settings depending on what you edited.
A profile won't be deleted even if it's removed from the config until the system reboots because that's when NetworkManager clears it's temp directory.
If `networking.resolvconf.enable` is true, attributes affecting the name resolution (such as `ignore-auto-dns`) may not end up changing `/etc/resolv.conf` as expected when other name services (for example `networking.dhcpcd`) are enabled. Run `resolvconf -l` in the terminal to see what each service produces.
'';
};
description = ''
Declaratively define NetworkManager profiles. You can find information about the generated file format [here](https://networkmanager.dev/docs/api/latest/nm-settings-keyfile.html) and [here](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/assembly_networkmanager-connection-profiles-in-keyfile-format_configuring-and-managing-networking).
You current profiles which are most likely stored in `/etc/NetworkManager/system-connections` and there is [a tool](https://github.com/janik-haag/nm2nix) to convert them to the needed nix code.
If you add a new ad-hoc connection via a GUI or nmtui or anything similar it should just work together with the declarative ones.
And if you edit a declarative profile NetworkManager will move it to the persistent storage and treat it like a ad-hoc one,
but there will be two profiles as soon as the systemd unit from this option runs again which can be confusing since NetworkManager tools will start displaying two profiles with the same name and probably a bit different settings depending on what you edited.
A profile won't be deleted even if it's removed from the config until the system reboots because that's when NetworkManager clears it's temp directory.
If `networking.resolvconf.enable` is true, attributes affecting the name resolution (such as `ignore-auto-dns`) may not end up changing `/etc/resolv.conf` as expected when other name services (for example `networking.dhcpcd`) are enabled. Run `resolvconf -l` in the terminal to see what each service produces.
'';
};
environmentFiles = mkOption {
default = [];
default = [ ];
type = types.listOf types.path;
example = [ "/run/secrets/network-manager.env" ];
description = ''
@ -473,14 +492,13 @@ in
+ settings.main.no-auto-default = "*";
};
```
''
)
'')
(mkRemovedOptionModule [ "networking" "networkmanager" "enableFccUnlock" ] ''
This option was removed, because using bundled FCC unlock scripts is risky,
might conflict with vendor-provided unlock scripts, and should
be a conscious decision on a per-device basis.
Instead it's recommended to use the
`networking.networkmanager.fccUnlockScripts` option.
`networking.modemmanager.fccUnlockScripts` option.
'')
(mkRemovedOptionModule [ "networking" "networkmanager" "dynamicHosts" ] ''
This option was removed because allowing (multiple) regular users to
@ -493,9 +511,12 @@ in
(mkRemovedOptionModule [ "networking" "networkmanager" "firewallBackend" ] ''
This option was removed as NixOS is now using iptables-nftables-compat even when using iptables, therefore Networkmanager now uses the nftables backend unconditionally.
'')
(mkRenamedOptionModule
[ "networking" "networkmanager" "fccUnlockScripts" ]
[ "networking" "modemmanager" "fccUnlockScripts" ]
)
];
###### implementation
config = mkIf cfg.enable {
@ -512,36 +533,38 @@ in
hardware.wirelessRegulatoryDatabase = true;
environment.etc = {
"NetworkManager/NetworkManager.conf".source = configFile;
# The networkmanager-l2tp plugin expects /etc/ipsec.secrets to include /etc/ipsec.d/ipsec.nm-l2tp.secrets;
# see https://github.com/NixOS/nixpkgs/issues/64965
"ipsec.secrets".text = ''
include ipsec.d/ipsec.nm-l2tp.secrets
'';
}
// builtins.listToAttrs (map
(pkg: nameValuePair "NetworkManager/${pkg.networkManagerPlugin}" {
source = "${pkg}/lib/NetworkManager/${pkg.networkManagerPlugin}";
})
cfg.plugins)
// builtins.listToAttrs (map
(e: nameValuePair "ModemManager/fcc-unlock.d/${e.id}" {
source = e.path;
})
cfg.fccUnlockScripts)
// optionalAttrs (cfg.appendNameservers != [ ] || cfg.insertNameservers != [ ])
environment.etc =
{
"NetworkManager/NetworkManager.conf".source = configFile;
# The networkmanager-l2tp plugin expects /etc/ipsec.secrets to include /etc/ipsec.d/ipsec.nm-l2tp.secrets;
# see https://github.com/NixOS/nixpkgs/issues/64965
"ipsec.secrets".text = ''
include ipsec.d/ipsec.nm-l2tp.secrets
'';
}
// builtins.listToAttrs (
map (
pkg:
nameValuePair "NetworkManager/${pkg.networkManagerPlugin}" {
source = "${pkg}/lib/NetworkManager/${pkg.networkManagerPlugin}";
}
) cfg.plugins
)
// optionalAttrs (cfg.appendNameservers != [ ] || cfg.insertNameservers != [ ]) {
"NetworkManager/dispatcher.d/02overridedns".source = overrideNameserversScript;
}
// listToAttrs (lib.imap1
(i: s:
{
name = "NetworkManager/dispatcher.d/${dispatcherTypesSubdirMap.${s.type}}03userscript${lib.fixedWidthNumber 4 i}";
value = { mode = "0544"; inherit (s) source; };
})
cfg.dispatcherScripts);
// listToAttrs (
lib.imap1 (i: s: {
name = "NetworkManager/dispatcher.d/${
dispatcherTypesSubdirMap.${s.type}
}03userscript${lib.fixedWidthNumber 4 i}";
value = {
mode = "0544";
inherit (s) source;
};
}) cfg.dispatcherScripts
);
environment.systemPackages = packages;
@ -590,17 +613,19 @@ in
wantedBy = [ "network-online.target" ];
};
systemd.services.ModemManager = {
aliases = [ "dbus-org.freedesktop.ModemManager1.service" ];
path = lib.optionals (cfg.fccUnlockScripts != []) [ pkgs.libqmi pkgs.libmbim ];
};
systemd.services.NetworkManager-dispatcher = {
wantedBy = [ "network.target" ];
restartTriggers = [ configFile overrideNameserversScript ];
restartTriggers = [
configFile
overrideNameserversScript
];
# useful binaries for user-specified hooks
path = [ pkgs.iproute2 pkgs.util-linux pkgs.coreutils ];
path = [
pkgs.iproute2
pkgs.util-linux
pkgs.coreutils
];
aliases = [ "dbus-org.freedesktop.nm-dispatcher.service" ];
};
@ -609,17 +634,19 @@ in
wantedBy = [ "multi-user.target" ];
before = [ "network-online.target" ];
after = [ "NetworkManager.service" ];
script = let
path = id: "/run/NetworkManager/system-connections/${id}.nmconnection";
in ''
mkdir -p /run/NetworkManager/system-connections
'' + lib.concatMapStringsSep "\n"
(profile: ''
script =
let
path = id: "/run/NetworkManager/system-connections/${id}.nmconnection";
in
''
mkdir -p /run/NetworkManager/system-connections
''
+ lib.concatMapStringsSep "\n" (profile: ''
${pkgs.envsubst}/bin/envsubst -i ${ini.generate (lib.escapeShellArg profile.n) profile.v} > ${path (lib.escapeShellArg profile.n)}
'') (lib.mapAttrsToList (n: v: { inherit n v; }) cfg.ensureProfiles.profiles)
+ ''
${pkgs.networkmanager}/bin/nmcli connection reload
'';
+ ''
${cfg.package}/bin/nmcli connection reload
'';
serviceConfig = {
EnvironmentFile = cfg.ensureProfiles.environmentFiles;
UMask = "0177";
@ -654,13 +681,18 @@ in
})
{
modemmanager.enable = lib.mkDefault true;
networkmanager.connectionConfig = {
"ethernet.cloned-mac-address" = cfg.ethernet.macAddress;
"wifi.cloned-mac-address" = cfg.wifi.macAddress;
"wifi.powersave" =
if cfg.wifi.powersave == null then null
else if cfg.wifi.powersave then 3
else 2;
if cfg.wifi.powersave == null then
null
else if cfg.wifi.powersave then
3
else
2;
};
}
];
@ -670,7 +702,8 @@ in
security.polkit.enable = true;
security.polkit.extraConfig = polkitConf;
services.dbus.packages = packages
services.dbus.packages =
packages
++ optional cfg.enableStrongSwan pkgs.strongswanNM
++ optional (cfg.dns == "dnsmasq") pkgs.dnsmasq;

13
nixos/modules/services/web-apps/tt-rss.nix
View file

@ -512,6 +512,17 @@ let
'';
};
updateDaemon = {
commandFlags = mkOption {
type = types.str;
default = "--quiet";
description = ''
Command-line flags passed to the update daemon.
The default --quiet flag mutes all logging, including errors.
'';
};
};
extraConfig = mkOption {
type = types.lines;
default = "";
@ -622,7 +633,7 @@ let
serviceConfig = {
User = "${cfg.user}";
Group = "tt_rss";
ExecStart = "${phpPackage}/bin/php ${cfg.root}/www/update.php --daemon --quiet";
ExecStart = "${phpPackage}/bin/php ${cfg.root}/www/update.php --daemon ${cfg.updateDaemon.commandFlags}";
Restart = "on-failure";
RestartSec = "60";
SyslogIdentifier = "tt-rss";

1
nixos/tests/all-tests.nix
View file

@ -1095,6 +1095,7 @@ in {
trilium-server = handleTestOn ["x86_64-linux"] ./trilium-server.nix {};
tsm-client-gui = handleTest ./tsm-client-gui.nix {};
ttyd = handleTest ./web-servers/ttyd.nix {};
tt-rss = handleTest ./web-apps/tt-rss.nix {};
txredisapi = handleTest ./txredisapi.nix {};
tuptime = handleTest ./tuptime.nix {};
turbovnc-headless-server = handleTest ./turbovnc-headless-server.nix {};

22
nixos/tests/web-apps/tt-rss.nix Normal file
View file

@ -0,0 +1,22 @@
import ../make-test-python.nix (
{ ... }:
{
name = "tt-rss-nixos";
nodes.machine =
{ pkgs, ... }:
{
services.tt-rss = {
enable = true;
virtualHost = "localhost";
selfUrlPath = "http://localhost/";
singleUserMode = true;
};
};
testScript = ''
machine.wait_for_unit("tt-rss.service")
machine.succeed("curl -sSfL http://localhost/ | grep 'Tiny Tiny RSS'")
'';
}
)