diff --git a/nixos/modules/services/cluster/k3s/default.nix b/nixos/modules/services/cluster/k3s/default.nix index 5ab0286a38a..99e47e867b3 100644 --- a/nixos/modules/services/cluster/k3s/default.nix +++ b/nixos/modules/services/cluster/k3s/default.nix @@ -35,10 +35,20 @@ in token = mkOption { type = types.str; - description = "The k3s token to use when connecting to the server. This option only makes sense for an agent."; + description = '' + The k3s token to use when connecting to the server. This option only makes sense for an agent. + WARNING: This option will expose store your token unencrypted world-readable in the nix store. + If this is undesired use the tokenFile option instead. + ''; default = ""; }; + tokenFile = mkOption { + type = types.nullOr types.path; + description = "File path containing k3s token to use when connecting to the server. This option only makes sense for an agent."; + default = null; + }; + docker = mkOption { type = types.bool; default = false; @@ -68,8 +78,8 @@ in message = "serverAddr should be set if role is 'agent'"; } { - assertion = cfg.role == "agent" -> cfg.token != ""; - message = "token should be set if role is 'agent'"; + assertion = cfg.role == "agent" -> cfg.token != "" || cfg.tokenFile != null; + message = "token or tokenFile should be set if role is 'agent'"; } ]; @@ -81,6 +91,8 @@ in # supporting it, or their bundled containerd systemd.enableUnifiedCgroupHierarchy = false; + environment.systemPackages = [ config.services.k3s.package ]; + systemd.services.k3s = { description = "k3s service"; after = [ "network.service" "firewall.service" ] ++ (optional cfg.docker "docker.service"); @@ -102,7 +114,12 @@ in "${cfg.package}/bin/k3s ${cfg.role}" ] ++ (optional cfg.docker "--docker") ++ (optional cfg.disableAgent "--disable-agent") - ++ (optional (cfg.role == "agent") "--server ${cfg.serverAddr} --token ${cfg.token}") + ++ (optional (cfg.role == "agent") "--server ${cfg.serverAddr} ${ + if cfg.tokenFile != null then + "--token-file ${cfg.tokenFile}" + else + "--token ${cfg.token}" + }") ++ [ cfg.extraFlags ] ); }; diff --git a/pkgs/games/dhewm3/default.nix b/pkgs/games/dhewm3/default.nix index b5caa603eaf..beb037dc240 100644 --- a/pkgs/games/dhewm3/default.nix +++ b/pkgs/games/dhewm3/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchFromGitHub, cmake, SDL2, libGLU, libGL, zlib, libjpeg, libogg, libvorbis -, openal, curl }: +, openal, curl, copyDesktopItems, makeDesktopItem }: stdenv.mkDerivation rec { pname = "dhewm3"; @@ -21,9 +21,18 @@ stdenv.mkDerivation rec { cd "$(ls -d dhewm3-*.src)"/neo ''; - nativeBuildInputs = [ cmake ]; + nativeBuildInputs = [ cmake copyDesktopItems ]; buildInputs = [ SDL2 libGLU libGL zlib libjpeg libogg libvorbis openal curl ]; + desktopItems = [ + (makeDesktopItem { + name = "dhewm3"; + exec = "dhewm3"; + desktopName = "Doom 3"; + categories = "Game;"; + }) + ]; + hardeningDisable = [ "format" ]; meta = with lib; { diff --git a/pkgs/games/gzdoom/default.nix b/pkgs/games/gzdoom/default.nix index 8ab54468c00..787184273fc 100644 --- a/pkgs/games/gzdoom/default.nix +++ b/pkgs/games/gzdoom/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchFromGitHub, cmake, makeWrapper, openal, fluidsynth_1 , soundfont-fluid, libGL, SDL2, bzip2, zlib, libjpeg, libsndfile, mpg123 -, game-music-emu, pkg-config }: +, game-music-emu, pkg-config, copyDesktopItems, makeDesktopItem }: let zmusic-src = fetchFromGitHub { @@ -38,7 +38,7 @@ let fetchSubmodules = true; }; - nativeBuildInputs = [ cmake makeWrapper pkg-config ]; + nativeBuildInputs = [ cmake makeWrapper pkg-config copyDesktopItems ]; buildInputs = [ SDL2 libGL @@ -55,7 +55,18 @@ let NIX_CFLAGS_LINK = "-lopenal -lfluidsynth"; + desktopItems = [ + (makeDesktopItem { + name = "gzdoom"; + exec = "gzdoom"; + desktopName = "GZDoom"; + categories = "Game;"; + }) + ]; + installPhase = '' + runHook preInstall + install -Dm755 gzdoom "$out/lib/gzdoom/gzdoom" for i in *.pk3; do install -Dm644 "$i" "$out/lib/gzdoom/$i" @@ -68,6 +79,8 @@ let done mkdir $out/bin makeWrapper $out/lib/gzdoom/gzdoom $out/bin/gzdoom + + runHook postInstall ''; meta = with lib; { diff --git a/pkgs/games/quakespasm/default.nix b/pkgs/games/quakespasm/default.nix index 64b7c8f7920..9e540052c4f 100644 --- a/pkgs/games/quakespasm/default.nix +++ b/pkgs/games/quakespasm/default.nix @@ -1,4 +1,5 @@ -{ lib, stdenv, SDL, fetchurl, gzip, libvorbis, libmad }: +{ lib, stdenv, SDL, fetchurl, gzip, libvorbis, libmad, copyDesktopItems, makeDesktopItem }: + stdenv.mkDerivation rec { pname = "quakespasm"; majorVersion = "0.93"; @@ -11,6 +12,7 @@ stdenv.mkDerivation rec { sourceRoot = "${pname}-${version}/Quake"; + nativeBuildInputs = [ copyDesktopItems ]; buildInputs = [ gzip SDL libvorbis libmad ]; @@ -24,7 +26,16 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; - meta = { + desktopItems = [ + (makeDesktopItem { + name = "quakespasm"; + exec = "quake"; + desktopName = "Quakespasm"; + categories = "Game;"; + }) + ]; + + meta = with lib; { description = "An engine for iD software's Quake"; homepage = "http://quakespasm.sourceforge.net/"; longDescription = '' diff --git a/pkgs/servers/mautrix-telegram/default.nix b/pkgs/servers/mautrix-telegram/default.nix index bf00462875b..74280f048ce 100644 --- a/pkgs/servers/mautrix-telegram/default.nix +++ b/pkgs/servers/mautrix-telegram/default.nix @@ -1,4 +1,6 @@ -{ lib, python3, mautrix-telegram, fetchFromGitHub }: +{ lib, python3, mautrix-telegram, fetchFromGitHub +, withE2BE ? true +}: with python3.pkgs; @@ -39,6 +41,11 @@ in buildPythonPackage rec { pillow lxml setuptools + ] ++ lib.optionals withE2BE [ + asyncpg + python-olm + pycryptodome + unpaddedbase64 ] ++ dbDrivers; # `alembic` (a database migration tool) is only needed for the initial setup,