diff options
Diffstat (limited to 'nixos/modules')
8 files changed, 37 insertions, 14 deletions
diff --git a/nixos/modules/config/iproute2.nix b/nixos/modules/config/iproute2.nix index 78bd07d680e20..0cde57b759be3 100644 --- a/nixos/modules/config/iproute2.nix +++ b/nixos/modules/config/iproute2.nix @@ -18,10 +18,9 @@ in }; config = mkIf cfg.enable { - environment.etc."iproute2/rt_tables" = { + environment.etc."iproute2/rt_tables.d/nixos.conf" = { mode = "0644"; - text = (fileContents "${pkgs.iproute2}/lib/iproute2/rt_tables") - + (optionalString (cfg.rttablesExtraConfig != "") "\n\n${cfg.rttablesExtraConfig}"); + text = cfg.rttablesExtraConfig; }; }; } diff --git a/nixos/modules/services/continuous-integration/jenkins/default.nix b/nixos/modules/services/continuous-integration/jenkins/default.nix index e96743784e047..d69cf4587aaba 100644 --- a/nixos/modules/services/continuous-integration/jenkins/default.nix +++ b/nixos/modules/services/continuous-integration/jenkins/default.nix @@ -236,6 +236,7 @@ in { serviceConfig = { User = cfg.user; + StateDirectory = mkIf (hasPrefix "/var/lib/jenkins" cfg.home) "jenkins"; }; }; }; diff --git a/nixos/modules/services/desktops/flatpak.nix b/nixos/modules/services/desktops/flatpak.nix index d99faf381e019..4c26e6874023a 100644 --- a/nixos/modules/services/desktops/flatpak.nix +++ b/nixos/modules/services/desktops/flatpak.nix @@ -35,6 +35,7 @@ in { services.dbus.packages = [ pkgs.flatpak ]; systemd.packages = [ pkgs.flatpak ]; + systemd.tmpfiles.packages = [ pkgs.flatpak ]; environment.profiles = [ "$HOME/.local/share/flatpak/exports" diff --git a/nixos/modules/services/networking/nebula.nix b/nixos/modules/services/networking/nebula.nix index b9ebbfbd9a297..e13876172dac6 100644 --- a/nixos/modules/services/networking/nebula.nix +++ b/nixos/modules/services/networking/nebula.nix @@ -196,7 +196,7 @@ in before = [ "sshd.service" ]; wantedBy = [ "multi-user.target" ]; serviceConfig = { - Type = "simple"; + Type = "notify"; Restart = "always"; ExecStart = "${netCfg.package}/bin/nebula -config ${configFile}"; UMask = "0027"; diff --git a/nixos/modules/services/networking/syncthing.nix b/nixos/modules/services/networking/syncthing.nix index 99d4d9eeffcc6..e0425792431e6 100644 --- a/nixos/modules/services/networking/syncthing.nix +++ b/nixos/modules/services/networking/syncthing.nix @@ -559,6 +559,15 @@ in { ''; }; + databaseDir = mkOption { + type = types.path; + description = lib.mdDoc '' + The directory containing the database and logs. + ''; + default = cfg.configDir; + defaultText = literalExpression "config.${opt.configDir}"; + }; + extraFlags = mkOption { type = types.listOf types.str; default = []; @@ -660,7 +669,7 @@ in { -no-browser \ -gui-address=${if isUnixGui then "unix://" else ""}${cfg.guiAddress} \ -config=${cfg.configDir} \ - -data=${cfg.dataDir} \ + -data=${cfg.databaseDir} \ ${escapeShellArgs cfg.extraFlags} ''; MemoryDenyWriteExecute = true; diff --git a/nixos/modules/services/networking/tinyproxy.nix b/nixos/modules/services/networking/tinyproxy.nix index 42d45c460c2e7..8ff12b52f10ca 100644 --- a/nixos/modules/services/networking/tinyproxy.nix +++ b/nixos/modules/services/networking/tinyproxy.nix @@ -85,7 +85,7 @@ in User = "tinyproxy"; Group = "tinyproxy"; Type = "simple"; - ExecStart = "${getExe pkgs.tinyproxy} -d -c ${configFile}"; + ExecStart = "${getExe cfg.package} -d -c ${configFile}"; ExecReload = "${pkgs.coreutils}/bin/kill -SIGHUP $MAINPID"; KillSignal = "SIGINT"; TimeoutStopSec = "30s"; diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix index eafaa32f5b9b9..6ea24e65f2206 100644 --- a/nixos/modules/services/web-servers/nginx/default.nix +++ b/nixos/modules/services/web-servers/nginx/default.nix @@ -377,7 +377,7 @@ let server_name ${vhost.serverName} ${concatStringsSep " " vhost.serverAliases}; ${acmeLocation} location / { - return 301 https://$host$request_uri; + return ${toString vhost.redirectCode} https://$host$request_uri; } } ''} @@ -396,7 +396,7 @@ let ${optionalString (vhost.root != null) "root ${vhost.root};"} ${optionalString (vhost.globalRedirect != null) '' location / { - return 301 http${optionalString hasSSL "s"}://${vhost.globalRedirect}$request_uri; + return ${toString vhost.redirectCode} http${optionalString hasSSL "s"}://${vhost.globalRedirect}$request_uri; } ''} ${optionalString hasSSL '' diff --git a/nixos/modules/services/web-servers/nginx/vhost-options.nix b/nixos/modules/services/web-servers/nginx/vhost-options.nix index 9db4c8e23025b..64a95afab9f40 100644 --- a/nixos/modules/services/web-servers/nginx/vhost-options.nix +++ b/nixos/modules/services/web-servers/nginx/vhost-options.nix @@ -162,10 +162,11 @@ with lib; type = types.bool; default = false; description = lib.mdDoc '' - Whether to add a separate nginx server block that permanently redirects (301) - all plain HTTP traffic to HTTPS. This will set defaults for - `listen` to listen on all interfaces on the respective default - ports (80, 443), where the non-SSL listens are used for the redirect vhosts. + Whether to add a separate nginx server block that redirects (defaults + to 301, configurable with `redirectCode`) all plain HTTP traffic to + HTTPS. This will set defaults for `listen` to listen on all interfaces + on the respective default ports (80, 443), where the non-SSL listens + are used for the redirect vhosts. ''; }; @@ -307,8 +308,20 @@ with lib; default = null; example = "newserver.example.org"; description = lib.mdDoc '' - If set, all requests for this host are redirected permanently to - the given hostname. + If set, all requests for this host are redirected (defaults to 301, + configurable with `redirectCode`) to the given hostname. + ''; + }; + + redirectCode = mkOption { + type = types.ints.between 300 399; + default = 301; + example = 308; + description = lib.mdDoc '' + HTTP status used by `globalRedirect` and `forceSSL`. Possible usecases + include temporary (302, 307) redirects, keeping the request method and + body (307, 308), or explicitly resetting the method to GET (303). + See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections>. ''; }; |