diff options
79 files changed, 1429 insertions, 422 deletions
diff --git a/.github/labeler.yml b/.github/labeler.yml index 94dfec05c9fd..47ec892e2266 100644 --- a/.github/labeler.yml +++ b/.github/labeler.yml @@ -7,6 +7,8 @@ "6.topic: cinnamon": - pkgs/desktops/cinnamon/**/* + - nixos/modules/services/x11/desktop-managers/cinnamon.nix + - nixos/tests/cinnamon.nix "6.topic: emacs": - nixos/modules/services/editors/emacs.nix diff --git a/lib/licenses.nix b/lib/licenses.nix index a4dc15c1a79c..6eeba6588be1 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -893,6 +893,11 @@ in mkLicense lset) ({ free = false; }; + vol-sl = { + fullName = "Volatility Software License, Version 1.0"; + url = "https://www.volatilityfoundation.org/license/vsl-v1.0"; + }; + vsl10 = { spdxId = "VSL-1.0"; fullName = "Vovida Software License v1.0"; diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index 26562863edd5..db656032f8e1 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -10241,6 +10241,15 @@ githubId = 29493551; name = "Josh Peters"; }; + peterwilli = { + email = "peter@codebuffet.co"; + github = "peterwilli"; + githubId = 1212814; + name = "Peter Willemsen"; + keys = [{ + fingerprint = "A37F D403 88E2 D026 B9F6 9617 5C9D D4BF B96A 28F0"; + }]; + }; peti = { email = "simons@cryp.to"; github = "peti"; diff --git a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml index fe5a4f34a9e4..314cf897cb29 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2211.section.xml @@ -389,6 +389,17 @@ </listitem> <listitem> <para> + The <literal>coq</literal> package and versioned variants + starting at <literal>coq_8_14</literal> no longer include + CoqIDE, which is now available through + <literal>coqPackages.coqide</literal>. It is still possible to + get CoqIDE as part of the <literal>coq</literal> package by + overriding the <literal>buildIde</literal> argument of the + derivation. + </para> + </listitem> + <listitem> + <para> PHP 7.4 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 22.11 release. </para> diff --git a/nixos/doc/manual/release-notes/rl-2211.section.md b/nixos/doc/manual/release-notes/rl-2211.section.md index e5b4ffb7938e..9ef8d955f392 100644 --- a/nixos/doc/manual/release-notes/rl-2211.section.md +++ b/nixos/doc/manual/release-notes/rl-2211.section.md @@ -134,6 +134,12 @@ Available as [services.patroni](options.html#opt-services.patroni.enable). - `services.hbase` has been renamed to `services.hbase-standalone`. For production HBase clusters, use `services.hadoop.hbase` instead. +- The `coq` package and versioned variants starting at `coq_8_14` no + longer include CoqIDE, which is now available through + `coqPackages.coqide`. It is still possible to get CoqIDE as part of + the `coq` package by overriding the `buildIde` argument of the + derivation. + - PHP 7.4 is no longer supported due to upstream not supporting this version for the entire lifecycle of the 22.11 release. diff --git a/nixos/modules/services/hardware/fwupd.nix b/nixos/modules/services/hardware/fwupd.nix index fe00cd1e32b6..2249f866803a 100644 --- a/nixos/modules/services/hardware/fwupd.nix +++ b/nixos/modules/services/hardware/fwupd.nix @@ -126,6 +126,8 @@ in { services.udev.packages = [ cfg.package ]; systemd.packages = [ cfg.package ]; + + security.polkit.enable = true; }; meta = { diff --git a/nixos/modules/services/misc/paperless.nix b/nixos/modules/services/misc/paperless.nix index b1cf72258d17..0a62af95f8f1 100644 --- a/nixos/modules/services/misc/paperless.nix +++ b/nixos/modules/services/misc/paperless.nix @@ -3,6 +3,7 @@ with lib; let cfg = config.services.paperless; + pkg = cfg.package; defaultUser = "paperless"; @@ -27,7 +28,7 @@ let setupEnv = lib.concatStringsSep "\n" (mapAttrsToList (name: val: "export ${name}=\"${val}\"") env); in pkgs.writeShellScript "manage" '' ${setupEnv} - exec ${cfg.package}/bin/paperless-ngx "$@" + exec ${pkg}/bin/paperless-ngx "$@" ''; # Secure the services @@ -213,7 +214,7 @@ in description = "Paperless scheduler"; serviceConfig = defaultServiceConfig // { User = cfg.user; - ExecStart = "${cfg.package}/bin/paperless-ngx qcluster"; + ExecStart = "${pkg}/bin/paperless-ngx qcluster"; Restart = "on-failure"; # The `mbind` syscall is needed for running the classifier. SystemCallFilter = defaultServiceConfig.SystemCallFilter ++ [ "mbind" ]; @@ -229,9 +230,9 @@ in # Auto-migrate on first run or if the package has changed versionFile="${cfg.dataDir}/src-version" - if [[ $(cat "$versionFile" 2>/dev/null) != ${cfg.package} ]]; then - ${cfg.package}/bin/paperless-ngx migrate - echo ${cfg.package} > "$versionFile" + if [[ $(cat "$versionFile" 2>/dev/null) != ${pkg} ]]; then + ${pkg}/bin/paperless-ngx migrate + echo ${pkg} > "$versionFile" fi '' + optionalString (cfg.passwordFile != null) '' @@ -241,7 +242,7 @@ in superuserStateFile="${cfg.dataDir}/superuser-state" if [[ $(cat "$superuserStateFile" 2>/dev/null) != $superuserState ]]; then - ${cfg.package}/bin/paperless-ngx manage_superuser + ${pkg}/bin/paperless-ngx manage_superuser echo "$superuserState" > "$superuserStateFile" fi ''; @@ -266,7 +267,7 @@ in description = "Paperless document consumer"; serviceConfig = defaultServiceConfig // { User = cfg.user; - ExecStart = "${cfg.package}/bin/paperless-ngx document_consumer"; + ExecStart = "${pkg}/bin/paperless-ngx document_consumer"; Restart = "on-failure"; }; environment = env; @@ -282,7 +283,7 @@ in User = cfg.user; ExecStart = '' ${pkgs.python3Packages.gunicorn}/bin/gunicorn \ - -c ${cfg.package}/lib/paperless-ngx/gunicorn.conf.py paperless.asgi:application + -c ${pkg}/lib/paperless-ngx/gunicorn.conf.py paperless.asgi:application ''; Restart = "on-failure"; @@ -295,8 +296,8 @@ in CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; }; environment = env // { - PATH = mkForce cfg.package.path; - PYTHONPATH = "${cfg.package.pythonPath}:${cfg.package}/lib/paperless-ngx/src"; + PATH = mkForce pkg.path; + PYTHONPATH = "${pkg.python.pkgs.makePythonPath pkg.propagatedBuildInputs}:${pkg}/lib/paperless-ngx/src"; }; # Allow the web interface to access the private /tmp directory of the server. # This is required to support uploading files via the web interface. diff --git a/nixos/tests/all-tests.nix b/nixos/tests/all-tests.nix index 0fa9d63df022..f3cde7e23a16 100644 --- a/nixos/tests/all-tests.nix +++ b/nixos/tests/all-tests.nix @@ -82,6 +82,7 @@ in { cfssl = handleTestOn ["x86_64-linux"] ./cfssl.nix {}; charliecloud = handleTest ./charliecloud.nix {}; chromium = (handleTestOn ["x86_64-linux"] ./chromium.nix {}).stable or {}; + cinnamon = handleTest ./cinnamon.nix {}; cjdns = handleTest ./cjdns.nix {}; clickhouse = handleTest ./clickhouse.nix {}; cloud-init = handleTest ./cloud-init.nix {}; diff --git a/nixos/tests/cinnamon.nix b/nixos/tests/cinnamon.nix new file mode 100644 index 000000000000..f0add4142929 --- /dev/null +++ b/nixos/tests/cinnamon.nix @@ -0,0 +1,68 @@ +import ./make-test-python.nix ({ pkgs, lib, ... }: { + name = "cinnamon"; + + meta = with lib; { + maintainers = teams.cinnamon.members; + }; + + nodes.machine = { nodes, ... }: { + imports = [ ./common/user-account.nix ]; + services.xserver.enable = true; + services.xserver.desktopManager.cinnamon.enable = true; + }; + + enableOCR = true; + + testScript = { nodes, ... }: + let + user = nodes.machine.config.users.users.alice; + uid = toString user.uid; + bus = "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/${uid}/bus"; + display = "DISPLAY=:0.0"; + env = "${bus} ${display}"; + gdbus = "${env} gdbus"; + su = command: "su - ${user.name} -c '${env} ${command}'"; + + # Call javascript in cinnamon (the shell), returns a tuple (success, output), + # where `success` is true if the dbus call was successful and `output` is what + # the javascript evaluates to. + eval = "call --session -d org.Cinnamon -o /org/Cinnamon -m org.Cinnamon.Eval"; + + # Should be 2 (RunState.RUNNING) when startup is done. + # https://github.com/linuxmint/cinnamon/blob/5.4.0/js/ui/main.js#L183-L187 + getRunState = su "${gdbus} ${eval} Main.runState"; + + # Start gnome-terminal. + gnomeTerminalCommand = su "gnome-terminal"; + + # Hopefully gnome-terminal's wm class. + wmClass = su "${gdbus} ${eval} global.display.focus_window.wm_class"; + in + '' + machine.wait_for_unit("display-manager.service") + + with subtest("Test if we can see username in slick-greeter"): + machine.wait_for_text("${user.description}") + machine.screenshot("slick_greeter_lightdm") + + with subtest("Login with slick-greeter"): + machine.send_chars("${user.password}\n") + machine.wait_for_x() + machine.wait_for_file("${user.home}/.Xauthority") + machine.succeed("xauth merge ${user.home}/.Xauthority") + + with subtest("Check that logging in has given the user ownership of devices"): + machine.succeed("getfacl -p /dev/snd/timer | grep -q ${user.name}") |