public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #38111 from oxij/tree/cleanups

Browse Source 
assorted cleanups
This commit is contained in:
Michael Raskin 2018-04-05 07:08:05 +00:00 committed by GitHub
commit 195521350a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 73 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
nixos/modules/config/nsswitch.nix
View File

@ -17,23 +17,23 @@ let
resolved = canLoadExternalModules && config.services.resolved.enable; resolved = canLoadExternalModules && config.services.resolved.enable;
hostArray = [ "files" ] hostArray = [ "files" ]
++ optionals mymachines [ "mymachines" ] ++ optional mymachines "mymachines"
++ optionals nssmdns [ "mdns_minimal [NOTFOUND=return]" ] ++ optional nssmdns "mdns_minimal [NOTFOUND=return]"
++ optionals nsswins [ "wins" ] ++ optional nsswins "wins"
++ optionals resolved ["resolve [!UNAVAIL=return]"] ++ optional resolved "resolve [!UNAVAIL=return]"
++ [ "dns" ] ++ [ "dns" ]
++ optionals nssmdns [ "mdns" ] ++ optional nssmdns "mdns"
++ optionals myhostname ["myhostname" ]; ++ optional myhostname "myhostname";
passwdArray = [ "files" ] passwdArray = [ "files" ]
++ optional sssd "sss" ++ optional sssd "sss"
++ optionals ldap [ "ldap" ] ++ optional ldap "ldap"
++ optionals mymachines [ "mymachines" ] ++ optional mymachines "mymachines"
++ [ "systemd" ]; ++ [ "systemd" ];
shadowArray = [ "files" ] shadowArray = [ "files" ]
++ optional sssd "sss" ++ optional sssd "sss"
++ optionals ldap [ "ldap" ]; ++ optional ldap "ldap";
servicesArray = [ "files" ] servicesArray = [ "files" ]
++ optional sssd "sss"; ++ optional sssd "sss";

52
nixos/modules/config/users-groups.nix
View File

@ -504,9 +504,6 @@ in {
}; };
}; };
# Install all the user shells
environment.systemPackages = systemShells;
users.groups = { users.groups = {
root.gid = ids.gids.root; root.gid = ids.gids.root;
wheel.gid = ids.gids.wheel; wheel.gid = ids.gids.wheel;
@ -543,14 +540,29 @@ in {
# for backwards compatibility # for backwards compatibility
system.activationScripts.groups = stringAfter [ "users" ] ""; system.activationScripts.groups = stringAfter [ "users" ] "";
environment.etc."subuid" = { # Install all the user shells
text = subuidFile; environment.systemPackages = systemShells;
mode = "0644";
}; environment.etc = {
environment.etc."subgid" = { "subuid" = {
text = subgidFile; text = subuidFile;
mode = "0644"; mode = "0644";
}; };
"subgid" = {
text = subgidFile;
mode = "0644";
};
} // (mapAttrs' (name: { packages, ... }: {
name = "profiles/per-user/${name}";
value.source = pkgs.buildEnv {
name = "user-environment";
paths = packages;
inherit (config.environment) pathsToLink extraOutputsToInstall;
inherit (config.system.path) ignoreCollisions postBuild;
};
}) (filterAttrs (_: u: u.packages != []) cfg.users));
environment.profiles = [ "/etc/profiles/per-user/$USER" ];
assertions = [ assertions = [
{ assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique); { assertion = !cfg.enforceIdUniqueness || (uidsAreUnique && gidsAreUnique);
@ -581,22 +593,4 @@ in {
}; };
imports =
[ (mkAliasOptionModule [ "users" "extraUsers" ] [ "users" "users" ])
(mkAliasOptionModule [ "users" "extraGroups" ] [ "users" "groups" ])
{
environment = {
etc = mapAttrs' (name: { packages, ... }: {
name = "profiles/per-user/${name}";
value.source = pkgs.buildEnv {
name = "user-environment";
paths = packages;
inherit (config.environment) pathsToLink extraOutputsToInstall;
inherit (config.system.path) ignoreCollisions postBuild;
};
}) (filterAttrs (_: { packages, ... }: packages != []) cfg.users);
profiles = ["/etc/profiles/per-user/$USER"];
};
}
];
} }

5
nixos/modules/rename.nix
View File

@ -4,6 +4,7 @@ with lib;
{ {
imports = [ imports = [
(mkRenamedOptionModule [ "dysnomia" ] [ "services" "dysnomia" ])
(mkRenamedOptionModule [ "environment" "x11Packages" ] [ "environment" "systemPackages" ]) (mkRenamedOptionModule [ "environment" "x11Packages" ] [ "environment" "systemPackages" ])
(mkRenamedOptionModule [ "environment" "enableBashCompletion" ] [ "programs" "bash" "enableCompletion" ]) (mkRenamedOptionModule [ "environment" "enableBashCompletion" ] [ "programs" "bash" "enableCompletion" ])
(mkRenamedOptionModule [ "environment" "nix" ] [ "nix" "package" ]) (mkRenamedOptionModule [ "environment" "nix" ] [ "nix" "package" ])
@ -203,6 +204,10 @@ with lib;
(mkRenamedOptionModule [ "config" "system" "nixosCodeName" ] [ "config" "system" "nixos" "codeName" ]) (mkRenamedOptionModule [ "config" "system" "nixosCodeName" ] [ "config" "system" "nixos" "codeName" ])
(mkRenamedOptionModule [ "config" "system" "nixosLabel" ] [ "config" "system" "nixos" "label" ]) (mkRenamedOptionModule [ "config" "system" "nixosLabel" ] [ "config" "system" "nixos" "label" ])
# Users
(mkAliasOptionModule [ "users" "extraUsers" ] [ "users" "users" ])
(mkAliasOptionModule [ "users" "extraGroups" ] [ "users" "groups" ])
# Options that are obsolete and have no replacement. # Options that are obsolete and have no replacement.
(mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "") (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "")
(mkRemovedOptionModule [ "programs" "bash" "enable" ] "") (mkRemovedOptionModule [ "programs" "bash" "enable" ] "")

2
nixos/modules/services/misc/disnix.nix
View File

@ -57,7 +57,7 @@ in
###### implementation ###### implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
dysnomia.enable = true; services.dysnomia.enable = true;
environment.systemPackages = [ pkgs.disnix ] ++ optional cfg.useWebServiceInterface pkgs.DisnixWebService; environment.systemPackages = [ pkgs.disnix ] ++ optional cfg.useWebServiceInterface pkgs.DisnixWebService;

58
nixos/modules/services/misc/dysnomia.nix
View File

@ -3,8 +3,8 @@
with lib; with lib;
let let
cfg = config.dysnomia; cfg = config.services.dysnomia;
printProperties = properties: printProperties = properties:
concatMapStrings (propertyName: concatMapStrings (propertyName:
let let
@ -13,7 +13,7 @@ let
if isList property then "${propertyName}=(${lib.concatMapStrings (elem: "\"${toString elem}\" ") (properties."${propertyName}")})\n" if isList property then "${propertyName}=(${lib.concatMapStrings (elem: "\"${toString elem}\" ") (properties."${propertyName}")})\n"
else "${propertyName}=\"${toString property}\"\n" else "${propertyName}=\"${toString property}\"\n"
) (builtins.attrNames properties); ) (builtins.attrNames properties);
properties = pkgs.stdenv.mkDerivation { properties = pkgs.stdenv.mkDerivation {
name = "dysnomia-properties"; name = "dysnomia-properties";
buildCommand = '' buildCommand = ''
@ -22,13 +22,13 @@ let
EOF EOF
''; '';
}; };
containersDir = pkgs.stdenv.mkDerivation { containersDir = pkgs.stdenv.mkDerivation {
name = "dysnomia-containers"; name = "dysnomia-containers";
buildCommand = '' buildCommand = ''
mkdir -p $out mkdir -p $out
cd $out cd $out
${concatMapStrings (containerName: ${concatMapStrings (containerName:
let let
containerProperties = cfg.containers."${containerName}"; containerProperties = cfg.containers."${containerName}";
@ -42,11 +42,11 @@ let
) (builtins.attrNames cfg.containers)} ) (builtins.attrNames cfg.containers)}
''; '';
}; };
linkMutableComponents = {containerName}: linkMutableComponents = {containerName}:
'' ''
mkdir ${containerName} mkdir ${containerName}
${concatMapStrings (componentName: ${concatMapStrings (componentName:
let let
component = cfg.components."${containerName}"."${componentName}"; component = cfg.components."${containerName}"."${componentName}";
@ -54,13 +54,13 @@ let
"ln -s ${component} ${containerName}/${componentName}\n" "ln -s ${component} ${containerName}/${componentName}\n"
) (builtins.attrNames (cfg.components."${containerName}" or {}))} ) (builtins.attrNames (cfg.components."${containerName}" or {}))}
''; '';
componentsDir = pkgs.stdenv.mkDerivation { componentsDir = pkgs.stdenv.mkDerivation {
name = "dysnomia-components"; name = "dysnomia-components";
buildCommand = '' buildCommand = ''
mkdir -p $out mkdir -p $out
cd $out cd $out
${concatMapStrings (containerName: ${concatMapStrings (containerName:
let let
components = cfg.components."${containerName}"; components = cfg.components."${containerName}";
@ -72,59 +72,59 @@ let
in in
{ {
options = { options = {
dysnomia = { services.dysnomia = {
enable = mkOption { enable = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to enable Dysnomia"; description = "Whether to enable Dysnomia";
}; };
enableAuthentication = mkOption { enableAuthentication = mkOption {
type = types.bool; type = types.bool;
default = false; default = false;
description = "Whether to publish privacy-sensitive authentication credentials"; description = "Whether to publish privacy-sensitive authentication credentials";
}; };
package = mkOption { package = mkOption {
type = types.path; type = types.path;
description = "The Dysnomia package"; description = "The Dysnomia package";
}; };
properties = mkOption { properties = mkOption {
description = "An attribute set in which each attribute represents a machine property. Optionally, these values can be shell substitutions."; description = "An attribute set in which each attribute represents a machine property. Optionally, these values can be shell substitutions.";
default = {}; default = {};
}; };
containers = mkOption { containers = mkOption {
description = "An attribute set in which each key represents a container and each value an attribute set providing its configuration properties"; description = "An attribute set in which each key represents a container and each value an attribute set providing its configuration properties";
default = {}; default = {};
}; };
components = mkOption { components = mkOption {
description = "An atttribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state"; description = "An atttribute set in which each key represents a container and each value an attribute set in which each key represents a component and each value a derivation constructing its initial state";
default = {}; default = {};
}; };
extraContainerProperties = mkOption { extraContainerProperties = mkOption {
description = "An attribute set providing additional container settings in addition to the default properties"; description = "An attribute set providing additional container settings in addition to the default properties";
default = {}; default = {};
}; };
extraContainerPaths = mkOption { extraContainerPaths = mkOption {
description = "A list of paths containing additional container configurations that are added to the search folders"; description = "A list of paths containing additional container configurations that are added to the search folders";
default = []; default = [];
}; };
extraModulePaths = mkOption { extraModulePaths = mkOption {
description = "A list of paths containing additional modules that are added to the search folders"; description = "A list of paths containing additional modules that are added to the search folders";
default = []; default = [];
}; };
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.etc = { environment.etc = {
"dysnomia/containers" = { "dysnomia/containers" = {
source = containersDir; source = containersDir;
@ -136,16 +136,16 @@ in
source = properties; source = properties;
}; };
}; };
environment.variables = { environment.variables = {
DYSNOMIA_STATEDIR = "/var/state/dysnomia-nixos"; DYSNOMIA_STATEDIR = "/var/state/dysnomia-nixos";
DYSNOMIA_CONTAINERS_PATH = "${lib.concatMapStrings (containerPath: "${containerPath}:") cfg.extraContainerPaths}/etc/dysnomia/containers"; DYSNOMIA_CONTAINERS_PATH = "${lib.concatMapStrings (containerPath: "${containerPath}:") cfg.extraContainerPaths}/etc/dysnomia/containers";
DYSNOMIA_MODULES_PATH = "${lib.concatMapStrings (modulePath: "${modulePath}:") cfg.extraModulePaths}/etc/dysnomia/modules"; DYSNOMIA_MODULES_PATH = "${lib.concatMapStrings (modulePath: "${modulePath}:") cfg.extraModulePaths}/etc/dysnomia/modules";
}; };
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
dysnomia.package = pkgs.dysnomia.override (origArgs: { services.dysnomia.package = pkgs.dysnomia.override (origArgs: {
enableApacheWebApplication = config.services.httpd.enable; enableApacheWebApplication = config.services.httpd.enable;
enableAxis2WebService = config.services.tomcat.axis2.enable; enableAxis2WebService = config.services.tomcat.axis2.enable;
enableEjabberdDump = config.services.ejabberd.enable; enableEjabberdDump = config.services.ejabberd.enable;
@ -155,8 +155,8 @@ in
enableTomcatWebApplication = config.services.tomcat.enable; enableTomcatWebApplication = config.services.tomcat.enable;
enableMongoDatabase = config.services.mongodb.enable; enableMongoDatabase = config.services.mongodb.enable;
}); });
dysnomia.properties = { services.dysnomia.properties = {
hostname = config.networking.hostName; hostname = config.networking.hostName;
system = if config.nixpkgs.system == "" then builtins.currentSystem else config.nixpkgs.system; system = if config.nixpkgs.system == "" then builtins.currentSystem else config.nixpkgs.system;
@ -173,8 +173,8 @@ in
''; '';
}}"); }}");
}; };
dysnomia.containers = lib.recursiveUpdate ({ services.dysnomia.containers = lib.recursiveUpdate ({
process = {}; process = {};
wrapper = {}; wrapper = {};
} }

10
nixos/modules/services/networking/tcpcrypt.nix
View File

@ -44,9 +44,9 @@ in
path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ]; path = [ pkgs.iptables pkgs.tcpcrypt pkgs.procps ];
preStart = '' preStart = ''
mkdir -p /var/run/tcpcryptd mkdir -p /run/tcpcryptd
chown tcpcryptd /var/run/tcpcryptd chown tcpcryptd /run/tcpcryptd
sysctl -n net.ipv4.tcp_ecn >/run/pre-tcpcrypt-ecn-state sysctl -n net.ipv4.tcp_ecn > /run/tcpcryptd/pre-tcpcrypt-ecn-state
sysctl -w net.ipv4.tcp_ecn=0 sysctl -w net.ipv4.tcp_ecn=0
iptables -t raw -N nixos-tcpcrypt iptables -t raw -N nixos-tcpcrypt
@ -61,8 +61,8 @@ in
script = "tcpcryptd -x 0x10"; script = "tcpcryptd -x 0x10";
postStop = '' postStop = ''
if [ -f /run/pre-tcpcrypt-ecn-state ]; then if [ -f /run/tcpcryptd/pre-tcpcrypt-ecn-state ]; then
sysctl -w net.ipv4.tcp_ecn=$(cat /run/pre-tcpcrypt-ecn-state) sysctl -w net.ipv4.tcp_ecn=$(cat /run/tcpcryptd/pre-tcpcrypt-ecn-state)
fi fi
iptables -t mangle -D POSTROUTING -j nixos-tcpcrypt || true iptables -t mangle -D POSTROUTING -j nixos-tcpcrypt || true

2
pkgs/applications/networking/browsers/firefox/wrapper.nix
View File

@ -30,7 +30,7 @@ let
}: }:
let let
cfg = stdenv.lib.attrByPath [ browserName ] {} config; cfg = config.${browserName} or {};
enableAdobeFlash = cfg.enableAdobeFlash or false; enableAdobeFlash = cfg.enableAdobeFlash or false;
ffmpegSupport = browser.ffmpegSupport or false; ffmpegSupport = browser.ffmpegSupport or false;
gssSupport = browser.gssSupport or false; gssSupport = browser.gssSupport or false;