diff options
Diffstat (limited to 'nixos/modules/services/misc')
-rw-r--r-- | nixos/modules/services/misc/dictd.nix | 3 | ||||
-rw-r--r-- | nixos/modules/services/misc/gitlab.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/misc/jellyseerr.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/misc/languagetool.nix | 43 | ||||
-rw-r--r-- | nixos/modules/services/misc/ollama.nix | 3 | ||||
-rw-r--r-- | nixos/modules/services/misc/renovate.nix | 1 | ||||
-rw-r--r-- | nixos/modules/services/misc/rkvm.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/misc/snapper.nix | 26 | ||||
-rw-r--r-- | nixos/modules/services/misc/sonarr.nix | 8 | ||||
-rw-r--r-- | nixos/modules/services/misc/zoneminder.nix | 14 |
10 files changed, 71 insertions, 43 deletions
diff --git a/nixos/modules/services/misc/dictd.nix b/nixos/modules/services/misc/dictd.nix index 8cb51bb0b7a7f..6660d5e977ffb 100644 --- a/nixos/modules/services/misc/dictd.nix +++ b/nixos/modules/services/misc/dictd.nix @@ -62,6 +62,9 @@ in description = "DICT.org Dictionary Server"; wantedBy = [ "multi-user.target" ]; environment = { LOCALE_ARCHIVE = "/run/current-system/sw/lib/locale/locale-archive"; }; + # Work around the fact that dictd doesn't handle SIGTERM; it terminates + # with code 143 instead of exiting with code 0. + serviceConfig.SuccessExitStatus = [ 143 ]; serviceConfig.Type = "forking"; script = "${pkgs.dict}/sbin/dictd -s -c ${dictdb}/share/dictd/dictd.conf --locale en_US.UTF-8"; }; diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 7b96a182f0d94..492c669f180a9 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -12,7 +12,7 @@ let postgresqlPackage = if config.services.postgresql.enable then config.services.postgresql.package else - pkgs.postgresql_13; + pkgs.postgresql_14; gitlabSocket = "${cfg.statePath}/tmp/sockets/gitlab.socket"; gitalySocket = "${cfg.statePath}/tmp/sockets/gitaly.socket"; @@ -1119,8 +1119,8 @@ in { message = "services.gitlab.secrets.jwsFile must be set!"; } { - assertion = versionAtLeast postgresqlPackage.version "13.6.0"; - message = "PostgreSQL >=13.6 is required to run GitLab 16. Follow the instructions in the manual section for upgrading PostgreSQL here: https://nixos.org/manual/nixos/stable/index.html#module-services-postgres-upgrading"; + assertion = versionAtLeast postgresqlPackage.version "14.9"; + message = "PostgreSQL >= 14.9 is required to run GitLab 17. Follow the instructions in the manual section for upgrading PostgreSQL here: https://nixos.org/manual/nixos/stable/index.html#module-services-postgres-upgrading"; } ]; @@ -1282,6 +1282,7 @@ in { "d ${gitlabConfig.production.shared.path}/registry 0750 ${cfg.user} ${cfg.group} -" "d ${gitlabConfig.production.shared.path}/terraform_state 0750 ${cfg.user} ${cfg.group} -" "d ${gitlabConfig.production.shared.path}/ci_secure_files 0750 ${cfg.user} ${cfg.group} -" + "d ${gitlabConfig.production.shared.path}/external-diffs 0750 ${cfg.user} ${cfg.group} -" "L+ /run/gitlab/config - - - - ${cfg.statePath}/config" "L+ /run/gitlab/log - - - - ${cfg.statePath}/log" "L+ /run/gitlab/tmp - - - - ${cfg.statePath}/tmp" diff --git a/nixos/modules/services/misc/jellyseerr.nix b/nixos/modules/services/misc/jellyseerr.nix index 7599a1af33840..9aab517e0493b 100644 --- a/nixos/modules/services/misc/jellyseerr.nix +++ b/nixos/modules/services/misc/jellyseerr.nix @@ -9,6 +9,7 @@ in options.services.jellyseerr = { enable = mkEnableOption ''Jellyseerr, a requests manager for Jellyfin''; + package = mkPackageOption pkgs "jellyseerr" { }; openFirewall = mkOption { type = types.bool; @@ -32,10 +33,10 @@ in serviceConfig = { Type = "exec"; StateDirectory = "jellyseerr"; - WorkingDirectory = "${pkgs.jellyseerr}/libexec/jellyseerr/deps/jellyseerr"; + WorkingDirectory = "${cfg.package}/libexec/jellyseerr/deps/jellyseerr"; DynamicUser = true; - ExecStart = "${pkgs.jellyseerr}/bin/jellyseerr"; - BindPaths = [ "/var/lib/jellyseerr/:${pkgs.jellyseerr}/libexec/jellyseerr/deps/jellyseerr/config/" ]; + ExecStart = lib.getExe cfg.package; + BindPaths = [ "/var/lib/jellyseerr/:${cfg.package}/libexec/jellyseerr/deps/jellyseerr/config/" ]; Restart = "on-failure"; ProtectHome = true; ProtectSystem = "strict"; diff --git a/nixos/modules/services/misc/languagetool.nix b/nixos/modules/services/misc/languagetool.nix index ba563dace4737..2a7e68c9053a3 100644 --- a/nixos/modules/services/misc/languagetool.nix +++ b/nixos/modules/services/misc/languagetool.nix @@ -1,14 +1,17 @@ -{ config, lib, options, pkgs, ... }: +{ config, lib, pkgs, ... }: with lib; let cfg = config.services.languagetool; - settingsFormat = pkgs.formats.javaProperties {}; -in { + settingsFormat = pkgs.formats.javaProperties { }; +in +{ options.services.languagetool = { enable = mkEnableOption "the LanguageTool server, a multilingual spelling, style, and grammar checker that helps correct or paraphrase texts"; + package = mkPackageOption pkgs "languagetool" { }; + port = mkOption { type = types.port; default = 8081; @@ -31,7 +34,7 @@ in { ''; }; - settings = lib.mkOption { + settings = mkOption { type = types.submodule { freeformType = settingsFormat.type; @@ -49,11 +52,25 @@ in { for supported settings. ''; }; + + jrePackage = mkPackageOption pkgs "jre" { }; + + jvmOptions = mkOption { + description = '' + Extra command line options for the JVM running languagetool. + More information can be found here: https://docs.oracle.com/en/java/javase/19/docs/specs/man/java.html#standard-options-for-java + ''; + default = [ ]; + type = types.listOf types.str; + example = [ + "-Xmx512m" + ]; + }; }; config = mkIf cfg.enable { - systemd.services.languagetool = { + systemd.services.languagetool = { description = "LanguageTool HTTP server"; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; @@ -65,13 +82,17 @@ in { RestrictNamespaces = [ "" ]; SystemCallFilter = [ "@system-service" "~ @privileged" ]; ProtectHome = "yes"; + Restart = "on-failure"; ExecStart = '' - ${pkgs.languagetool}/bin/languagetool-http-server \ - --port ${toString cfg.port} \ - ${optionalString cfg.public "--public"} \ - ${optionalString (cfg.allowOrigin != null) "--allow-origin ${cfg.allowOrigin}"} \ - "--config" ${settingsFormat.generate "languagetool.conf" cfg.settings} - ''; + ${cfg.jrePackage}/bin/java \ + -cp ${cfg.package}/share/languagetool-server.jar \ + ${toString cfg.jvmOptions} \ + org.languagetool.server.HTTPServer \ + --port ${toString cfg.port} \ + ${optionalString cfg.public "--public"} \ + ${optionalString (cfg.allowOrigin != null) "--allow-origin ${cfg.allowOrigin}"} \ + "--config" ${settingsFormat.generate "languagetool.conf" cfg.settings} + ''; }; }; }; diff --git a/nixos/modules/services/misc/ollama.nix b/nixos/modules/services/misc/ollama.nix index c460514783efc..a0a32f1702bf3 100644 --- a/nixos/modules/services/misc/ollama.nix +++ b/nixos/modules/services/misc/ollama.nix @@ -5,9 +5,6 @@ let cfg = config.services.ollama; ollamaPackage = cfg.package.override { inherit (cfg) acceleration; - linuxPackages = config.boot.kernelPackages // { - nvidia_x11 = config.hardware.nvidia.package; - }; }; in { diff --git a/nixos/modules/services/misc/renovate.nix b/nixos/modules/services/misc/renovate.nix index 25a719c91cbd8..9062b7424b681 100644 --- a/nixos/modules/services/misc/renovate.nix +++ b/nixos/modules/services/misc/renovate.nix @@ -128,6 +128,7 @@ in RestrictAddressFamilies = [ "AF_INET" "AF_INET6" + "AF_UNIX" ]; RestrictNamespaces = true; RestrictRealtime = true; diff --git a/nixos/modules/services/misc/rkvm.nix b/nixos/modules/services/misc/rkvm.nix index 9d41669e00f61..b149c3d3979f5 100644 --- a/nixos/modules/services/misc/rkvm.nix +++ b/nixos/modules/services/misc/rkvm.nix @@ -7,7 +7,7 @@ let toml = pkgs.formats.toml { }; in { - meta.maintainers = with maintainers; [ ckie ]; + meta.maintainers = with maintainers; [ ]; options.services.rkvm = { enable = mkOption { diff --git a/nixos/modules/services/misc/snapper.nix b/nixos/modules/services/misc/snapper.nix index 1b16ef7958ad2..fc57683de3280 100644 --- a/nixos/modules/services/misc/snapper.nix +++ b/nixos/modules/services/misc/snapper.nix @@ -96,48 +96,48 @@ let }; TIMELINE_LIMIT_HOURLY = mkOption { - type = types.str; - default = "10"; + type = types.int; + default = 10; description = '' Limits for timeline cleanup. ''; }; TIMELINE_LIMIT_DAILY = mkOption { - type = types.str; - default = "10"; + type = types.int; + default = 10; description = '' Limits for timeline cleanup. ''; }; TIMELINE_LIMIT_WEEKLY = mkOption { - type = types.str; - default = "0"; + type = types.int; + default = 0; description = '' Limits for timeline cleanup. ''; }; TIMELINE_LIMIT_MONTHLY = mkOption { - type = types.str; - default = "10"; + type = types.int; + default = 10; description = '' Limits for timeline cleanup. ''; }; TIMELINE_LIMIT_QUARTERLY = mkOption { - type = types.str; - default = "0"; + type = types.int; + default = 0; description = '' Limits for timeline cleanup. ''; }; TIMELINE_LIMIT_YEARLY = mkOption { - type = types.str; - default = "10"; + type = types.int; + default = 10; description = '' Limits for timeline cleanup. ''; @@ -353,4 +353,6 @@ in ) (attrNames cfg.configs); } ); + + meta.maintainers = with lib.maintainers; [ Djabx ]; } diff --git a/nixos/modules/services/misc/sonarr.nix b/nixos/modules/services/misc/sonarr.nix index 228a2d48f5a9c..60e73198d60de 100644 --- a/nixos/modules/services/misc/sonarr.nix +++ b/nixos/modules/services/misc/sonarr.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, utils, ... }: with lib; @@ -54,7 +54,11 @@ in Type = "simple"; User = cfg.user; Group = cfg.group; - ExecStart = "${cfg.package}/bin/NzbDrone -nobrowser -data='${cfg.dataDir}'"; + ExecStart = utils.escapeSystemdExecArgs [ + (lib.getExe cfg.package) + "-nobrowser" + "-data=${cfg.dataDir}" + ]; Restart = "on-failure"; }; }; diff --git a/nixos/modules/services/misc/zoneminder.nix b/nixos/modules/services/misc/zoneminder.nix index d09cd87febfff..8db63d5386332 100644 --- a/nixos/modules/services/misc/zoneminder.nix +++ b/nixos/modules/services/misc/zoneminder.nix @@ -202,10 +202,10 @@ in { ]; services = { - fcgiwrap = lib.mkIf useNginx { - enable = true; - preforkProcesses = cfg.cameras; - inherit user group; + fcgiwrap.zoneminder = lib.mkIf useNginx { + process.prefork = cfg.cameras; + process.user = user; + process.group = group; }; mysql = lib.mkIf cfg.database.createLocally { @@ -225,9 +225,7 @@ in { default = true; root = "${pkg}/share/zoneminder/www"; listen = [ { addr = "0.0.0.0"; inherit (cfg) port; } ]; - extraConfig = let - fcgi = config.services.fcgiwrap; - in '' + extraConfig = '' index index.php; location / { @@ -257,7 +255,7 @@ in { fastcgi_param HTTP_PROXY ""; fastcgi_intercept_errors on; - fastcgi_pass ${fcgi.socketType}:${fcgi.socketAddress}; + fastcgi_pass unix:${config.services.fcgiwrap.zoneminder.socket.address}; } location /cache/ { |