public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge 'master' into staging 

(relatively simple conflicts)
This commit is contained in:
Vladimír Čunát 2015-04-26 22:52:08 +02:00
parent c1cc2348e4 2cb3dc6812
commit 30f31c9afc
508 changed files with 26127 additions and 13733 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
doc/language-support.xml
View File

@ -670,7 +670,12 @@ net = buildGoPackage rec {
url = "https://${goPackagePath}"; url = "https://${goPackagePath}";
sha256 = "1lkz4c9pyz3yz2yz18hiycvlfhgy3jxp68bs7mv7bcfpaj729qav"; sha256 = "1lkz4c9pyz3yz2yz18hiycvlfhgy3jxp68bs7mv7bcfpaj729qav";
}; };
propagatedBuildInputs = [ goPackages.text ]; <co xml:id='ex-buildGoPackage-3' /> renameImports = [ <co xml:id='ex-buildGoPackage-3' />
"code.google.com/p/go.crypto golang.org/x/crypto"
"code.google.com/p/goprotobuf github.com/golang/protobuf"
];
propagatedBuildInputs = [ goPackages.text ]; <co xml:id='ex-buildGoPackage-4' />
buildFlags = "--tags release"; <co xml:id='ex-buildGoPackage-5' />
}; };
</programlisting> </programlisting>
</example> </example>
@ -698,7 +703,21 @@ the following arguments are of special significance to the function:
</para> </para>
</callout> </callout>
<callout arearefs='ex-buildGoPackage-3'> <callout arearefs='ex-buildGoPackage-4'>
<para>
<varname>renameImports</varname> is a list of import paths to be renamed before
building the package. The path to be renamed can be a regular expression.
</para>
<para>
In this example imports will be renamed from
<literal>code.google.com/p/go.crypto</literal> to
<literal>golang.org/x/crypto</literal> and from
<literal>code.google.com/p/goprotobuf</literal> to
<literal>github.com/golang/protobuf</literal>.
</para>
</callout>
<callout arearefs='ex-buildGoPackage-4'>
<para> <para>
<varname>propagatedBuildInputs</varname> is where the dependencies of a Go library are <varname>propagatedBuildInputs</varname> is where the dependencies of a Go library are
listed. Only libraries should list <varname>propagatedBuildInputs</varname>. If a standalone listed. Only libraries should list <varname>propagatedBuildInputs</varname>. If a standalone
@ -707,6 +726,12 @@ the following arguments are of special significance to the function:
</para> </para>
</callout> </callout>
<callout arearefs='ex-buildGoPackage-5'>
<para>
<varname>buildFlags</varname> is a list of flags passed to the go build command.
</para>
</callout>
</calloutlist> </calloutlist>
</para> </para>

107
doc/packageconfig.xml
View File

@ -1,6 +1,6 @@
<chapter xmlns="http://docbook.org/ns/docbook" <chapter xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="http://www.w3.org/1999/xlink"
xml:id="chap-packageconfig"> xml:id="chap-packageconfig">
<title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title> <title><filename>~/.nixpkgs/config.nix</filename>: global configuration</title>
@ -9,62 +9,79 @@
</para> </para>
<para> <para>
To apply the configuration edit <filename>~/.nixpkgs/config.nix</filename> To apply the configuration edit <filename>~/.nixpkgs/config.nix</filename>
and set it like and set it like
<programlisting>{ <programlisting>{
allowUnfree = true; allowUnfree = true;
}</programlisting> }</programlisting>
and will allow the Nix package manager to install unfree licensed packages. and will allow the Nix package manager to install unfree licensed packages.
The configuration as listed also applies to NixOS under <option>nixpkgs.config</option> set. The configuration as listed also applies to NixOS under <option>nixpkgs.config</option> set.
</para> </para>
<itemizedlist> <itemizedlist>
<listitem> <listitem>
<para> <para>
Allow installing of packages that are distributed under unfree license by setting Allow installing of packages that are distributed under unfree license by setting
<programlisting>allowUnfree = true;</programlisting> <programlisting>allowUnfree = true;</programlisting>
or deny them by setting it to <literal>false</literal>. or deny them by setting it to <literal>false</literal>.
</para> </para>
<para> <para>
Same can be achieved by setting the environment variable: Same can be achieved by setting the environment variable:
<programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting> <programlisting>$ export NIXPKGS_ALLOW_UNFREE=1</programlisting>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
Whenever unfree packages are not allowed, single packages can Whenever unfree packages are not allowed, single packages can
still be allowed by a predicate function that accepts package still be allowed by a predicate function that accepts package
as an argument and should return a boolean: as an argument and should return a boolean:
<programlisting>allowUnfreePredicate = (pkg: ...);</programlisting> <programlisting>allowUnfreePredicate = (pkg: ...);</programlisting>
Example to allow flash player only: Example to allow flash player only:
<programlisting>allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);</programlisting> <programlisting>allowUnfreePredicate = (pkg: pkgs.lib.hasPrefix "flashplayer-" pkg.name);</programlisting>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
Whenever unfree packages are not allowed, packages can still be Whenever unfree packages are not allowed, packages can still be
whitelisted by their license: whitelisted by their license:
<programlisting>whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];</programlisting> <programlisting>whitelistedLicenses = with stdenv.lib.licenses; [ amd wtfpl ];</programlisting>
</para> </para>
</listitem> </listitem>
<listitem> <listitem>
<para> <para>
In addition to whitelisting licenses which are denied by the In addition to whitelisting licenses which are denied by the
<literal>allowUnfree</literal> setting, you can also explicitely <literal>allowUnfree</literal> setting, you can also explicitely
deny installation of packages which have a certain license: deny installation of packages which have a certain license:
<programlisting>blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];</programlisting> <programlisting>blacklistedLicenses = with stdenv.lib.licenses; [ agpl3 gpl3 ];</programlisting>
</para> </para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
<para> <para>
A complete list of licenses can be found in the file A complete list of licenses can be found in the file
<filename>lib/licenses.nix</filename> of the nix package tree. <filename>lib/licenses.nix</filename> of the nix package tree.
</para> </para>
</chapter> <section><title>Modify packages via <literal>packageOverrides</literal></title>
<para>
You can define a function called <varname>packageOverrides</varname>
in your local <filename>~/.nixpkgs/config</filename> to overide nix
packages. It must be a function that takes pkgs as an argument and
return modified set of packages.
<programlisting>{
packageOverrides = pkgs: rec {
foo = pkgs.foo.override { ... };
};
}</programlisting>
</para>
</section>
</chapter>

5
lib/maintainers.nix
View File

@ -49,7 +49,6 @@
chaoflow = "Florian Friesdorf <flo@chaoflow.net>"; chaoflow = "Florian Friesdorf <flo@chaoflow.net>";
christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>"; christopherpoole = "Christopher Mark Poole <mail@christopherpoole.net>";
coconnor = "Corey O'Connor <coreyoconnor@gmail.com>"; coconnor = "Corey O'Connor <coreyoconnor@gmail.com>";
cocreature = "Moritz Kiefer <moritz.kiefer@purelyfunctional.org>";
codyopel = "Cody Opel <codyopel@gmail.com>"; codyopel = "Cody Opel <codyopel@gmail.com>";
copumpkin = "Dan Peebles <pumpkingod@gmail.com>"; copumpkin = "Dan Peebles <pumpkingod@gmail.com>";
coroa = "Jonas Hörsch <jonas@chaoflow.net>"; coroa = "Jonas Hörsch <jonas@chaoflow.net>";
@ -60,6 +59,7 @@
dbohdan = "Danyil Bohdan <danyil.bohdan@gmail.com>"; dbohdan = "Danyil Bohdan <danyil.bohdan@gmail.com>";
DerGuteMoritz = "Moritz Heidkamp <moritz@twoticketsplease.de>"; DerGuteMoritz = "Moritz Heidkamp <moritz@twoticketsplease.de>";
devhell = "devhell <\"^\"@regexmail.net>"; devhell = "devhell <\"^\"@regexmail.net>";
dezgeg = "Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>";
dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>"; dmalikov = "Dmitry Malikov <malikov.d.y@gmail.com>";
doublec = "Chris Double <chris.double@double.co.nz>"; doublec = "Chris Double <chris.double@double.co.nz>";
ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>"; ederoyd46 = "Matthew Brown <matt@ederoyd.co.uk>";
@ -74,6 +74,7 @@
falsifian = "James Cook <james.cook@utoronto.ca>"; falsifian = "James Cook <james.cook@utoronto.ca>";
flosse = "Markus Kohlhase <mail@markus-kohlhase.de>"; flosse = "Markus Kohlhase <mail@markus-kohlhase.de>";
fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>"; fluffynukeit = "Daniel Austin <dan@fluffynukeit.com>";
forkk = "Andrew Okin <forkk@forkk.net>";
fpletz = "Franz Pletz <fpletz@fnordicwalking.de>"; fpletz = "Franz Pletz <fpletz@fnordicwalking.de>";
ftrvxmtrx = "Siarhei Zirukin <ftrvxmtrx@gmail.com>"; ftrvxmtrx = "Siarhei Zirukin <ftrvxmtrx@gmail.com>";
funfunctor = "Edward O'Callaghan <eocallaghan@alterapraxis.com>"; funfunctor = "Edward O'Callaghan <eocallaghan@alterapraxis.com>";
@ -88,6 +89,7 @@
goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>"; goibhniu = "Cillian de Róiste <cillian.deroiste@gmail.com>";
gridaphobe = "Eric Seidel <eric@seidel.io>"; gridaphobe = "Eric Seidel <eric@seidel.io>";
guibert = "David Guibert <david.guibert@gmail.com>"; guibert = "David Guibert <david.guibert@gmail.com>";
hbunke = "Hendrik Bunke <bunke.hendrik@gmail.com>";
henrytill = "Henry Till <henrytill@gmail.com>"; henrytill = "Henry Till <henrytill@gmail.com>";
hinton = "Tom Hinton <t@larkery.com>"; hinton = "Tom Hinton <t@larkery.com>";
hrdinka = "Christoph Hrdinka <c.nix@hrdinka.at>"; hrdinka = "Christoph Hrdinka <c.nix@hrdinka.at>";
@ -190,6 +192,7 @@
spwhitt = "Spencer Whitt <sw@swhitt.me>"; spwhitt = "Spencer Whitt <sw@swhitt.me>";
sztupi = "Attila Sztupak <attila.sztupak@gmail.com>"; sztupi = "Attila Sztupak <attila.sztupak@gmail.com>";
tailhook = "Paul Colomiets <paul@colomiets.name>"; tailhook = "Paul Colomiets <paul@colomiets.name>";
taktoa = "Remy Goldschmidt <taktoa@gmail.com>";
thammers = "Tobias Hammerschmidt <jawr@gmx.de>"; thammers = "Tobias Hammerschmidt <jawr@gmx.de>";
the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>"; the-kenny = "Moritz Ulrich <moritz@tarn-vedra.de>";
theuni = "Christian Theune <ct@flyingcircus.io>"; theuni = "Christian Theune <ct@flyingcircus.io>";

4
lib/platforms.nix
View File

@ -13,4 +13,8 @@ rec {
none = []; none = [];
allBut = platforms: lists.filter (x: !(builtins.elem x platforms)) all; allBut = platforms: lists.filter (x: !(builtins.elem x platforms)) all;
mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux"]; mesaPlatforms = ["i686-linux" "x86_64-linux" "x86_64-darwin" "armv5tel-linux" "armv6l-linux"];
x86_64 = ["x86_64-linux" "x86_64-darwin" "x86_64-freebsd" "x86_64-openbsd" "x86_64-netbsd" "x86_64-cygwin"];
i686 = ["i686-linux" "i686-freebsd" "i686-netbsd" "i686-cygwin"];
arm = ["armv5tel-linux" "armv6l-linux" "armv7l-linux" ];
mips = [ "mips64el-linux" ];
} }

1
nixos/doc/manual/development/development.xml
View File

@ -15,6 +15,7 @@ NixOS.</para>
<xi:include href="writing-modules.xml" /> <xi:include href="writing-modules.xml" />
<xi:include href="building-parts.xml" /> <xi:include href="building-parts.xml" />
<xi:include href="building-nixos.xml" /> <xi:include href="building-nixos.xml" />
<xi:include href="nixos-tests.xml" />
<xi:include href="testing-installer.xml" /> <xi:include href="testing-installer.xml" />
</part> </part>

3
nixos/doc/manual/development/nixos-tests.xml
View File

@ -15,5 +15,6 @@ required for the test.</para>
<xi:include href="writing-nixos-tests.xml" /> <xi:include href="writing-nixos-tests.xml" />
<xi:include href="running-nixos-tests.xml" /> <xi:include href="running-nixos-tests.xml" />
<xi:include href="running-nixos-tests-interactively.xml" />
</chapter> </chapter>

43
nixos/doc/manual/development/running-nixos-tests-interactively.xml Normal file
View File

@ -0,0 +1,43 @@
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0"
xml:id="sec-running-nixos-tests">
<title>Running Tests interactively</title>
<para>The test itself can be run interactively. This is
particularly useful when developing or debugging a test:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-test-driver
starting VDE switch for network 1
&gt;
</screen>
You can then take any Perl statement, e.g.
<screen>
&gt; startAll
&gt; testScript
&gt; $machine->succeed("touch /tmp/foo")
</screen>
The function <command>testScript</command> executes the entire test
script and drops you back into the test driver command line upon its
completion. This allows you to inspect the state of the VMs after the
test (e.g. to debug the test script).</para>
<para>To just start and experiment with the VMs, run:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-run-vms
</screen>
The script <command>nixos-run-vms</command> starts the virtual
machines defined by test. The root file system of the VMs is created
on the fly and kept across VM restarts in
<filename>./</filename><varname>hostname</varname><filename>.qcow2</filename>.</para>
</section>

40
nixos/doc/manual/development/running-nixos-tests.xml
View File

@ -2,7 +2,7 @@
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude" xmlns:xi="http://www.w3.org/2001/XInclude"
version="5.0" version="5.0"
xml:id="sec-running-nixos-tests"> xml:id="sec-running-nixos-tests-interactively">
<title>Running Tests</title> <title>Running Tests</title>
@ -38,42 +38,4 @@ $ firefox result/log.html
</screen> </screen>
</para> </para>
<title>Running Tests interactively</title>
<para>The test itself can be run interactively. This is
particularly useful when developing or debugging a test:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-test-driver
starting VDE switch for network 1
&gt;
</screen>
You can then take any Perl statement, e.g.
<screen>
&gt; startAll
&gt; testScript
&gt; $machine->succeed("touch /tmp/foo")
</screen>
The function <command>testScript</command> executes the entire test
script and drops you back into the test driver command line upon its
completion. This allows you to inspect the state of the VMs after the
test (e.g. to debug the test script).</para>
<para>To just start and experiment with the VMs, run:
<screen>
$ nix-build nixos/tests/login.nix -A driver
$ ./result/bin/nixos-run-vms
</screen>
The script <command>nixos-run-vms</command> starts the virtual
machines defined by test. The root file system of the VMs is created
on the fly and kept across VM restarts in
<filename>./</filename><varname>hostname</varname><filename>.qcow2</filename>.</para>
</section> </section>

14
nixos/doc/manual/release-notes/rl-unstable.xml
View File

@ -35,6 +35,20 @@ and old <literal>steam</literal> package -- to <literal>steamOriginal</literal>.
was accordingly renamed to <literal>bomi</literal> was accordingly renamed to <literal>bomi</literal>
</para></listitem> </para></listitem>
<listitem>
<para>
The default <literal>NIX_PATH</literal> for NixOS now includes
<literal>/nix/var/nix/profiles/per-user/root/channels</literal>, so it's
easy to add custom channels.
</para>
<para>
Moreover, whenever a <command>nixos-rebuild &lt;action&gt;
--upgrade</command> is issued, every channel that includes a file
called <filename>.update-on-nixos-rebuild</filename> will be upgraded
alongside of the <literal>nixos</literal> channel.
</para>
</listitem>
</itemizedlist> </itemizedlist>
</para> </para>

7
nixos/modules/config/i18n.nix
View File

@ -74,14 +74,17 @@ in
config = { config = {
environment.systemPackages = [ glibcLocales ]; environment.systemPackages =
optional (config.i18n.supportedLocales != []) glibcLocales;
environment.sessionVariables = environment.sessionVariables =
{ LANG = config.i18n.defaultLocale; { LANG = config.i18n.defaultLocale;
LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive";
}; };
systemd.globalEnvironment.LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive"; systemd.globalEnvironment = mkIf (config.i18n.supportedLocales != []) {
LOCALE_ARCHIVE = "${glibcLocales}/lib/locale/locale-archive";
};
# /etc/locale.conf is used by systemd. # /etc/locale.conf is used by systemd.
environment.etc = singleton environment.etc = singleton

4
nixos/modules/config/system-path.nix
View File

@ -23,7 +23,6 @@ let
pkgs.cpio pkgs.cpio
pkgs.curl pkgs.curl
pkgs.diffutils pkgs.diffutils
pkgs.eject # HAL depends on it anyway
pkgs.findutils pkgs.findutils
pkgs.gawk pkgs.gawk
pkgs.glibc # for ldd, getent pkgs.glibc # for ldd, getent
@ -40,15 +39,12 @@ let
pkgs.ncurses pkgs.ncurses
pkgs.netcat pkgs.netcat
pkgs.openssh pkgs.openssh
pkgs.pciutils
pkgs.perl pkgs.perl
pkgs.procps pkgs.procps
pkgs.rsync pkgs.rsync
pkgs.strace pkgs.strace
pkgs.sysvtools
pkgs.su pkgs.su
pkgs.time pkgs.time
pkgs.usbutils
pkgs.utillinux pkgs.utillinux
extraManpages extraManpages
]; ];

3
nixos/modules/installer/cd-dvd/installation-cd-base.nix
View File

@ -45,9 +45,6 @@ with lib;
# Get a console as soon as the initrd loads fbcon on EFI boot. # Get a console as soon as the initrd loads fbcon on EFI boot.
boot.initrd.kernelModules = [ "fbcon" ]; boot.initrd.kernelModules = [ "fbcon" ];
# Add support for cow filesystems and their utilities
boot.supportedFilesystems = [ "zfs" "btrfs" ];
# Configure host id for ZFS to work # Configure host id for ZFS to work
networking.hostId = "8425e349"; networking.hostId = "8425e349";

8
nixos/modules/installer/tools/nixos-rebuild.sh
View File

@ -96,6 +96,14 @@ fi
# If --upgrade is given, run nix-channel --update nixos. # If --upgrade is given, run nix-channel --update nixos.
if [ -n "$upgrade" -a -z "$_NIXOS_REBUILD_REEXEC" ]; then if [ -n "$upgrade" -a -z "$_NIXOS_REBUILD_REEXEC" ]; then
nix-channel --update nixos nix-channel --update nixos
# If there are other channels that contain a file called
# ".update-on-nixos-rebuild", update them as well.
for channelpath in /nix/var/nix/profiles/per-user/root/channels/*; do
if [ -e "$channelpath/.update-on-nixos-rebuild" ]; then
nix-channel --update "$(basename "$channelpath")"
fi
done
fi fi
# Make sure that we use the Nix package we depend on, not something # Make sure that we use the Nix package we depend on, not something

14
nixos/modules/misc/ids.nix
View File

@ -203,17 +203,20 @@
sddm = 175; sddm = 175;
tss = 176; tss = 176;
memcached = 177; memcached = 177;
nscd = 178;
ntp = 179; ntp = 179;
zabbix = 180; zabbix = 180;
redis = 181; redis = 181;
sshd = 182;
unifi = 183; unifi = 183;
uptimed = 184; uptimed = 184;
zope2 = 185; zope2 = 185;
ripple-data-api = 186; ripple-data-api = 186;
mediatomb = 187; mediatomb = 187;
rdnssd = 188; rdnssd = 188;
ihaskell = 189;
i2p = 190;
lambdabot = 191;
asterisk = 192;
plex = 193;
# When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399!
@ -394,17 +397,20 @@
sddm = 175; sddm = 175;
tss = 176; tss = 176;
#memcached = 177; # unused #memcached = 177; # unused
#nscd = 178; # unused
#ntp = 179; # unused #ntp = 179; # unused
#zabbix = 180; # unused #zabbix = 180; # unused
#redis = 181; # unused #redis = 181; # unused
#sshd = 182; # unused
#unifi = 183; # unused #unifi = 183; # unused
#uptimed = 184; # unused #uptimed = 184; # unused
#zope2 = 185; # unused #zope2 = 185; # unused
#ripple-data-api = 186; #unused #ripple-data-api = 186; #unused
mediatomb = 187; mediatomb = 187;
#rdnssd = 188; # unused #rdnssd = 188; # unused
ihaskell = 189;
i2p = 190;
lambdabot = 191;
#asterisk = 192; # unused
plex = 193;
# When adding a gid, make sure it doesn't match an existing # When adding a gid, make sure it doesn't match an existing
# uid. Users and groups with the same name should have equal # uid. Users and groups with the same name should have equal

9
nixos/modules/module-list.nix
View File

@ -193,6 +193,7 @@
./services/misc/gitlab.nix ./services/misc/gitlab.nix
./services/misc/gitolite.nix ./services/misc/gitolite.nix
./services/misc/gpsd.nix ./services/misc/gpsd.nix
./services/misc/ihaskell.nix
./services/misc/mediatomb.nix ./services/misc/mediatomb.nix
./services/misc/mesos-master.nix ./services/misc/mesos-master.nix
./services/misc/mesos-slave.nix ./services/misc/mesos-slave.nix
@ -202,6 +203,7 @@
./services/misc/nix-ssh-serve.nix ./services/misc/nix-ssh-serve.nix
./services/misc/parsoid.nix ./services/misc/parsoid.nix
./services/misc/phd.nix ./services/misc/phd.nix
./services/misc/plex.nix
./services/misc/redmine.nix ./services/misc/redmine.nix
./services/misc/rippled.nix ./services/misc/rippled.nix
./services/misc/ripple-data-api.nix ./services/misc/ripple-data-api.nix
@ -241,6 +243,7 @@
./services/network-filesystems/yandex-disk.nix ./services/network-filesystems/yandex-disk.nix
./services/networking/aiccu.nix ./services/networking/aiccu.nix
./services/networking/amuled.nix ./services/networking/amuled.nix
./services/networking/asterisk.nix
./services/networking/atftpd.nix ./services/networking/atftpd.nix
./services/networking/avahi-daemon.nix ./services/networking/avahi-daemon.nix
./services/networking/bind.nix ./services/networking/bind.nix
@ -272,6 +275,7 @@
./services/networking/iodined.nix ./services/networking/iodined.nix
./services/networking/ircd-hybrid/default.nix ./services/networking/ircd-hybrid/default.nix
./services/networking/kippo.nix ./services/networking/kippo.nix
./services/networking/lambdabot.nix
./services/networking/mailpile.nix ./services/networking/mailpile.nix
./services/networking/minidlna.nix ./services/networking/minidlna.nix
./services/networking/mstpd.nix ./services/networking/mstpd.nix
@ -336,6 +340,7 @@
./services/security/fprot.nix ./services/security/fprot.nix
./services/security/frandom.nix ./services/security/frandom.nix
./services/security/haveged.nix ./services/security/haveged.nix
./services/security/hologram.nix
./services/security/munge.nix ./services/security/munge.nix
./services/security/torify.nix ./services/security/torify.nix
./services/security/tor.nix ./services/security/tor.nix
@ -410,6 +415,9 @@
./system/boot/stage-1.nix ./system/boot/stage-1.nix
./system/boot/stage-2.nix ./system/boot/stage-2.nix
./system/boot/systemd.nix ./system/boot/systemd.nix
./system/boot/networkd.nix
./system/boot/resolved.nix
./system/boot/timesyncd.nix
./system/boot/tmp.nix ./system/boot/tmp.nix
./system/etc/etc.nix ./system/etc/etc.nix
./system/upstart/upstart.nix ./system/upstart/upstart.nix
@ -423,6 +431,7 @@
./tasks/filesystems/f2fs.nix ./tasks/filesystems/f2fs.nix
./tasks/filesystems/jfs.nix ./tasks/filesystems/jfs.nix
./tasks/filesystems/nfs.nix ./tasks/filesystems/nfs.nix
./tasks/filesystems/ntfs.nix
./tasks/filesystems/reiserfs.nix ./tasks/filesystems/reiserfs.nix
./tasks/filesystems/unionfs-fuse.nix ./tasks/filesystems/unionfs-fuse.nix
./tasks/filesystems/vfat.nix ./tasks/filesystems/vfat.nix

4
nixos/modules/profiles/base.nix
View File

@ -29,6 +29,8 @@
pkgs.hdparm pkgs.hdparm
pkgs.dmraid pkgs.dmraid
pkgs.smartmontools # for diagnosing hard disks pkgs.smartmontools # for diagnosing hard disks
pkgs.pciutils
pkgs.usbutils
# Tools to create / manipulate filesystems. # Tools to create / manipulate filesystems.
pkgs.ntfsprogs # for resizing NTFS partitions pkgs.ntfsprogs # for resizing NTFS partitions
@ -50,6 +52,6 @@
]; ];
# Include support for various filesystems. # Include support for various filesystems.
boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" ]; boot.supportedFilesystems = [ "btrfs" "reiserfs" "vfat" "f2fs" "zfs" "ntfs" "cifs" ];
} }

4
nixos/modules/profiles/container.nix → nixos/modules/profiles/docker-container.nix
View File

@ -45,10 +45,6 @@ in {
${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system ${config.nix.package}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
''; '';
# Disable some features that are not useful in a container.
sound.enable = mkDefault false;
services.udisks2.enable = mkDefault false;
# Install new init script # Install new init script
system.activationScripts.installInitScript = '' system.activationScripts.installInitScript = ''
ln -fs $systemConfig/init /init ln -fs $systemConfig/init /init

5
nixos/modules/profiles/installation-device.nix
View File

@ -30,11 +30,14 @@ with lib;
# the full glibcLocales package. # the full glibcLocales package.
i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "en_US/ISO-8859-1"]; i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "en_US/ISO-8859-1"];
# Automatically log in at the virtual consoles.
services.mingetty.autologinUser = "root";
# Some more help text. # Some more help text.
services.mingetty.helpLine = services.mingetty.helpLine =
'' ''
Log in as "root" with an empty password. ${ The "root" account has an empty password. ${
optionalString config.services.xserver.enable optionalString config.services.xserver.enable
"Type `start display-manager' to\nstart the graphical user interface."} "Type `start display-manager' to\nstart the graphical user interface."}
''; '';

5
nixos/modules/profiles/minimal.nix
View File

@ -3,6 +3,9 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with lib;
{ {
environment.noXlibs = true; environment.noXlibs = mkDefault true;
i18n.supportedLocales = [ config.i18n.defaultLocale ];
} }

1
nixos/modules/programs/environment.nix
View File

@ -28,6 +28,7 @@ in
[ "/nix/var/nix/profiles/per-user/root/channels/nixos" [ "/nix/var/nix/profiles/per-user/root/channels/nixos"
"nixpkgs=/etc/nixos/nixpkgs" "nixpkgs=/etc/nixos/nixpkgs"
"nixos-config=/etc/nixos/configuration.nix" "nixos-config=/etc/nixos/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
]; ];
}; };

6
nixos/modules/programs/shadow.nix
View File

@ -100,8 +100,10 @@ in
chgpasswd = { rootOK = true; }; chgpasswd = { rootOK = true; };
}; };
security.setuidPrograms = [ "passwd" "chfn" "su" "sg" "newgrp" security.setuidPrograms = [ "su" "chfn" ]
"newuidmap" "newgidmap" # new in shadow 4.2.x ++ lib.optionals config.users.mutableUsers
[ "passwd" "sg" "newgrp"
"newuidmap" "newgidmap" # new in shadow 4.2.x
]; ];
}; };

2
nixos/modules/programs/shell.nix
View File

@ -53,7 +53,7 @@ in
# Set up a default Nix expression from which to install stuff. # Set up a default Nix expression from which to install stuff.
if [ ! -e $HOME/.nix-defexpr -o -L $HOME/.nix-defexpr ]; then if [ ! -e $HOME/.nix-defexpr -o -L $HOME/.nix-defexpr ]; then
rm -f $HOME/.nix-defexpr rm -f $HOME/.nix-defexpr
mkdir $HOME/.nix-defexpr mkdir -p $HOME/.nix-defexpr
if [ "$USER" != root ]; then if [ "$USER" != root ]; then
ln -s /nix/var/nix/profiles/per-user/root/channels $HOME/.nix-defexpr/channels_root ln -s /nix/var/nix/profiles/per-user/root/channels $HOME/.nix-defexpr/channels_root
fi fi

2
nixos/modules/rename.nix
View File

@ -135,7 +135,7 @@ in zipModules ([]
++ obsolete [ "services" "mysql55" ] [ "services" "mysql" ] ++ obsolete [ "services" "mysql55" ] [ "services" "mysql" ]
++ obsolete [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ] ++ alias [ "environment" "checkConfigurationOptions" ] [ "_module" "check" ]
# XBMC # XBMC
++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "kodi" ] ++ obsolete [ "services" "xserver" "windowManager" "xbmc" ] [ "services" "xserver" "desktopManager" "kodi" ]

35
nixos/modules/security/grsecurity.nix
View File

@ -112,9 +112,6 @@ in
<literal>kernel.grsecurity.grsec_lock</literal> to <literal>kernel.grsecurity.grsec_lock</literal> to
non-zero as soon as all sysctl options are set. *THIS IS non-zero as soon as all sysctl options are set. *THIS IS
EXTREMELY IMPORTANT*! EXTREMELY IMPORTANT*!
If disabled, this also turns off the
<literal>systemd-sysctl</literal> service.
''; '';
}; };
@ -229,11 +226,8 @@ in
kernel 3.19) to continue. kernel 3.19) to continue.
''; '';
} }
{ assertion = (cfg.stable -> !cfg.testing) || (cfg.testing -> !cfg.stable); { assertion = !(cfg.stable && cfg.testing);
message = '' message = "Select either one of the stable or testing patch";
You must select either the stable or testing patch, not
both.
'';
} }
{ assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) || { assertion = (cfg.config.restrictProc -> !cfg.config.restrictProcWithGroup) ||
(cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc); (cfg.config.restrictProcWithGroup -> !cfg.config.restrictProc);
@ -282,22 +276,21 @@ in
# }; # };
# }; # };
system.activationScripts.grsec = system.activationScripts = lib.optionalAttrs (!cfg.config.disableRBAC) { grsec = ''
'' mkdir -p /etc/grsec
mkdir -p /etc/grsec if [ ! -f /etc/grsec/learn_config ]; then
if [ ! -f /etc/grsec/learn_config ]; then cp ${pkgs.gradm}/etc/grsec/learn_config /etc/grsec
cp ${pkgs.gradm}/etc/grsec/learn_config /etc/grsec fi
fi if [ ! -f /etc/grsec/policy ]; then
if [ ! -f /etc/grsec/policy ]; then cp ${pkgs.gradm}/etc/grsec/policy /etc/grsec
cp ${pkgs.gradm}/etc/grsec/policy /etc/grsec fi
fi chmod -R 0600 /etc/grsec
chmod -R 0600 /etc/grsec ''; };
'';
# Enable AppArmor, gradm udev rules, and utilities # Enable AppArmor, gradm udev rules, and utilities
security.apparmor.enable = true; security.apparmor.enable = true;
boot.kernelPackages = customGrsecPkg; boot.kernelPackages = customGrsecPkg;
services.udev.packages = [ pkgs.gradm ]; services.udev.packages = lib.optional (!cfg.config.disableRBAC) pkgs.gradm;
environment.systemPackages = [ pkgs.gradm pkgs.paxctl pkgs.pax-utils ]; environment.systemPackages = [ pkgs.paxctl pkgs.pax-utils ] ++ lib.optional (!cfg.config.disableRBAC) pkgs.gradm;
}; };
} }

10
nixos/modules/services/audio/mpd.nix
View File

@ -11,7 +11,7 @@ let
mpdConf = pkgs.writeText "mpd.conf" '' mpdConf = pkgs.writeText "mpd.conf" ''
music_directory "${cfg.musicDirectory}" music_directory "${cfg.musicDirectory}"
playlist_directory "${cfg.dataDir}/playlists" playlist_directory "${cfg.dataDir}/playlists"
db_file "${cfg.dataDir}/tag_cache" db_file "${cfg.dbFile}"
state_file "${cfg.dataDir}/state" state_file "${cfg.dataDir}/state"
sticker_file "${cfg.dataDir}/sticker.sql" sticker_file "${cfg.dataDir}/sticker.sql"
log_file "syslog" log_file "syslog"
@ -93,6 +93,14 @@ in {
}; };
}; };
dbFile = mkOption {
type = types.str;
default = "${cfg.dataDir}/tag_cache";
description = ''
The path to MPD's database.
'';
};
}; };
}; };

34
nixos/modules/services/backup/tarsnap.nix
View File

@ -5,20 +5,21 @@ with lib;
let let
cfg = config.services.tarsnap; cfg = config.services.tarsnap;
optionalNullStr = e: v: if e == null then "" else v;
configFile = cfg: '' configFile = cfg: ''
cachedir ${config.services.tarsnap.cachedir} cachedir ${config.services.tarsnap.cachedir}
keyfile ${config.services.tarsnap.keyfile} keyfile ${config.services.tarsnap.keyfile}
${optionalString cfg.nodump "nodump"} ${optionalString cfg.nodump "nodump"}
${optionalString cfg.printStats "print-stats"} ${optionalString cfg.printStats "print-stats"}
${optionalString cfg.printStats "humanize-numbers"} ${optionalString cfg.printStats "humanize-numbers"}
${optionalNullStr cfg.checkpointBytes "checkpoint-bytes "+cfg.checkpointBytes} ${optionalString (cfg.checkpointBytes != null) ("checkpoint-bytes "+cfg.checkpointBytes)}
${optionalString cfg.aggressiveNetworking "aggressive-networking"} ${optionalString cfg.aggressiveNetworking "aggressive-networking"}
${concatStringsSep "\n" (map (v: "exclude "+v) cfg.excludes)} ${concatStringsSep "\n" (map (v: "exclude "+v) cfg.excludes)}
${concatStringsSep "\n" (map (v: "include "+v) cfg.includes)} ${concatStringsSep "\n" (map (v: "include "+v) cfg.includes)}
${optionalString cfg.lowmem "lowmem"} ${optionalString cfg.lowmem "lowmem"}
${optionalString cfg.verylowmem "verylowmem"} ${optionalString cfg.verylowmem "verylowmem"}
${optionalString (cfg.maxbw != null) ("maxbw "+toString cfg.maxbw)}
${optionalString (cfg.maxbwRateUp != null) ("maxbw-rate-up "+toString cfg.maxbwRateUp)}
${optionalString (cfg.maxbwRateDown != null) ("maxbw-rate-down "+toString cfg.maxbwRateDown)}
''; '';
in in
{ {
@ -166,6 +167,33 @@ in
slowing down the archiving process. slowing down the archiving process.
''; '';
}; };
maxbw = mkOption {
type = types.nullOr types.int;
default = null;
description = ''
Abort archival if upstream bandwidth usage in bytes
exceeds this threshold.
'';
};
maxbwRateUp = mkOption {
type = types.nullOr types.int;
default = null;
example = literalExample "25 * 1000";
description = ''
Upload bandwidth rate limit in bytes.
'';
};
maxbwRateDown = mkOption {
type = types.nullOr types.int;
default = null;
example = literalExample "50 * 1000";
description = ''
Download bandwidth rate limit in bytes.
'';
};
}; };
} }
)); ));

1
nixos/modules/services/logging/fluentd.nix
View File

@ -33,6 +33,7 @@ in {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
ExecStart = "${pkgs.fluentd}/bin/fluentd -c ${pkgs.writeText "fluentd.conf" cfg.config}"; ExecStart = "${pkgs.fluentd}/bin/fluentd -c ${pkgs.writeText "fluentd.conf" cfg.config}";
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
}; };
}; };
}; };

2
nixos/modules/services/misc/etcd.nix
View File

@ -11,7 +11,7 @@ in {
enable = mkOption { enable = mkOption {
description = "Whether to enable etcd."; description = "Whether to enable etcd.";
default = false; default = false;
type = types.uniq types.bool; type = types.bool;
}; };
name = mkOption { name = mkOption {

76
nixos/modules/services/misc/ihaskell.nix Normal file
View File

@ -0,0 +1,76 @@
{ pkgs, lib, config, ... }:
with lib;
let
cfg = config.services.ihaskell;
ihaskell = pkgs.ihaskell.override {
inherit (cfg.haskellPackages) ihaskell ghcWithPackages;
packages = self: cfg.extraPackages self;
};
in
{
options = {
services.ihaskell = {
enable = mkOption {
default = false;
example = true;
description = "Autostart an IHaskell notebook service.";
};
haskellPackages = mkOption {
default = pkgs.haskellngPackages;
defaultText = "pkgs.haskellngPackages";
example = literalExample "pkgs.haskell-ng.packages.ghc784";
description = ''
haskellPackages used to build IHaskell and other packages.
This can be used to change the GHC version used to build
IHaskell and the packages listed in
<varname>extraPackages</varname>.
'';
};
extraPackages = mkOption {
default = self: [];
example = literalExample ''
haskellPackages: [
haskellPackages.wreq
haskellPackages.lens
]
'';
description = ''
Extra packages available to ghc when running ihaskell. The
value must be a function which receives the attrset defined
in <varname>haskellPackages</varname> as the sole argument.
'';
};
};
};
config = mkIf cfg.enable {
users.extraUsers.ihaskell = {
group = config.users.extraGroups.ihaskell.name;
description = "IHaskell user";
home = "/var/lib/ihaskell";
createHome = true;
uid = config.ids.uids.ihaskell;
};
users.extraGroups.ihaskell.gid = config.ids.gids.ihaskell;
systemd.services.ihaskell = {
description = "IHaskell notebook instance";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
User = config.users.extraUsers.ihaskell.name;
Group = config.users.extraGroups.ihaskell.name;
ExecStart = "${pkgs.stdenv.shell} -c \"cd $HOME;${ihaskell}/bin/ihaskell-notebook\"";
};
};
};
}

87
nixos/modules/services/misc/plex.nix Normal file
View File

@ -0,0 +1,87 @@
{ config, pkgs, lib, ... }:
with lib;
let
cfg = config.services.plex;
plex = pkgs.plex;
in
{
options = {
services.plex = {
enable = mkEnableOption "Enable Plex Media Server";
# FIXME: In order for this config option to work, symlinks in the Plex
# package in the Nix store have to be changed to point to this directory.
dataDir = mkOption {
type = types.str;
default = "/var/lib/plex";
description = "The directory where Plex stores its data files.";
};
user = mkOption {
type = types.str;
default = "plex";
description = "User account under which Plex runs.";
};
group = mkOption {
type = types.str;
default = "plex";
description = "Group under which Plex runs.";
};
};
};
config = mkIf cfg.enable {
# Most of this is just copied from the RPM package's systemd service file.
systemd.services.plex = {
description = "Plex Media Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
preStart = ''
test -d "${cfg.dataDir}" || {
echo "Creating initial Plex data directory in \"${cfg.dataDir}\"."
mkdir -p "${cfg.dataDir}"
chown -R ${cfg.user}:${cfg.group} "${cfg.dataDir}"
}
# Copy the database skeleton files to /var/lib/plex/.skeleton
test -d "${cfg.dataDir}/.skeleton" || mkdir "${cfg.dataDir}/.skeleton"
for db in "com.plexapp.plugins.library.db"; do
cp "${plex}/usr/lib/plexmediaserver/Resources/base_$db" "${cfg.dataDir}/.skeleton/$db"
chmod u+w "${cfg.dataDir}/.skeleton/$db"
chown ${cfg.user}:${cfg.group} "${cfg.dataDir}/.skeleton/$db"
done
'';
serviceConfig = {
Type = "simple";
User = cfg.user;
Group = cfg.group;
PermissionsStartOnly = "true";
ExecStart = "/bin/sh -c '${plex}/usr/lib/plexmediaserver/Plex\\ Media\\ Server'";
};
environment = {
PLEX_MEDIA_SERVER_APPLICATION_SUPPORT_DIR=cfg.dataDir;
PLEX_MEDIA_SERVER_HOME="${plex}/usr/lib/plexmediaserver";
PLEX_MEDIA_SERVER_MAX_PLUGIN_PROCS="6";
PLEX_MEDIA_SERVER_TMPDIR="/tmp";
LD_LIBRARY_PATH="${plex}/usr/lib/plexmediaserver";
LC_ALL="en_US.UTF-8";
LANG="en_US.UTF-8";
};
};
users.extraUsers = mkIf (cfg.user == "plex") {
plex = {
group = cfg.group;
uid = config.ids.uids.plex;
};
};
users.extraGroups = mkIf (cfg.group == "plex") {
plex = {
gid = config.ids.gids.plex;
};
};
};
}

32
nixos/modules/services/misc/rippled.nix
View File

@ -12,7 +12,7 @@ let
path=${db.path} path=${db.path}
${optionalString (db.compression != null) ("compression=${b2i db.compression}") } ${optionalString (db.compression != null) ("compression=${b2i db.compression}") }
${optionalString (db.onlineDelete != null) ("online_delete=${toString db.onlineDelete}")} ${optionalString (db.onlineDelete != null) ("online_delete=${toString db.onlineDelete}")}
${optionalString (db.advisoryDelete != null) ("advisory_delete=${toString db.advisoryDelete}")} ${optionalString (db.advisoryDelete != null) ("advisory_delete=${b2i db.advisoryDelete}")}
${db.extraOpts} ${db.extraOpts}
''; '';
@ -71,6 +71,13 @@ let
[sntp_servers] [sntp_servers]
${concatStringsSep "\n" cfg.sntpServers} ${concatStringsSep "\n" cfg.sntpServers}
${optionalString cfg.statsd.enable ''
[insight]
server=statsd
address=${cfg.statsd.address}
prefix=${cfg.statsd.prefix}
''}
[rpc_startup] [rpc_startup]
{ "command": "log_level", "severity": "${cfg.logLevel}" } { "command": "log_level", "severity": "${cfg.logLevel}" }
'' + cfg.extraConfig; '' + cfg.extraConfig;
@ -142,7 +149,6 @@ let
default = null; default = null;
type = types.nullOr types.path; type = types.nullOr types.path;
}; };
}; };
}; };
}; };
@ -150,7 +156,7 @@ let
dbOptions = { dbOptions = {
type = mkOption { type = mkOption {
description = "Rippled database type."; description = "Rippled database type.";
type = types.enum ["rocksdb" "nudb" "sqlite"]; type = types.enum ["rocksdb" "nudb" "sqlite" "hyperleveldb"];
default = "rocksdb"; default = "rocksdb";
}; };
@ -317,7 +323,7 @@ in
Path to the ripple database. Path to the ripple database.
''; '';
type = types.path; type = types.path;
default = "/var/lib/rippled/db"; default = "/var/lib/rippled";
}; };
validationQuorum = mkOption { validationQuorum = mkOption {
@ -366,6 +372,22 @@ in
default = "error"; default = "error";
}; };
statsd = {
enable = mkEnableOption "Whether enable statsd monitoring for rippled";
address = mkOption {
description = "The UDP address and port of the listening StatsD server.";
default = "127.0.0.1:8125";
type = types.str;
};
prefix = mkOption {
description = "A string prepended to each collected metric.";
default = "";
type = types.str;
};
};
extraConfig = mkOption { extraConfig = mkOption {
default = ""; default = "";
description = '' description = ''
@ -400,6 +422,8 @@ in
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/rippled --fg --conf ${cfg.config}"; ExecStart = "${cfg.package}/bin/rippled --fg --conf ${cfg.config}";
User = "rippled"; User = "rippled";
Restart = "on-failure";
LimitNOFILE=10000;
}; };
}; };

18
nixos/modules/services/network-filesystems/samba.nix
View File

@ -4,6 +4,10 @@ with lib;
let let
smbToString = x: if builtins.typeOf x == "bool"
then (if x then "true" else "false")
else toString x;
cfg = config.services.samba; cfg = config.services.samba;
samba = cfg.package; samba = cfg.package;
@ -15,9 +19,9 @@ let
shareConfig = name: shareConfig = name:
let share = getAttr name cfg.shares; in let share = getAttr name cfg.shares; in
"[${name}]\n " + (toString ( "[${name}]\n " + (smbToString (
map map
(key: "${key} = ${toString (getAttr key share)}\n") (key: "${key} = ${smbToString (getAttr key share)}\n")
(attrNames share) (attrNames share)
)); ));
@ -27,12 +31,12 @@ let
[ global ] [ global ]
security = ${cfg.securityType} security = ${cfg.securityType}
passwd program = /var/setuid-wrappers/passwd %u passwd program = /var/setuid-wrappers/passwd %u
pam password change = ${if cfg.syncPasswordsByPam then "yes" else "no"} pam password change = ${smbToString cfg.syncPasswordsByPam}
invalid users = ${toString cfg.invalidUsers} invalid users = ${smbToString cfg.invalidUsers}
${cfg.extraConfig} ${cfg.extraConfig}
${toString (map shareConfig (attrNames cfg.shares))} ${smbToString (map shareConfig (attrNames cfg.shares))}
''); '');
# This may include nss_ldap, needed for samba if it has to use ldap. # This may include nss_ldap, needed for samba if it has to use ldap.
@ -151,7 +155,7 @@ in
example = example =
{ srv = { srv =
{ path = "/srv"; { path = "/srv";
"read only" = "yes"; "read only" = true;
comment = "Public samba share."; comment = "Public samba share.";
}; };
}; };
@ -193,7 +197,7 @@ in
"samba-setup" = { "samba-setup" = {
description = "Samba Setup Task"; description = "Samba Setup Task";
script = setupScript; script = setupScript;
unitConfig.RequiresMountsFor = "/var/samba /var/log/samba"; unitConfig.RequiresMountsFor = "/var/lib/samba";
}; };
}; };
}; };

223
nixos/modules/services/networking/asterisk.nix Normal file
View File

@ -0,0 +1,223 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.asterisk;
asteriskUser = "asterisk";
varlibdir = "/var/lib/asterisk";
spooldir = "/var/spool/asterisk";
logdir = "/var/log/asterisk";
asteriskEtc = pkgs.stdenv.mkDerivation
((mapAttrs' (name: value: nameValuePair
# Fudge the names to make bash happy
((replaceChars ["."] ["_"] name) + "_")
(value)
) cfg.confFiles) //
{
confFilesString = concatStringsSep " " (
attrNames cfg.confFiles
);
name = "asterisk.etc";
# Default asterisk.conf file
# (Notice that astetcdir will be set to the path of this derivation)
asteriskConf = ''
[directories]
astetcdir => @out@
astmoddir => ${pkgs.asterisk}/lib/asterisk/modules
astvarlibdir => /var/lib/asterisk
astdbdir => /var/lib/asterisk
astkeydir => /var/lib/asterisk
astdatadir => /var/lib/asterisk
astagidir => /var/lib/asterisk/agi-bin
astspooldir => /var/spool/asterisk
astrundir => /var/run/asterisk
astlogdir => /var/log/asterisk
astsbindir => ${pkgs.asterisk}/sbin
'';
extraConf = cfg.extraConfig;
# Loading all modules by default is considered sensible by the authors of
# "Asterisk: The Definitive Guide". Secure sites will likely want to
# specify their own "modules.conf" in the confFiles option.
modulesConf = ''
[modules]
autoload=yes
'';
# Use syslog for logging so logs can be viewed with journalctl
loggerConf = ''
[general]
[logfiles]
syslog.local0 => notice,warning,error
'';
buildCommand = ''
mkdir -p "$out"
# Create asterisk.conf, pointing astetcdir to the path of this derivation
echo "$asteriskConf" | sed "s|@out@|$out|g" > "$out"/asterisk.conf
echo "$extraConf" >> "$out"/asterisk.conf
echo "$modulesConf" > "$out"/modules.conf
echo "$loggerConf" > "$out"/logger.conf
# Config files specified in confFiles option override all other files
for i in $confFilesString; do
conf=$(echo "$i"_ | sed 's/\./_/g')
echo "''${!conf}" > "$out"/"$i"
done
'';
});
in
{
options = {
services.asterisk = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Whether to enable the Asterisk PBX server.
'';
};
extraConfig = mkOption {
default = "";
type = types.lines;
example = ''
[options]
verbose=3
debug=3
'';
description = ''
Extra configuration options appended to the default
<literal>asterisk.conf</literal> file.
'';
};
confFiles = mkOption {
default = {};
type = types.attrsOf types.str;
example = literalExample
''
{
"extensions.conf" = '''
[tests]
; Dial 100 for "hello, world"
exten => 100,1,Answer()
same => n,Wait(1)
same => n,Playback(hello-world)
same => n,Hangup()
[softphones]
include => tests
[unauthorized]
''';
"sip.conf" = '''
[general]
allowguest=no ; Require authentication
context=unauthorized ; Send unauthorized users to /dev/null
srvlookup=no ; Don't do DNS lookup
udpbindaddr=0.0.0.0 ; Listen on all interfaces
nat=force_rport,comedia ; Assume device is behind NAT
[softphone](!)
type=friend ; Match on username first, IP second
context=softphones ; Send to softphones context in
; extensions.conf file
host=dynamic ; Device will register with asterisk
disallow=all ; Manually specify codecs to allow
allow=g722
allow=ulaw
allow=alaw
[myphone](softphone)
secret=GhoshevFew ; Change this password!
''';
"logger.conf" = '''
[general]
[logfiles]
; Add debug output to log
syslog.local0 => notice,warning,error,debug
''';
}
'';
description = ''
Sets the content of config files (typically ending with
<literal>.conf</literal>) in the Asterisk configuration directory.
Note that if you want to change <literal>asterisk.conf</literal>, it
is preferable to use the <option>services.asterisk.extraConfig</option>
option over this option. If <literal>"asterisk.conf"</literal> is
specified with the <option>confFiles</option> option (not recommended),
you must be prepared to set your own <literal>astetcdir</literal>
path.
See
<link xlink:href="http://www.asterisk.org/community/documentation"/>
for more examples of what is possible here.
'';
};
extraArguments = mkOption {
default = [];
type = types.listOf types.str;
example =
[ "-vvvddd" "-e" "1024" ];
description = ''
Additional command line arguments to pass to Asterisk.
'';
};
};
};
config = mkIf cfg.enable {
users.extraUsers = singleton
{ name = asteriskUser;
uid = config.ids.uids.asterisk;
description = "Asterisk daemon user";
home = varlibdir;
};
systemd.services.asterisk = {
description = ''
Asterisk PBX server
'';
wantedBy = [ "multi-user.target" ];
preStart = ''
# Copy skeleton directory tree to /var
for d in '${varlibdir}' '${spooldir}' '${logdir}'; do
# TODO: Make exceptions for /var directories that likely should be updated
if [ ! -e "$d" ]; then
cp --recursive ${pkgs.asterisk}/"$d" "$d"
chown --recursive ${asteriskUser} "$d"
find "$d" -type d | xargs chmod 0755
fi
done
'';
serviceConfig = {
ExecStart =
let
# FIXME: This doesn't account for arguments with spaces
argString = concatStringsSep " " cfg.extraArguments;
in
"${pkgs.asterisk}/bin/asterisk -U ${asteriskUser} -C ${asteriskEtc}/asterisk.conf ${argString} -F";
Type = "forking";
PIDFile = "/var/run/asterisk/asterisk.pid";
};
};
};
}

4
nixos/modules/services/networking/btsync.nix
View File

@ -293,7 +293,7 @@ in
systemd.services.btsync = with pkgs; { systemd.services.btsync = with pkgs; {
description = "Bittorrent Sync Service"; description = "Bittorrent Sync Service";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; after = [ "network.target" "local-fs.target" ];
serviceConfig = { serviceConfig = {
Restart = "on-abort"; Restart = "on-abort";
UMask = "0002"; UMask = "0002";
@ -305,7 +305,7 @@ in
systemd.services."btsync@" = with pkgs; { systemd.services."btsync@" = with pkgs; {
description = "Bittorrent Sync Service for %i"; description = "Bittorrent Sync Service for %i";
after = [ "network.target" ]; after = [ "network.target" "local-fs.target" ];
serviceConfig = { serviceConfig = {
Restart = "on-abort"; Restart = "on-abort";
User = "%i"; User = "%i";

21
nixos/modules/services/networking/cjdns.nix
View File

@ -44,6 +44,9 @@ let
}) })
else ""; else "";
parseModules = x:
x // { connectTo = mapAttrs (name: value: { inherit (value) password publicKey; }) x.connectTo; };
# would be nice to merge 'cfg' with a //, # would be nice to merge 'cfg' with a //,
# but the json nesting is wacky. # but the json nesting is wacky.
cjdrouteConf = builtins.toJSON ( { cjdrouteConf = builtins.toJSON ( {
@ -53,8 +56,8 @@ let
}; };
authorizedPasswords = map (p: { password = p; }) cfg.authorizedPasswords; authorizedPasswords = map (p: { password = p; }) cfg.authorizedPasswords;
interfaces = { interfaces = {
ETHInterface = if (cfg.ETHInterface.bind != "") then [ cfg.ETHInterface ] else [ ]; ETHInterface = if (cfg.ETHInterface.bind != "") then [ (parseModules cfg.ETHInterface) ] else [ ];
UDPInterface = if (cfg.UDPInterface.bind != "") then [ cfg.UDPInterface ] else [ ]; UDPInterface = if (cfg.UDPInterface.bind != "") then [ (parseModules cfg.UDPInterface) ] else [ ];
}; };
privateKey = "@CJDNS_PRIVATE_KEY@"; privateKey = "@CJDNS_PRIVATE_KEY@";
@ -151,12 +154,14 @@ in
ETHInterface = { ETHInterface = {
bind = mkOption { bind = mkOption {
default = ""; default = "";
example = "eth0"; example = "eth0";
description = '' description =
Bind to this device for native ethernet operation. ''
''; Bind to this device for native ethernet operation.
}; <literal>all</literal> is a pseudo-name which will try to connect to all devices.
'';
};
beacon = mkOption { beacon = mkOption {
type = types.int; type = types.int;

4
nixos/modules/services/networking/ddclient.nix
View File

@ -127,8 +127,8 @@ in
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network.target" ]; after = [ "network.target" ];
serviceConfig = { serviceConfig = {
# This may change back to forking if too many problems occur: # Uncomment this if too many problems occur:
type = "simple"; # Type = "forking";
User = ddclientUser; User = ddclientUser;
Group = "nogroup"; #TODO get this to work Group = "nogroup"; #TODO get this to work
PermissionsStartOnly = "true"; PermissionsStartOnly = "true";

11
nixos/modules/services/networking/dnsmasq.nix
View File

@ -28,6 +28,7 @@ in
services.dnsmasq = { services.dnsmasq = {
enable = mkOption { enable = mkOption {
type = types.bool;
default = false; default = false;
description = '' description = ''
Whether to run dnsmasq. Whether to run dnsmasq.
@ -35,14 +36,16 @@ in
}; };
resolveLocalQueries = mkOption { resolveLocalQueries = mkOption {
type = types.bool;
default = true; default = true;
description = '' description = ''
Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to Whether dnsmasq should resolve local queries (i.e. add 127.0.0.1 to
/etc/resolv.conf) /etc/resolv.conf).
''; '';
}; };
servers = mkOption { servers = mkOption {
type = types.listOf types.string;
default = []; default = [];
example = [ "8.8.8.8" "8.8.4.4" ]; example = [ "8.8.8.8" "8.8.4.4" ];
description = '' description = ''
@ -51,11 +54,11 @@ in
}; };
extraConfig = mkOption { extraConfig = mkOption {
type = types.string; type = types.lines;
default = ""; default = "";
description = '' description = ''
Extra configuration directives that should be added to Extra configuration directives that should be added to
<literal>dnsmasq.conf</literal> <literal>dnsmasq.conf</literal>.
''; '';
}; };
@ -81,7 +84,7 @@ in
}; };
systemd.services.dnsmasq = { systemd.services.dnsmasq = {
description = "dnsmasq daemon"; description = "Dnsmasq Daemon";
after = [ "network.target" "systemd-resolved.service" ]; after = [ "network.target" "systemd-resolved.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ dnsmasq ]; path = [ dnsmasq ];

42
nixos/modules/services/networking/i2p.nix Normal file
View File

@ -0,0 +1,42 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.i2p;
homeDir = "/var/lib/i2p";
in {
###### interface
options.services.i2p = {
enable = mkOption {
type = types.bool;
default = false;
description = ''
Enables i2p as a running service upon activation.
'';
};
};
###### implementation
config = mkIf cfg.enable {
users.extraUsers.i2p = {
group = "i2p";
description = "i2p User";
home = homeDir;
createHome = true;
uid = config.ids.uids.i2p;
};
users.extraGroups.i2p.gid = config.ids.gids.i2p;
systemd.services.i2p = {
description = "I2P router with administration interface for hidden services";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "i2p";
WorkingDirectory = homeDir;
Restart = "on-abort";
ExecStart = "${pkgs.i2p}/bin/i2prouter-plain";
};
};
};
}

81
nixos/modules/services/networking/lambdabot.nix Normal file
View File

@ -0,0 +1,81 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.services.lambdabot;
rc = builtins.toFile "script.rc" cfg.script;
in
{
### configuration
options = {
services.lambdabot = {
enable = mkOption {
type = types.bool;
default = false;
description = "Enable the Lambdabot IRC bot";
};
package = mkOption {
type = types.package;
default = pkgs.lambdabot;
description = "Used lambdabot package";
};
script = mkOption {
type = types.str;
default = "";
description = "Lambdabot script";
};
};
};
### implementation
config = mkIf cfg.enable {
systemd.services.lambdabot = {
description = "Lambdabot daemon";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
# Workaround for https://github.com/lambdabot/lambdabot/issues/117
script = ''
mkdir -p ~/.lambdabot
cd ~/.lambdabot
mkfifo /run/lambdabot/offline
(
echo 'rc ${rc}'
while true; do
cat /run/lambdabot/offline
done
) | ${cfg.package}/bin/lambdabot
'';
serviceConfig = {
User = "lambdabot";
RuntimeDirectory = [ "lambdabot" ];
};
};
users.extraUsers.lambdabot = {
group = "lambdabot";
description = "Lambdabot daemon user";
home = "/var/lib/lambdabot";
createHome = true;
uid = config.ids.uids.lambdabot;
};
users.extraGroups.lambdabot.gid = config.ids.gids.lambdabot;
};
}

10
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -281,10 +281,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = singleton users.extraUsers.sshd =
{ name = "sshd"; { description = "SSH privilege separation user";
uid = config.ids.uids.sshd;
description = "SSH privilege separation user";
home = "/var/empty"; home = "/var/empty";
}; };
@ -379,7 +377,7 @@ in
Port ${toString port} Port ${toString port}
'') cfg.ports} '') cfg.ports}
${concatMapStrings ({ port, addr }: '' ${concatMapStrings ({ port, addr, ... }: ''
ListenAddress ${addr}${if port != null then ":" + toString port else ""} ListenAddress ${addr}${if port != null then ":" + toString port else ""}
'') cfg.listenAddresses} '') cfg.listenAddresses}
@ -418,7 +416,7 @@ in
(data.publicKey != null && data.publicKeyFile == null); (data.publicKey != null && data.publicKeyFile == null);
message = "knownHost ${name} must contain either a publicKey or publicKeyFile"; message = "knownHost ${name} must contain either a publicKey or publicKeyFile";
}) })
++ flip map cfg.listenAddresses ({ addr, port }: { ++ flip map cfg.listenAddresses ({ addr, port, ... }: {
assertion = addr != null; assertion = addr != null;
message = "addr must be specified in each listenAddresses entry"; message = "addr must be specified in each listenAddresses entry";
}); });

2
nixos/modules/services/networking/sslh.nix
View File

@ -81,7 +81,7 @@ in
description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)"; description = "Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)";
after = [ "network.target" ]; after = [ "network.target" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F ${configFile}"; serviceConfig.ExecStart = "${pkgs.sslh}/bin/sslh -F${configFile}";
serviceConfig.KillMode = "process"; serviceConfig.KillMode = "process";
serviceConfig.PIDFile = "${cfg.pidfile}"; serviceConfig.PIDFile = "${cfg.pidfile}";
}; };

102
nixos/modules/services/security/hologram.nix Normal file
View File

@ -0,0 +1,102 @@
{pkgs, config, lib, ...}:
with lib;
let
cfg = config.services.hologram-server;
cfgFile = pkgs.writeText "hologram-server.json" (builtins.toJSON {
ldap = {
host = cfg.ldapHost;
bind = {
dn = cfg.ldapBindDN;
password = cfg.ldapBindPassword;
};
insecureldap = cfg.ldapInsecure;
userattr = cfg.ldapUserAttr;
baseDN = cfg.ldapBaseDN;
};
aws = {
account = cfg.awsAccount;
defaultrole = cfg.awsDefaultRole;
};
stats = cfg.statsAddress;
listen = cfg.listenAddress;
});
in {
options = {
services.hologram-server = {
enable = mkOption {
type = types.bool;
default = false;
description = "Whether to enable the Hologram server for AWS instance credentials";
};
listenAddress = mkOption {
type = types.str;
default = "0.0.0.0:3100";
description = "Address and port to listen on";
};
ldapHost = mkOption {
type = types.str;
description = "Address of the LDAP server to use";
};
ldapInsecure = mkOption {
type = types.bool;
default = false;
description = "Whether to connect to LDAP over SSL or not";
};
ldapUserAttr = mkOption {
type = types.str;
default = "cn";
description = "The LDAP attribute for usernames";
};
ldapBaseDN = mkOption {
type = types.str;
description = "The base DN for your Hologram users";
};
ldapBindDN = mkOption {
type = types.str;
description = "DN of account to use to query the LDAP server";
};
ldapBindPassword = mkOption {
type = types.str;
description = "Password of account to use to query the LDAP server";
};
awsAccount = mkOption {
type = types.str;
description = "AWS account number";
};
awsDefaultRole = mkOption {
type = types.str;
description = "AWS default role";
};
statsAddress = mkOption {
type = types.str;
default = "";
description = "Address of statsd server";
};
};
};
config = mkIf cfg.enable {
systemd.services.hologram-server = {
description = "Provide EC2 instance credentials to machines outside of EC2";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.goPackages.hologram}/bin/hologram-server --debug --conf ${cfgFile}";
};
};
};
}

2
nixos/modules/services/system/dbus.nix
View File

@ -133,6 +133,8 @@ in
# Don't restart dbus-daemon. Bad things tend to happen if we do. # Don't restart dbus-daemon. Bad things tend to happen if we do.
systemd.services.dbus.reloadIfChanged = true; systemd.services.dbus.reloadIfChanged = true;
systemd.services.dbus.restartTriggers = [ configDir ];
environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ]; environment.pathsToLink = [ "/etc/dbus-1" "/share/dbus-1" ];
}; };

6
nixos/modules/services/system/nscd.nix
View File

@ -42,11 +42,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = singleton users.extraUsers.nscd.description = "Name service cache daemon user";
{ name = "nscd";
uid = config.ids.uids.nscd;
description = "Name service cache daemon user";
};
systemd.services.nscd = systemd.services.nscd =
{ description = "Name Service Cache Daemon"; { description = "Name Service Cache Daemon";

23
nixos/modules/services/ttys/agetty.nix
View File

@ -10,6 +10,15 @@ with lib;
services.mingetty = { services.mingetty = {
autologinUser = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Username of the account that will be automatically logged in at the console.
If unspecified, a login prompt is shown as usual.
'';
};
greetingLine = mkOption { greetingLine = mkOption {
type = types.str; type = types.str;
default = ''<<< Welcome to NixOS ${config.system.nixosVersion} (\m) - \l >>>''; default = ''<<< Welcome to NixOS ${config.system.nixosVersion} (\m) - \l >>>'';
@ -46,28 +55,30 @@ with lib;
###### implementation ###### implementation
config = { config = let
autologinArg = optionalString (config.services.mingetty.autologinUser != null) "--autologin ${config.services.mingetty.autologinUser}";
gettyCmd = extraArgs: "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login ${autologinArg} ${extraArgs}";
in {
systemd.services."getty@" = systemd.services."getty@" =
{ serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud %I 115200,38400,9600 $TERM"; { serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud %I 115200,38400,9600 $TERM";
restartIfChanged = false; restartIfChanged = false;
}; };
systemd.services."serial-getty@" = systemd.services."serial-getty@" =
{ serviceConfig.ExecStart = { serviceConfig.ExecStart =
let speeds = concatStringsSep "," (map toString config.services.mingetty.serialSpeed); let speeds = concatStringsSep "," (map toString config.services.mingetty.serialSpeed);
in "@${pkgs.utillinux}/sbin/agetty agetty --login-program ${pkgs.shadow}/bin/login %I ${speeds} $TERM"; in gettyCmd "%I ${speeds} $TERM";
restartIfChanged = false; restartIfChanged = false;
}; };
systemd.services."container-getty@" = systemd.services."container-getty@" =
{ unitConfig.ConditionPathExists = "/dev/pts/%I"; # Work around being respawned when "machinectl login" exits. { unitConfig.ConditionPathExists = "/dev/pts/%I"; # Work around being respawned when "machinectl login" exits.
serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud pts/%I 115200,38400,9600 $TERM"; serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud pts/%I 115200,38400,9600 $TERM";
restartIfChanged = false; restartIfChanged = false;
}; };
systemd.services."console-getty" = systemd.services."console-getty" =
{ serviceConfig.ExecStart = "@${pkgs.utillinux}/sbin/agetty agetty --noclear --login-program ${pkgs.shadow}/bin/login --keep-baud console 115200,38400,9600 $TERM"; { serviceConfig.ExecStart = gettyCmd "--noclear --keep-baud console 115200,38400,9600 $TERM";
serviceConfig.Restart = "always"; serviceConfig.Restart = "always";
restartIfChanged = false; restartIfChanged = false;
enable = mkDefault config.boot.isContainer; enable = mkDefault config.boot.isContainer;

3
nixos/modules/services/web-servers/apache-httpd/default.nix
View File

@ -231,6 +231,9 @@ let
${if cfg.sslServerCert != null then '' ${if cfg.sslServerCert != null then ''
SSLCertificateFile ${cfg.sslServerCert} SSLCertificateFile ${cfg.sslServerCert}
SSLCertificateKeyFile ${cfg.sslServerKey} SSLCertificateKeyFile ${cfg.sslServerKey}
${if cfg.sslServerChain != null then ''
SSLCertificateChainFile ${cfg.sslServerChain}
'' else ""}
'' else ""} '' else ""}
${if cfg.enableSSL then '' ${if cfg.enableSSL then ''

193
nixos/modules/services/web-servers/apache-httpd/moodle.nix Normal file
View File

@ -0,0 +1,193 @@
{ config, lib, pkgs, serverInfo, php, ... }:
with lib;
let
httpd = serverInfo.serverConfig.package;
version24 = !versionOlder httpd.version "2.4";
allGranted = if version24 then ''
Require all granted
'' else ''
Order allow,deny
Allow from all
'';
moodleConfig = pkgs.writeText "config.php"
''
<?php
unset($CFG);
global $CFG;
$CFG = new stdClass();
$CFG->dbtype = '${config.dbType}';
$CFG->dblibrary = 'native';
$CFG->dbhost = '${config.dbHost}';
$CFG->dbname = '${config.dbName}';
$CFG->dbuser = '${config.dbUser}';
$CFG->dbpass = '${config.dbPassword}';
$CFG->prefix = '${config.dbPrefix}';
$CFG->dboptions = array(
'dbpersist' => false,
'dbsocket' => false,
'dbport' => "${config.dbPort}",
);
$CFG->wwwroot = '${config.wwwRoot}';
$CFG->dataroot = '${config.dataRoot}';
$CFG->directorypermissions = 02777;
$CFG->admin = 'admin';
${optionalString (config.debug.noEmailEver == true) ''
$CFG->noemailever = true;
''}
${config.extraConfig}
require_once(dirname(__FILE__) . '/lib/setup.php'); // Do not edit
'';
# Unpack Moodle and put the config file in its root directory.
moodleRoot = pkgs.stdenv.mkDerivation rec {
name= "moodle-2.8.5";
src = pkgs.fetchurl {
url = "https://download.moodle.org/stable28/${name}.tgz";
sha256 = "1a159a193010cddedce10ee009184502e6f732e4d7c85167d8597fe5dff9e190";
};
buildPhase =
''
'';
installPhase =
''
mkdir -p $out
cp -r * $out
cp ${moodleConfig} $out/config.php
'';
};
in
{
extraConfig =
''
# this should be config.urlPrefix instead of /
Alias / ${moodleRoot}/
<Directory ${moodleRoot}>
DirectoryIndex index.php
</Directory>
'';
documentRoot = moodleRoot; # TODO: fix this, should be config.urlPrefix
enablePHP = true;
options = {
id = mkOption {
default = "main";
description = ''
A unique identifier necessary to keep multiple Moodle server
instances on the same machine apart.
'';
};
dbType = mkOption {
default = "postgres";
example = "mysql";
description = "Database type.";
};
dbName = mkOption {
default = "moodle";
description = "Name of the database that holds the Moodle data.";
};
dbHost = mkOption {
default = "localhost";
example = "10.0.2.2";
description = ''
The location of the database server.
'';
};
dbPort = mkOption {
default = ""; # use the default port
example = "12345";
description = ''
The port that is used to connect to the database server.
'';
};
dbUser = mkOption {
default = "moodle";
description = "The user name for accessing the database.";
};
dbPassword = mkOption {
default = "";
example = "password";
description = ''
The password of the database user. Warning: this is stored in
cleartext in the Nix store!
'';
};
dbPrefix = mkOption {
default = "mdl_";
example = "my_other_mdl_";
description = ''
A prefix for each table, if multiple moodles should run in a single database.
'';
};
wwwRoot = mkOption {
type = types.string;
example = "http://my.machine.com/my-moodle";
description = ''
The full web address where moodle has been installed.
'';
};
dataRoot = mkOption {
default = "/var/lib/moodledata";
example = "/var/lib/moodledata";
description = ''
The data directory for moodle. Needs to be writable!
'';
type = types.path;
};
extraConfig = mkOption {
default = "";
example =
''
'';
description = ''
Any additional text to be appended to Moodle's
configuration file. This is a PHP script.
'';
};
debug = {
noEmailEver = mkOption {
default = false;
example = "true";
description = ''
Set this to true to prevent Moodle from ever sending any email.
'';
};
};
};
startupScript = pkgs.writeScript "moodle_startup.sh" ''
echo "Checking for existence of ${config.dataRoot}"
if [ ! -e "${config.dataRoot}" ]
then
mkdir -p "${config.dataRoot}"
chown ${serverInfo.serverConfig.user}.${serverInfo.serverConfig.group} "${config.dataRoot}"
fi
'';
}

6
nixos/modules/services/web-servers/apache-httpd/per-server-options.nix
View File

@ -56,6 +56,12 @@ with lib;
description = "Path to server SSL certificate key."; description = "Path to server SSL certificate key.";
}; };
sslServerChain = mkOption {
type = types.path;
example = "/var/ca.pem";
description = "Path to server SSL chain file.";
};
adminAddr = mkOption ({ adminAddr = mkOption ({
type = types.nullOr types.str; type = types.nullOr types.str;
example = "admin@example.org"; example = "admin@example.org";

209
nixos/modules/services/web-servers/apache-httpd/wordpress.nix Normal file
View File

@ -0,0 +1,209 @@
{ config, lib, pkgs, serverInfo, php, ... }:
with lib;
let
# https://wordpress.org/plugins/postgresql-for-wordpress/
# Wordpress plugin 'postgresql-for-wordpress' installation example
postgresqlForWordpressPlugin = pkgs.stdenv.mkDerivation {
name = "postgresql-for-wordpress-plugin";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = https://downloads.wordpress.org/plugin/postgresql-for-wordpress.1.3.1.zip;
sha256 = "f11a5d76af884c7bec2bc653ed5bd29d3ede9a8657bd67ab7824e329e5d809e8";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
# Our bare-bones wp-config.php file using the above settings
wordpressConfig = pkgs.writeText "wp-config.php" ''
<?php
define('DB_NAME', '${config.dbName}');
define('DB_USER', '${config.dbUser}');
define('DB_PASSWORD', '${config.dbPassword}');
define('DB_HOST', '${config.dbHost}');
define('DB_CHARSET', 'utf8');
$table_prefix = '${config.tablePrefix}';
if ( !defined('ABSPATH') )
define('ABSPATH', dirname(__FILE__) . '/');
require_once(ABSPATH . 'wp-settings.php');
${config.extraConfig}
'';
# .htaccess to support pretty URLs
htaccess = pkgs.writeText "htaccess" ''
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
'';
# The wordpress package itself
wordpressRoot = pkgs.stdenv.mkDerivation rec {
name = "wordpress";
# Fetch directly from the wordpress site, want to upgrade?
# Just change the version URL and update the hash
src = pkgs.fetchurl {
url = http://wordpress.org/wordpress-4.1.1.tar.gz;
sha256 = "1s9y0i9ms3m6dswb9gqrr95plnx6imahc07fyhvrp5g35f6c12k1";
};
installPhase = ''
mkdir -p $out
# Copy all the wordpress files we downloaded
cp -R * $out/
# We'll symlink the wordpress config
ln -s ${wordpressConfig} $out/wp-config.php
# As well as our custom .htaccess
ln -s ${htaccess} $out/.htaccess
# And the uploads directory
ln -s ${config.wordpressUploads} $out/wp-content/uploads
# And the theme(s)
${concatMapStrings (theme: "ln -s ${theme} $out/wp-content/themes/${theme.name}\n") config.themes}
# And the plugin(s)
# remove bundled plugin(s) coming with wordpress
rm -Rf $out/wp-content/plugins/akismet
# install plugins
${concatMapStrings (plugin: "ln -s ${plugin} $out/wp-content/plugins/${plugin.name}\n") (config.plugins ++ [ postgresqlForWordpressPlugin]) }
'';
};
in
{
# And some httpd extraConfig to make things work nicely
extraConfig = ''
<Directory ${wordpressRoot}>
DirectoryIndex index.php
Allow from *
Options FollowSymLinks
AllowOverride All
</Directory>
'';
enablePHP = true;
options = {
dbHost = mkOption {
default = "localhost";
description = "The location of the database server.";
example = "localhost";
};
dbName = mkOption {
default = "wordpress";
description = "Name of the database that holds the Wordpress data.";
example = "localhost";
};
dbUser = mkOption {
default = "wordpress";
description = "The dbUser, read the username, for the database.";
example = "wordpress";
};
dbPassword = mkOption {
default = "wordpress";
description = "The password to the respective dbUser.";
example = "wordpress";
};
tablePrefix = mkOption {
default = "wp_";
description = ''
The $table_prefix is the value placed in the front of your database tables. Change the value if you want to use something other than wp_ for your database prefix. Typically this is changed if you are installing multiple WordPress blogs in the same database. See <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php#table_prefix'/>.
'';
};
wordpressUploads = mkOption {
default = "/data/uploads";
description = ''
This directory is used for uploads of pictures and must be accessible (read: owned) by the httpd running user. The directory passed here is automatically created and permissions are given to the httpd running user.
'';
};
plugins = mkOption {
default = [];
type = types.listOf types.path;
description =
''
List of path(s) to respective plugin(s) which are symlinked from the 'plugins' directory. Note: These plugins need to be packaged before use.
'';
example = ''
# Wordpress plugin 'akismet' installation example
akismetPlugin = pkgs.stdenv.mkDerivation {
name = "akismet-plugin";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = https://downloads.wordpress.org/plugin/akismet.3.1.zip;
sha256 = "1i4k7qyzna08822ncaz5l00wwxkwcdg4j9h3z2g0ay23q640pclg";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
plugins = [ akismetPlugin ];
'';
};
themes = mkOption {
default = [];
type = types.listOf types.path;
description =
''
List of path(s) to respective theme(s) which are symlinked from the 'theme' directory. Note: These themes need to be packaged before use.
'';
example = ''
# For shits and giggles, let's package the responsive theme
responsiveTheme = pkgs.stdenv.mkDerivation {
name = "responsive-theme";
# Download the theme from the wordpress site
src = pkgs.fetchurl {
url = http://wordpress.org/themes/download/responsive.1.9.7.6.zip;
sha256 = "06i26xlc5kdnx903b1gfvnysx49fb4kh4pixn89qii3a30fgd8r8";
};
# We need unzip to build this package
buildInputs = [ pkgs.unzip ];
# Installing simply means copying all files to the output directory
installPhase = "mkdir -p $out; cp -R * $out/";
};
And then pass this theme to the themes list like this:
themes = [ responsiveTheme ];
'';
};
extraConfig = mkOption {
default = "";
example =
''
define( 'AUTOSAVE_INTERVAL', 60 ); // Seconds
'';
description = ''
Any additional text to be appended to Wordpress's wp-config.php
configuration file. This is a PHP script. For configuration
settings, see <link xlink:href='http://codex.wordpress.org/Editing_wp-config.php'/>.
'';
};
};
documentRoot = wordpressRoot;
startupScript = pkgs.writeScript "init-wordpress.sh" ''
#!/bin/sh
mkdir -p ${config.wordpressUploads}
chown ${serverInfo.serverConfig.user} ${config.wordpressUploads}
# we should use systemd dependencies here
#waitForUnit("network-interfaces.target");
if [ ! -d ${serverInfo.fullConfig.services.mysql.dataDir}/${config.dbName} ]; then
# Wait until MySQL is up
while [ ! -e /var/run/mysql/mysqld.pid ]; do
sleep 1
done
${pkgs.mysql}/bin/mysql -e 'CREATE DATABASE ${config.dbName};'
${pkgs.mysql}/bin/mysql -e 'GRANT ALL ON ${config.dbName}.* TO ${config.dbUser}@localhost IDENTIFIED BY "${config.dbPassword}";'
fi
'';
}

10
nixos/modules/services/x11/display-managers/lightdm.nix
View File

@ -69,6 +69,7 @@ let
xserver-command = ${xserverWrapper} xserver-command = ${xserverWrapper}
session-wrapper = ${dmcfg.session.script} session-wrapper = ${dmcfg.session.script}
greeter-session = ${cfg.greeter.name} greeter-session = ${cfg.greeter.name}
${cfg.extraSeatDefaults}
''; '';
gtkGreeterConf = writeText "lightdm-gtk-greeter.conf" gtkGreeterConf = writeText "lightdm-gtk-greeter.conf"
@ -109,6 +110,15 @@ in
''; '';
}; };
extraSeatDefaults = mkOption {
type = types.lines;
default = "";
example = ''
greeter-show-manual-login=true
'';
description = "Extra lines to append to SeatDefaults section.";
};
}; };
}; };

42
nixos/modules/services/x11/xserver.nix
View File

@ -41,16 +41,24 @@ let
}; };
in imap mkHead cfg.xrandrHeads; in imap mkHead cfg.xrandrHeads;
xrandrDeviceSection = flip concatMapStrings xrandrHeads (h: '' xrandrDeviceSection = let
Option "monitor-${h.output}" "${h.name}" monitors = flip map xrandrHeads (h: ''
''); Option "monitor-${h.output}" "${h.name}"
'');
# First option is indented through the space in the config but any
# subsequent options aren't so we need to apply indentation to
# them here
monitorsIndented = if length monitors > 1
then singleton (head monitors) ++ map (m: " " + m) (tail monitors)
else monitors;
in concatStrings monitorsIndented;
# Here we chain every monitor from the left to right, so we have: # Here we chain every monitor from the left to right, so we have:
# m4 right of m3 right of m2 right of m1 .----.----.----.----. # m4 right of m3 right of m2 right of m1 .----.----.----.----.
# Which will end up in reverse ----------> | m1 | m2 | m3 | m4 | # Which will end up in reverse ----------> | m1 | m2 | m3 | m4 |
# `----^----^----^----' # `----^----^----^----'
xrandrMonitorSections = let xrandrMonitorSections = let
mkMonitor = previous: current: previous ++ singleton { mkMonitor = previous: current: singleton {
inherit (current) name; inherit (current) name;
value = '' value = ''
Section "Monitor" Section "Monitor"
@ -60,8 +68,8 @@ let
''} ''}
EndSection EndSection
''; '';
}; } ++ previous;
monitors = foldl mkMonitor [] xrandrHeads; monitors = reverseList (foldl mkMonitor [] xrandrHeads);
in concatMapStrings (getAttr "value") monitors; in concatMapStrings (getAttr "value") monitors;
configFile = pkgs.stdenv.mkDerivation { configFile = pkgs.stdenv.mkDerivation {
@ -147,6 +155,19 @@ in
''; '';
}; };
inputClassSections = mkOption {
type = types.listOf types.lines;
default = [];
example = [ ''
Identifier "Trackpoint Wheel Emulation"
MatchProduct "ThinkPad USB Keyboard with TrackPoint"
Option "EmulateWheel" "true
Option "EmulateWheelButton" "2"
Option "Emulate3Buttons" "false"
'' ];
description = "Content of additional InputClass sections of the X server configuration file.";
};
modules = mkOption { modules = mkOption {
type = types.listOf types.path; type = types.listOf types.path;
default = []; default = [];
@ -522,6 +543,14 @@ in
Option "XkbVariant" "${cfg.xkbVariant}" Option "XkbVariant" "${cfg.xkbVariant}"
EndSection EndSection
# Additional "InputClass" sections
${flip concatMapStrings cfg.inputClassSections (inputClassSection: ''
Section "InputClass"
${inputClassSection}
EndSection
'')}
Section "ServerLayout" Section "ServerLayout"
Identifier "Layout[all]" Identifier "Layout[all]"
${cfg.serverLayoutSection} ${cfg.serverLayoutSection}
@ -593,4 +622,3 @@ in
}; };
} }

4
nixos/modules/system/activation/switch-to-configuration.pl
View File

@ -322,7 +322,9 @@ foreach my $device (keys %$prevSwaps) {
# Should we have systemd re-exec itself? # Should we have systemd re-exec itself?
my $restartSystemd = abs_path("/proc/1/exe") ne abs_path("@systemd@/lib/systemd/systemd"); my $prevSystemd = abs_path("/proc/1/exe") or die;
my $newSystemd = abs_path("@systemd@/lib/systemd/systemd") or die;
my $restartSystemd = $prevSystemd ne $newSystemd;
sub filterUnits { sub filterUnits {

4
nixos/modules/system/boot/loader/grub/install-grub.pl
View File

@ -468,8 +468,8 @@ sub getEfiTarget {
if ($grubTargetEfi eq "") { die } if ($grubTargetEfi eq "") { die }
else {return "only" } else {return "only" }
} else { } else {
# at least one grub target has to be given # prevent an installation if neither grub nor grubEfi is given
die return "neither"
} }
} }

670
nixos/modules/system/boot/networkd.nix Normal file
View File

@ -0,0 +1,670 @@
{ config, lib, pkgs, ... }:
with lib;
with import ./systemd-unit-options.nix { inherit config lib; };
with import ./systemd-lib.nix { inherit config lib pkgs; };
let
cfg = config.systemd.network;
checkLink = checkUnitConfig "Link" [
(assertOnlyFields [
"Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "Name"
"MTUBytes" "BitsPerSecond" "Duplex" "WakeOnLan"
])
(assertValueOneOf "MACAddressPolicy" ["persistent" "random"])
(assertMacAddress "MACAddress")
(assertValueOneOf "NamePolicy" [
"kernel" "database" "onboard" "slot" "path" "mac"
])
(assertByteFormat "MTUBytes")
(assertByteFormat "BitsPerSecond")
(assertValueOneOf "Duplex" ["half" "full"])
(assertValueOneOf "WakeOnLan" ["phy" "magic" "off"])
];
checkNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description" "Name" "Kind" "MTUBytes" "MACAddress"
])
(assertHasField "Name")
(assertHasField "Kind")
(assertValueOneOf "Kind" [
"bridge" "bond" "vlan" "macvlan" "vxlan" "ipip"
"gre" "sit" "vti" "veth" "tun" "tap" "dummy"
])
(assertByteFormat "MTUBytes")
(assertMacAddress "MACAddress")
];
checkVlan = checkUnitConfig "VLAN" [
(assertOnlyFields ["Id"])
(assertRange "Id" 0 4094)
];
checkMacvlan = checkUnitConfig "MACVLAN" [
(assertOnlyFields ["Mode"])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
checkVxlan = checkUnitConfig "VXLAN" [
(assertOnlyFields ["Id" "Group" "TOS" "TTL" "MacLearning"])
(assertRange "TTL" 0 255)
(assertValueOneOf "MacLearning" boolValues)
];
checkTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields ["Local" "Remote" "TOS" "TTL" "DiscoverPathMTU"])
(assertRange "TTL" 0 255)
(assertValueOneOf "DiscoverPathMTU" boolValues)
];
checkPeer = checkUnitConfig "Peer" [
(assertOnlyFields ["Name" "MACAddress"])
(assertMacAddress "MACAddress")
];
tunTapChecks = [
(assertOnlyFields ["OneQueue" "MultiQueue" "PacketInfo" "User" "Group"])
(assertValueOneOf "OneQueue" boolValues)
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
];
checkTun = checkUnitConfig "Tun" tunTapChecks;
checkTap = checkUnitConfig "Tap" tunTapChecks;
checkBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode" "TransmitHashPolicy" "LACPTransmitRate" "MIIMonitorSec"
"UpDelaySec" "DownDelaySec"
])
(assertValueOneOf "Mode" [
"balance-rr" "active-backup" "balance-xor"
"broadcast" "802.3ad" "balance-tlb" "balance-alb"
])
(assertValueOneOf "TransmitHashPolicy" [
"layer2" "layer3+4" "layer2+3" "encap2+3" "802.3ad" "encap3+4"
])
(assertValueOneOf "LACPTransmitRate" ["slow" "fast"])
];
checkNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description" "DHCP" "DHCPServer" "IPv4LL" "IPv4LLRoute"
"LLMNR" "Domains" "Bridge" "Bond"
])
(assertValueOneOf "DHCP" ["both" "none" "v4" "v6"])
(assertValueOneOf "DHCPServer" boolValues)
(assertValueOneOf "IPv4LL" boolValues)
(assertValueOneOf "IPv4LLRoute" boolValues)
(assertValueOneOf "LLMNR" boolValues)
];
checkAddress = checkUnitConfig "Address" [
(assertOnlyFields ["Address" "Peer" "Broadcast" "Label"])
(assertHasField "Address")
];
checkRoute = checkUnitConfig "Route" [
(assertOnlyFields ["Gateway" "Destination" "Metric"])
(assertHasField "Gateway")
];
checkDhcp = checkUnitConfig "DHCP" [
(assertOnlyFields [
"UseDNS" "UseMTU" "SendHostname" "UseHostname" "UseDomains" "UseRoutes"
"CriticalConnections" "VendorClassIdentifier" "RequestBroadcast"
"RouteMetric"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "SendHostname" boolValues)
(assertValueOneOf "UseHostname" boolValues)
(assertValueOneOf "UseDomains" boolValues)
(assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "CriticalConnections" boolValues)
(assertValueOneOf "RequestBroadcast" boolValues)
];
commonNetworkOptions = {
enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to manage network configuration using <command>systemd-network</command>.
'';
};
matchConfig = mkOption {
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
description = ''
Each attribute in this set specifies an option in the
<literal>[Match]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.
'';
};
};
linkOptions = commonNetworkOptions // {
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
type = types.addCheck (types.attrsOf unitOption) checkLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
type = types.addCheck (types.attrsOf unitOption) checkNetdev;
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) checkMacvlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVxlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) checkTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) checkPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
type = types.addCheck (types.attrsOf unitOption) checkBond;
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
addressOptions = {
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
type = types.addCheck (types.attrsOf unitOption) checkAddress;
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
routeOptions = {
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
type = types.addCheck (types.attrsOf unitOption) checkRoute;
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkOptions = commonNetworkOptions // {
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dhcpConfig = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcp;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCP]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The name of the network interface to match against.
'';
};
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Whether to enable DHCP on the interfaces matched.
'';
};
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
A list of domains to pass to the network config.
'';
};
address = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of addresses to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
gateway = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of gateways to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dns = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of dns servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ntp = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of ntp servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of macvlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vxlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnel = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of tunnel interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
addresses = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ addressOptions ];
description = ''
A list of address sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
routes = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ routeOptions ];
description = ''
A list of route sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkConfig = { name, config, ... }: {
config = {
matchConfig = optionalAttrs (config.name != null) {
Name = config.name;
};
networkConfig = optionalAttrs (config.DHCP != null) {
DHCP = config.DHCP;
} // optionalAttrs (config.domains != null) {
Domains = concatStringsSep " " config.domains;
};
};
};
linkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Link]
${attrsToSection def.linkConfig}
'';
};
netdevToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[NetDev]
${attrsToSection def.netdevConfig}
${optionalString (def.vlanConfig != { }) ''
[VLAN]
${attrsToSection def.vlanConfig}
''}
${optionalString (def.macvlanConfig != { }) ''
[MACVLAN]
${attrsToSection def.macvlanConfig}
''}
${optionalString (def.vxlanConfig != { }) ''
[VXLAN]
${attrsToSection def.vxlanConfig}
''}
${optionalString (def.tunnelConfig != { }) ''
[Tunnel]
${attrsToSection def.tunnelConfig}
''}
${optionalString (def.peerConfig != { }) ''
[Peer]
${attrsToSection def.peerConfig}
''}
${optionalString (def.tunConfig != { }) ''
[Tun]
${attrsToSection def.tunConfig}
''}
${optionalString (def.tapConfig != { }) ''
[Tap]
${attrsToSection def.tapConfig}
''}
${optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
''}
'';
};
networkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Network]
${attrsToSection def.networkConfig}
${concatStringsSep "\n" (map (s: "Address=${s}") def.address)}
${concatStringsSep "\n" (map (s: "Gateway=${s}") def.gateway)}
${concatStringsSep "\n" (map (s: "DNS=${s}") def.dns)}
${concatStringsSep "\n" (map (s: "NTP=${s}") def.ntp)}
${concatStringsSep "\n" (map (s: "VLAN=${s}") def.vlan)}
${concatStringsSep "\n" (map (s: "MACVLAN=${s}") def.macvlan)}
${concatStringsSep "\n" (map (s: "VXLAN=${s}") def.vxlan)}
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${optionalString (def.dhcpConfig != { }) ''
[DHCP]
${attrsToSection def.dhcpConfig}
''}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
'';
};
in
{
options = {
systemd.network.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable networkd or not.
'';
};
systemd.network.links = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ linkOptions ];
description = "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ netdevOptions ];
description = "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ networkOptions networkConfig ];
description = "Definition of systemd networks.";
};
systemd.network.units = mkOption {
description = "Definition of networkd units.";
default = {};
type = types.attrsOf types.optionSet;
options = { name, config, ... }:
{ options = concreteUnitOptions;
config = {
unit = mkDefault (makeUnit name config);
};
};
};
};
config = mkIf config.systemd.network.enable {
systemd.additionalUpstreamSystemUnits =
[ "systemd-networkd.service" "systemd-networkd-wait-online.service" ];
systemd.network.units =
mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.links
// mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.networks;
environment.etc."systemd/network".source =
generateUnits "network" cfg.units [] [];
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
before = [ "network-interfaces.target" ];
restartTriggers = [ config.environment.etc."systemd/network".source ];
};
systemd.services.systemd-networkd-wait-online = {
before = [ "network-online.target" "ip-up.target" ];
wantedBy = [ "network-online.target" "ip-up.target" ];
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
services.timesyncd.enable = mkDefault config.services.ntp.enable;
};
}

38
nixos/modules/system/boot/resolved.nix Normal file
View File

@ -0,0 +1,38 @@
{ config, lib, pkgs, ... }:
with lib;
{
options = {
services.resolved.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable the systemd DNS resolver daemon.
'';
};
};
config = mkIf config.services.resolved.enable {
systemd.additionalUpstreamSystemUnits = [ "systemd-resolved.service" ];
systemd.services.systemd-resolved = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
};
environment.etc."systemd/resolved.conf".text = ''
[Resolve]
DNS=${concatStringsSep " " config.networking.nameservers}
'';
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
};
}

1
nixos/modules/system/boot/stage-2.nix
View File

@ -24,7 +24,6 @@ let
path = path =
[ pkgs.coreutils [ pkgs.coreutils
pkgs.utillinux pkgs.utillinux
pkgs.sysvtools
pkgs.openresolv pkgs.openresolv
] ++ optional config.nix.readOnlyStore readonlyMountpoint; ] ++ optional config.nix.readOnlyStore readonlyMountpoint;
postBootCommands = pkgs.writeText "local-cmds" postBootCommands = pkgs.writeText "local-cmds"

118
nixos/modules/system/boot/systemd-lib.nix Normal file
View File

@ -0,0 +1,118 @@
{ config, lib, pkgs }:
with lib;
let cfg = config.systemd; in
rec {
shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
makeUnit = name: unit:
let
pathSafeName = lib.replaceChars ["@" ":" "\\"] ["-" "-" "-"] name;
in
if unit.enable then
pkgs.runCommand "unit-${pathSafeName}" { preferLocalBuild = true; inherit (unit) text; }
''
mkdir -p $out
echo -n "$text" > $out/${shellEscape name}
''
else
pkgs.runCommand "unit-${pathSafeName}-disabled" { preferLocalBuild = true; }
''
mkdir -p $out
ln -s /dev/null $out/${shellEscape name}
'';
generateUnits = type: units: upstreamUnits: upstreamWants:
pkgs.runCommand "${type}-units" { preferLocalBuild = true; } ''
mkdir -p $out
# Copy the upstream systemd units we're interested in.
for i in ${toString upstreamUnits}; do
fn=${cfg.package}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
if [ -L $fn ]; then
target="$(readlink "$fn")"
if [ ''${target:0:3} = ../ ]; then
ln -s "$(readlink -f "$fn")" $out/
else
cp -pd $fn $out/
fi
else
ln -s $fn $out/
fi
done
# Copy .wants links, but only those that point to units that
# we're interested in.
for i in ${toString upstreamWants}; do
fn=${cfg.package}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
x=$out/$(basename $fn)
mkdir $x
for i in $fn/*; do
y=$x/$(basename $i)
cp -pd $i $y
if ! [ -e $y ]; then rm $y; fi
done
done
# Symlink all units provided listed in systemd.packages.
for i in ${toString cfg.packages}; do
for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
if ! [[ "$fn" =~ .wants$ ]]; then
ln -s $fn $out/
fi
done
done
# Symlink all units defined by systemd.units. If these are also
# provided by systemd or systemd.packages, then add them as
# <unit-name>.d/overrides.conf, which makes them extend the
# upstream unit.
for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
fn=$(basename $i/*)
if [ -e $out/$fn ]; then
if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
ln -sfn /dev/null $out/$fn
else
mkdir $out/$fn.d
ln -s $i/$fn $out/$fn.d/overrides.conf
fi
else
ln -fs $i/$fn $out/
fi
done
# Created .wants and .requires symlinks from the wantedBy and
# requiredBy options.
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.wants'
ln -sfn '../${name}' $out/'${name2}.wants'/
'') unit.wantedBy) units)}
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.requires'
ln -sfn '../${name}' $out/'${name2}.requires'/
'') unit.requiredBy) units)}
${optionalString (type == "system") ''
# Stupid misc. symlinks.
ln -s ${cfg.defaultUnit} $out/default.target
ln -s rescue.target $out/kbrequest.target
mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../local-fs.target ../remote-fs.target ../network.target \
../nss-lookup.target ../nss-user-lookup.target ../swap.target \
$out/multi-user.target.wants/
''}
''; # */
}

464
nixos/modules/system/boot/systemd-unit-options.nix
View File

@ -62,126 +62,7 @@ let
]) ])
]; ];
checkLink = checkUnitConfig "Link" [ in rec {
(assertOnlyFields [
"Description" "Alias" "MACAddressPolicy" "MACAddress" "NamePolicy" "Name"
"MTUBytes" "BitsPerSecond" "Duplex" "WakeOnLan"
])
(assertValueOneOf "MACAddressPolicy" ["persistent" "random"])
(assertMacAddress "MACAddress")
(assertValueOneOf "NamePolicy" [
"kernel" "database" "onboard" "slot" "path" "mac"
])
(assertByteFormat "MTUBytes")
(assertByteFormat "BitsPerSecond")
(assertValueOneOf "Duplex" ["half" "full"])
(assertValueOneOf "WakeOnLan" ["phy" "magic" "off"])
];
checkNetdev = checkUnitConfig "Netdev" [
(assertOnlyFields [
"Description" "Name" "Kind" "MTUBytes" "MACAddress"
])
(assertHasField "Name")
(assertHasField "Kind")
(assertValueOneOf "Kind" [
"bridge" "bond" "vlan" "macvlan" "vxlan" "ipip"
"gre" "sit" "vti" "veth" "tun" "tap" "dummy"
])
(assertByteFormat "MTUBytes")
(assertMacAddress "MACAddress")
];
checkVlan = checkUnitConfig "VLAN" [
(assertOnlyFields ["Id"])
(assertRange "Id" 0 4094)
];
checkMacvlan = checkUnitConfig "MACVLAN" [
(assertOnlyFields ["Mode"])
(assertValueOneOf "Mode" ["private" "vepa" "bridge" "passthru"])
];
checkVxlan = checkUnitConfig "VXLAN" [
(assertOnlyFields ["Id" "Group" "TOS" "TTL" "MacLearning"])
(assertRange "TTL" 0 255)
(assertValueOneOf "MacLearning" boolValues)
];
checkTunnel = checkUnitConfig "Tunnel" [
(assertOnlyFields ["Local" "Remote" "TOS" "TTL" "DiscoverPathMTU"])
(assertRange "TTL" 0 255)
(assertValueOneOf "DiscoverPathMTU" boolValues)
];
checkPeer = checkUnitConfig "Peer" [
(assertOnlyFields ["Name" "MACAddress"])
(assertMacAddress "MACAddress")
];
tunTapChecks = [
(assertOnlyFields ["OneQueue" "MultiQueue" "PacketInfo" "User" "Group"])
(assertValueOneOf "OneQueue" boolValues)
(assertValueOneOf "MultiQueue" boolValues)
(assertValueOneOf "PacketInfo" boolValues)
];
checkTun = checkUnitConfig "Tun" tunTapChecks;
checkTap = checkUnitConfig "Tap" tunTapChecks;
checkBond = checkUnitConfig "Bond" [
(assertOnlyFields [
"Mode" "TransmitHashPolicy" "LACPTransmitRate" "MIIMonitorSec"
"UpDelaySec" "DownDelaySec"
])
(assertValueOneOf "Mode" [
"balance-rr" "active-backup" "balance-xor"
"broadcast" "802.3ad" "balance-tlb" "balance-alb"
])
(assertValueOneOf "TransmitHashPolicy" [
"layer2" "layer3+4" "layer2+3" "encap2+3" "802.3ad" "encap3+4"
])
(assertValueOneOf "LACPTransmitRate" ["slow" "fast"])
];
checkNetwork = checkUnitConfig "Network" [
(assertOnlyFields [
"Description" "DHCP" "DHCPServer" "IPv4LL" "IPv4LLRoute"
"LLMNR" "Domains" "Bridge" "Bond"
])
(assertValueOneOf "DHCP" ["both" "none" "v4" "v6"])
(assertValueOneOf "DHCPServer" boolValues)
(assertValueOneOf "IPv4LL" boolValues)
(assertValueOneOf "IPv4LLRoute" boolValues)
(assertValueOneOf "LLMNR" boolValues)
];
checkAddress = checkUnitConfig "Address" [
(assertOnlyFields ["Address" "Peer" "Broadcast" "Label"])
(assertHasField "Address")
];
checkRoute = checkUnitConfig "Route" [
(assertOnlyFields ["Gateway" "Destination" "Metric"])
(assertHasField "Gateway")
];
checkDhcp = checkUnitConfig "DHCP" [
(assertOnlyFields [
"UseDNS" "UseMTU" "SendHostname" "UseHostname" "UseDomains" "UseRoutes"
"CriticalConnections" "VendorClassIdentifier" "RequestBroadcast"
"RouteMetric"
])
(assertValueOneOf "UseDNS" boolValues)
(assertValueOneOf "UseMTU" boolValues)
(assertValueOneOf "SendHostname" boolValues)
(assertValueOneOf "UseHostname" boolValues)
(assertValueOneOf "UseDomains" boolValues)
(assertValueOneOf "UseRoutes" boolValues)
(assertValueOneOf "CriticalConnections" boolValues)
(assertValueOneOf "RequestBroadcast" boolValues)
];
unitOption = mkOptionType { unitOption = mkOptionType {
name = "systemd option"; name = "systemd option";
@ -195,8 +76,6 @@ let
else mergeOneOption loc defs'; else mergeOneOption loc defs';
}; };
in rec {
sharedOptions = { sharedOptions = {
enable = mkOption { enable = mkOption {
@ -619,345 +498,4 @@ in rec {
targetOptions = commonUnitOptions; targetOptions = commonUnitOptions;
commonNetworkOptions = {
enable = mkOption {
default = true;
type = types.bool;
description = ''
If set to false, this unit will be a symlink to
/dev/null.
'';
};
matchConfig = mkOption {
default = {};
example = { Name = "eth0"; };
type = types.attrsOf unitOption;
description = ''
Each attribute in this set specifies an option in the
<literal>[Match]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.
'';
};
};
linkOptions = commonNetworkOptions // {
linkConfig = mkOption {
default = {};
example = { MACAddress = "00:ff:ee:aa:cc:dd"; };
type = types.addCheck (types.attrsOf unitOption) checkLink;
description = ''
Each attribute in this set specifies an option in the
<literal>[Link]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.link</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
netdevOptions = commonNetworkOptions // {
netdevConfig = mkOption {
default = {};
example = { Name = "mybridge"; Kind = "bridge"; };
type = types.addCheck (types.attrsOf unitOption) checkNetdev;
description = ''
Each attribute in this set specifies an option in the
<literal>[Netdev]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlanConfig = mkOption {
default = {};
example = { Mode = "private"; };
type = types.addCheck (types.attrsOf unitOption) checkMacvlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[MACVLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlanConfig = mkOption {
default = {};
example = { Id = "4"; };
type = types.addCheck (types.attrsOf unitOption) checkVxlan;
description = ''
Each attribute in this set specifies an option in the
<literal>[VXLAN]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnelConfig = mkOption {
default = {};
example = { Remote = "192.168.1.1"; };
type = types.addCheck (types.attrsOf unitOption) checkTunnel;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tunnel]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
peerConfig = mkOption {
default = {};
example = { Name = "veth2"; };
type = types.addCheck (types.attrsOf unitOption) checkPeer;
description = ''
Each attribute in this set specifies an option in the
<literal>[Peer]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTun;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tun]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tapConfig = mkOption {
default = {};
example = { User = "openvpn"; };
type = types.addCheck (types.attrsOf unitOption) checkTap;
description = ''
Each attribute in this set specifies an option in the
<literal>[Tap]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
bondConfig = mkOption {
default = {};
example = { Mode = "802.3ad"; };
type = types.addCheck (types.attrsOf unitOption) checkBond;
description = ''
Each attribute in this set specifies an option in the
<literal>[Bond]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.netdev</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
addressOptions = {
addressConfig = mkOption {
default = {};
example = { Address = "192.168.0.100/24"; };
type = types.addCheck (types.attrsOf unitOption) checkAddress;
description = ''
Each attribute in this set specifies an option in the
<literal>[Address]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
routeOptions = {
routeConfig = mkOption {
default = {};
example = { Gateway = "192.168.0.1"; };
type = types.addCheck (types.attrsOf unitOption) checkRoute;
description = ''
Each attribute in this set specifies an option in the
<literal>[Route]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
networkOptions = commonNetworkOptions // {
networkConfig = mkOption {
default = {};
example = { Description = "My Network"; };
type = types.addCheck (types.attrsOf unitOption) checkNetwork;
description = ''
Each attribute in this set specifies an option in the
<literal>[Network]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dhcpConfig = mkOption {
default = {};
example = { UseDNS = true; UseRoutes = true; };
type = types.addCheck (types.attrsOf unitOption) checkDhcp;
description = ''
Each attribute in this set specifies an option in the
<literal>[DHCP]</literal> section of the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
name = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
The name of the network interface to match against.
'';
};
DHCP = mkOption {
type = types.nullOr types.str;
default = null;
description = ''
Whether to enable DHCP on the interfaces matched.
'';
};
domains = mkOption {
type = types.nullOr (types.listOf types.str);
default = null;
description = ''
A list of domains to pass to the network config.
'';
};
address = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of addresses to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
gateway = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of gateways to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
dns = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of dns servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
ntp = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of ntp servers to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
macvlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of macvlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
vxlan = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of vxlan interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
tunnel = mkOption {
default = [ ];
type = types.listOf types.str;
description = ''
A list of tunnel interfaces to be added to the network section of the
unit. See <citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
addresses = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ addressOptions ];
description = ''
A list of address sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
routes = mkOption {
default = [ ];
type = types.listOf types.optionSet;
options = [ routeOptions ];
description = ''
A list of route sections to be added to the unit. See
<citerefentry><refentrytitle>systemd.network</refentrytitle>
<manvolnum>5</manvolnum></citerefentry> for details.
'';
};
};
} }

351
nixos/modules/system/boot/systemd.nix
View File

@ -3,6 +3,7 @@
with utils; with utils;
with lib; with lib;
with import ./systemd-unit-options.nix { inherit config lib; }; with import ./systemd-unit-options.nix { inherit config lib; };
with import ./systemd-lib.nix { inherit config lib pkgs; };
let let
@ -10,24 +11,6 @@ let
systemd = cfg.package; systemd = cfg.package;
makeUnit = name: unit:
let
pathSafeName = lib.replaceChars ["@" ":" "\\"] ["-" "-" "-"] name;
in
if unit.enable then
pkgs.runCommand "unit-${pathSafeName}" { preferLocalBuild = true; inherit (unit) text; }
''
mkdir -p $out
echo -n "$text" > $out/${shellEscape name}
''
else
pkgs.runCommand "unit-${pathSafeName}-disabled" { preferLocalBuild = true; }
''
mkdir -p $out
ln -s /dev/null $out/${shellEscape name}
'';
upstreamSystemUnits = upstreamSystemUnits =
[ # Targets. [ # Targets.
"basic.target" "basic.target"
@ -97,12 +80,6 @@ let
"systemd-modules-load.service" "systemd-modules-load.service"
"kmod-static-nodes.service" "kmod-static-nodes.service"
# Networking
"systemd-networkd.service"
"systemd-networkd-wait-online.service"
"systemd-resolved.service"
"systemd-timesyncd.service"
# Filesystems. # Filesystems.
"systemd-fsck@.service" "systemd-fsck@.service"
"systemd-fsck-root.service" "systemd-fsck-root.service"
@ -196,8 +173,6 @@ let
"timers.target" "timers.target"
]; ];
shellEscape = s: (replaceChars [ "\\" ] [ "\\\\" ] s);
makeJobScript = name: text: makeJobScript = name: text:
let x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${shellEscape name}"; inherit text; }; let x = pkgs.writeTextFile { name = "unit-script"; executable = true; destination = "/bin/${shellEscape name}"; inherit text; };
in "${x}/bin/${shellEscape name}"; in "${x}/bin/${shellEscape name}";
@ -301,19 +276,6 @@ let
}; };
}; };
networkConfig = { name, config, ... }: {
config = {
matchConfig = optionalAttrs (config.name != null) {
Name = config.name;
};
networkConfig = optionalAttrs (config.DHCP != null) {
DHCP = config.DHCP;
} // optionalAttrs (config.domains != null) {
Domains = concatStringsSep " " config.domains;
};
};
};
toOption = x: toOption = x:
if x == true then "true" if x == true then "true"
else if x == false then "false" else if x == false then "false"
@ -412,188 +374,6 @@ let
${attrsToSection def.matchConfig} ${attrsToSection def.matchConfig}
''; '';
linkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Link]
${attrsToSection def.linkConfig}
'';
};
netdevToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[NetDev]
${attrsToSection def.netdevConfig}
${optionalString (def.vlanConfig != { }) ''
[VLAN]
${attrsToSection def.vlanConfig}
''}
${optionalString (def.macvlanConfig != { }) ''
[MACVLAN]
${attrsToSection def.macvlanConfig}
''}
${optionalString (def.vxlanConfig != { }) ''
[VXLAN]
${attrsToSection def.vxlanConfig}
''}
${optionalString (def.tunnelConfig != { }) ''
[Tunnel]
${attrsToSection def.tunnelConfig}
''}
${optionalString (def.peerConfig != { }) ''
[Peer]
${attrsToSection def.peerConfig}
''}
${optionalString (def.tunConfig != { }) ''
[Tun]
${attrsToSection def.tunConfig}
''}
${optionalString (def.tapConfig != { }) ''
[Tap]
${attrsToSection def.tapConfig}
''}
${optionalString (def.bondConfig != { }) ''
[Bond]
${attrsToSection def.bondConfig}
''}
'';
};
networkToUnit = name: def:
{ inherit (def) enable;
text = commonMatchText def +
''
[Network]
${attrsToSection def.networkConfig}
${concatStringsSep "\n" (map (s: "Address=${s}") def.address)}
${concatStringsSep "\n" (map (s: "Gateway=${s}") def.gateway)}
${concatStringsSep "\n" (map (s: "DNS=${s}") def.dns)}
${concatStringsSep "\n" (map (s: "NTP=${s}") def.ntp)}
${concatStringsSep "\n" (map (s: "VLAN=${s}") def.vlan)}
${concatStringsSep "\n" (map (s: "MACVLAN=${s}") def.macvlan)}
${concatStringsSep "\n" (map (s: "VXLAN=${s}") def.vxlan)}
${concatStringsSep "\n" (map (s: "Tunnel=${s}") def.tunnel)}
${optionalString (def.dhcpConfig != { }) ''
[DHCP]
${attrsToSection def.dhcpConfig}
''}
${flip concatMapStrings def.addresses (x: ''
[Address]
${attrsToSection x.addressConfig}
'')}
${flip concatMapStrings def.routes (x: ''
[Route]
${attrsToSection x.routeConfig}
'')}
'';
};
generateUnits = type: units: upstreamUnits: upstreamWants:
pkgs.runCommand "${type}-units" { preferLocalBuild = true; } ''
mkdir -p $out
# Copy the upstream systemd units we're interested in.
for i in ${toString upstreamUnits}; do
fn=${systemd}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
if [ -L $fn ]; then
target="$(readlink "$fn")"
if [ ''${target:0:3} = ../ ]; then
ln -s "$(readlink -f "$fn")" $out/
else
cp -pd $fn $out/
fi
else
ln -s $fn $out/
fi
done
# Copy .wants links, but only those that point to units that
# we're interested in.
for i in ${toString upstreamWants}; do
fn=${systemd}/example/systemd/${type}/$i
if ! [ -e $fn ]; then echo "missing $fn"; false; fi
x=$out/$(basename $fn)
mkdir $x
for i in $fn/*; do
y=$x/$(basename $i)
cp -pd $i $y
if ! [ -e $y ]; then rm $y; fi
done
done
# Symlink all units provided listed in systemd.packages.
for i in ${toString cfg.packages}; do
for fn in $i/etc/systemd/${type}/* $i/lib/systemd/${type}/*; do
if ! [[ "$fn" =~ .wants$ ]]; then
ln -s $fn $out/
fi
done
done
# Symlink all units defined by systemd.units. If these are also
# provided by systemd or systemd.packages, then add them as
# <unit-name>.d/overrides.conf, which makes them extend the
# upstream unit.
for i in ${toString (mapAttrsToList (n: v: v.unit) units)}; do
fn=$(basename $i/*)
if [ -e $out/$fn ]; then
if [ "$(readlink -f $i/$fn)" = /dev/null ]; then
ln -sfn /dev/null $out/$fn
else
mkdir $out/$fn.d
ln -s $i/$fn $out/$fn.d/overrides.conf
fi
else
ln -fs $i/$fn $out/
fi
done
# Created .wants and .requires symlinks from the wantedBy and
# requiredBy options.
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.wants'
ln -sfn '../${name}' $out/'${name2}.wants'/
'') unit.wantedBy) units)}
${concatStrings (mapAttrsToList (name: unit:
concatMapStrings (name2: ''
mkdir -p $out/'${name2}.requires'
ln -sfn '../${name}' $out/'${name2}.requires'/
'') unit.requiredBy) units)}
${optionalString (type == "system") ''
# Stupid misc. symlinks.
ln -s ${cfg.defaultUnit} $out/default.target
ln -s rescue.target $out/kbrequest.target
mkdir -p $out/getty.target.wants/
ln -s ../autovt@tty1.service $out/getty.target.wants/
ln -s ../local-fs.target ../remote-fs.target ../network.target \
../nss-lookup.target ../nss-user-lookup.target ../swap.target \
$out/multi-user.target.wants/
''}
''; # */
in in
{ {
@ -683,47 +463,6 @@ in
''; '';
}; };
systemd.network.enable = mkOption {
default = false;
type = types.bool;
description = ''
Whether to enable networkd or not.
'';
};
systemd.network.links = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ linkOptions ];
description = "Definition of systemd network links.";
};
systemd.network.netdevs = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ netdevOptions ];
description = "Definition of systemd network devices.";
};
systemd.network.networks = mkOption {
default = {};
type = types.attrsOf types.optionSet;
options = [ networkOptions networkConfig ];
description = "Definition of systemd networks.";
};
systemd.network.units = mkOption {
description = "Definition of networkd units.";
default = {};
type = types.attrsOf types.optionSet;
options = { name, config, ... }:
{ options = concreteUnitOptions;
config = {
unit = mkDefault (makeUnit name config);
};
};
};
systemd.defaultUnit = mkOption { systemd.defaultUnit = mkOption {
default = "multi-user.target"; default = "multi-user.target";
type = types.str; type = types.str;
@ -807,22 +546,6 @@ in
''; '';
}; };
services.resolved.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd dns resolver daemon.
'';
};
services.timesyncd.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd ntp client daemon.
'';
};
systemd.tmpfiles.rules = mkOption { systemd.tmpfiles.rules = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@ -886,7 +609,7 @@ in
###### implementation ###### implementation
config = mkMerge [ { config = {
warnings = concatLists (mapAttrsToList (name: service: warnings = concatLists (mapAttrsToList (name: service:
optional (service.serviceConfig.Type or "" == "oneshot" && service.serviceConfig.Restart or "no" != "no") optional (service.serviceConfig.Type or "" == "oneshot" && service.serviceConfig.Restart or "no" != "no")
@ -899,9 +622,6 @@ in
environment.etc."systemd/system".source = environment.etc."systemd/system".source =
generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants; generateUnits "system" cfg.units upstreamSystemUnits upstreamSystemWants;
environment.etc."systemd/network".source =
generateUnits "network" cfg.network.units [] [];
environment.etc."systemd/user".source = environment.etc."systemd/user".source =
generateUnits "user" cfg.user.units upstreamUserUnits []; generateUnits "user" cfg.user.units upstreamUserUnits [];
@ -979,11 +699,6 @@ in
(v: let n = escapeSystemdPath v.where; (v: let n = escapeSystemdPath v.where;
in nameValuePair "${n}.automount" (automountToUnit n v)) cfg.automounts); in nameValuePair "${n}.automount" (automountToUnit n v)) cfg.automounts);
systemd.network.units =
mapAttrs' (n: v: nameValuePair "${n}.link" (linkToUnit n v)) cfg.network.links
// mapAttrs' (n: v: nameValuePair "${n}.netdev" (netdevToUnit n v)) cfg.network.netdevs
// mapAttrs' (n: v: nameValuePair "${n}.network" (networkToUnit n v)) cfg.network.networks;
systemd.user.units = systemd.user.units =
mapAttrs' (n: v: nameValuePair "${n}.service" (serviceToUnit n v)) cfg.user.services mapAttrs' (n: v: nameValuePair "${n}.service" (serviceToUnit n v)) cfg.user.services
// mapAttrs' (n: v: nameValuePair "${n}.socket" (socketToUnit n v)) cfg.user.sockets // mapAttrs' (n: v: nameValuePair "${n}.socket" (socketToUnit n v)) cfg.user.sockets
@ -1006,15 +721,6 @@ in
users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway; users.extraUsers.systemd-journal-gateway.uid = config.ids.uids.systemd-journal-gateway;
users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway; users.extraGroups.systemd-journal-gateway.gid = config.ids.gids.systemd-journal-gateway;
users.extraUsers.systemd-network.uid = config.ids.uids.systemd-network;
users.extraGroups.systemd-network.gid = config.ids.gids.systemd-network;
users.extraUsers.systemd-resolve.uid = config.ids.uids.systemd-resolve;
users.extraGroups.systemd-resolve.gid = config.ids.gids.systemd-resolve;
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
# Generate timer units for all services that have a startAt value. # Generate timer units for all services that have a startAt value.
systemd.timers = systemd.timers =
mapAttrs (name: service: mapAttrs (name: service:
@ -1053,57 +759,6 @@ in
systemd.services.systemd-remount-fs.restartIfChanged = false; systemd.services.systemd-remount-fs.restartIfChanged = false;
systemd.services.systemd-journal-flush.restartIfChanged = false; systemd.services.systemd-journal-flush.restartIfChanged = false;
} };
(mkIf config.systemd.network.enable {
systemd.services.systemd-networkd = {
wantedBy = [ "multi-user.target" ];
before = [ "network-interfaces.target" ];
restartTriggers = [ config.environment.etc."systemd/network".source ];
};
systemd.services.systemd-networkd-wait-online = {
before = [ "network-online.target" "ip-up.target" ];
wantedBy = [ "network-online.target" "ip-up.target" ];
};
systemd.services."systemd-network-wait-online@" = {
description = "Wait for Network Interface %I to be Configured";
conflicts = [ "shutdown.target" ];
requisite = [ "systemd-networkd.service" ];
after = [ "systemd-networkd.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${config.systemd.package}/lib/systemd/systemd-networkd-wait-online -i %I";
};
};
services.resolved.enable = mkDefault true;
services.timesyncd.enable = mkDefault config.services.ntp.enable;
})
(mkIf config.services.resolved.enable {
systemd.services.systemd-resolved = {
wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."systemd/resolved.conf".source ];
};
environment.etc."systemd/resolved.conf".text = ''
[Resolve]
DNS=${concatStringsSep " " config.networking.nameservers}
'';
})
(mkIf config.services.timesyncd.enable {
systemd.services.systemd-timesyncd = {
wantedBy = [ "sysinit.target" ];
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
};
environment.etc."systemd/timesyncd.conf".text = ''
[Time]
NTP=${concatStringsSep " " config.services.ntp.servers}
'';
systemd.services.ntpd.enable = false;
})
];
} }

40
nixos/modules/system/boot/timesyncd.nix Normal file
View File

@ -0,0 +1,40 @@
{ config, lib, pkgs, ... }:
with lib;
{
options = {
services.timesyncd.enable = mkOption {
default = false;
type = types.bool;
description = ''
Enables the systemd NTP client daemon.
'';
};
};
config = mkIf config.services.timesyncd.enable {
systemd.additionalUpstreamSystemUnits = [ "systemd-timesyncd.service" ];
systemd.services.systemd-timesyncd = {
wantedBy = [ "sysinit.target" ];
restartTriggers = [ config.environment.etc."systemd/timesyncd.conf".source ];
};
environment.etc."systemd/timesyncd.conf".text = ''
[Time]
NTP=${concatStringsSep " " config.services.ntp.servers}
'';
systemd.services.ntpd.enable = false;
users.extraUsers.systemd-timesync.uid = config.ids.uids.systemd-timesync;
users.extraGroups.systemd-timesync.gid = config.ids.gids.systemd-timesync;
};
}

4
nixos/modules/tasks/filesystems.nix
View File

@ -137,9 +137,7 @@ in
# Add the mount helpers to the system path so that `mount' can find them. # Add the mount helpers to the system path so that `mount' can find them.
system.fsPackages = [ pkgs.dosfstools ]; system.fsPackages = [ pkgs.dosfstools ];
environment.systemPackages = environment.systemPackages = [ pkgs.fuse ] ++ config.system.fsPackages;
[ pkgs.ntfs3g pkgs.fuse ]
++ config.system.fsPackages;
environment.etc.fstab.text = environment.etc.fstab.text =
let let

2
nixos/modules/tasks/filesystems/cifs.nix
View File

@ -11,7 +11,7 @@ in
{ {
config = { config = {
system.fsPackages = [ pkgs.cifs_utils ]; system.fsPackages = mkIf (any (fs: fs == "cifs") config.boot.supportedFilesystems) [ pkgs.cifs_utils ];
boot.initrd.availableKernelModules = mkIf inInitrd boot.initrd.availableKernelModules = mkIf inInitrd
[ "cifs" "nls_utf8" "hmac" "md4" "ecb" "des_generic" "sha256" ]; [ "cifs" "nls_utf8" "hmac" "md4" "ecb" "des_generic" "sha256" ];

11
nixos/modules/tasks/filesystems/ntfs.nix Normal file
View File

@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
{
config = mkIf (any (fs: fs == "ntfs" || fs == "ntfs-3g") config.boot.supportedFilesystems) {
system.fsPackages = [ pkgs.ntfs3g ];
};
}

2
nixos/modules/tasks/network-interfaces-scripted.nix
View File

@ -107,7 +107,7 @@ in
ips = interfaceIps i; ips = interfaceIps i;
in in
nameValuePair "network-addresses-${i.name}" nameValuePair "network-addresses-${i.name}"
{ description = "Addresss configuration of ${i.name}"; { description = "Address configuration of ${i.name}";
wantedBy = [ "network-interfaces.target" ]; wantedBy = [ "network-interfaces.target" ];
before = [ "network-interfaces.target" ]; before = [ "network-interfaces.target" ];
bindsTo = [ (subsystemDevice i.name) ]; bindsTo = [ (subsystemDevice i.name) ];

3
nixos/modules/virtualisation/container-config.nix
View File

@ -9,6 +9,7 @@ with lib;
# Disable some features that are not useful in a container. # Disable some features that are not useful in a container.
sound.enable = mkDefault false; sound.enable = mkDefault false;
services.udisks2.enable = mkDefault false; services.udisks2.enable = mkDefault false;
powerManagement.enable = mkDefault false;
networking.useHostResolvConf = true; networking.useHostResolvConf = true;
@ -20,6 +21,8 @@ with lib;
systemd.services.systemd-remount-fs.enable = false; systemd.services.systemd-remount-fs.enable = false;
systemd.services.systemd-random-seed.enable = false;
}; };
} }

2
nixos/modules/virtualisation/docker-image.nix
View File

@ -2,7 +2,7 @@
{ {
imports = [ imports = [
../profiles/container.nix ../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
]; ];
boot.postBootCommands = boot.postBootCommands =

2
nixos/modules/virtualisation/lxc-container.nix
View File

@ -4,7 +4,7 @@ with lib;
{ {
imports = [ imports = [
../profiles/container.nix ../profiles/docker-container.nix # FIXME, shouldn't include something from profiles/
]; ];
# Allow the user to login as root without password. # Allow the user to login as root without password.

125
nixos/tests/networking.nix
View File

@ -64,26 +64,26 @@ import ./make-test.nix ({ networkd, test, ... }:
$client->fail("systemctl status dhcpcd.service"); $client->fail("systemctl status dhcpcd.service");
# Test vlan 1 # Test vlan 1
$client->succeed("ping -c 1 192.168.1.1"); $client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2"); $client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client->succeed("ping -c 1 192.168.1.3"); $client->waitUntilSucceeds("ping -c 1 192.168.1.3");
$client->succeed("ping -c 1 192.168.1.10"); $client->waitUntilSucceeds("ping -c 1 192.168.1.10");
$router->succeed("ping -c 1 192.168.1.1"); $router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2"); $router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.3"); $router->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->succeed("ping -c 1 192.168.1.10"); $router->waitUntilSucceeds("ping -c 1 192.168.1.10");
# Test vlan 2 # Test vlan 2
$client->succeed("ping -c 1 192.168.2.1"); $client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->succeed("ping -c 1 192.168.2.2"); $client->waitUntilSucceeds("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1"); $router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->succeed("ping -c 1 192.168.2.2"); $router->waitUntilSucceeds("ping -c 1 192.168.2.2");
# Test default gateway # Test default gateway
$router->succeed("ping -c 1 192.168.3.1"); $router->waitUntilSucceeds("ping -c 1 192.168.3.1");
$client->succeed("ping -c 1 192.168.3.1"); $client->waitUntilSucceeds("ping -c 1 192.168.3.1");
''; '';
}; };
dhcpSimple = { dhcpSimple = {
@ -109,22 +109,22 @@ import ./make-test.nix ({ networkd, test, ... }:
$router->waitForUnit("network.target"); $router->waitForUnit("network.target");
# Wait until we have an ip address on each interface # Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done"); $client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
$client->succeed("while ! ip addr show dev eth2 | grep '192.168.2'; do true; done"); $client->waitUntilSucceeds("ip addr show dev eth2 | grep -q '192.168.2'");
# Test vlan 1 # Test vlan 1
$client->succeed("ping -c 1 192.168.1.1"); $client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2"); $client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.1"); $router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2"); $router->waitUntilSucceeds("ping -c 1 192.168.1.2");
# Test vlan 2 # Test vlan 2
$client->succeed("ping -c 1 192.168.2.1"); $client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->succeed("ping -c 1 192.168.2.2"); $client->waitUntilSucceeds("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1"); $router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->succeed("ping -c 1 192.168.2.2"); $router->waitUntilSucceeds("ping -c 1 192.168.2.2");
''; '';
}; };
dhcpOneIf = { dhcpOneIf = {
@ -147,26 +147,27 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to come up
$client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network-interfaces.target");
$client->waitForUnit("network.target"); $client->waitForUnit("network.target");
$router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network-interfaces.target");
$router->waitForUnit("network.target"); $router->waitForUnit("network.target");
# Wait until we have an ip address on each interface # Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done"); $client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
# Test vlan 1 # Test vlan 1
$client->succeed("ping -c 1 192.168.1.1"); $client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client->succeed("ping -c 1 192.168.1.2"); $client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.1"); $router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2"); $router->waitUntilSucceeds("ping -c 1 192.168.1.2");
# Test vlan 2 # Test vlan 2
$client->succeed("ping -c 1 192.168.2.1"); $client->waitUntilSucceeds("ping -c 1 192.168.2.1");
$client->fail("ping -c 1 192.168.2.2"); $client->fail("ping -c 1 192.168.2.2");
$router->succeed("ping -c 1 192.168.2.1"); $router->waitUntilSucceeds("ping -c 1 192.168.2.1");
$router->fail("ping -c 1 192.168.2.2"); $router->fail("ping -c 1 192.168.2.2");
''; '';
}; };
@ -195,17 +196,18 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to come up
$client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target"); $client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network-interfaces.target");
$client2->waitForUnit("network.target"); $client2->waitForUnit("network.target");
# Test bonding # Test bonding
$client1->succeed("ping -c 2 192.168.1.1"); $client1->waitUntilSucceeds("ping -c 2 192.168.1.1");
$client1->succeed("ping -c 2 192.168.1.2"); $client1->waitUntilSucceeds("ping -c 2 192.168.1.2");
$client2->succeed("ping -c 2 192.168.1.1"); $client2->waitUntilSucceeds("ping -c 2 192.168.1.1");
$client2->succeed("ping -c 2 192.168.1.2"); $client2->waitUntilSucceeds("ping -c 2 192.168.1.2");
''; '';
}; };
bridge = let bridge = let
@ -240,6 +242,7 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to come up
$client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target"); $client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network-interfaces.target");
@ -248,17 +251,17 @@ import ./make-test.nix ({ networkd, test, ... }:
$router->waitForUnit("network.target"); $router->waitForUnit("network.target");
# Test bridging # Test bridging
$client1->succeed("ping -c 1 192.168.1.1"); $client1->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client1->succeed("ping -c 1 192.168.1.2"); $client1->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client1->succeed("ping -c 1 192.168.1.3"); $client1->waitUntilSucceeds("ping -c 1 192.168.1.3");
$client2->succeed("ping -c 1 192.168.1.1"); $client2->waitUntilSucceeds("ping -c 1 192.168.1.1");
$client2->succeed("ping -c 1 192.168.1.2"); $client2->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client2->succeed("ping -c 1 192.168.1.3"); $client2->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->succeed("ping -c 1 192.168.1.1"); $router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.2"); $router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->succeed("ping -c 1 192.168.1.3"); $router->waitUntilSucceeds("ping -c 1 192.168.1.3");
''; '';
}; };
macvlan = { macvlan = {
@ -278,23 +281,28 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to come up
$client->waitForUnit("network-interfaces.target"); $client->waitForUnit("network-interfaces.target");
$client->waitForUnit("network.target"); $client->waitForUnit("network.target");
$router->waitForUnit("network-interfaces.target"); $router->waitForUnit("network-interfaces.target");
$router->waitForUnit("network.target"); $router->waitForUnit("network.target");
# Wait until we have an ip address on each interface # Wait until we have an ip address on each interface
$client->succeed("while ! ip addr show dev eth1 | grep '192.168.1'; do true; done"); $client->waitUntilSucceeds("ip addr show dev eth1 | grep -q '192.168.1'");
$client->succeed("while ! ip addr show dev macvlan | grep '192.168.1'; do true; done"); $client->waitUntilSucceeds("ip addr show dev macvlan | grep -q '192.168.1'");
# Test macvlan # Print diagnosting information
$client->succeed("ping -c 1 192.168.1.1"); $router->succeed("ip addr >&2");
$client->succeed("ping -c 1 192.168.1.2"); $client->succeed("ip addr >&2");
$client->succeed("ping -c 1 192.168.1.3");
$router->succeed("ping -c 1 192.168.1.1"); # Test macvlan creates routable ips
$router->succeed("ping -c 1 192.168.1.2"); $client->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->succeed("ping -c 1 192.168.1.3"); $client->waitUntilSucceeds("ping -c 1 192.168.1.2");
$client->waitUntilSucceeds("ping -c 1 192.168.1.3");
$router->waitUntilSucceeds("ping -c 1 192.168.1.1");
$router->waitUntilSucceeds("ping -c 1 192.168.1.2");
$router->waitUntilSucceeds("ping -c 1 192.168.1.3");
''; '';
}; };
sit = let sit = let
@ -323,20 +331,22 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to be configured
$client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target"); $client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network-interfaces.target");
$client2->waitForUnit("network.target"); $client2->waitForUnit("network.target");
# Print diagnostic information
$client1->succeed("ip addr >&2"); $client1->succeed("ip addr >&2");
$client2->succeed("ip addr >&2"); $client2->succeed("ip addr >&2");
# Test ipv6 # Test ipv6
$client1->succeed("ping6 -c 1 fc00::1"); $client1->waitUntilSucceeds("ping6 -c 1 fc00::1");
$client1->succeed("ping6 -c 1 fc00::2"); $client1->waitUntilSucceeds("ping6 -c 1 fc00::2");
$client2->succeed("ping6 -c 1 fc00::1"); $client2->waitUntilSucceeds("ping6 -c 1 fc00::1");
$client2->succeed("ping6 -c 1 fc00::2"); $client2->waitUntilSucceeds("ping6 -c 1 fc00::2");
''; '';
}; };
vlan = let vlan = let
@ -364,6 +374,7 @@ import ./make-test.nix ({ networkd, test, ... }:
'' ''
startAll; startAll;
# Wait for networking to be configured
$client1->waitForUnit("network-interfaces.target"); $client1->waitForUnit("network-interfaces.target");
$client1->waitForUnit("network.target"); $client1->waitForUnit("network.target");
$client2->waitForUnit("network-interfaces.target"); $client2->waitForUnit("network-interfaces.target");

4
pkgs/applications/audio/abcde/default.nix
View File

@ -2,13 +2,13 @@
, perl, DigestSHA, MusicBrainz, MusicBrainzDiscID , perl, DigestSHA, MusicBrainz, MusicBrainzDiscID
, makeWrapper }: , makeWrapper }:
let version = "2.5.4"; let version = "2.6";
in in
stdenv.mkDerivation { stdenv.mkDerivation {
name = "abcde-${version}"; name = "abcde-${version}";
src = fetchurl { src = fetchurl {
url = "mirror://debian/pool/main/a/abcde/abcde_${version}.orig.tar.gz"; url = "mirror://debian/pool/main/a/abcde/abcde_${version}.orig.tar.gz";
sha256 = "14g5lsgh53hza9848351kwpygc0yqpvvzp3s923aja77f2wpkdl5"; sha256 = "0y2cg233n2hixs0ji76dggpzgf52v4c4mnpwiai889ql2piafgk8";
}; };
# FIXME: This package does not support MP3 encoding (only Ogg), # FIXME: This package does not support MP3 encoding (only Ogg),

4
pkgs/applications/audio/calf/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "calf-${version}"; name = "calf-${version}";
version = "0.0.19"; version = "0.0.60";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/calf/${name}.tar.gz"; url = "mirror://sourceforge/calf/${name}.tar.gz";
sha256 = "1v1cjbxv5wg6rsa2nfz1f8r7cykcpx6jm5ccqmzx866dggiff1hi"; sha256 = "019fwg00jv217a5r767z7szh7vdrarybac0pr2sk26xp81kibrx9";
}; };
buildInputs = [ buildInputs = [

4
pkgs/applications/audio/chuck/default.nix
View File

@ -1,12 +1,12 @@
{ stdenv, fetchurl, alsaLib, bison, flex, libsndfile, which }: { stdenv, fetchurl, alsaLib, bison, flex, libsndfile, which }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "1.3.4.0"; version = "1.3.5.0";
name = "chuck-${version}"; name = "chuck-${version}";
src = fetchurl { src = fetchurl {
url = "http://chuck.cs.princeton.edu/release/files/chuck-${version}.tgz"; url = "http://chuck.cs.princeton.edu/release/files/chuck-${version}.tgz";
sha256 = "0cwbk8b1i18nkh2nxwzk2prranw83lgglxw7ccnp6b0r2b2yfpmn"; sha256 = "0rj2l5k6ncm4jaiq0igwfc2bzryzchk1is1jhk1n7wifxcf3d3k5";
}; };
buildInputs = [ bison flex libsndfile which ] buildInputs = [ bison flex libsndfile which ]

4
pkgs/applications/audio/drumkv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "drumkv1-${version}"; name = "drumkv1-${version}";
version = "0.6.0"; version = "0.6.1";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/drumkv1/${name}.tar.gz"; url = "mirror://sourceforge/drumkv1/${name}.tar.gz";
sha256 = "1y3imsh059y9sihr92f3drwmcby4x3krmhly111ahwkydb94kphw"; sha256 = "082ml6g63n6s3w704fjkma8085g2l10az3f6r78y9hpgpw3042jw";
}; };
buildInputs = [ jack2 libsndfile lv2 qt4 ]; buildInputs = [ jack2 libsndfile lv2 qt4 ];

2
pkgs/applications/audio/gnaural/default.nix
View File

@ -10,7 +10,7 @@ stdenv.mkDerivation rec {
meta = with stdenv.lib; meta = with stdenv.lib;
{ description = "Auditory binaural-beat generator"; { description = "Auditory binaural-beat generator";
homepage = http://gnaural.sourceforge.net/; homepage = http://gnaural.sourceforge.net/;
licenses = licenses.gpl2; license = licenses.gpl2;
maintainers = [ maintainers.emery ]; maintainers = [ maintainers.emery ];
platforms = platforms.linux; platforms = platforms.linux;
}; };

20
pkgs/applications/audio/id3v2/default.nix
View File

@ -1,28 +1,28 @@
{stdenv, fetchurl, id3lib, groff, zlib}: {stdenv, fetchurl, id3lib, groff, zlib}:
let version = "0.1.12"; in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "id3v2-0.1.11"; name = "id3v2-${version}";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/id3v2/${name}.tar.gz"; url = "mirror://sourceforge/id3v2/${name}.tar.gz";
sha256 = "00r6f9yzmkrqa62dnkm8njg5cjzhmy0l17nj1ba15nrrm0mnand4"; sha256 = "1gr22w8gar7zh5pyyvdy7cy26i47l57jp1l1nd60xfwx339zl1c1";
}; };
patches = [ ./id3v2-0.1.11-track-bad-free.patch ];
nativeBuildInputs = [ groff ]; nativeBuildInputs = [ groff ];
buildInputs = [ id3lib zlib ]; buildInputs = [ id3lib zlib ];
configurePhase = '' makeFlags = "PREFIX=$(out)";
export makeFlags=PREFIX=$out buildFlags = "clean all";
'';
preInstall = '' preInstall = ''
mkdir -p $out/bin $out/man/man1 mkdir -p $out/{bin,share/man/man1}
''; '';
meta = { meta = with stdenv.lib; {
inherit version;
description = "A command line editor for id3v2 tags"; description = "A command line editor for id3v2 tags";
homepage = http://id3v2.sourceforge.net/; homepage = http://id3v2.sourceforge.net/;
license = stdenv.lib.licenses.gpl2Plus; license = licenses.gpl2Plus;
maintainers = with maintainers; [ nckx ];
}; };
} }

14
pkgs/applications/audio/id3v2/id3v2-0.1.11-track-bad-free.patch
View File

@ -1,14 +0,0 @@
http://sourceforge.net/tracker/index.php?func=detail&aid=1252035&group_id=4193&atid=304193
diff -up id3v2-0.1.11/id3v2.cpp~ id3v2-0.1.11/id3v2.cpp
--- id3v2-0.1.11/id3v2.cpp~ 2004-05-04 21:30:15.000000000 +0300
+++ id3v2-0.1.11/id3v2.cpp 2008-01-03 21:22:02.000000000 +0200
@@ -423,7 +423,7 @@ int main( int argc, char *argv[])
{
// check if there is a total track number and if we only have
// the track number for this file. In this case combine them.
- char *currentTrackNum, *newTrackNum;
+ char *currentTrackNum, *newTrackNum = NULL;
if (pFrame != NULL)
{

53
pkgs/applications/audio/jaaa/default.nix Normal file
View File

@ -0,0 +1,53 @@
{ stdenv, fetchurl, alsaLib, libclthreads, libclxclient, libX11, libXft, libXrender, fftwFloat, freetype, fontconfig, jack2, xlibs, zita-alsa-pcmi }:
stdenv.mkDerivation rec {
name = "jaaa-${version}";
version = "0.8.4";
src = fetchurl {
url = "http://kokkinizita.linuxaudio.org/linuxaudio/downloads/${name}.tar.bz2";
sha256 = "0jyll4rkb6vja2widc340ww078rr24c6nmxbxdqvbxw409nccd01";
};
buildInputs = [
alsaLib libclthreads libclxclient libX11 libXft libXrender fftwFloat jack2 zita-alsa-pcmi
];
NIX_CFLAGS_COMPILE = [
"-I${xlibs.xproto}/include"
"-I${libX11}/include"
"-I${libXft}/include"
"-I${freetype}/include"
"-I${fontconfig}/include"
"-I${libXrender}/include"
"-I${xlibs.renderproto}/include"
"-I${alsaLib}/include"
"-I${zita-alsa-pcmi}/include"
];
patchPhase = ''
cd source/
sed -i "s@clthreads.h@${libclthreads}/include@g" $(find . -name '*.cc')
sed -i "s@clxclient.h@${libclxclient}/include@g" $(find . -name '*.cc')
sed -i "s@clthreads.h@${libclthreads}/include@g" $(find . -name '*.h')
sed -i "s@clxclient.h@${libclxclient}/include@g" $(find . -name '*.h')
'';
buildlPhase = ''
make PREFIX="$out"
'';
installPhase = ''
echo zita= ${zita-alsa-pcmi}
make PREFIX="$out" install
install -Dm644 ../README "$out/README"
'';
meta = with stdenv.lib; {
homepage = http://kokkinizita.linuxaudio.org/linuxaudio/index.html;
description = "JACK and ALSA Audio Analyser";
license = licenses.gpl2;
maintainers = [ maintainers.magnetophon ];
platforms = platforms.linux;
};
}

4
pkgs/applications/audio/mikmod/default.nix
View File

@ -1,10 +1,10 @@
{ stdenv, fetchurl, libmikmod, ncurses }: { stdenv, fetchurl, libmikmod, ncurses, alsaLib }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "mikmod-3.2.6"; name = "mikmod-3.2.6";
src = fetchurl { src = fetchurl {
url = "http://downloads.sourceforge.net/project/mikmod/mikmod/3.2.6/mikmod-3.2.6.tar.gz"; url = "mirror://sourceforge/mikmod/${name}.tar.gz";
sha256 = "0wr61raj10rpl64mk3x9g3rwys898fbzyg93c6mrz89nvc74wm04"; sha256 = "0wr61raj10rpl64mk3x9g3rwys898fbzyg93c6mrz89nvc74wm04";
}; };

38
pkgs/applications/audio/pamixer/default.nix
View File

@ -1,20 +1,16 @@
{ stdenv, fetchgit, pulseaudio, boost }: { stdenv, fetchurl, boost, pulseaudio }:
let
tag = "1.1";
in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "pamixer-${tag}"; name = "pamixer-${version}";
version = "1.2.1";
src = fetchgit { src = fetchurl {
url = git://github.com/cdemoulins/pamixer; url = "https://github.com/cdemoulins/pamixer/archive/${version}.tar.gz";
rev = "refs/tags/${tag}"; sha256 = "1ad6b46hh02hs1978pgihrm2bnq4z2v0imrfm3wy74xdkr6xjxy4";
sha256 = "03r0sbfj85wp6yxa87pjg69ivmk0mxxa2nykr8gf2c607igmb034";
}; };
buildInputs = [ pulseaudio boost ]; buildInputs = [ boost pulseaudio ];
installPhase = '' installPhase = ''
mkdir -p $out/bin mkdir -p $out/bin
@ -22,17 +18,19 @@ stdenv.mkDerivation rec {
''; '';
meta = with stdenv.lib; { meta = with stdenv.lib; {
description = "Like amixer but for pulseaudio"; description = "Pulseaudio command line mixer";
longDescription = "Features: longDescription = ''
- Get the current volume of the default sink, the default source or a selected one by his id Features:
- Set the volume for the default sink, the default source or any other device - Get the current volume of the default sink, the default source or a selected one by his id
- List the sinks - Set the volume for the default sink, the default source or any other device
- List the sources - List the sinks
- Increase / Decrease the volume for a device - List the sources
- Mute or unmute a device"; - Increase / Decrease the volume for a device
- Mute or unmute a device
'';
homepage = https://github.com/cdemoulins/pamixer; homepage = https://github.com/cdemoulins/pamixer;
license = licenses.gpl3; license = licenses.gpl3;
maintainers = with maintainers; [ _1126 ];
platforms = platforms.linux; platforms = platforms.linux;
maintainers = [ maintainers._1126 ];
}; };
} }

40
pkgs/applications/audio/pithos/default.nix Normal file
View File

@ -0,0 +1,40 @@
# Based on Richard Wallace's post here: http://comments.gmane.org/gmane.linux.distributions.nixos/14734
{ fetchurl, stdenv, pythonPackages, gtk3, libnotify, gst_all_1 }:
pythonPackages.buildPythonPackage rec {
name = "pithos-${version}";
version = "1.0.1";
src = fetchurl {
url = "https://github.com/pithos/pithos/archive/${version}.tar.gz";
sha256 = "67b83927d5111067aefbf034d23880f96b1a2d300464e8491efa80e97e67f50f";
};
postPatch = ''
substituteInPlace setup.py --replace "/usr/share" "$out/share"
'';
buildInputs = with gst_all_1; [ gstreamer gst-plugins-base gst-plugins-good gst-plugins-ugly gst-plugins-bad libnotify ];
pythonPath = with pythonPackages; [ pygobject3 dbus pylast ];
propogatedBuildInputs = pythonPath;
postInstall = ''
wrapProgram "$out/bin/pithos" --prefix GST_PLUGIN_SYSTEM_PATH_1_0 ":" "$GST_PLUGIN_SYSTEM_PATH_1_0"
'';
meta = with stdenv.lib; {
description = "Pandora player";
longDescription = ''
Pandora Internet Radio player for GNOME
'';
homepage = http://pithos.github.io/ ;
license = licenses.gpl3;
maintainers = with maintainers; [ obadz ];
};
}

4
pkgs/applications/audio/qmmp/default.nix
View File

@ -28,11 +28,11 @@
# handle that. # handle that.
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qmmp-0.8.2"; name = "qmmp-0.8.4";
src = fetchurl { src = fetchurl {
url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2"; url = "http://qmmp.ylsoftware.com/files/${name}.tar.bz2";
sha256 = "1vwjy3bv1gj6k5kqkhw2q7aspashw6x4lxccl28iydjfzk7d7cd4"; sha256 = "1ld69xypyak3lzwmfvzbxsyd4fl841aaq0gmkfa7jpavbdlggydf";
}; };
buildInputs = buildInputs =

4
pkgs/applications/audio/qsynth/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qsynth-${version}"; name = "qsynth-${version}";
version = "0.3.8"; version = "0.3.9";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/qsynth/${name}.tar.gz"; url = "mirror://sourceforge/qsynth/${name}.tar.gz";
sha256 = "0wmq61cq93x2l00xwr871373mj3dwamz1dg6v62x7s8m1612ndrw"; sha256 = "08kyn6cl755l9i1grzjx8yi3f8mgiz4gx0hgqad1n0d8yz85087b";
}; };
buildInputs = [ alsaLib fluidsynth jack2 qt4 ]; buildInputs = [ alsaLib fluidsynth jack2 qt4 ];

10
pkgs/applications/audio/qtractor/default.nix
View File

@ -1,20 +1,22 @@
{ alsaLib, autoconf, automake, dssi, fetchurl, gtk, jack2 { alsaLib, autoconf, automake, dssi, fetchurl, gtk, jack2
, ladspaH, ladspaPlugins, liblo, libmad, libsamplerate, libsndfile , ladspaH, ladspaPlugins, liblo, libmad, libsamplerate, libsndfile
, libtool, libvorbis, pkgconfig, qt4, rubberband, stdenv }: , libtool, libvorbis, lilv, lv2, pkgconfig, qt4, rubberband, serd
, sord, sratom, stdenv, suil }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
version = "0.6.5"; version = "0.6.6";
name = "qtractor-${version}"; name = "qtractor-${version}";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/qtractor/${name}.tar.gz"; url = "mirror://sourceforge/qtractor/${name}.tar.gz";
sha256 = "0znhm0p9azknmhga6m0qp01qaiahlnfzxya1jf9r05jn9hx5lzf0"; sha256 = "1n70hs4bx4hq3cp2p35jq5vlcans4fk2c35w72244vlqlajx05c0";
}; };
buildInputs = buildInputs =
[ alsaLib autoconf automake dssi gtk jack2 ladspaH [ alsaLib autoconf automake dssi gtk jack2 ladspaH
ladspaPlugins liblo libmad libsamplerate libsndfile libtool ladspaPlugins liblo libmad libsamplerate libsndfile libtool
libvorbis pkgconfig qt4 rubberband libvorbis lilv lv2 pkgconfig qt4 rubberband serd sord sratom
suil
]; ];
meta = with stdenv.lib; { meta = with stdenv.lib; {

4
pkgs/applications/audio/samplv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "samplv1-${version}"; name = "samplv1-${version}";
version = "0.6.0"; version = "0.6.1";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/samplv1/${name}.tar.gz"; url = "mirror://sourceforge/samplv1/${name}.tar.gz";
sha256 = "0fbkdb2dqw7v6n8j1h6pjz2019ylli9rmz8awywv2ycm8blr5pf0"; sha256 = "18jh953a0480fnsflbm4j04xz02h7fqwk77v8hnv54vwwp5a1h08";
}; };
buildInputs = [ jack2 libsndfile lv2 qt4 ]; buildInputs = [ jack2 libsndfile lv2 qt4 ];

4
pkgs/applications/audio/synthv1/default.nix
View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "synthv1-${version}"; name = "synthv1-${version}";
version = "0.6.0"; version = "0.6.1";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/synthv1/${name}.tar.gz"; url = "mirror://sourceforge/synthv1/${name}.tar.gz";
sha256 = "07570mi7rjwkkvfzdw1jcbhpkpxpjp69xj7wfzng92rk2gz7yi8m"; sha256 = "0v9zpa49cdj8ixpppgxz95dbn62v8mamxz6fpl7sdnzfn2l8jr4g";
}; };
buildInputs = [ qt4 jack2 lv2 ]; buildInputs = [ qt4 jack2 lv2 ];

4
pkgs/applications/audio/tomahawk/default.nix
View File

@ -15,11 +15,11 @@ let
quazipQt4 = quazip.override { qt = qt4; }; quazipQt4 = quazip.override { qt = qt4; };
in stdenv.mkDerivation rec { in stdenv.mkDerivation rec {
name = "tomahawk-${version}"; name = "tomahawk-${version}";
version = "0.8.2"; version = "0.8.3";
src = fetchurl { src = fetchurl {
url = "http://download.tomahawk-player.org/${name}.tar.bz2"; url = "http://download.tomahawk-player.org/${name}.tar.bz2";
sha256 = "1bmkkpqhflpm42sn6zf7hxv3936h3p0kdiqzmj88jm7qfgw2wbaj"; sha256 = "0kjzkq21g3jl1lvadsm7gf0zvpbsv208kqf76wg2hnbm4k1a02wj";
}; };
cmakeFlags = [ cmakeFlags = [

4
pkgs/applications/audio/yoshimi/default.nix
View File

@ -6,11 +6,11 @@ assert stdenv ? glibc;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "yoshimi-${version}"; name = "yoshimi-${version}";
version = "1.3.3"; version = "1.3.4";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/yoshimi/${name}.tar.bz2"; url = "mirror://sourceforge/yoshimi/${name}.tar.bz2";
sha256 = "0f37xjkay3800fbx0iwjca005b1hrjbhszrzn0xg662vf8mj44nv"; sha256 = "0vfk90jwn3r21703yizrfc4bmiz70fh8kd8w892s14d3k0kvhcwv";
}; };
buildInputs = [ buildInputs = [

16
pkgs/applications/editors/eclipse/default.nix
View File

@ -98,6 +98,22 @@ in {
}; };
}; };
eclipse_scala_sdk_40 = buildEclipse {
name = "eclipse-scala_sdk-4.0.0";
description = "Eclipse IDE for Scala Developers";
src =
if stdenv.system == "x86_64-linux" then
fetchurl { # tested
url = http://downloads.typesafe.com/scalaide-pack/4.0.0.vfinal-luna-211-20150305/scala-SDK-4.0.0-vfinal-2.11-linux.gtk.x86_64.tar.gz;
sha256 = "b65c5e8160e72c8389537e9e427138e6daa2065f9df3a943a86e40dd1543dd83";
}
else
fetchurl { # untested
url = http://downloads.typesafe.com/scalaide-pack/4.0.0.vfinal-luna-211-20150305/scala-SDK-4.0.0-vfinal-2.11-linux.gtk.x86.tar.gz;
sha256 = "f422aea5903c97d212264a5a43c6ebc638aecbd4ce5e6078d92618725bc5d31e";
};
};
eclipse_cpp_36 = buildEclipse { eclipse_cpp_36 = buildEclipse {
name = "eclipse-cpp-3.6.2"; name = "eclipse-cpp-3.6.2";
description = "Eclipse IDE for C/C++ Developers"; description = "Eclipse IDE for C/C++ Developers";

50
pkgs/applications/editors/emacs-24/darwin-new-sections.patch
View File

@ -1,50 +0,0 @@
http://bazaar.launchpad.net/~naesten/emacs/nextstep-stuff/revision/108961
diff -ru emacs-24.3-orig/src/unexmacosx.c emacs-24.3/src/unexmacosx.c
--- emacs-24.3-orig/src/unexmacosx.c 2013-01-01 21:37:17.000000000 +0100
+++ emacs-24.3/src/unexmacosx.c 2014-08-09 18:39:52.000000000 +0200
@@ -838,7 +838,7 @@
if (!(sectp->addr <= (unsigned long)my_edata
&& my_size <= sectp->size))
unexec_error ("my_edata is not in section %s", SECT_DATA);
- if (!unexec_write (sectp->offset, (void *) sectp->addr, my_size))
+ if (!unexec_write (sectp->offset, (void *) sectp->addr, sectp->size))
unexec_error ("cannot write section %s", SECT_DATA);
if (!unexec_copy (sectp->offset + my_size, old_file_offset + my_size,
sectp->size - my_size))
@@ -880,6 +880,27 @@
if (!unexec_write (header_offset, sectp, sizeof (struct section)))
unexec_error ("cannot write section %.16s's header", sectp->sectname);
}
+ else if (strncmp (sectp->sectname, "__bss", 5) == 0
+ || strncmp (sectp->sectname, "__pu_bss", 8) == 0)
+ {
+ sectp->flags = S_REGULAR;
+
+ /* These sections are produced by GCC 4.6+.
+
+ FIXME: We possibly ought to clear uninitialized local
+ variables in statically linked libraries like for
+ SECT_BSS (__bss) above, but setting up the markers we
+ need in lastfile.c would be rather messy. See
+ darwin_output_aligned_bss () in gcc/config/darwin.c for
+ the root of the problem, keeping in mind that the
+ sections are numbered by their alignment in GCC 4.6, but
+ by log2(alignment) in GCC 4.7. */
+
+ if (!unexec_write (sectp->offset, (void *) sectp->addr, sectp->size))
+ unexec_error ("cannot copy section %.16s", sectp->sectname);
+ if (!unexec_write (header_offset, sectp, sizeof (struct section)))
+ unexec_error ("cannot write section %.16s's header", sectp->sectname);
+ }
else if (strncmp (sectp->sectname, "__la_symbol_ptr", 16) == 0
|| strncmp (sectp->sectname, "__nl_symbol_ptr", 16) == 0
|| strncmp (sectp->sectname, "__got", 16) == 0
@@ -891,6 +912,7 @@
|| strncmp (sectp->sectname, "__program_vars", 16) == 0
|| strncmp (sectp->sectname, "__mod_init_func", 16) == 0
|| strncmp (sectp->sectname, "__mod_term_func", 16) == 0
+ || strncmp (sectp->sectname, "__static_data", 16) == 0
|| strncmp (sectp->sectname, "__objc_", 7) == 0)
{
if (!unexec_copy (sectp->offset, old_file_offset, sectp->size))

35
pkgs/applications/editors/emacs-24/default.nix
View File

@ -2,24 +2,36 @@
, pkgconfig, gtk, libXft, dbus, libpng, libjpeg, libungif , pkgconfig, gtk, libXft, dbus, libpng, libjpeg, libungif
, libtiff, librsvg, texinfo, gconf, libxml2, imagemagick, gnutls , libtiff, librsvg, texinfo, gconf, libxml2, imagemagick, gnutls
, alsaLib, cairo , alsaLib, cairo
, withX ? !stdenv.isDarwin, withGTK ? true , withX ? !stdenv.isDarwin
, withGTK3 ? false, gtk3 ? null
, withGTK2 ? true, gtk2
}: }:
assert (libXft != null) -> libpng != null; # probably a bug assert (libXft != null) -> libpng != null; # probably a bug
assert stdenv.isDarwin -> libXaw != null; # fails to link otherwise assert stdenv.isDarwin -> libXaw != null; # fails to link otherwise
assert withGTK2 -> withX || stdenv.isDarwin;
assert withGTK3 -> withX || stdenv.isDarwin;
assert withGTK2 -> !withGTK3 && gtk2 != null;
assert withGTK3 -> !withGTK2 && gtk3 != null;
let
toolkit =
if withGTK3 then "gtk3"
else if withGTK2 then "gtk2"
else "lucid";
in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "emacs-24.4"; name = "emacs-24.5";
builder = ./builder.sh; builder = ./builder.sh;
src = fetchurl { src = fetchurl {
url = "mirror://gnu/emacs/${name}.tar.xz"; url = "mirror://gnu/emacs/${name}.tar.xz";
sha256 = "1zflm6ac34s6v166p58ilxrxbxjm0q2wfc25f8y0mjml1lbr3qs7"; sha256 = "0kn3rzm91qiswi0cql89kbv6mqn27rwsyjfb8xmwy9m5s8fxfiyx";
}; };
patches = stdenv.lib.optionals stdenv.isDarwin [ patches = stdenv.lib.optionals stdenv.isDarwin [
./darwin-new-sections.patch
./at-fdcwd.patch ./at-fdcwd.patch
]; ];
@ -28,17 +40,16 @@ stdenv.mkDerivation rec {
++ stdenv.lib.optional stdenv.isLinux dbus ++ stdenv.lib.optional stdenv.isLinux dbus
++ stdenv.lib.optionals withX ++ stdenv.lib.optionals withX
[ x11 libXaw Xaw3d libXpm libpng libjpeg libungif libtiff librsvg libXft [ x11 libXaw Xaw3d libXpm libpng libjpeg libungif libtiff librsvg libXft
imagemagick gtk gconf ] imagemagick gconf ]
++ stdenv.lib.optional (withX && withGTK2) [ gtk2 ]
++ stdenv.lib.optional (withX && withGTK3) [ gtk3 ]
++ stdenv.lib.optional (stdenv.isDarwin && withX) cairo; ++ stdenv.lib.optional (stdenv.isDarwin && withX) cairo;
configureFlags = configureFlags =
( if withX && withGTK then if withX
[ "--with-x-toolkit=gtk" "--with-xft"] then [ "--with-x-toolkit=${toolkit}" "--with-xft" ]
else (if withX then else [ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
[ "--with-x-toolkit=lucid" "--with-xft" ] "--with-gif=no" "--with-tiff=no" ];
else
[ "--with-x=no" "--with-xpm=no" "--with-jpeg=no" "--with-png=no"
"--with-gif=no" "--with-tiff=no" ] ) );
NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX) NIX_CFLAGS_COMPILE = stdenv.lib.optionalString (stdenv.isDarwin && withX)
"-I${cairo}/include/cairo"; "-I${cairo}/include/cairo";

2
pkgs/applications/editors/emacs-24/macport-24.3.nix
View File

@ -17,8 +17,6 @@ stdenv.mkDerivation rec {
sha256 = "194y341zrpjp75mc3099kjc0inr1d379wwsnav257bwsc967h8yx"; sha256 = "194y341zrpjp75mc3099kjc0inr1d379wwsnav257bwsc967h8yx";
}; };
patches = [ ./darwin-new-sections.patch ];
buildInputs = [ ncurses pkgconfig texinfo libxml2 gnutls ]; buildInputs = [ ncurses pkgconfig texinfo libxml2 gnutls ];
postUnpack = '' postUnpack = ''

2
pkgs/applications/editors/emacs-24/macport-24.4.nix
View File

@ -17,8 +17,6 @@ stdenv.mkDerivation rec {
sha256 = "0qzzqnql0z0a2p3ciccy8gq79v0s7s717lchcprn3wlaqcrk2g1p"; sha256 = "0qzzqnql0z0a2p3ciccy8gq79v0s7s717lchcprn3wlaqcrk2g1p";
}; };
patches = [ ./darwin-new-sections.patch ];
buildInputs = [ ncurses pkgconfig texinfo libxml2 gnutls ]; buildInputs = [ ncurses pkgconfig texinfo libxml2 gnutls ];
postUnpack = '' postUnpack = ''

101
pkgs/applications/editors/emacs-24/macport-24.5.nix Normal file
View File

@ -0,0 +1,101 @@
{ stdenv, fetchurl, ncurses, pkgconfig, texinfo, libxml2, gnutls
}:
stdenv.mkDerivation rec {
emacsName = "emacs-24.5";
name = "${emacsName}-mac-5.7";
#builder = ./builder.sh;
src = fetchurl {
url = "mirror://gnu/emacs/${emacsName}.tar.xz";
sha256 = "0kn3rzm91qiswi0cql89kbv6mqn27rwsyjfb8xmwy9m5s8fxfiyx";
};
macportSrc = fetchurl {
url = "ftp://ftp.math.s.chiba-u.ac.jp/emacs/${name}.tar.gz";
sha256 = "1a86l3556h24x9ml6r8n6xbrxymb9gr38sicny3f0m281myhlsvv";
};
buildInputs = [ ncurses pkgconfig texinfo libxml2 gnutls ];
postUnpack = ''
mv $emacsName $name
tar xzf $macportSrc
mv $name $emacsName
'';
preConfigure = ''
substituteInPlace Makefile.in --replace "/bin/pwd" "pwd"
substituteInPlace lib-src/Makefile.in --replace "/bin/pwd" "pwd"
patch -p1 < patch-mac
# The search for 'tputs' will fail because it's in ncursesw within the
# ncurses package, yet Emacs' configure script only looks in ncurses.
# Further, we need to make sure that the -L option occurs before mention
# of the library, so that it finds it within the Nix store.
sed -i 's/tinfo ncurses/tinfo ncursesw/' configure
ncurseslib=$(echo ${ncurses}/lib | sed 's#/#\\/#g')
sed -i "s/OLIBS=\$LIBS/OLIBS=\"-L$ncurseslib \$LIBS\"/" configure
sed -i 's/LIBS="\$LIBS_TERMCAP \$LIBS"/LIBS="\$LIBS \$LIBS_TERMCAP"/' configure
configureFlagsArray=(
LDFLAGS=-L${ncurses}/lib
--with-xml2=yes
--with-gnutls=yes
--with-mac
--enable-mac-app=$out/Applications
)
makeFlagsArray=(
CFLAGS=-O3
LDFLAGS="-O3 -L${ncurses}/lib"
);
'';
postInstall = ''
cat >$out/share/emacs/site-lisp/site-start.el <<EOF
;; nixos specific load-path
(when (getenv "NIX_PROFILES") (setq load-path
(append (reverse (mapcar (lambda (x) (concat x "/share/emacs/site-lisp/"))
(split-string (getenv "NIX_PROFILES"))))
load-path)))
;; make tramp work for NixOS machines
(eval-after-load 'tramp '(add-to-list 'tramp-remote-path "/run/current-system/sw/bin"))
EOF
'';
doCheck = true;
meta = with stdenv.lib; {
description = "GNU Emacs 24, the extensible, customizable text editor";
homepage = http://www.gnu.org/software/emacs/;
license = licenses.gpl3Plus;
maintainers = with maintainers; [ jwiegley ];
platforms = platforms.darwin;
longDescription = ''
GNU Emacs is an extensible, customizable text editorand more. At its
core is an interpreter for Emacs Lisp, a dialect of the Lisp
programming language with extensions to support text editing.
The features of GNU Emacs include: content-sensitive editing modes,
including syntax coloring, for a wide variety of file types including
plain text, source code, and HTML; complete built-in documentation,
including a tutorial for new users; full Unicode support for nearly all
human languages and their scripts; highly customizable, using Emacs
Lisp code or a graphical interface; a large number of extensions that
add other functionality, including a project planner, mail and news
reader, debugger interface, calendar, and more. Many of these
extensions are distributed with GNU Emacs; others are available
separately.
This is "Mac port" addition to GNU Emacs 24. This provides a native
GUI support for Mac OS X 10.4 - 10.9. Note that Emacs 23 and later
already contain the official GUI support via the NS (Cocoa) port for
Mac OS X 10.4 and later. So if it is good enough for you, then you
don't need to try this.
'';
};
}

5
pkgs/applications/editors/emacs-modes/cask/default.nix
View File

@ -22,6 +22,11 @@ stdenv.mkDerivation rec {
install -d "$out/bin" install -d "$out/bin"
install bin/cask "$out/bin" install bin/cask "$out/bin"
# We also need to install cask's templates in order for 'cask
# init' to work properly.
install -d "$out/templates"
install templates/* "$out/templates"
# In order to work with cask's hard coded file paths (during bootstrap), # In order to work with cask's hard coded file paths (during bootstrap),
# we have to create these links. # we have to create these links.
ln -s "$out/share/emacs/site-lisp/"* "$out" ln -s "$out/share/emacs/site-lisp/"* "$out"

46
pkgs/applications/editors/idea/default.nix
View File

@ -63,9 +63,11 @@ let
item=${desktopItem} item=${desktopItem}
makeWrapper "$out/$name/bin/${loName}.sh" "$out/bin/${execName}" \ makeWrapper "$out/$name/bin/${loName}.sh" "$out/bin/${execName}" \
--prefix PATH : "$out/libexec/${name},${jdk}/bin:${coreutils}/bin:${gnugrep}/bin:${which}/bin:${git}/bin" \ --prefix PATH : "$out/libexec/${name}:${jdk}/bin:${coreutils}/bin:${gnugrep}/bin:${which}/bin:${git}/bin" \
--prefix JDK_HOME : "$jdk" \ --set JDK_HOME "$jdk" \
--prefix ${hiName}_JDK : "$jdk" --set ${hiName}_JDK "$jdk" \
--set ANDROID_JAVA_HOME "$jdk" \
--set JAVA_HOME "$jdk"
ln -s "$item/share/applications" $out/share ln -s "$item/share/applications" $out/share
''; '';
@ -210,50 +212,50 @@ in
android-studio = buildAndroidStudio rec { android-studio = buildAndroidStudio rec {
name = "android-studio-${version}"; name = "android-studio-${version}";
version = "1.1.0"; version = "1.2.0.8";
build = "135.1740770"; build = "141.1845774";
description = "Android development environment based on IntelliJ IDEA"; description = "Android development environment based on IntelliJ IDEA";
license = stdenv.lib.licenses.asl20; license = stdenv.lib.licenses.asl20;
src = fetchurl { src = fetchurl {
url = "https://dl.google.com/dl/android/studio/ide-zips/${version}" + url = "https://dl.google.com/dl/android/studio/ide-zips/${version}" +
"/android-studio-ide-${build}-linux.zip"; "/android-studio-ide-${build}-linux.zip";
sha256 = "1r2hrld3yfaxq3mw2xmzhvrrhc7w5xlv3d18rv758hy9n40c2nr1"; sha256 = "1l201qv1aya1l9jrybgqclv2v2fgzdpcb6qsnxszcq3npplisw9h";
}; };
}; };
clion = buildClion rec { clion = buildClion rec {
name = "clion-${build}"; name = "clion-${version}";
version = "eap"; version = "1.0";
build = "141.102.4"; build = "141.353";
description = "C/C++ IDE. New. Intelligent. Cross-platform."; description = "C/C++ IDE. New. Intelligent. Cross-platform.";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/cpp/${name}.tar.gz"; url = "https://download.jetbrains.com/cpp/${name}.tar.gz";
sha256 = "0qjm8wxqn171wfd7yqf5ys1g4mwl0iyhlbry29jkgkikxp7h9dym"; sha256 = "0xjdx13ljp1vy51a7rsj25wg3bsvry4kxq5cdng8zrc1g2y1fqw5";
}; };
}; };
idea-community = buildIdea rec { idea-community = buildIdea rec {
name = "idea-community-${version}"; name = "idea-community-${version}";
version = "14.1"; version = "14.1.2";
build = "IC-141.177.4"; build = "IC-141.713.2";
description = "Integrated Development Environment (IDE) by Jetbrains, community edition"; description = "Integrated Development Environment (IDE) by Jetbrains, community edition";
license = stdenv.lib.licenses.asl20; license = stdenv.lib.licenses.asl20;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz";
sha256 = "05irkxhmx6pisvghjalw8hcf9v3n4wn0n0zc92ahivzxlicylpr6"; sha256 = "1skxbax7gsxxf7519qasxwp9q0v9ff755ibqr1w47dv2al47kjzq";
}; };
}; };
idea-ultimate = buildIdea rec { idea-ultimate = buildIdea rec {
name = "idea-ultimate-${version}"; name = "idea-ultimate-${version}";
version = "14.1"; version = "14.1.2";
build = "IU-141.177.4"; build = "IU-141.713.2";
description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license"; description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz"; url = "https://download.jetbrains.com/idea/ideaIU-${version}.tar.gz";
sha256 = "10zv3m44ci7gl7163yp4wxnjy7c0g5zl34c2ibnx4c6ds6l4di2p"; sha256 = "1ddy0f83rs3yx3w8v49cmlhkc8qxapdh702g26gzlapbpvfw58ay";
}; };
}; };
@ -271,25 +273,25 @@ in
pycharm-community = buildPycharm rec { pycharm-community = buildPycharm rec {
name = "pycharm-community-${version}"; name = "pycharm-community-${version}";
version = "4.0.5"; version = "4.0.6";
build = "139.1547"; build = "139.1659";
description = "PyCharm 4.0 Community Edition"; description = "PyCharm 4.0 Community Edition";
license = stdenv.lib.licenses.asl20; license = stdenv.lib.licenses.asl20;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz"; url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "16na04sp9q7z10kjx8wpf9k9bv9vgv7rmd9jnrn72nhwd7bp0n1i"; sha256 = "16lf2slssfgbds6zyp2rs0ssrg8aw5d2w7b755iqimiyfhyyv83s";
}; };
}; };
pycharm-professional = buildPycharm rec { pycharm-professional = buildPycharm rec {
name = "pycharm-professional-${version}"; name = "pycharm-professional-${version}";
version = "4.0.5"; version = "4.0.6";
build = "139.1547"; build = "139.1659";
description = "PyCharm 4.0 Professional Edition"; description = "PyCharm 4.0 Professional Edition";
license = stdenv.lib.licenses.unfree; license = stdenv.lib.licenses.unfree;
src = fetchurl { src = fetchurl {
url = "https://download.jetbrains.com/python/${name}.tar.gz"; url = "https://download.jetbrains.com/python/${name}.tar.gz";
sha256 = "17cxznv7q47isym6l7kbp3jdzdgj02jayygy42x4bwjmg579v1gg"; sha256 = "0wavw41nzqnx75y3k3l5kq09i5d9j8hb4r6a0y3nxzqvmdfza55r";
}; };
}; };

4
pkgs/applications/editors/nano/default.nix
View File

@ -11,10 +11,10 @@ with stdenv.lib;
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "nano-${version}"; name = "nano-${version}";
version = "2.4.0"; version = "2.4.1";
src = fetchurl { src = fetchurl {
url = "mirror://gnu/nano/${name}.tar.gz"; url = "mirror://gnu/nano/${name}.tar.gz";
sha256 = "1gbm9bcv4k55y01r5q8a8a9s3yrrgq3z5jxxiij3wl404r8gnxjh"; sha256 = "1li99ycnva40hiavm9lf34gjny74mj469x6ismrfm6wv3dgfn33a";
}; };
buildInputs = [ ncurses ] ++ optional enableNls gettext; buildInputs = [ ncurses ] ++ optional enableNls gettext;
configureFlags = '' configureFlags = ''

36
pkgs/applications/editors/yi/wrapper.nix Normal file
View File

@ -0,0 +1,36 @@
# Note: this relies on dyre patched for NIX_GHC which is done in
# haskell-ng only.
#
# To use this for hacking of your Yi config file, drop into a shell
# with env attribute.
{ stdenv, makeWrapper
, haskellPackages
, extraPackages ? (s: [])
}:
let
yiEnv = haskellPackages.ghcWithPackages
(self: [ self.yi ] ++ extraPackages self);
in
stdenv.mkDerivation {
name = "yi-custom";
version = "0.0.0.1";
unpackPhase = "true";
nativeBuildInputs = [ makeWrapper ];
buildCommand = ''
mkdir -p $out/bin
makeWrapper ${haskellPackages.yi}/bin/yi $out/bin/yi \
--set NIX_GHC ${yiEnv}/bin/ghc
'';
# For hacking purposes
env = yiEnv;
meta = with stdenv.lib; {
description = "Allows Yi to find libraries and the compiler easily.";
# This wrapper and wrapper only is under PD
license = licenses.publicDomain;
maintainers = with maintainers; [ fuuzetsu ];
};
}

24
pkgs/applications/editors/yi/yi-custom-cabal/LICENSE
View File

@ -1,24 +0,0 @@
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit
of the public at large and to the detriment of our heirs and
successors. We intend this dedication to be an overt act of
relinquishment in perpetuity of all present and future rights to this
software under copyright law.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
For more information, please refer to <http://unlicense.org>

17
pkgs/applications/editors/yi/yi-custom-cabal/yi-custom.cabal
View File

@ -1,17 +0,0 @@
name: yi-custom
version: 0.0.0.1
category: Yi
synopsis: Convenience wrapper for nix
description: Convenience wrapper for nix
license: PublicDomain
license-file: LICENSE
author: Mateusz Kowalczyk
maintainer: fuuzetsu@fuuzetsu.co.uk
Cabal-Version: >= 1.10
build-type: Simple
library
hs-source-dirs: .
default-language: Haskell2010
build-depends: base, yi
ghc-options: -threaded

40
pkgs/applications/editors/yi/yi-custom.nix
View File

@ -1,40 +0,0 @@
# This is a manually-written expression over an in-tree cabal file.
# It's awkward but this way allows the package user to pass in
# extraPackages without much extra hassle on their end, similarly how
# the XMonad service handles it: the difference is that we don't have
# anything like XMONAD_GHC…
#
# The idea is that the user changes their configs using any libraries
# he likes and then builds it using this expression. Once that's done,
# reload and similar functions should all work as long as the user
# doesn't need new libraries at which point they should add them to
# extraPackages and rebuild from the expression.
{ cabal, yi, extraPackages, makeWrapper, ghcWithPackages }:
let
w = ghcWithPackages (self: [ yi ] ++ extraPackages self);
wrappedGhc = w.override { ignoreCollisions = true; };
in
cabal.mkDerivation (self: rec {
pname = "yi-custom";
version = "0.0.0.1";
src = ./yi-custom-cabal;
isLibrary = true;
buildDepends = [ yi ];
buildTools = [ makeWrapper ];
noHaddock = true;
doCheck = false;
postInstall = ''
makeWrapper ${yi}/bin/yi $out/bin/yi \
--set NIX_GHC ${wrappedGhc}/bin/ghc \
--set NIX_GHC_LIBDIR ${wrappedGhc}/lib/ghc-${self.ghc.version}
'';
meta = {
homepage = "http://haskell.org/haskellwiki/Yi";
description = "Wrapper over user-specified Haskell libraries for use in Yi config";
license = self.stdenv.lib.licenses.publicDomain;
platforms = self.ghc.meta.platforms;
maintainers = with self.stdenv.lib.maintainers; [ fuuzetsu ];
};
})

4
pkgs/applications/gis/qgis/default.nix
View File

@ -2,7 +2,7 @@
pyqt4, qwt, fcgi, pythonPackages, libspatialindex, libspatialite, qscintilla, postgresql, makeWrapper }: pyqt4, qwt, fcgi, pythonPackages, libspatialindex, libspatialite, qscintilla, postgresql, makeWrapper }:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
name = "qgis-2.6.1"; name = "qgis-2.8.1";
buildInputs = [ gdal qt4 flex bison proj geos x11 sqlite gsl pyqt4 qwt qscintilla buildInputs = [ gdal qt4 flex bison proj geos x11 sqlite gsl pyqt4 qwt qscintilla
fcgi libspatialindex libspatialite postgresql ] ++ fcgi libspatialindex libspatialite postgresql ] ++
@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
src = fetchurl { src = fetchurl {
url = "http://qgis.org/downloads/${name}.tar.bz2"; url = "http://qgis.org/downloads/${name}.tar.bz2";
sha256 = "1avw9mnhrcxsdalqr2yhyif1cacl4dsgcpfc31axkv7vj401djnl"; sha256 = "19acb74e4e2739238b87bf64f2750e10e366e9d61d070a4b8ca341ce01ca9741";
}; };
postInstall = '' postInstall = ''

Some files were not shown because too many files have changed in this diff Show More