diff options
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/lib/testing/driver.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/display-managers/default.nix | 4 | ||||
-rw-r--r-- | nixos/modules/services/misc/bcg.nix | 6 | ||||
-rw-r--r-- | nixos/modules/services/misc/tzupdate.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/arbtt.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/networking/hostapd.nix | 17 | ||||
-rw-r--r-- | nixos/modules/system/boot/binfmt.nix | 2 |
7 files changed, 20 insertions, 15 deletions
diff --git a/nixos/lib/testing/driver.nix b/nixos/lib/testing/driver.nix index 7eb06e023918b..d4f8e0f0c6e38 100644 --- a/nixos/lib/testing/driver.nix +++ b/nixos/lib/testing/driver.nix @@ -139,7 +139,7 @@ in enableOCR = mkOption { description = '' Whether to enable Optical Character Recognition functionality for - testing graphical programs. See [Machine objects](`ssec-machine-objects`). + testing graphical programs. See [`Machine objects`](#ssec-machine-objects). ''; type = types.bool; default = false; diff --git a/nixos/modules/services/display-managers/default.nix b/nixos/modules/services/display-managers/default.nix index 6fa8556e39bee..feba4b163ccd2 100644 --- a/nixos/modules/services/display-managers/default.nix +++ b/nixos/modules/services/display-managers/default.nix @@ -113,7 +113,7 @@ in type = lib.types.nullOr lib.types.str // { description = "session name"; check = d: - lib.assertMsg (d != null -> (lib.types.str.check d && lib.elem d config.services.displayManager.sessionData.sessionNames)) '' + lib.assertMsg (d != null -> (lib.types.str.check d && lib.elem d cfg.sessionData.sessionNames)) '' Default graphical session, '${d}', not found. Valid names for 'services.displayManager.defaultSession' are: ${lib.concatStringsSep "\n " cfg.sessionData.sessionNames} @@ -187,7 +187,7 @@ in services.displayManager.sessionData = { desktops = installedSessions; - sessionNames = lib.concatMap (p: p.providedSessions) config.services.displayManager.sessionPackages; + sessionNames = lib.concatMap (p: p.providedSessions) cfg.sessionPackages; # We do not want to force users to set defaultSession when they have only single DE. autologinSession = if cfg.defaultSession != null then diff --git a/nixos/modules/services/misc/bcg.nix b/nixos/modules/services/misc/bcg.nix index 626a67f66d08b..63c441833d958 100644 --- a/nixos/modules/services/misc/bcg.nix +++ b/nixos/modules/services/misc/bcg.nix @@ -149,20 +149,20 @@ in systemd.services.bcg = let envConfig = cfg.environmentFiles != []; finalConfig = if envConfig - then "$RUNTIME_DIRECTORY/bcg.config.yaml" + then "\${RUNTIME_DIRECTORY}/bcg.config.yaml" else configFile; in { description = "BigClown Gateway"; wantedBy = [ "multi-user.target" ]; wants = [ "network-online.target" ] ++ lib.optional config.services.mosquitto.enable "mosquitto.service"; after = [ "network-online.target" ]; - preStart = '' + preStart = mkIf envConfig '' umask 077 ${pkgs.envsubst}/bin/envsubst -i "${configFile}" -o "${finalConfig}" ''; serviceConfig = { EnvironmentFile = cfg.environmentFiles; - ExecStart="${cfg.package}/bin/bcg -c ${finalConfig} -v ${cfg.verbose}"; + ExecStart = "${cfg.package}/bin/bcg -c ${finalConfig} -v ${cfg.verbose}"; RuntimeDirectory = "bcg"; }; }; diff --git a/nixos/modules/services/misc/tzupdate.nix b/nixos/modules/services/misc/tzupdate.nix index eac1e1112a5ab..be63bb179e423 100644 --- a/nixos/modules/services/misc/tzupdate.nix +++ b/nixos/modules/services/misc/tzupdate.nix @@ -41,5 +41,5 @@ in { }; }; - meta.maintainers = [ maintainers.michaelpj ]; + meta.maintainers = [ ]; } diff --git a/nixos/modules/services/monitoring/arbtt.nix b/nixos/modules/services/monitoring/arbtt.nix index 6dad6bdec3284..cf9a236c079c0 100644 --- a/nixos/modules/services/monitoring/arbtt.nix +++ b/nixos/modules/services/monitoring/arbtt.nix @@ -45,5 +45,5 @@ in { }; }; - meta.maintainers = [ maintainers.michaelpj ]; + meta.maintainers = [ ]; } diff --git a/nixos/modules/services/networking/hostapd.nix b/nixos/modules/services/networking/hostapd.nix index 1bef5a1f0a9e8..b678656f2e046 100644 --- a/nixos/modules/services/networking/hostapd.nix +++ b/nixos/modules/services/networking/hostapd.nix @@ -687,7 +687,7 @@ in { authentication = { mode = mkOption { default = "wpa3-sae"; - type = types.enum ["none" "wpa2-sha256" "wpa3-sae-transition" "wpa3-sae"]; + type = types.enum ["none" "wpa2-sha1" "wpa2-sha256" "wpa3-sae-transition" "wpa3-sae"]; description = '' Selects the authentication mode for this AP. @@ -695,7 +695,9 @@ in { and create an open AP. Use {option}`settings` together with this option if you want to configure the authentication manually. Any password options will still be effective, if set. - - {var}`"wpa2-sha256"`: WPA2-Personal using SHA256 (IEEE 802.11i/RSN). Passwords are set + - {var}`"wpa2-sha1"`: Not recommended. WPA2-Personal using HMAC-SHA1. Passwords are set + using {option}`wpaPassword` or preferably by {option}`wpaPasswordFile` or {option}`wpaPskFile`. + - {var}`"wpa2-sha256"`: WPA2-Personal using HMAC-SHA256 (IEEE 802.11i/RSN). Passwords are set using {option}`wpaPassword` or preferably by {option}`wpaPasswordFile` or {option}`wpaPskFile`. - {var}`"wpa3-sae-transition"`: Use WPA3-Personal (SAE) if possible, otherwise fallback to WPA2-SHA256. Only use if necessary and switch to the newer WPA3-SAE when possible. @@ -812,7 +814,7 @@ in { Warning: These entries will get put into a world-readable file in the Nix store! Using {option}`saePasswordFile` instead is recommended. - Not used when {option}`mode` is {var}`"wpa2-sha256"`. + Not used when {option}`mode` is {var}`"wpa2-sha1"` or {var}`"wpa2-sha256"`. ''; type = types.listOf (types.submodule { options = { @@ -884,7 +886,7 @@ in { parameters doesn't matter: `<password>[|mac=<peer mac>][|vlanid=<VLAN ID>][|pk=<m:ECPrivateKey-base64>][|id=<identifier>]` - Not used when {option}`mode` is {var}`"wpa2-sha256"`. + Not used when {option}`mode` is {var}`"wpa2-sha1"` or {var}`"wpa2-sha256"`. ''; }; @@ -959,6 +961,9 @@ in { } // optionalAttrs (bssCfg.authentication.mode == "wpa3-sae-transition") { wpa = 2; wpa_key_mgmt = "WPA-PSK-SHA256 SAE"; + } // optionalAttrs (bssCfg.authentication.mode == "wpa2-sha1") { + wpa = 2; + wpa_key_mgmt = "WPA-PSK"; } // optionalAttrs (bssCfg.authentication.mode == "wpa2-sha256") { wpa = 2; wpa_key_mgmt = "WPA-PSK-SHA256"; @@ -1186,8 +1191,8 @@ in { message = ''hostapd radio ${radio} bss ${bss}: uses WPA3-SAE in transition mode requires defining both a wpa password option and a sae password option''; } { - assertion = auth.mode == "wpa2-sha256" -> countWpaPasswordDefinitions == 1; - message = ''hostapd radio ${radio} bss ${bss}: uses WPA2-SHA256 which requires defining a wpa password option''; + assertion = (auth.mode == "wpa2-sha1" || auth.mode == "wpa2-sha256") -> countWpaPasswordDefinitions == 1; + message = ''hostapd radio ${radio} bss ${bss}: uses WPA2-PSK which requires defining a wpa password option''; } ]) radioCfg.networks)) diff --git a/nixos/modules/system/boot/binfmt.nix b/nixos/modules/system/boot/binfmt.nix index 3605ce56910ed..572bfeda7a8ff 100644 --- a/nixos/modules/system/boot/binfmt.nix +++ b/nixos/modules/system/boot/binfmt.nix @@ -280,7 +280,7 @@ in { }; config = { - boot.binfmt.registrations = builtins.listToAttrs (map (system: { + boot.binfmt.registrations = builtins.listToAttrs (map (system: assert system != pkgs.system; { name = system; value = { config, ... }: let interpreter = getEmulator system; |