diff options
author | obadz <obadz-git@obadz.com> | 2016-08-28 13:33:13 +0100 |
---|---|---|
committer | obadz <obadz-git@obadz.com> | 2016-08-28 13:33:13 +0100 |
commit | c7142c1aa3ea15909656d767046de188d1e81ac9 (patch) | |
tree | 174b3a9a4fda3fd6340be4fd33f2e969d0b6af79 /nixos | |
parent | 6eb40148742de9010f2f7f6eec26df15f54e9afc (diff) | |
parent | e01e92f12f5e768e5bd5ef84a969b978fb501186 (diff) |
Merge branch 'master' into staging
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/doc/manual/configuration/configuration.xml | 8 | ||||
-rw-r--r-- | nixos/doc/manual/default.nix | 11 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-1603.xml | 35 | ||||
-rw-r--r-- | nixos/modules/i18n/input-method/default.nix | 5 | ||||
-rw-r--r-- | nixos/modules/misc/meta.nix | 8 | ||||
-rw-r--r-- | nixos/modules/rename.nix | 30 | ||||
-rw-r--r-- | nixos/modules/security/acme.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/databases/postgresql.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 3 | ||||
-rw-r--r-- | nixos/modules/services/misc/nixos-manual.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/taskserver/default.nix | 3 | ||||
-rw-r--r-- | nixos/modules/services/networking/teamspeak3.nix | 75 | ||||
-rw-r--r-- | nixos/modules/services/networking/wpa_supplicant.nix | 99 | ||||
-rw-r--r-- | nixos/modules/services/x11/display-managers/default.nix | 3 | ||||
-rw-r--r-- | nixos/modules/system/boot/loader/grub/grub.nix | 2 |
15 files changed, 169 insertions, 124 deletions
diff --git a/nixos/doc/manual/configuration/configuration.xml b/nixos/doc/manual/configuration/configuration.xml index 26f8ebad7344c..2d5281829ed5f 100644 --- a/nixos/doc/manual/configuration/configuration.xml +++ b/nixos/doc/manual/configuration/configuration.xml @@ -25,14 +25,10 @@ effect after you run <command>nixos-rebuild</command>.</para> <xi:include href="linux-kernel.xml" /> <xi:include href="grsecurity.xml" /> -<!-- FIXME: auto-include NixOS module docs --> -<xi:include href="postgresql.xml" /> -<xi:include href="gitlab.xml" /> -<xi:include href="taskserver.xml" /> -<xi:include href="acme.xml" /> -<xi:include href="input-methods.xml" /> <xi:include href="emacs.xml" /> +<xi:include href="modules.xml" xpointer="xpointer(//section[@id='modules']/*)" /> <!-- Apache; libvirtd virtualisation --> </part> + diff --git a/nixos/doc/manual/default.nix b/nixos/doc/manual/default.nix index 2592766ee496d..0f0c6e66e4c06 100644 --- a/nixos/doc/manual/default.nix +++ b/nixos/doc/manual/default.nix @@ -1,4 +1,4 @@ -{ pkgs, options, version, revision, extraSources ? [] }: +{ pkgs, options, config, version, revision, extraSources ? [] }: with pkgs; @@ -51,6 +51,14 @@ let sources = lib.sourceFilesBySuffices ./. [".xml"]; + modulesDoc = builtins.toFile "modules.xml" '' + <section xmlns:xi="http://www.w3.org/2001/XInclude" id="modules"> + ${(lib.concatMapStrings (path: '' + <xi:include href="${path}" /> + '') (lib.catAttrs "value" config.meta.doc))} + </section> + ''; + copySources = '' cp -prd $sources/* . # */ @@ -61,6 +69,7 @@ let cp ${../../modules/security/acme.xml} configuration/acme.xml cp ${../../modules/i18n/input-method/default.xml} configuration/input-methods.xml cp ${../../modules/services/editors/emacs.xml} configuration/emacs.xml + ln -s ${modulesDoc} configuration/modules.xml ln -s ${optionsDocBook} options-db.xml echo "${version}" > version ''; diff --git a/nixos/doc/manual/release-notes/rl-1603.xml b/nixos/doc/manual/release-notes/rl-1603.xml index c51316bd2808e..f460e00e836e6 100644 --- a/nixos/doc/manual/release-notes/rl-1603.xml +++ b/nixos/doc/manual/release-notes/rl-1603.xml @@ -385,6 +385,41 @@ services.syncthing = { the github issue</link>. </para> </listitem> + + <listitem> + <para> + The <literal>services.xserver.startGnuPGAgent</literal> option has been removed. + GnuPG 2.1.x changed the way the gpg-agent works, and that new approach no + longer requires (or even supports) the "start everything as a child of the + agent" scheme we've implemented in NixOS for older versions. + To configure the gpg-agent for your X session, add the following code to + <filename>~/.bashrc</filename> or some file that’s sourced when your shell is started: + <programlisting> +GPG_TTY=$(tty) +export GPG_TTY + </programlisting> + If you want to use gpg-agent for SSH, too, add the following to your session + initialization (e.g. <literal>displayManager.sessionCommands</literal>) + <programlisting> +gpg-connect-agent /bye +unset SSH_AGENT_PID +export SSH_AUTH_SOCK="''${HOME}/.gnupg/S.gpg-agent.ssh" + </programlisting> + and make sure that + <programlisting> +enable-ssh-support + </programlisting> + is included in your <filename>~/.gnupg/gpg-agent.conf</filename>. + You will need to use <command>ssh-add</command> to re-add your ssh keys. + If gpg’s automatic transformation of the private keys to the new format fails, + you will need to re-import your private keyring as well: + <programlisting> +gpg --import ~/.gnupg/secring.gpg + </programlisting> + The <command>gpg-agent(1)</command> man page has more details about this subject, + i.e. in the "EXAMPLES" section. + </para> + </listitem> </itemizedlist> diff --git a/nixos/modules/i18n/input-method/default.nix b/nixos/modules/i18n/input-method/default.nix index 5d57a7f996668..f3e568f1dde3e 100644 --- a/nixos/modules/i18n/input-method/default.nix +++ b/nixos/modules/i18n/input-method/default.nix @@ -62,4 +62,9 @@ in environment.systemPackages = [ cfg.package gtk2_cache gtk3_cache ]; }; + meta = { + maintainers = with lib.maintainers; [ ericsagnes ]; + doc = ./default.xml; + }; + } diff --git a/nixos/modules/misc/meta.nix b/nixos/modules/misc/meta.nix index 22622706f2c88..6a5738e47ff35 100644 --- a/nixos/modules/misc/meta.nix +++ b/nixos/modules/misc/meta.nix @@ -39,7 +39,7 @@ in default = []; example = [ lib.maintainers.all ]; description = '' - List of maintainers of each module. This option should be defined at + List of maintainers of each module. This option should be defined at most once per module. ''; }; @@ -49,7 +49,7 @@ in internal = true; example = "./meta.xml"; description = '' - Documentation prologe for the set of options of each module. This + Documentation prologe for the set of options of each module. This option should be defined at most once per module. ''; }; @@ -57,7 +57,5 @@ in }; }; - config = { - meta.maintainers = singleton lib.maintainers.pierron; - }; + meta.maintainers = singleton lib.maintainers.pierron; } diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 3caac6c4ee606..0f10ecd4de712 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -29,7 +29,7 @@ with lib; (mkRenamedOptionModule [ "jobs" ] [ "systemd" "services" ]) (mkRenamedOptionModule [ "services" "gitlab" "stateDir" ] [ "services" "gitlab" "statePath" ]) - (mkRemovedOptionModule [ "services" "gitlab" "satelliteDir" ]) + (mkRemovedOptionModule [ "services" "gitlab" "satelliteDir" ] "") # Old Grub-related options. (mkRenamedOptionModule [ "boot" "initrd" "extraKernelModules" ] [ "boot" "initrd" "kernelModules" ]) @@ -112,7 +112,7 @@ with lib; (mkRenamedOptionModule [ "services" "iodined" "domain" ] [ "services" "iodine" "server" "domain" ]) (mkRenamedOptionModule [ "services" "iodined" "ip" ] [ "services" "iodine" "server" "ip" ]) (mkRenamedOptionModule [ "services" "iodined" "extraConfig" ] [ "services" "iodine" "server" "extraConfig" ]) - (mkRemovedOptionModule [ "services" "iodined" "client" ]) + (mkRemovedOptionModule [ "services" "iodined" "client" ] "") # Grsecurity (mkRemovedOptionModule [ "security" "grsecurity" "kernelPatch" ]) @@ -141,18 +141,18 @@ with lib; (mkRenamedOptionModule [ "fonts" "fontconfig" "ultimate" "rendering" ] [ "fonts" "fontconfig" "ultimate" "preset" ]) # Options that are obsolete and have no replacement. - (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ]) - (mkRemovedOptionModule [ "programs" "bash" "enable" ]) - (mkRemovedOptionModule [ "services" "samba" "defaultShare" ]) - (mkRemovedOptionModule [ "services" "syslog-ng" "serviceName" ]) - (mkRemovedOptionModule [ "services" "syslog-ng" "listenToJournal" ]) - (mkRemovedOptionModule [ "ec2" "metadata" ]) - (mkRemovedOptionModule [ "services" "openvpn" "enable" ]) - (mkRemovedOptionModule [ "services" "printing" "cupsFilesConf" ]) - (mkRemovedOptionModule [ "services" "printing" "cupsdConf" ]) - (mkRemovedOptionModule [ "services" "xserver" "startGnuPGAgent" ]) - (mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ]) - (mkRemovedOptionModule [ "services" "dovecot2" "package" ]) - + (mkRemovedOptionModule [ "boot" "initrd" "luks" "enable" ] "") + (mkRemovedOptionModule [ "programs" "bash" "enable" ] "") + (mkRemovedOptionModule [ "services" "samba" "defaultShare" ] "") + (mkRemovedOptionModule [ "services" "syslog-ng" "serviceName" ] "") + (mkRemovedOptionModule [ "services" "syslog-ng" "listenToJournal" ] "") + (mkRemovedOptionModule [ "ec2" "metadata" ] "") + (mkRemovedOptionModule [ "services" "openvpn" "enable" ] "") + (mkRemovedOptionModule [ "services" "printing" "cupsFilesConf" ] "") + (mkRemovedOptionModule [ "services" "printing" "cupsdConf" ] "") + (mkRemovedOptionModule [ "services" "xserver" "startGnuPGAgent" ] + "See the 16.03 release notes for more information.") + (mkRemovedOptionModule [ "services" "phpfpm" "phpIni" ] "") + (mkRemovedOptionModule [ "services" "dovecot2" "package" ] "") ]; } diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index f646602221a49..3dac558b9537d 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -290,9 +290,10 @@ in systemd.targets."acme-certificates" = {}; }) - { meta.maintainers = with lib.maintainers; [ abbradar fpletz globin ]; - meta.doc = ./acme.xml; - } ]; + meta = { + maintainers = with lib.maintainers; [ abbradar fpletz globin ]; + doc = ./acme.xml; + }; } diff --git a/nixos/modules/services/databases/postgresql.nix b/nixos/modules/services/databases/postgresql.nix index 80ee32f4ee33c..9988fc6e63be9 100644 --- a/nixos/modules/services/databases/postgresql.nix +++ b/nixos/modules/services/databases/postgresql.nix @@ -253,4 +253,6 @@ in }; + meta.doc = ./postgresql.xml; + } diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index f4ab26714d546..b3f09999adba0 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -556,4 +556,7 @@ in { }; }; + + meta.doc = ./gitlab.xml; + } diff --git a/nixos/modules/services/misc/nixos-manual.nix b/nixos/modules/services/misc/nixos-manual.nix index a60d5f7983bca..306ee346523d6 100644 --- a/nixos/modules/services/misc/nixos-manual.nix +++ b/nixos/modules/services/misc/nixos-manual.nix @@ -17,7 +17,7 @@ let Caveat: even if the package is reached by a different means, the path above will be shown and not e.g. `${config.services.foo.package}`. */ manual = import ../../../doc/manual { - inherit pkgs; + inherit pkgs config; version = config.system.nixosRelease; revision = "release-${config.system.nixosRelease}"; options = diff --git a/nixos/modules/services/misc/taskserver/default.nix b/nixos/modules/services/misc/taskserver/default.nix index c846ffd045514..6d458feec3453 100644 --- a/nixos/modules/services/misc/taskserver/default.nix +++ b/nixos/modules/services/misc/taskserver/default.nix @@ -534,6 +534,7 @@ in { (mkIf (cfg.enable && cfg.listenHost != "localhost") { networking.firewall.allowedTCPPorts = [ cfg.listenPort ]; }) - { meta.doc = ./taskserver.xml; } ]; + + meta.doc = ./doc.xml; } diff --git a/nixos/modules/services/networking/teamspeak3.nix b/nixos/modules/services/networking/teamspeak3.nix index 5f04926eed245..3703921ff7034 100644 --- a/nixos/modules/services/networking/teamspeak3.nix +++ b/nixos/modules/services/networking/teamspeak3.nix @@ -95,47 +95,44 @@ in ###### implementation - config = mkMerge [ - (mkIf cfg.enable { - users.users.teamspeak = { - description = "Teamspeak3 voice communication server daemon"; - group = group; - uid = config.ids.uids.teamspeak; - home = cfg.dataDir; - createHome = true; - }; - - users.groups.teamspeak = { - gid = config.ids.gids.teamspeak; - }; + config = mkIf cfg.enable { + users.users.teamspeak = { + description = "Teamspeak3 voice communication server daemon"; + group = group; + uid = config.ids.uids.teamspeak; + home = cfg.dataDir; + createHome = true; + }; - systemd.services.teamspeak3-server = { - description = "Teamspeak3 voice communication server daemon"; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; + users.groups.teamspeak = { + gid = config.ids.gids.teamspeak; + }; - preStart = '' - mkdir -p ${cfg.logPath} - chown ${user}:${group} ${cfg.logPath} + systemd.services.teamspeak3-server = { + description = "Teamspeak3 voice communication server daemon"; + after = [ "network.target" ]; + wantedBy = [ "multi-user.target" ]; + + preStart = '' + mkdir -p ${cfg.logPath} + chown ${user}:${group} ${cfg.logPath} + ''; + + serviceConfig = { + ExecStart = '' + ${ts3}/bin/ts3server \ + dbsqlpath=${ts3}/lib/teamspeak/sql/ logpath=${cfg.logPath} \ + voice_ip=${cfg.voiceIP} default_voice_port=${toString cfg.defaultVoicePort} \ + filetransfer_ip=${cfg.fileTransferIP} filetransfer_port=${toString cfg.fileTransferPort} \ + query_ip=${cfg.queryIP} query_port=${toString cfg.queryPort} ''; - - serviceConfig = { - ExecStart = '' - ${ts3}/bin/ts3server \ - dbsqlpath=${ts3}/lib/teamspeak/sql/ logpath=${cfg.logPath} \ - voice_ip=${cfg.voiceIP} default_voice_port=${toString cfg.defaultVoicePort} \ - filetransfer_ip=${cfg.fileTransferIP} filetransfer_port=${toString cfg.fileTransferPort} \ - query_ip=${cfg.queryIP} query_port=${toString cfg.queryPort} - ''; - WorkingDirectory = cfg.dataDir; - User = user; - Group = group; - PermissionsStartOnly = true; - }; + WorkingDirectory = cfg.dataDir; + User = user; + Group = group; + PermissionsStartOnly = true; }; - }) - { - meta.maintainers = with lib.maintainers; [ arobyn ]; - } - ]; + }; + }; + + meta.maintainers = with lib.maintainers; [ arobyn ]; } diff --git a/nixos/modules/services/networking/wpa_supplicant.nix b/nixos/modules/services/networking/wpa_supplicant.nix index 8d22c10d3f786..de99ce4f02604 100644 --- a/nixos/modules/services/networking/wpa_supplicant.nix +++ b/nixos/modules/services/networking/wpa_supplicant.nix @@ -111,57 +111,54 @@ in { }; }; - config = mkMerge [ - (mkIf cfg.enable { - assertions = flip mapAttrsToList cfg.networks (name: cfg: { - assertion = cfg.psk == null || cfg.pskRaw == null; - message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive''; - }); - - environment.systemPackages = [ pkgs.wpa_supplicant ]; - - services.dbus.packages = [ pkgs.wpa_supplicant ]; - - # FIXME: start a separate wpa_supplicant instance per interface. - systemd.services.wpa_supplicant = let - ifaces = cfg.interfaces; - deviceUnit = interface: [ "sys-subsystem-net-devices-${interface}.device" ]; - in { - description = "WPA Supplicant"; - - after = [ "network-interfaces.target" ] ++ lib.concatMap deviceUnit ifaces; - requires = lib.concatMap deviceUnit ifaces; - wantedBy = [ "network.target" ]; - - path = [ pkgs.wpa_supplicant ]; - - script = '' - ${if ifaces == [] then '' - for i in $(cd /sys/class/net && echo *); do - DEVTYPE= - source /sys/class/net/$i/uevent - if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then - ifaces="$ifaces''${ifaces:+ -N} -i$i" - fi - done - '' else '' - ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}" - ''} - exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces - ''; - }; - - powerManagement.resumeCommands = '' - ${config.systemd.package}/bin/systemctl try-restart wpa_supplicant + config = mkIf cfg.enable { + assertions = flip mapAttrsToList cfg.networks (name: cfg: { + assertion = cfg.psk == null || cfg.pskRaw == null; + message = ''networking.wireless."${name}".psk and networking.wireless."${name}".pskRaw are mutually exclusive''; + }); + + environment.systemPackages = [ pkgs.wpa_supplicant ]; + + services.dbus.packages = [ pkgs.wpa_supplicant ]; + + # FIXME: start a separate wpa_supplicant instance per interface. + systemd.services.wpa_supplicant = let + ifaces = cfg.interfaces; + deviceUnit = interface: [ "sys-subsystem-net-devices-${interface}.device" ]; + in { + description = "WPA Supplicant"; + + after = [ "network-interfaces.target" ] ++ lib.concatMap deviceUnit ifaces; + requires = lib.concatMap deviceUnit ifaces; + wantedBy = [ "network.target" ]; + + path = [ pkgs.wpa_supplicant ]; + + script = '' + ${if ifaces == [] then '' + for i in $(cd /sys/class/net && echo *); do + DEVTYPE= + source /sys/class/net/$i/uevent + if [ "$DEVTYPE" = "wlan" -o -e /sys/class/net/$i/wireless ]; then + ifaces="$ifaces''${ifaces:+ -N} -i$i" + fi + done + '' else '' + ifaces="${concatStringsSep " -N " (map (i: "-i${i}") ifaces)}" + ''} + exec wpa_supplicant -s -u -D${cfg.driver} -c ${configFile} $ifaces ''; + }; - # Restart wpa_supplicant when a wlan device appears or disappears. - services.udev.extraRules = '' - ACTION=="add|remove", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", RUN+="${config.systemd.package}/bin/systemctl try-restart wpa_supplicant.service" - ''; - }) - { - meta.maintainers = with lib.maintainers; [ globin ]; - } - ]; + powerManagement.resumeCommands = '' + ${config.systemd.package}/bin/systemctl try-restart wpa_supplicant + ''; + + # Restart wpa_supplicant when a wlan device appears or disappears. + services.udev.extraRules = '' + ACTION=="add|remove", SUBSYSTEM=="net", ENV{DEVTYPE}=="wlan", RUN+="${config.systemd.package}/bin/systemctl try-restart wpa_supplicant.service" + ''; + }; + + meta.maintainers = with lib.maintainers; [ globin ]; } diff --git a/nixos/modules/services/x11/display-managers/default.nix b/nixos/modules/services/x11/display-managers/default.nix index 1c928ff22a1f0..75d80609f73ff 100644 --- a/nixos/modules/services/x11/display-managers/default.nix +++ b/nixos/modules/services/x11/display-managers/default.nix @@ -306,7 +306,8 @@ in }; imports = [ - (mkRemovedOptionModule [ "services" "xserver" "displayManager" "desktopManagerHandlesLidAndPower" ]) + (mkRemovedOptionModule [ "services" "xserver" "displayManager" "desktopManagerHandlesLidAndPower" ] + "The option is no longer necessary because all display managers have already delegated lid management to systemd.") ]; } diff --git a/nixos/modules/system/boot/loader/grub/grub.nix b/nixos/modules/system/boot/loader/grub/grub.nix index ab32e112936cd..e86df4e74c9f8 100644 --- a/nixos/modules/system/boot/loader/grub/grub.nix +++ b/nixos/modules/system/boot/loader/grub/grub.nix @@ -500,7 +500,7 @@ in imports = - [ (mkRemovedOptionModule [ "boot" "loader" "grub" "bootDevice" ]) + [ (mkRemovedOptionModule [ "boot" "loader" "grub" "bootDevice" ] "") (mkRenamedOptionModule [ "boot" "copyKernels" ] [ "boot" "loader" "grub" "copyKernels" ]) (mkRenamedOptionModule [ "boot" "extraGrubEntries" ] [ "boot" "loader" "grub" "extraEntries" ]) (mkRenamedOptionModule [ "boot" "extraGrubEntriesBeforeNixos" ] [ "boot" "loader" "grub" "extraEntriesBeforeNixOS" ]) |