diff options
| author | Frederik Rietdijk <fridh@fridh.nl> | 2020-04-03 21:54:40 +0200 |
|---|---|---|
| committer | Frederik Rietdijk <fridh@fridh.nl> | 2020-04-03 21:54:40 +0200 |
| commit | 92124ed660c033aa3caa467876f7bc1c6f514d77 (patch) | |
| tree | eaaac3b33ba341b7068ac11e536d56bb647c6480 /nixos/modules | |
| parent | ac46ffbcfce03ad9b35c261301c008e9cf2bdb9b (diff) | |
| parent | 3420bd63b9bbd4eb4e544b898a072c6fbbc9cfa9 (diff) | |
Merge master into staging-next
Diffstat (limited to 'nixos/modules')
72 files changed, 859 insertions, 134 deletions
diff --git a/nixos/modules/config/vte.nix b/nixos/modules/config/vte.nix index d4a8c926fef2..24d32a00fd45 100644 --- a/nixos/modules/config/vte.nix +++ b/nixos/modules/config/vte.nix @@ -16,6 +16,10 @@ in { + meta = { + maintainers = teams.gnome.members; + }; + options = { programs.bash.vteIntegration = mkOption { diff --git a/nixos/modules/config/xdg/autostart.nix b/nixos/modules/config/xdg/autostart.nix index 0ee94fed818b..40984cb5ec53 100644 --- a/nixos/modules/config/xdg/autostart.nix +++ b/nixos/modules/config/xdg/autostart.nix @@ -2,19 +2,23 @@ with lib; { + meta = { + maintainers = teams.freedesktop.members; + }; + options = { xdg.autostart.enable = mkOption { type = types.bool; default = true; description = '' - Whether to install files to support the + Whether to install files to support the <link xlink:href="https://specifications.freedesktop.org/autostart-spec/autostart-spec-latest.html">XDG Autostart specification</link>. ''; }; }; config = mkIf config.xdg.autostart.enable { - environment.pathsToLink = [ + environment.pathsToLink = [ "/etc/xdg/autostart" ]; }; diff --git a/nixos/modules/config/xdg/icons.nix b/nixos/modules/config/xdg/icons.nix index 4677ce090b0b..c83fdc251ef0 100644 --- a/nixos/modules/config/xdg/icons.nix +++ b/nixos/modules/config/xdg/icons.nix @@ -2,6 +2,10 @@ with lib; { + meta = { + maintainers = teams.freedesktop.members; + }; + options = { xdg.icons.enable = mkOption { type = types.bool; diff --git a/nixos/modules/config/xdg/menus.nix b/nixos/modules/config/xdg/menus.nix index c172692df5d7..6735a7a5c430 100644 --- a/nixos/modules/config/xdg/menus.nix +++ b/nixos/modules/config/xdg/menus.nix @@ -2,19 +2,23 @@ with lib; { + meta = { + maintainers = teams.freedesktop.members; + }; + options = { xdg.menus.enable = mkOption { type = types.bool; default = true; description = '' - Whether to install files to support the + Whether to install files to support the <link xlink:href="https://specifications.freedesktop.org/menu-spec/menu-spec-latest.html">XDG Desktop Menu specification</link>. ''; }; }; config = mkIf config.xdg.menus.enable { - environment.pathsToLink = [ + environment.pathsToLink = [ "/share/applications" "/share/desktop-directories" "/etc/xdg/menus" diff --git a/nixos/modules/config/xdg/mime.nix b/nixos/modules/config/xdg/mime.nix index a5374c2b468d..4cdb3f30994b 100644 --- a/nixos/modules/config/xdg/mime.nix +++ b/nixos/modules/config/xdg/mime.nix @@ -2,6 +2,10 @@ with lib; { + meta = { + maintainers = teams.freedesktop.members; + }; + options = { xdg.mime.enable = mkOption { type = types.bool; diff --git a/nixos/modules/config/xdg/portal.nix b/nixos/modules/config/xdg/portal.nix index 1330a08070c1..3c7cd729c60a 100644 --- a/nixos/modules/config/xdg/portal.nix +++ b/nixos/modules/config/xdg/portal.nix @@ -7,6 +7,10 @@ with lib; (mkRenamedOptionModule [ "services" "flatpak" "extraPortals" ] [ "xdg" "portal" "extraPortals" ]) ]; + meta = { + maintainers = teams.freedesktop.members; + }; + options.xdg.portal = { enable = mkEnableOption "<link xlink:href='https://github.com/flatpak/xdg-desktop-portal'>xdg desktop integration</link>"//{ diff --git a/nixos/modules/config/xdg/sounds.nix b/nixos/modules/config/xdg/sounds.nix index 14d6340fc33b..0b94f550929b 100644 --- a/nixos/modules/config/xdg/sounds.nix +++ b/nixos/modules/config/xdg/sounds.nix @@ -2,6 +2,10 @@ with lib; { + meta = { + maintainers = teams.freedesktop.members; + }; + options = { xdg.sounds.enable = mkOption { type = types.bool; diff --git a/nixos/modules/hardware/sensor/iio.nix b/nixos/modules/hardware/sensor/iio.nix index a8bc18800021..4c359c3b1725 100644 --- a/nixos/modules/hardware/sensor/iio.nix +++ b/nixos/modules/hardware/sensor/iio.nix @@ -8,7 +8,12 @@ with lib; options = { hardware.sensor.iio = { enable = mkOption { - description = "Enable this option to support IIO sensors."; + description = '' + Enable this option to support IIO sensors. + + IIO sensors are used for orientation and ambient light + sensors on some mobile devices. + ''; type = types.bool; default = false; }; diff --git a/nixos/modules/i18n/input-method/ibus.nix b/nixos/modules/i18n/input-method/ibus.nix index a3d97619fc45..b6a21c369e53 100644 --- a/nixos/modules/i18n/input-method/ibus.nix +++ b/nixos/modules/i18n/input-method/ibus.nix @@ -75,5 +75,9 @@ in QT_IM_MODULE = "ibus"; XMODIFIERS = "@im=ibus"; }; + + xdg.portal.extraPortals = mkIf xdg.portal.enable [ + ibusPackage + ]; }; } diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 7633f1ca0ad5..c3d2bb85809e 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -295,7 +295,6 @@ ./services/desktops/deepin/deepin.nix ./services/desktops/dleyna-renderer.nix ./services/desktops/dleyna-server.nix - ./services/desktops/pantheon/contractor.nix ./services/desktops/pantheon/files.nix ./services/desktops/flatpak.nix ./services/desktops/geoclue2.nix @@ -396,7 +395,6 @@ ./services/mail/mailcatcher.nix ./services/mail/mailhog.nix ./services/mail/mailman.nix - ./services/mail/magic-wormhole-mailbox-server.nix ./services/mail/mlmmj.nix ./services/mail/offlineimap.nix ./services/mail/opendkim.nix @@ -645,6 +643,7 @@ ./services/networking/lldpd.nix ./services/networking/logmein-hamachi.nix ./services/networking/mailpile.nix + ./services/networking/magic-wormhole-mailbox-server.nix ./services/networking/matterbridge.nix ./services/networking/mjpg-streamer.nix ./services/networking/minidlna.nix @@ -655,6 +654,7 @@ ./services/networking/miredo.nix ./services/networking/mstpd.nix ./services/networking/mtprotoproxy.nix + ./services/networking/mullvad-vpn.nix ./services/networking/murmur.nix ./services/networking/mxisd.nix ./services/networking/namecoind.nix @@ -683,6 +683,7 @@ ./services/networking/ostinato.nix ./services/networking/owamp.nix ./services/networking/pdnsd.nix + ./services/networking/pixiecore.nix ./services/networking/polipo.nix ./services/networking/powerdns.nix ./services/networking/pdns-recursor.nix diff --git a/nixos/modules/profiles/hardened.nix b/nixos/modules/profiles/hardened.nix index f7b2f5c7fc1e..da3de4447686 100644 --- a/nixos/modules/profiles/hardened.nix +++ b/nixos/modules/profiles/hardened.nix @@ -14,12 +14,17 @@ with lib; nix.allowedUsers = mkDefault [ "@users" ]; + environment.memoryAllocator.provider = mkDefault "scudo"; + environment.variables.SCUDO_OPTIONS = mkDefault "ZeroContents=1"; + security.hideProcessInformation = mkDefault true; security.lockKernelModules = mkDefault true; security.allowUserNamespaces = mkDefault false; + nix.useSandbox = mkDefault false; + security.protectKernelImage = mkDefault true; security.allowSimultaneousMultithreading = mkDefault false; diff --git a/nixos/modules/programs/geary.nix b/nixos/modules/programs/geary.nix index 01803bc411e5..5e441a75cb60 100644 --- a/nixos/modules/programs/geary.nix +++ b/nixos/modules/programs/geary.nix @@ -6,6 +6,10 @@ let cfg = config.programs.geary; in { + meta = { + maintainers = teams.gnome.members; + }; + options = { programs.geary.enable = mkEnableOption "Geary, a Mail client for GNOME 3"; }; diff --git a/nixos/modules/programs/gnome-disks.nix b/nixos/modules/programs/gnome-disks.nix index 1cf839a6ddb0..80dc2983ea50 100644 --- a/nixos/modules/programs/gnome-disks.nix +++ b/nixos/modules/programs/gnome-disks.nix @@ -6,6 +6,10 @@ with lib; { + meta = { + maintainers = teams.gnome.members; + }; + # Added 2019-08-09 imports = [ (mkRenamedOptionModule diff --git a/nixos/modules/programs/gnome-documents.nix b/nixos/modules/programs/gnome-documents.nix index bfa3d409ee30..9dd53483055c 100644 --- a/nixos/modules/programs/gnome-documents.nix +++ b/nixos/modules/programs/gnome-documents.nix @@ -6,6 +6,10 @@ with lib; { + meta = { + maintainers = teams.gnome.members; + }; + # Added 2019-08-09 imports = [ (mkRenamedOptionModule diff --git a/nixos/modules/programs/gnome-terminal.nix b/nixos/modules/programs/gnome-terminal.nix index 0036677a1576..f2617e5bc038 100644 --- a/nixos/modules/programs/gnome-terminal.nix +++ b/nixos/modules/programs/gnome-terminal.nix @@ -12,6 +12,10 @@ in { + meta = { + maintainers = teams.gnome.members; + }; + # Added 2019-08-19 imports = [ (mkRenamedOptionModule @@ -20,9 +24,7 @@ in ]; options = { - programs.gnome-terminal.enable = mkEnableOption "GNOME Terminal"; - }; config = mkIf cfg.enable { diff --git a/nixos/modules/programs/nm-applet.nix b/nixos/modules/programs/nm-applet.nix index 1b806071c43c..273a6dec59a5 100644 --- a/nixos/modules/programs/nm-applet.nix +++ b/nixos/modules/programs/nm-applet.nix @@ -1,6 +1,10 @@ { config, lib, pkgs, ... }: { + meta = { + maintainers = lib.teams.freedesktop.members; + }; + options.programs.nm-applet.enable = lib.mkEnableOption "nm-applet"; config = lib.mkIf config.programs.nm-applet.enable { diff --git a/nixos/modules/services/amqp/activemq/default.nix b/nixos/modules/services/amqp/activemq/default.nix index 7729da27304b..160dbddcd487 100644 --- a/nixos/modules/services/amqp/activemq/default.nix +++ b/nixos/modules/services/amqp/activemq/default.nix @@ -63,9 +63,11 @@ in { javaProperties = mkOption { type = types.attrs; default = { }; - example = { - "java.net.preferIPv4Stack" = "true"; - }; + example = literalExample '' + { + "java.net.preferIPv4Stack" = "true"; + } + ''; apply = attrs: { "activemq.base" = "${cfg.baseDir}"; "activemq.data" = "${cfg.baseDir}/data"; diff --git a/nixos/modules/services/backup/borgbackup.nix b/nixos/modules/services/backup/borgbackup.nix index a2eb80c55a8c..be661b201f0d 100644 --- a/nixos/modules/services/backup/borgbackup.nix +++ b/nixos/modules/services/backup/borgbackup.nix @@ -189,6 +189,7 @@ let in { meta.maintainers = with maintainers; [ dotlambda ]; + meta.doc = ./borgbackup.xml; ###### interface @@ -197,10 +198,11 @@ in { Deduplicating backups using BorgBackup. Adding a job will cause a borg-job-NAME wrapper to be added to your system path, so that you can perform maintenance easily. + See also the chapter about BorgBackup in the NixOS manual. ''; default = { }; example = literalExample '' - { + { # for a local backup rootBackup = { paths = "/"; exclude = [ "/nix" ]; @@ -213,6 +215,23 @@ in { startAt = "weekly"; }; } + { # Root backing each day up to a remote backup server. We assume that you have + # * created a password less key: ssh-keygen -N "" -t ed25519 -f /path/to/ssh_key + # best practices are: use -t ed25519, /path/to = /run/keys + # * the passphrase is in the file /run/keys/borgbackup_passphrase + # * you have initialized the repository manually + paths = [ "/etc" "/home" ]; + exclude = [ "/nix" "'**/.cache'" ]; + doInit = false; + repo = "user3@arep.repo.borgbase.com:repo"; + encryption = { + mode = "repokey-blake2"; + passCommand = "cat /path/to/passphrase"; + }; + environment = { BORG_RSH = "ssh -i /path/to/ssh_key"; }; + compression = "auto,lzma"; + startAt = "daily"; + }; ''; type = types.attrsOf (types.submodule (let globalConfig = config; in { name, config, ... }: { @@ -268,6 +287,8 @@ in { <manvolnum>7</manvolnum></citerefentry>. If you do not wa |