Merge master into staging-next

4 files changed, 52 insertions, 115 deletions

diff --git a/nixos/modules/services/home-automation/ebusd.nix b/nixos/modules/services/home-automation/ebusd.nix
index d388022d7b50b..ac9ec06639c13 100644
--- a/nixos/modules/services/home-automation/ebusd.nix
+++ b/nixos/modules/services/home-automation/ebusd.nix
@@ -4,41 +4,6 @@ with lib;
 
 let
   cfg = config.services.ebusd;
-
-  package = pkgs.ebusd;
-
-  arguments = [
-    "${package}/bin/ebusd"
-    "--foreground"
-    "--updatecheck=off"
-    "--device=${cfg.device}"
-    "--port=${toString cfg.port}"
-    "--configpath=${cfg.configpath}"
-    "--scanconfig=${cfg.scanconfig}"
-    "--log=all:${cfg.logs.all}"
-    "--log=main:${cfg.logs.main}"
-    "--log=network:${cfg.logs.network}"
-    "--log=bus:${cfg.logs.bus}"
-    "--log=update:${cfg.logs.update}"
-    "--log=other:${cfg.logs.other}"
-  ] ++ lib.optionals cfg.readonly [
-    "--readonly"
-  ] ++ lib.optionals cfg.mqtt.enable [
-    "--mqtthost=${cfg.mqtt.host}"
-    "--mqttport=${toString cfg.mqtt.port}"
-    "--mqttuser=${cfg.mqtt.user}"
-    "--mqttpass=${cfg.mqtt.password}"
-  ] ++ lib.optionals cfg.mqtt.home-assistant [
-    "--mqttint=${package}/etc/ebusd/mqtt-hassio.cfg"
-    "--mqttjson"
-  ] ++ lib.optionals cfg.mqtt.retain [
-    "--mqttretain"
-  ] ++ cfg.extraArguments;
-
-  usesDev = hasPrefix "/" cfg.device;
-
-  command = concatStringsSep " " arguments;
-
 in
 {
   meta.maintainers = with maintainers; [ nathan-gs ];
@@ -46,6 +11,8 @@ in
   options.services.ebusd = {
     enable = mkEnableOption "ebusd, a daemon for communication with eBUS heating systems";
 
+    package = mkPackageOptionMD pkgs "ebusd" { };
+
     device = mkOption {
       type = types.str;
       default = "";
@@ -57,7 +24,8 @@ in
           ens:DEVICE for enhanced high speed serial device (only adapter v3 and newer with firmware since 20220731),
           DEVICE for serial device (normal speed, for all other serial adapters like adapter v2 as well as adapter v3 in non-enhanced mode), or
           [udp:]IP:PORT for network device.
-        https://github.com/john30/ebusd/wiki/2.-Run#device-options
+
+        Source: <https://github.com/john30/ebusd/wiki/2.-Run#device-options>
       '';
     };
 
@@ -81,7 +49,7 @@ in
       type = types.str;
       default = "https://cfg.ebusd.eu/";
       description = ''
-        Read CSV config files from PATH (local folder or HTTPS URL) [https://cfg.ebusd.eu/]
+        Directory to read CSV config files from. This can be a local folder or a URL.
       '';
     };
 
@@ -95,65 +63,21 @@ in
       '';
     };
 
-    logs = {
-      main = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-
-      network = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-
-      bus = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-
-      update = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-
-      other = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-
-      all = mkOption {
-        type = types.enum [ "none" "error" "notice" "info" "debug"];
-        default = "info";
-        description = ''
-          Only write log for matching AREAs (main|network|bus|update|other|all) below or equal to LEVEL (none|error|notice|info|debug) [all:notice].
-        '';
-      };
-    };
+    logs = let
+      # "all" must come first so it can be overridden by more specific areas
+      areas = [ "all" "main" "network" "bus" "update" "other" ];
+      levels = [ "none" "error" "notice" "info" "debug" ];
+    in listToAttrs (map (area: nameValuePair area (mkOption {
+      type = types.enum levels;
+      default = "notice";
+      example = "debug";
+      description = ''
+        Only write log for matching `AREA`s (${concatStringsSep "|" areas}) below or equal to `LEVEL` (${concatStringsSep "|" levels})
+      '';
+    })) areas);
 
     mqtt = {
-
-      enable = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Adds support for MQTT
-        '';
-      };
+      enable = mkEnableOption "support for MQTT";
 
       host = mkOption {
         type = types.str;
@@ -179,13 +103,7 @@ in
         '';
       };
 
-      retain = mkOption {
-        type = types.bool;
-        default = false;
-        description = ''
-          Set the retain flag on all topics instead of only selected global ones
-        '';
-      };
+      retain = mkEnableOption "set the retain flag on all topics instead of only selected global ones";
 
       user = mkOption {
         type = types.str;
@@ -200,7 +118,6 @@ in
           The MQTT password.
         '';
       };
-
     };
 
     extraArguments = mkOption {
@@ -210,25 +127,44 @@ in
         Extra arguments to the ebus daemon
       '';
     };
-
   };
 
-  config = mkIf (cfg.enable) {
-
+  config = let
+    usesDev = hasPrefix "/" cfg.device;
+  in mkIf cfg.enable {
     systemd.services.ebusd = {
       description = "EBUSd Service";
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" ];
       serviceConfig = {
-        ExecStart = command;
+        ExecStart = let
+          args = cli.toGNUCommandLineShell { } (foldr (a: b: a // b) { } [
+            {
+              inherit (cfg) device port configpath scanconfig readonly;
+              foreground = true;
+              updatecheck = "off";
+              log = mapAttrsToList (name: value: "${name}:${value}") cfg.logs;
+              mqttretain = cfg.mqtt.retain;
+            }
+            (optionalAttrs cfg.mqtt.enable {
+              mqtthost  = cfg.mqtt.host;
+              mqttport  = cfg.mqtt.port;
+              mqttuser  = cfg.mqtt.user;
+              mqttpass  = cfg.mqtt.password;
+            })
+            (optionalAttrs cfg.mqtt.home-assistant {
+              mqttint = "${cfg.package}/etc/ebusd/mqtt-hassio.cfg";
+              mqttjson = true;
+            })
+          ]);
+        in "${cfg.package}/bin/ebusd ${args} ${escapeShellArgs cfg.extraArguments}";
+
         DynamicUser = true;
         Restart = "on-failure";
 
         # Hardening
         CapabilityBoundingSet = "";
-        DeviceAllow = lib.optionals usesDev [
-          cfg.device
-        ] ;
+        DeviceAllow = optionals usesDev [ cfg.device ];
         DevicePolicy = "closed";
         LockPersonality = true;
         MemoryDenyWriteExecute = false;
@@ -254,9 +190,7 @@ in
         RestrictNamespaces = true;
         RestrictRealtime = true;
         RestrictSUIDSGID = true;
-        SupplementaryGroups = [
-          "dialout"
-        ];
+        SupplementaryGroups = [ "dialout" ];
         SystemCallArchitectures = "native";
         SystemCallFilter = [
           "@system-service @pkey"
@@ -265,6 +199,5 @@ in
         UMask = "0077";
       };
     };
-
   };
 }
diff --git a/nixos/modules/services/logging/promtail.nix b/nixos/modules/services/logging/promtail.nix
index a34bc07b6ab2f..9eccd34cef234 100644
--- a/nixos/modules/services/logging/promtail.nix
+++ b/nixos/modules/services/logging/promtail.nix
@@ -41,6 +41,10 @@ in {
       wantedBy = [ "multi-user.target" ];
       stopIfChanged = false;
 
+      preStart = ''
+        ${lib.getExe pkgs.promtail} -config.file=${prettyJSON cfg.configuration} -check-syntax
+      '';
+
       serviceConfig = {
         Restart = "on-failure";
         TimeoutStopSec = 10;
diff --git a/nixos/modules/services/matrix/conduit.nix b/nixos/modules/services/matrix/conduit.nix
index 9b8a4f45c268f..b1d9b04242956 100644
--- a/nixos/modules/services/matrix/conduit.nix
+++ b/nixos/modules/services/matrix/conduit.nix
@@ -9,7 +9,7 @@ let
   configFile = format.generate "conduit.toml" cfg.settings;
 in
   {
-    meta.maintainers = with maintainers; [ pstn piegames ];
+    meta.maintainers = with maintainers; [ pstn ];
     options.services.matrix-conduit = {
       enable = mkEnableOption "matrix-conduit";
 
diff --git a/nixos/modules/services/misc/heisenbridge.nix b/nixos/modules/services/misc/heisenbridge.nix
index de109e726633f..54c298f1b5602 100644
--- a/nixos/modules/services/misc/heisenbridge.nix
+++ b/nixos/modules/services/misc/heisenbridge.nix
@@ -210,5 +210,5 @@ in
     };
   };
 
-  meta.maintainers = [ lib.maintainers.piegames ];
+  meta.maintainers = [ ];
 }